Network for courseworkhero.co.uk

Two subjects :

1- OSI reference model

2- TCP/IP protocals

This page intentionally left blank

COMPUTER NETWORKS
FIFTH EDITION

This page intentionally left blank

COMPUTER NETWORKS
FIFTH EDITION
ANDREW S. TANENBAUM
Vrije Universiteit
Amsterdam, The Netherlands
DAVID J. WETHERALL
University of Washington
Seattle, WA
PRENTICE HALL
Boston Columbus Indianapolis New York San Francisco Upper Saddle River
Amsterdam Cape Town Dubai London Madrid Milan Paris Montreal Toronto
Delhi Mexico City Sao Paulo Sydney Hong Kong Seoul Singapore Tapei Tokyo

Editorial Director: Marcia Horton
Editor-in-Chief: Michael Hirsch
Executive Editor: Tracy Dunkelberger
Assistant Editor: Melinda Haggerty
Editorial Assistant: Allison Michael
Vice President, Marketing: Patrice Jones
Marketing Manager: Yezan Alayan
Marketing Coordinator: Kathryn Ferranti
Vice President, Production: Vince O’Brien
Managing Editor: Jeff Holcomb
Senior Operations Supervisor: Alan Fischer
Manufacturing Buyer: Lisa McDowell
Cover Direction: Andrew S. Tanenbaum,
David J. Wetherall, Tracy Dunkelberger
Art Director: Linda Knowles
Cover Designer: Susan Paradise
Cover Illustration: Jason Consalvo
Interior Design: Andrew S. Tanenbaum
AV Production Project Manager:
Gregory L. Dulles
Interior Illustrations: Laserwords, Inc.
Media Editor: Daniel Sandin
Composition: Andrew S. Tanenbaum
Copyeditor: Rachel Head
Proofreader: Joe Ruddick
Printer/Binder: Courier/Westford
Cover Printer: Lehigh-Phoenix Color/
Hagerstown

Credits and acknowledgments borrowed from other sources and reproduced, with permission,
in this textbook appear on appropriate page within text.

Many of the designations by manufacturers and sellers to distinguish their products are
claimed as trademarks. Where those designations appear in this book, and the publisher was
aware of a trademark claim, the designations have been printed in initial caps or all caps.

Copyright © 2011, 2003, 1996, 1989, 1981 Pearson Education, Inc., publishing as Prentice
Hall. All rights reserved. Manufactured in the United States of America. This publication is
protected by Copyright, and permission should be obtained from the publisher prior to any
prohibited reproduction, storage in a retrieval system, or transmission in any form or by any
means, electronic, mechanical, photocopying, recording, or likewise. To obtain permission(s)
to use material from this work, please submit a written request to Pearson Education, Inc.,
Permissions Department, 501 Boylston Street, Suite 900, Boston, Massachusetts 02116.

Library of Congress Cataloging-in-Publication Data

Tanenbaum, Andrew S., 1944-
Computer networks / Andrew S. Tanenbaum, David J. Wetherall. — 5th ed.
p. cm.
Includes bibliographical references and index.
ISBN-13: 978-0-13-212695-3 (alk. paper)
ISBN-10: 0-13-212695-8 (alk. paper)
1. Computer networks. I. Wetherall, D. (David) II. Title.
TK5105.5.T36 2011
004.6–dc22
2010034366

10 9 8 7 6 5 4 3 2 1—CRW—14 13 12 11 10

To Suzanne, Barbara, Daniel, Aron, Marvin, Matilde,
and the memory of Bram, and Sweetie π (AST)
To Katrin, Lucy, and Pepper (DJW)

This page intentionally left blank

CONTENTS
PREFACE xix
1 INTRODUCTION 1
1.1 USES OF COMPUTER NETWORKS, 3
1.1.1 Business Applications, 3
1.1.2 Home Applications, 6
1.1.3 Mobile Users, 10
1.1.4 Social Issues, 14
1.2 NETWORK HARDWARE, 17
1.2.1 Personal Area Networks, 18
1.2.2 Local Area Networks, 19
1.2.3 Metropolitan Area Networks, 23
1.2.4 Wide Area Networks, 23
1.2.5 Internetworks, 28
1.3 NETWORK SOFTWARE, 29
1.3.1 Protocol Hierarchies, 29
1.3.2 Design Issues for the Layers, 33
1.3.3 Connection-Oriented Versus Connectionless Service, 35
1.3.4 Service Primitives, 38
1.3.5 The Relationship of Services to Protocols, 40
1.4 REFERENCE MODELS, 41
1.4.1 The OSI Reference Model, 41
1.4.2 The TCP/IP Reference Model, 45
1.4.3 The Model Used in This Book, 48
vii

viii CONTENTS
1.4.4 A Comparison of the OSI and TCP/IP Reference Models*, 49
1.4.5 A Critique of the OSI Model and Protocols*, 51
1.4.6 A Critique of the TCP/IP Reference Model*, 53
1.5 EXAMPLE NETWORKS, 54
1.5.1 The Internet, 54
1.5.2 Third-Generation Mobile Phone Networks*, 65
1.5.3 Wireless LANs: 802.11*, 70
1.5.4 RFID and Sensor Networks*, 73
1.6 NETWORK STANDARDIZATION*, 75
1.6.1 Who’s Who in the Telecommunications World, 77
1.6.2 Who’s Who in the International Standards World, 78
1.6.3 Who’s Who in the Internet Standards World, 80
1.7 METRIC UNITS, 82
1.8 OUTLINE OF THE REST OF THE BOOK, 83
1.9 SUMMARY, 84
2 THE PHYSICAL LAYER 89
2.1 THE THEORETICAL BASIS FOR DATA COMMUNICATION, 90
2.1.1 Fourier Analysis, 90
2.1.2 Bandwidth-Limited Signals, 90
2.1.3 The Maximum Data Rate of a Channel, 94
2.2 GUIDED TRANSMISSION MEDIA, 95
2.2.1 Magnetic Media, 95
2.2.2 Twisted Pairs, 96
2.2.3 Coaxial Cable, 97
2.2.4 Power Lines, 98
2.2.5 Fiber Optics, 99
2.3 WIRELESS TRANSMISSION, 105
2.3.1 The Electromagnetic Spectrum, 105
2.3.2 Radio Transmission, 109
2.3.3 Microwave Transmission, 110
2.3.4 Infrared Transmission, 114
2.3.5 Light Transmission, 114

CONTENTS ix
2.4 COMMUNICATION SATELLITES*, 116
2.4.1 Geostationary Satellites, 117
2.4.2 Medium-Earth Orbit Satellites, 121
2.4.3 Low-Earth Orbit Satellites, 121
2.4.4 Satellites Versus Fiber, 123
2.5 DIGITAL MODULATION AND MULTIPLEXING, 125
2.5.1 Baseband Transmission, 125
2.5.2 Passband Transmission, 130
2.5.3 Frequency Division Multiplexing, 132
2.5.4 Time Division Multiplexing, 135
2.5.5 Code Division Multiplexing, 135
2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK, 138
2.6.1 Structure of the Telephone System, 139
2.6.2 The Politics of Telephones, 142
2.6.3 The Local Loop: Modems, ADSL, and Fiber, 144
2.6.4 Trunks and Multiplexing, 152
2.6.5 Switching, 161
2.7 THE MOBILE TELEPHONE SYSTEM*, 164
2.7.1 First-Generation (coco1G) Mobile Phones: Analog Voice, 166
2.7.2 Second-Generation (2G) Mobile Phones: Digital Voice, 170
2.7.3 Third-Generation (3G) Mobile Phones: Digital Voice and Data, 174
2.8 CABLE TELEVISION*, 179
2.8.1 Community Antenna Television, 179
2.8.2 Internet over Cable, 180
2.8.3 Spectrum Allocation, 182
2.8.4 Cable Modems, 183
2.8.5 ADSL Versus Cable, 185
2.9 SUMMARY, 186
3 THE DATA LINK LAYER 193
3.1 DATA LINK LAYER DESIGN ISSUES, 194
3.1.1 Services Provided to the Network Layer, 194
3.1.2 Framing, 197
3.1.3 Error Control, 200
3.1.4 Flow Control, 201

x CONTENTS
3.2 ERROR DETECTION AND CORRECTION, 202
3.2.1 Error-Correcting Codes, 204
3.2.2 Error-Detecting Codes, 209
3.3 ELEMENTARY DATA LINK PROTOCOLS, 215
3.3.1 A Utopian Simplex Protocol, 220
3.3.2 A Simplex Stop-and-Wait Protocol for an Error-Free Channel, 221
3.3.3 A Simplex Stop-and-Wait Protocol for a Noisy Channel, 222
3.4 SLIDING WINDOW PROTOCOLS, 226
3.4.1 A One-Bit Sliding Window Protocol, 229
3.4.2 A Protocol Using Go-Back-N, 232
3.4.3 A Protocol Using Selective Repeat, 239
3.5 EXAMPLE DATA LINK PROTOCOLS, 244
3.5.1 Packet over SONET, 245
3.5.2 ADSL (Asymmetric Digital Subscriber Loop), 248
3.6 SUMMARY, 251
4 THE MEDIUM ACCESS CONTROL SUBLAYER 257
4.1 THE CHANNEL ALLOCATION PROBLEM, 258
4.1.1 Static Channel Allocation, 258
4.1.2 Assumptions for Dynamic Channel Allocation, 260
4.2 MULTIPLE ACCESS PROTOCOLS, 261
4.2.1 ALOHA, 262
4.2.2 Carrier Sense Multiple Access Protocols, 266
4.2.3 Collision-Free Protocols, 269
4.2.4 Limited-Contention Protocols, 274
4.2.5 Wireless LAN Protocols, 277
4.3 ETHERNET, 280
4.3.1 Classic Ethernet Physical Layer, 281
4.3.2 Classic Ethernet MAC Sublayer Protocol, 282
4.3.3 Ethernet Performance, 286
4.3.4 Switched Ethernet, 288

CONTENTS xi
4.3.5 Fast Ethernet, 290
4.3.6 Gigabit Ethernet, 293
4.3.7 10-Gigabit Ethernet, 296
4.3.8 Retrospective on Ethernet, 298
4.4 WIRELESS LANS, 299
4.4.1 The 802.11 Architecture and Protocol Stack, 299
4.4.2 The 802.11 Physical Layer, 301
4.4.3 The 802.11 MAC Sublayer Protocol, 303
4.4.4 The 802.11 Frame Structure, 309
4.4.5 Services, 311
4.5 BROADBAND WIRELESS*, 312
4.5.1 Comparison of 802.16 with 802.11 and 3G, 313
4.5.2 The 802.16 Architecture and Protocol Stack, 314
4.5.3 The 802.16 Physical Layer, 316
4.5.4 The 802.16 MAC Sublayer Protocol, 317
4.5.5 The 802.16 Frame Structure, 319
4.6 BLUETOOTH*, 320
4.6.1 Bluetooth Architecture, 320
4.6.2 Bluetooth Applications, 321
4.6.3 The Bluetooth Protocol Stack, 322
4.6.4 The Bluetooth Radio Layer, 324
4.6.5 The Bluetooth Link Layers, 324
4.6.6 The Bluetooth Frame Structure, 325
4.7 RFID*, 327
4.7.1 EPC Gen 2 Architecture, 327
4.7.2 EPC Gen 2 Physical Layer, 328
4.7.3 EPC Gen 2 Tag Identification Layer, 329
4.7.4 Tag Identification Message Formats, 331
4.8 DATA LINK LAYER SWITCHING, 332
4.8.1 Uses of Bridges, 332
4.8.2 Learning Bridges, 334
4.8.3 Spanning Tree Bridges, 337
4.8.4 Repeaters, Hubs, Bridges, Switches, Routers, and Gateways, 340
4.8.5 Virtual LANs, 342
4.9 SUMMARY, 349

xii CONTENTS
5 THE NETWORK LAYER 355
5.1 NETWORK LAYER DESIGN ISSUES, 355
5.1.1 Store-and-Forward Packet Switching, 356
5.1.2 Services Provided to the Transport Layer, 356
5.1.3 Implementation of Connectionless Service, 358
5.1.4 Implementation of Connection-Oriented Service, 359
5.1.5 Comparison of Virtual-Circuit and Datagram Networks, 361
5.2 ROUTING ALGORITHMS, 362
5.2.1 The Optimality Principle, 364
5.2.2 Shortest Path Algorithm, 366
5.2.3 Flooding, 368
5.2.4 Distance Vector Routing, 370
5.2.5 Link State Routing, 373
5.2.6 Hierarchical Routing, 378
5.2.7 Broadcast Routing, 380
5.2.8 Multicast Routing, 382
5.2.9 Anycast Routing, 385
5.2.10 Routing for Mobile Hosts, 386
5.2.11 Routing in Ad Hoc Networks, 389
5.3 CONGESTION CONTROL ALGORITHMS, 392
5.3.1 Approaches to Congestion Control, 394
5.3.2 Traffic-Aware Routing, 395
5.3.3 Admission Control, 397
5.3.4 Traffic Throttling, 398
5.3.5 Load Shedding, 401
5.4 QUALITY OF SERVICE, 404
5.4.1 Application Requirements, 405
5.4.2 Traffic Shaping, 407
5.4.3 Packet Scheduling, 411
5.4.4 Admission Control, 415
5.4.5 Integrated Services, 418
5.4.6 Differentiated Services, 421
5.5 INTERNETWORKING, 424
5.5.1 How Networks Differ, 425
5.5.2 How Networks Can Be Connected, 426
5.5.3 Tunneling, 429

CONTENTS xiii
5.5.4 Internetwork Routing, 431
5.5.5 Packet Fragmentation, 432
5.6 THE NETWORK LAYER IN THE INTERNET, 436
5.6.1 The IP Version 4 Protocol, 439
5.6.2 IP Addresses, 442
5.6.3 IP Version 6, 455
5.6.4 Internet Control Protocols, 465
5.6.5 Label Switching and MPLS, 470
5.6.6 OSPF—An Interior Gateway Routing Protocol, 474
5.6.7 BGP—The Exterior Gateway Routing Protocol, 479
5.6.8 Internet Multicasting, 484
5.6.9 Mobile IP, 485
5.7 SUMMARY, 488
6 THE TRANSPORT LAYER 495
6.1 THE TRANSPORT SERVICE, 495
6.1.1 Services Provided to the Upper Layers, 496
6.1.2 Transport Service Primitives, 498
6.1.3 Berkeley Sockets, 500
6.1.4 An Example of Socket Programming: An Internet File Server, 503
6.2 ELEMENTS OF TRANSPORT PROTOCOLS, 507
6.2.1 Addressing, 509
6.2.2 Connection Establishment, 512
6.2.3 Connection Release, 517
6.2.4 Error Control and Flow Control, 522
6.2.5 Multiplexing, 527
6.2.6 Crash Recovery, 527
6.3 CONGESTION CONTROL, 530
6.3.1 Desirable Bandwidth Allocation, 531
6.3.2 Regulating the Sending Rate, 535
6.3.3 Wireless Issues, 539
6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP, 541
6.4.1 Introduction to UDP, 541
6.4.2 Remote Procedure Call, 543
6.4.3 Real-Time Transport Protocols, 546

xiv CONTENTS
6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP, 552
6.5.1 Introduction to TCP, 552
6.5.2 The TCP Service Model, 553
6.5.3 The TCP Protocol, 556
6.5.4 The TCP Segment Header, 557
6.5.5 TCP Connection Establishment, 560
6.5.6 TCP Connection Release, 562
6.5.7 TCP Connection Management Modeling, 562
6.5.8 TCP Sliding Window, 565
6.5.9 TCP Timer Management, 568
6.5.10 TCP Congestion Control, 571
6.5.11 The Future of TCP, 581
6.6 PERFORMANCE ISSUES*, 582
6.6.1 Performance Problems in Computer Networks, 583
6.6.2 Network Performance Measurement, 584
6.6.3 Host Design for Fast Networks, 586
6.6.4 Fast Segment Processing, 590
6.6.5 Header Compression, 593
6.6.6 Protocols for Long Fat Networks, 595
6.7 DELAY-TOLERANT NETWORKING*, 599
6.7.1 DTN Architecture, 600
6.7.2 The Bundle Protocol, 603
6.8 SUMMARY, 605
7 THE APPLICATION LAYER 611
7.1 DNS—THE DOMAIN NAME SYSTEM, 611
7.1.1 The DNS Name Space, 612
7.1.2 Domain Resource Records, 616
7.1.3 Name Servers, 619
7.2 ELECTRONIC MAIL*, 623
7.2.1 Architecture and Services, 624
7.2.2 The User Agent, 626
7.2.3 Message Formats, 630
7.2.4 Message Transfer, 637
7.2.5 Final Delivery, 643

CONTENTS xv
7.3 THE WORLD WIDE WEB, 646
7.3.1 Architectural Overview, 647
7.3.2 Static Web Pages, 662
7.3.3 Dynamic Web Pages and Web Applications, 672
7.3.4 HTTP—The HyperText Transfer Protocol, 683
7.3.5 The Mobile Web, 693
7.3.6 Web Search, 695
7.4 STREAMING AUDIO AND VIDEO, 697
7.4.1 Digital Audio, 699
7.4.2 Digital Video, 704
7.4.3 Streaming Stored Media, 713
7.4.4 Streaming Live Media, 721
7.4.5 Real-Time Conferencing, 724
7.5 CONTENT DELIVERY, 734
7.5.1 Content and Internet Traffic, 736
7.5.2 Server Farms and Web Proxies, 738
7.5.3 Content Delivery Networks, 743
7.5.4 Peer-to-Peer Networks, 748
7.6 SUMMARY, 757
8 NETWORK SECURITY 763
8.1 CRYPTOGRAPHY, 766
8.1.1 Introduction to Cryptography, 767
8.1.2 Substitution Ciphers, 769
8.1.3 Transposition Ciphers, 771
8.1.4 One-Time Pads, 772
8.1.5 Two Fundamental Cryptographic Principles, 776
8.2 SYMMETRIC-KEY ALGORITHMS, 778
8.2.1 DES—The Data Encryption Standard, 780
8.2.2 AES—The Advanced Encryption Standard, 783
8.2.3 Cipher Modes, 787
8.2.4 Other Ciphers, 792
8.2.5 Cryptanalysis, 792

xvi CONTENTS
8.3 PUBLIC-KEY ALGORITHMS, 793
8.3.1 RSA, 794
8.3.2 Other Public-Key Algorithms, 796
8.4 DIGITAL SIGNATURES, 797
8.4.1 Symmetric-Key Signatures, 798
8.4.2 Public-Key Signatures, 799
8.4.3 Message Digests, 800
8.4.4 The Birthday Attack, 804
8.5 MANAGEMENT OF PUBLIC KEYS, 806
8.5.1 Certificates, 807
8.5.2 X.509, 809
8.5.3 Public Key Infrastructures, 810
8.6 COMMUNICATION SECURITY, 813
8.6.1 IPsec, 814
8.6.2 Firewalls, 818
8.6.3 Virtual Private Networks, 821
8.6.4 Wireless Security, 822
8.7 AUTHENTICATION PROTOCOLS, 827
8.7.1 Authentication Based on a Shared Secret Key, 828
8.7.2 Establishing a Shared Key: The Diffie-Hellman Key Exchange, 833
8.7.3 Authentication Using a Key Distribution Center, 835
8.7.4 Authentication Using Kerberos, 838
8.7.5 Authentication Using Public-Key Cryptography, 840
8.8 EMAIL SECURITY*, 841
8.8.1 PGP—Pretty Good Privacy, 842
8.8.2 S/MIME, 846
8.9 WEB SECURITY, 846
8.9.1 Threats, 847
8.9.2 Secure Naming, 848
8.9.3 SSL—The Secure Sockets Layer, 853
8.9.4 Mobile Code Security, 857
8.10 SOCIAL ISSUES, 860
8.10.1 Privacy, 860
8.10.2 Freedom of Speech, 863
8.10.3 Copyright, 867
8.11 SUMMARY, 869

CONTENTS xvii
9 READING LIST AND BIBLIOGRAPHY 877
9.1 SUGGESTIONS FOR FURTHER READING*, 877
9.1.1 Introduction and General Works, 878
9.1.2 The Physical Layer, 879
9.1.3 The Data Link Layer, 880
9.1.4 The Medium Access Control Sublayer, 880
9.1.5 The Network Layer, 881
9.1.6 The Transport Layer, 882
9.1.7 The Application Layer, 882
9.1.8 Network Security, 883
9.2 ALPHABETICAL BIBLIOGRAPHY*, 884
INDEX 905

This page intentionally left blank

PREFACE
This book is now in its fifth edition. Each edition has corresponded to a dif-
ferent phase in the way computer networks were used. When the first edition ap-
peared in 1980, networks were an academic curiosity. When the second edition
appeared in 1988, networks were used by universities and large businesses. When
the third edition appeared in 1996, computer networks, especially the Internet, had
become a daily reality for millions of people. By the fourth edition, in 2003, wire-
less networks and mobile computers had become commonplace for accessing the
Web and the Internet. Now, in the fifth edition, networks are about content dis-
tribution (especially videos using CDNs and peer-to-peer networks) and mobile
phones are small computers on the Internet.
New in the Fifth Edition
Among the many changes in this book, the most important one is the addition
of Prof. David J. Wetherall as a co-author. David brings a rich background in net-
working, having cut his teeth designing metropolitan-area networks more than 20
years ago. He has worked with the Internet and wireless networks ever since and
is a professor at the University of Washington, where he has been teaching and
doing research on computer networks and related topics for the past decade.
Of course, the book also has many changes to keep up with the: ever-changing
world of computer networks. Among these are revised and new material on
Wireless networks (802.12 and 802.16)
The 3G networks used by smart phones
RFID and sensor networks
Content distribution using CDNs
Peer-to-peer networks
Real-time media (from stored, streaming, and live sources)
Internet telephony (voice over IP)
Delay-tolerant networks
A more detailed chapter-by-chapter list follows.
xix

xx PREFACE
Chapter 1 has the same introductory function as in the fourth edition, but the
contents have been revised and brought up to date. The Internet, mobile phone
networks, 802.11, and RFID and sensor networks are discussed as examples of
computer networks. Material on the original Ethernet—with its vampire taps—
has been removed, along with the material on ATM.
Chapter 2, which covers the physical layer, has expanded coverage of digital
modulation (including OFDM as widely used in wireless networks) and 3G net-
works (based on CDMA). New technologies are discussed, including Fiber to the
Home and power-line networking.
Chapter 3, on point-to-point links, has been improved in two ways. The mater-
ial on codes for error detection and correction has been updated, and also includes
a brief description of the modern codes that are important in practice (e.g., convo-
lutional and LDPC codes). The examples of protocols now use Packet over
SONET and ADSL. Sadly, the material on protocol verification has been removed
as it is little used.
In Chapter 4, on the MAC sublayer, the principles are timeless but the tech-
nologies have changed. Sections on the example networks have been redone
accordingly, including gigabit Ethernet, 802.11, 802.16, Bluetooth, and RFID.
Also updated is the coverage of LAN switching, including VLANs.
Chapter 5, on the network layer, covers the same ground as in the fourth edi-
tion. The revisions have been to update material and add depth, particularly for
quality of service (relevant for real-time media) and internetworking. The sec-
tions on BGP, OSPF and CIDR have been expanded, as has the treatment of
multicast routing. Anycast routing is now included.
Chapter 6, on the transport layer, has had material added, revised, and re-
moved. New material describes delay-tolerant networking and congestion control
in general. The revised material updates and expands the coverage of TCP con-
gestion control. The material removed described connection-oriented network lay-
ers, something rarely seen any more.
Chapter 7, on applications, has also been updated and enlarged. While mater-
ial on DNS and email is similar to that in the fourth edition, in the past few years
there have been many developments in the use of the Web, streaming media and
content delivery. Accordingly, sections on the Web and streaming media have
been brought up to date. A new section covers content distribution, including
CDNs and peer-to-peer networks.
Chapter 8, on security, still covers both symmetric and public-key crypto-
graphy for confidentiality and authenticity. Material on the techniques used in
practice, including firewalls and VPNs, has been updated, with new material on
802.11 security and Kerberos V5 added.
Chapter 9 contains a renewed list of suggested readings and a comprehensive
bibliography of over 300 citations to the current literature. More than half of
these are to papers and books written in 2000 or later, and the rest are citations to
classic papers.

PREFACE xxi
List of Acronyms
Computer books are full of acronyms. This one is no exception. By the time
you are finished reading this one, the following should ring a bell: ADSL, AES,
AJAX, AODV, AP, ARP, ARQ, AS, BGP, BOC, CDMA, CDN, CGI, CIDR,
CRL, CSMA, CSS, DCT, DES, DHCP, DHT, DIFS, DMCA, DMT, DMZ, DNS,
DOCSIS, DOM, DSLAM, DTN, FCFS, FDD, FDDI, FDM, FEC, FIFO, FSK,
FTP, GPRS, GSM, HDTV, HFC, HMAC, HTTP, IAB, ICANN, ICMP, IDEA,
IETF, IMAP, IMP, IP, IPTV, IRTF, ISO, ISP, ITU, JPEG, JSP, JVM, LAN,
LATA, LEC, LEO, LLC, LSR, LTE, MAN, MFJ, MIME, MPEG, MPLS, MSC,
MTSO, MTU, NAP, NAT, NRZ, NSAP, OFDM, OSI, OSPF, PAWS, PCM, PGP,
PIM, PKI, POP, POTS, PPP, PSTN, QAM, QPSK, RED, RFC, RFID, RPC, RSA,
RTSP, SHA, SIP, SMTP, SNR, SOAP, SONET, SPE, SSL, TCP, TDD, TDM,
TSAP, UDP, UMTS, URL, VLAN, VSAT, WAN, WDM, and XML. But don’t
worry. Each will appear in boldface type and be carefully defined before it is
used. As a fun test, see how many you can identify before reading the book, write
the number in the margin, then try again after reading the book.
How to Use the Book
To help instructors use this book as a text for courses ranging in length from
quarters to semesters, we have structured the chapters into core and optional ma-
terial. The sections marked with a ‘‘*’’ in the table of contents are the optional
ones. If a major section (e.g., 2.7) is so marked, all of its subsections are optional.
They provide material on network technologies that is useful but can be omitted
from a short course without loss of continuity. Of course, students should be
encouraged to read those sections as well, to the extent they have time, as all the
material is up to date and of value.
Instructors’ Resource Materials
The following protected instructors’ resource materials are available on the
publisher’s Web site at www.pearsonhighered.com/tanenbaum. For a username
and password, please contact your local Pearson representative.
Solutions manual
PowerPoint lecture slides
Students’ Resource Materials
Resources for students are available through the open-access Companion Web
site link on www.pearsonhighered.com/tanenbaum, including
Web resources, links to tutorials, organizations, FAQs, and more
Figures, tables, and programs from the book
Steganography demo
Protocol simulators

www.pearsonhighered.com/tanenbaum

xxii PREFACE
Acknowledgements
Many people helped us during the course of the fifth edition. We would espe-
cially like to thank Emmanuel Agu (Worcester Polytechnic Institute), Yoris Au
(University of Texas at Antonio), Nikhil Bhargava (Aircom International, Inc.),
Michael Buettner (University of Washington), John Day (Boston University),
Kevin Fall (Intel Labs), Ronald Fulle (Rochester Institute of Technology), Ben
Greenstein (Intel Labs), Daniel Halperin (University of Washington), Bob Kinicki
(Worcester Polytechnic Institute), Tadayoshi Kohno (University of Washington),
Sarvish Kulkarni (Villanova University), Hank Levy (University of Washington),
Ratul Mahajan (Microsoft Research), Craig Partridge (BBN), Michael Piatek
(University of Washington), Joshua Smith (Intel Labs), Neil Spring (University of
Maryland), David Teneyuca (University of Texas at Antonio), Tammy VanDe-
grift (University of Portland), and Bo Yuan (Rochester Institute of Technology),
for providing ideas and feedback. Melody Kadenko and Julie Svendsen provided
administrative support to David.
Shivakant Mishra (University of Colorado at Boulder) and Paul Nagin (Chim-
borazo Publishing, Inc.) thought of many new and challenging end-of-chapter
problems. Our editor at Pearson, Tracy Dunkelberger, was her usual helpful self
in many ways large and small. Melinda Haggerty and Jeff Holcomb did a good
job of keeping things running smoothly. Steve Armstrong (LeTourneau Univer-
sity) prepared the PowerPoint slides. Stephen Turner (University of Michigan at
Flint) artfully revised the Web resources and the simulators that accompany the
text. Our copyeditor, Rachel Head, is an odd hybrid: she has the eye of an eagle
and the memory of an elephant. After reading all her corrections, both of us won-
dered how we ever made it past third grade.
Finally, we come to the most important people. Suzanne has been through
this 19 times now and still has endless patience and love. Barbara and Marvin
now know the difference between good textbooks and bad ones and are always an
inspiration to produce good ones. Daniel and Matilde are welcome additions to
our family. Aron is unlikely to read this book soon, but he likes the nice pictures
on page 866 (AST). Katrin and Lucy provided endless support and always man-
aged to keep a smile on my face. Thank you (DJW).
ANDREW S. TANENBAUM
DAVID J. WETHERALL

1
INTRODUCTION
Each of the past three centuries was dominated by a single new technology.
The 18th century was the era of the great mechanical systems accompanying the
Industrial Revolution. The 19th century was the age of the steam engine. During
the 20th century, the key technology was information gathering, processing, and
distribution. Among other developments, we saw the installation of worldwide
telephone networks, the invention of radio and television, the birth and unpre-
cedented growth of the computer industry, the launching of communication satel-
lites, and, of course, the Internet.
As a result of rapid technological progress, these areas are rapidly converging
in the 21st century and the differences between collecting, transporting, storing,
and processing information are quickly disappearing. Organizations with hun-
dreds of offices spread over a wide geographical area routinely expect to be able
to examine the current status of even their most remote outpost at the push of a
button. As our ability to gather, process, and distribute information grows, the de-
mand for ever more sophisticated information processing grows even faster.
Although the computer industry is still young compared to other industries
(e.g., automobiles and air transportation), computers have made spectacular pro-
gress in a short time. During the first two decades of their existence, computer
systems were highly centralized, usually within a single large room. Not infre-
quently, this room had glass walls, through which visitors could gawk at the great
electronic wonder inside. A medium-sized company or university might have had
1

2 INTRODUCTION CHAP. 1
one or two computers, while very large institutions had at most a few dozen. The
idea that within forty years vastly more powerful computers smaller than postage
stamps would be mass produced by the billions was pure science fiction.
The merging of computers and communications has had a profound influence
on the way computer systems are organized. The once-dominant concept of the
‘‘computer center’’ as a room with a large computer to which users bring their
work for processing is now totally obsolete (although data centers holding thou-
sands of Internet servers are becoming common). The old model of a single com-
puter serving all of the organization’s computational needs has been replaced by
one in which a large number of separate but interconnected computers do the job.
These systems are called computer networks. The design and organization of
these networks are the subjects of this book.
Throughout the book we will use the term ‘‘computer network’’ to mean a col-
lection of autonomous computers interconnected by a single technology. Two
computers are said to be interconnected if they are able to exchange information.
The connection need not be via a copper wire; fiber optics, microwaves, infrared,
and communication satellites can also be used. Networks come in many sizes,
shapes and forms, as we will see later. They are usually connected together to
make larger networks, with the Internet being the most well-known example of a
network of networks.
There is considerable confusion in the literature between a computer network
and a distributed system. The key distinction is that in a distributed system, a
collection of independent computers appears to its users as a single coherent sys-
tem. Usually, it has a single model or paradigm that it presents to the users. Of-
ten a layer of software on top of the operating system, called middleware, is
responsible for implementing this model. A well-known example of a distributed
system is the World Wide Web. It runs on top of the Internet and presents a
model in which everything looks like a document (Web page).
In a computer network, this coherence, model, and software are absent. Users
are exposed to the actual machines, without any attempt by the system to make
the machines look and act in a coherent way. If the machines have different hard-
ware and different operating systems, that is fully visible to the users. If a user
wants to run a program on a remote machine, he† has to log onto that machine and
run it there.
In effect, a distributed system is a software system built on top of a network.
The software gives it a high degree of cohesiveness and transparency. Thus, the
distinction between a network and a distributed system lies with the software (es-
pecially the operating system), rather than with the hardware.
Nevertheless, there is considerable overlap between the two subjects. For ex-
ample, both distributed systems and computer networks need to move files
around. The difference lies in who invokes the movement, the system or the user.
† ‘‘He’’ should be read as ‘‘he or she’’ throughout this book.

SEC. 1.1 USES OF COMPUTER NETWORKS 3
Although this book primarily focuses on networks, many of the topics are also im-
portant in distributed systems. For more information about distributed systems,
see Tanenbaum and Van Steen (2007).
1.1 USES OF COMPUTER NETWORKS
Before we start to examine the technical issues in detail, it is worth devoting
some time to pointing out why people are interested in computer networks and
what they can be used for. After all, if nobody were interested in computer net-
works, few of them would be built. We will start with traditional uses at com-
panies, then move on to home networking and recent developments regarding
mobile users, and finish with social issues.
1.1.1 Business Applications
Most companies have a substantial number of computers. For example, a
company may have a computer for each worker and use them to design products,
write brochures, and do the payroll. Initially, some of these computers may have
worked in isolation from the others, but at some point, management may have
decided to connect them to be able to distribute information throughout the com-
pany.
Put in slightly more general form, the issue here is resource sharing. The
goal is to make all programs, equipment, and especially data available to anyone
on the network without regard to the physical location of the resource or the user.
An obvious and widespread example is having a group of office workers share a
common printer. None of the individuals really needs a private printer, and a
high-volume networked printer is often cheaper, faster, and easier to maintain
than a large collection of individual printers.
However, probably even more important than sharing physical resources such
as printers, and tape backup systems, is sharing information. Companies small
and large are vitally dependent on computerized information. Most companies
have customer records, product information, inventories, financial statements, tax
information, and much more online. If all of its computers suddenly went down, a
bank could not last more than five minutes. A modern manufacturing plant, with
a computer-controlled assembly line, would not last even 5 seconds. Even a small
travel agency or three-person law firm is now highly dependent on computer net-
works for allowing employees to access relevant information and documents
instantly.
For smaller companies, all the computers are likely to be in a single office or
perhaps a single building, but for larger ones, the computers and employees may
be scattered over dozens of offices and plants in many countries. Nevertheless, a
sales person in New York might sometimes need access to a product inventory

4 INTRODUCTION CHAP. 1
database in Singapore. Networks called VPNs (Virtual Private Networks) may
be used to join the individual networks at different sites into one extended net-
work. In other words, the mere fact that a user happens to be 15,000 km away
from his data should not prevent him from using the data as though they were
local. This goal may be summarized by saying that it is an attempt to end the
‘‘tyranny of geography.’’
In the simplest of terms, one can imagine a company’s information system as
consisting of one or more databases with company information and some number
of employees who need to access them remotely. In this model, the data are stor-
ed on powerful computers called servers. Often these are centrally housed and
maintained by a system administrator. In contrast, the employees have simpler
machines, called clients, on their desks, with which they access remote data, for
example, to include in spreadsheets they are constructing. (Sometimes we will
refer to the human user of the client machine as the ‘‘client,’’ but it should be
clear from the context whether we mean the computer or its user.) The client and
server machines are connected by a network, as illustrated in Fig. 1-1. Note that
we have shown the network as a simple oval, without any detail. We will use this
form when we mean a network in the most abstract sense. When more detail is
required, it will be provided.
Client
Server
Network
Figure 1-1. A network with two clients and one server.
This whole arrangement is called the client-server model. It is widely used
and forms the basis of much network usage. The most popular realization is that
of a Web application, in which the server generates Web pages based on its data-
base in response to client requests that may update the database. The client-server
model is applicable when the client and server are both in the same building (and
belong to the same company), but also when they are far apart. For example,
when a person at home accesses a page on the World Wide Web, the same model
is employed, with the remote Web server being the server and the user’s personal

SEC. 1.1 USES OF COMPUTER NETWORKS 5
computer being the client. Under most conditions, one server can handle a large
number (hundreds or thousands) of clients simultaneously.
If we look at the client-server model in detail, we see that two processes (i.e.,
running programs) are involved, one on the client machine and one on the server
machine. Communication takes the form of the client process sending a message
over the network to the server process. The client process then waits for a reply
message. When the server process gets the request, it performs the requested
work or looks up the requested data and sends back a reply. These messages are
shown in Fig. 1-2.
Client process Server process
Client machine
Network
Reply
Request
Server machine
Figure 1-2. The client-server model involves requests and replies.
A second goal of setting up a computer network has to do with people rather
than information or even computers. A computer network can provide a powerful
communication medium among employees. Virtually every company that has
two or more computers now has email (electronic mail), which employees gener-
ally use for a great deal of daily communication. In fact, a common gripe around
the water cooler is how much email everyone has to deal with, much of it quite
meaningless because bosses have discovered that they can send the same (often
content-free) message to all their subordinates at the push of a button.
Telephone calls between employees may be carried by the computer network
instead of by the phone company. This technology is called IP telephony or
Voice over IP (VoIP) when Internet technology is used. The microphone and
speaker at each end may belong to a VoIP-enabled phone or the employee’s com-
puter. Companies find this a wonderful way to save on their telephone bills.
Other, richer forms of communication are made possible by computer net-
works. Video can be added to audio so that employees at distant locations can see
and hear each other as they hold a meeting. This technique is a powerful tool for
eliminating the cost and time previously devoted to travel. Desktop sharing lets
remote workers see and interact with a graphical computer screen. This makes it
easy for two or more people who work far apart to read and write a shared black-
board or write a report together. When one worker makes a change to an online
document, the others can see the change immediately, instead of waiting several
days for a letter. Such a speedup makes cooperation among far-flung groups of
people easy where it previously had been impossible. More ambitious forms of
remote coordination such as telemedicine are only now starting to be used (e.g.,

6 INTRODUCTION CHAP. 1
remote patient monitoring) but may become much more important. It is some-
times said that communication and transportation are having a race, and which-
ever wins will make the other obsolete.
A third goal for many companies is doing business electronically, especially
with customers and suppliers. This new model is called e-commerce (electronic
commerce) and it has grown rapidly in recent years. Airlines, bookstores, and
other retailers have discovered that many customers like the convenience of shop-
ping from home. Consequently, many companies provide catalogs of their goods
and services online and take orders online. Manufacturers of automobiles, air-
craft, and computers, among others, buy subsystems from a variety of suppliers
and then assemble the parts. Using computer networks, manufacturers can place
orders electronically as needed. This reduces the need for large inventories and
enhances efficiency.
1.1.2 Home Applications
In 1977, Ken Olsen was president of the Digital Equipment Corporation, then
the number two computer vendor in the world (after IBM). When asked why Dig-
ital was not going after the personal computer market in a big way, he said:
‘‘There is no reason for any individual to have a computer in his home.’’ History
showed otherwise and Digital no longer exists. People initially bought computers
for word processing and games. Recently, the biggest reason to buy a home com-
puter was probably for Internet access. Now, many consumer electronic devices,
such as set-top boxes, game consoles, and clock radios, come with embedded
computers and computer networks, especially wireless networks, and home net-
works are broadly used for entertainment, including listening to, looking at, and
creating music, photos, and videos.
Internet access provides home users with connectivity to remote computers.
As with companies, home users can access information, communicate with other
people, and buy products and services with e-commerce. The main benefit now
comes from connecting outside of the home. Bob Metcalfe, the inventor of Ether-
net, hypothesized that the value of a network is proportional to the square of the
number of users because this is roughly the number of different connections that
may be made (Gilder, 1993). This hypothesis is known as ‘‘Metcalfe’s law.’’ It
helps to explain how the tremendous popularity of the Internet comes from its
size.
Access to remote information comes in many forms. It can be surfing the
World Wide Web for information or just for fun. Information available includes
the arts, business, cooking, government, health, history, hobbies, recreation, sci-
ence, sports, travel, and many others. Fun comes in too many ways to mention,
plus some ways that are better left unmentioned.
Many newspapers have gone online and can be personalized. For example, it
is sometimes possible to tell a newspaper that you want everything about corrupt

SEC. 1.1 USES OF COMPUTER NETWORKS 7
politicians, big fires, scandals involving celebrities, and epidemics, but no foot-
ball, thank you. Sometimes it is possible to have the selected articles downloaded
to your computer while you sleep. As this trend continues, it will cause massive
unemployment among 12-year-old paperboys, but newspapers like it because dis-
tribution has always been the weakest link in the whole production chain. Of
course, to make this model work, they will first have to figure out how to make
money in this new world, something not entirely obvious since Internet users
expect everything to be free.
The next step beyond newspapers (plus magazines and scientific journals) is
the online digital library. Many professional organizations, such as the ACM
(www.acm.org) and the IEEE Computer Society (www.computer.org), already
have all their journals and conference proceedings online. Electronic book read-
ers and online libraries may make printed books obsolete. Skeptics should take
note of the effect the printing press had on the medieval illuminated manuscript.
Much of this information is accessed using the client-server model, but there
is different, popular model for accessing information that goes by the name of
peer-to-peer communication (Parameswaran et al., 2001). In this form, individu-
als who form a loose group can communicate with others in the group, as shown
in Fig. 1-3. Every person can, in principle, communicate with one or more other
people; there is no fixed division into clients and servers.
Figure 1-3. In a peer-to-peer system there are no fixed clients and servers.
Many peer-to-peer systems, such BitTorrent (Cohen, 2003), do not have any
central database of content. Instead, each user maintains his own database locally
and provides a list of other nearby people who are members of the system. A new
user can then go to any existing member to see what he has and get the names of
other members to inspect for more content and more names. This lookup process
can be repeated indefinitely to build up a large local database of what is out there.
It is an activity that would get tedious for people but computers excel at it.

www.acm.org

www.computer.org

8 INTRODUCTION CHAP. 1
Peer-to-peer communication is often used to share music and videos. It really
hit the big time around 2000 with a music sharing service called Napster that was
shut down after what was probably the biggest copyright infringement case in all
of recorded history (Lam and Tan, 2001; and Macedonia, 2000). Legal applica-
tions for peer-to-peer communication also exist. These include fans sharing pub-
lic domain music, families sharing photos and movies, and users downloading
public software packages. In fact, one of the most popular Internet applications
of all, email, is inherently peer-to-peer. This form of communication is likely to
grow considerably in the future.
All of the above applications involve interactions between a person and a re-
mote database full of information. The second broad category of network use is
person-to-person communication, basically the 21st century’s answer to the 19th
century’s telephone. E-mail is already used on a daily basis by millions of people
all over the world and its use is growing rapidly. It already routinely contains
audio and video as well as text and pictures. Smell may take a while.
Any teenager worth his or her salt is addicted to instant messaging. This
facility, derived from the UNIX talk program in use since around 1970, allows two
people to type messages at each other in real time. There are multi-person mes-
saging services too, such as the Twitter service that lets people send short text
messages called ‘‘tweets’’ to their circle of friends or other willing audiences.
The Internet can be used by applications to carry audio (e.g., Internet radio
stations) and video (e.g., YouTube). Besides being a cheap way to call to distant
friends, these applications can provide rich experiences such as telelearning,
meaning attending 8 A.M. classes without the inconvenience of having to get out
of bed first. In the long run, the use of networks to enhance human-to-human
communication may prove more important than any of the others. It may become
hugely important to people who are geographically challenged, giving them the
same access to services as people living in the middle of a big city.
Between person-to-person communications and accessing information are
social network applications. Here, the flow of information is driven by the rela-
tionships that people declare between each other. One of the most popular social
networking sites is Facebook. It lets people update their personal profiles and
shares the updates with other people who they have declared to be their friends.
Other social networking applications can make introductions via friends of
friends, send news messages to friends such as Twitter above, and much more.
Even more loosely, groups of people can work together to create content. A
wiki, for example, is a collaborative Web site that the members of a community
edit. The most famous wiki is the Wikipedia, an encyclopedia anyone can edit,
but there are thousands of other wikis.
Our third category is electronic commerce in the broadest sense of the term.
Home shopping is already popular and enables users to inspect the online catalogs
of thousands of companies. Some of these catalogs are interactive, showing pro-
ducts from different viewpoints and in configurations that can be personalized.

SEC. 1.1 USES OF COMPUTER NETWORKS 9
After the customer buys a product electronically but cannot figure out how to use
it, online technical support may be consulted.
Another area in which e-commerce is widely used is access to financial insti-
tutions. Many people already pay their bills, manage their bank accounts, and
handle their investments electronically. This trend will surely continue as net-
works become more secure.
One area that virtually nobody foresaw is electronic flea markets (e-flea?).
Online auctions of second-hand goods have become a massive industry. Unlike
traditional e-commerce, which follows the client-server model, online auctions
are peer-to-peer in the sense that consumers can act as both buyers and sellers.
Some of these forms of e-commerce have acquired cute little tags based on
the fact that ‘‘to’’ and ‘‘2’’ are pronounced the same. The most popular ones are
listed in Fig. 1-4.
Tag Full name Example
B2C Business-to-consumer Ordering books online
B2B Business-to-business Car manufacturer ordering tires from supplier
G2C Government-to-consumer Government distributing tax forms electronically
C2C Consumer-to-consumer Auctioning second-hand products online
P2P Peer-to-peer Music sharing
Figure 1-4. Some forms of e-commerce.
Our fourth category is entertainment. This has made huge strides in the home
in recent years, with the distribution of music, radio and television programs, and
movies over the Internet beginning to rival that of traditional mechanisms. Users
can find, buy, and download MP3 songs and DVD-quality movies and add them
to their personal collection. TV shows now reach many homes via IPTV (IP
TeleVision) systems that are based on IP technology instead of cable TV or radio
transmissions. Media streaming applications let users tune into Internet radio sta-
tions or watch recent episodes of their favorite TV shows. Naturally, all of this
content can be moved around your house between different devices, displays and
speakers, usually with a wireless network.
Soon, it may be possible to search for any movie or television program ever
made, in any country, and have it displayed on your screen instantly. New films
may become interactive, where the user is occasionally prompted for the story
direction (should Macbeth murder Duncan or just bide his time?) with alternative
scenarios provided for all cases. Live television may also become interactive,
with the audience participating in quiz shows, choosing among contestants, and so
on.
Another form of entertainment is game playing. Already we have multiperson
real-time simulation games, like hide-and-seek in a virtual dungeon, and flight

10 INTRODUCTION CHAP. 1
simulators with the players on one team trying to shoot down the players on the
opposing team. Virtual worlds provide a persistent setting in which thousands of
users can experience a shared reality with three-dimensional graphics.
Our last category is ubiquitous computing, in which computing is embedded
into everyday life, as in the vision of Mark Weiser (1991). Many homes are al-
ready wired with security systems that include door and window sensors, and
there are many more sensors that can be folded in to a smart home monitor, such
as energy consumption. Your electricity, gas and water meters could also report
usage over the network. This would save money as there would be no need to
send out meter readers. And your smoke detectors could call the fire department
instead of making a big noise (which has little value if no one is home). As the
cost of sensing and communication drops, more and more measurement and re-
porting will be done with networks.
Increasingly, consumer electronic devices are networked. For example, some
high-end cameras already have a wireless network capability and use it to send
photos to a nearby display for viewing. Professional sports photographers can
also send their photos to their editors in real-time, first wirelessly to an access
point then over the Internet. Devices such as televisions that plug into the wall
can use power-line networks to send information throughout the house over the
wires that carry electricity. It may not be very surprising to have these objects on
the network, but objects that we do not think of as computers may sense and com-
municate information too. For example, your shower may record water usage,
give you visual feedback while you lather up, and report to a home environmental
monitoring application when you are done to help save on your water bill.
A technology called RFID (Radio Frequency IDentification) will push this
idea even further in the future. RFID tags are passive (i.e., have no battery) chips
the size of stamps and they can already be affixed to books, passports, pets, credit
cards, and other items in the home and out. This lets RFID readers locate and
communicate with the items over a distance of up to several meters, depending on
the kind of RFID. Originally, RFID was commercialized to replace barcodes. It
has not succeeded yet because barcodes are free and RFID tags cost a few cents.
Of course, RFID tags offer much more and their price is rapidly declining. They
may turn the real world into the Internet of things (ITU, 2005).
1.1.3 Mobile Users
Mobile computers, such as laptop and handheld computers, are one of the
fastest-growing segments of the computer industry. Their sales have already
overtaken those of desktop computers. Why would anyone want one? People on
the go often want to use their mobile devices to read and send email, tweet, watch
movies, download music, play games, or simply to surf the Web for information.
They want to do all of the things they do at home and in the office. Naturally, they
want to do them from anywhere on land, sea or in the air.

SEC. 1.1 USES OF COMPUTER NETWORKS 11
Connectivity to the Internet enables many of these mobile uses. Since having
a wired connection is impossible in cars, boats, and airplanes, there is a lot of
interest in wireless networks. Cellular networks operated by the telephone com-
panies are one familiar kind of wireless network that blankets us with coverage
for mobile phones. Wireless hotspots based on the 802.11 standard are another
kind of wireless network for mobile computers. They have sprung up everywhere
that people go, resulting in a patchwork of coverage at cafes, hotels, airports,
schools, trains and planes. Anyone with a laptop computer and a wireless modem
can just turn on their computer on and be connected to the Internet through the
hotspot, as though the computer were plugged into a wired network.
Wireless networks are of great value to fleets of trucks, taxis, delivery vehi-
cles, and repairpersons for keeping in contact with their home base. For example,
in many cities, taxi drivers are independent businessmen, rather than being em-
ployees of a taxi company. In some of these cities, the taxis have a display the
driver can see. When a customer calls up, a central dispatcher types in the pickup
and destination points. This information is displayed on the drivers’ displays and
a beep sounds. The first driver to hit a button on the display gets the call.
Wireless networks are also important to the military. If you have to be able to
fight a war anywhere on Earth at short notice, counting on using the local net-
working infrastructure is probably not a good idea. It is better to bring your own.
Although wireless networking and mobile computing are often related, they
are not identical, as Fig. 1-5 shows. Here we see a distinction between fixed
wireless and mobile wireless networks. Even notebook computers are sometimes
wired. For example, if a traveler plugs a notebook computer into the wired net-
work jack in a hotel room, he has mobility without a wireless network.
Wireless Mobile Typical applications
No No Desktop computers in offices
No Yes A notebook computer used in a hotel room
Yes No Networks in unwired buildings
Yes Yes Store inventory with a handheld computer
Figure 1-5. Combinations of wireless networks and mobile computing.
Conversely, some wireless computers are not mobile. In the home, and in
offices or hotels that lack suitable cabling, it can be more convenient to connect
desktop computers or media players wirelessly than to install wires. Installing a
wireless network may require little more than buying a small box with some elec-
tronics in it, unpacking it, and plugging it in. This solution may be far cheaper
than having workmen put in cable ducts to wire the building.
Finally, there are also true mobile, wireless applications, such as people walk-
ing around stores with a handheld computers recording inventory. At many busy

12 INTRODUCTION CHAP. 1
airports, car rental return clerks work in the parking lot with wireless mobile com-
puters. They scan the barcodes or RFID chips of returning cars, and their mobile
device, which has a built-in printer, calls the main computer, gets the rental infor-
mation, and prints out the bill on the spot.
Perhaps the key driver of mobile, wireless applications is the mobile phone.
Text messaging or texting is tremendously popular. It lets a mobile phone user
type a short message that is then delivered by the cellular network to another
mobile subscriber. Few people would have predicted ten years ago that having
teenagers tediously typing short text messages on mobile phones would be an
immense money maker for telephone companies. But texting (or Short Message
Service as it is known outside the U.S.) is very profitable since it costs the carrier
but a tiny fraction of one cent to relay a text message, a service for which they
charge far more.
The long-awaited convergence of telephones and the Internet has finally
arrived, and it will accelerate the growth of mobile applications. Smart phones,
such as the popular iPhone, combine aspects of mobile phones and mobile com-
puters. The (3G and 4G) cellular networks to which they connect can provide fast
data services for using the Internet as well as handling phone calls. Many ad-
vanced phones connect to wireless hotspots too, and automatically switch between
networks to choose the best option for the user.
Other consumer electronics devices can also use cellular and hotspot networks
to stay connected to remote computers. Electronic book readers can download a
newly purchased book or the next edition of a magazine or today’s newspaper
wherever they roam. Electronic picture frames can update their displays on cue
with fresh images.
Since mobile phones know their locations, often because they are equipped
with GPS (Global Positioning System) receivers, some services are intentionally
location dependent. Mobile maps and directions are an obvious candidate as your
GPS-enabled phone and car probably have a better idea of where you are than you
do. So, too, are searches for a nearby bookstore or Chinese restaurant, or a local
weather forecast. Other services may record location, such as annotating photos
and videos with the place at which they were made. This annotation is known as
‘‘geo-tagging.’’
An area in which mobile phones are now starting to be used is m-commerce
(mobile-commerce) (Senn, 2000). Short text messages from the mobile are used
to authorize payments for food in vending machines, movie tickets, and other
small items instead of cash and credit cards. The charge then appears on the
mobile phone bill. When equipped with NFC (Near Field Communication)
technology the mobile can act as an RFID smartcard and interact with a nearby
reader for payment. The driving forces behind this phenomenon are the mobile
device makers and network operators, who are trying hard to figure out how to get
a piece of the e-commerce pie. From the store’s point of view, this scheme may
save them most of the credit card company’s fee, which can be several percent.

SEC. 1.1 USES OF COMPUTER NETWORKS 13
Of course, this plan may backfire, since customers in a store might use the RFID
or barcode readers on their mobile devices to check out competitors’ prices before
buying and use them to get a detailed report on where else an item can be pur-
chased nearby and at what price.
One huge thing that m-commerce has going for it is that mobile phone users
are accustomed to paying for everything (in contrast to Internet users, who expect
everything to be free). If an Internet Web site charged a fee to allow its customers
to pay by credit card, there would be an immense howling noise from the users.
If, however, a mobile phone operator its customers to pay for items in a store by
waving the phone at the cash register and then tacked on a fee for this conveni-
ence, it would probably be accepted as normal. Time will tell.
No doubt the uses of mobile and wireless computers will grow rapidly in the
future as the size of computers shrinks, probably in ways no one can now foresee.
Let us take a quick look at some possibilities. Sensor networks are made up of
nodes that gather and wirelessly relay information they sense about the state of the
physical world. The nodes may be part of familiar items such as cars or phones,
or they may be small separate devices. For example, your car might gather data
on its location, speed, vibration, and fuel efficiency from its on-board diagnostic
system and upload this information to a database (Hull et al., 2006). Those data
can help find potholes, plan trips around congested roads, and tell you if you are a
‘‘gas guzzler’’ compared to other drivers on the same stretch of road.
Sensor networks are revolutionizing science by providing a wealth of data on
behavior that could not previously be observed. One example is tracking the
migration of individual zebras by placing a small sensor on each animal (Juang et
al., 2002). Researchers have packed a wireless computer into a cube 1 mm on
edge (Warneke et al., 2001). With mobile computers this small, even small birds,
rodents, and insects can be tracked.
Even mundane uses, such as in parking meters, can be significant because
they make use of data that were not previously available. Wireless parking meters
can accept credit or debit card payments with instant verification over the wireless
link. They can also report when they are in use over the wireless network. This
would let drivers download a recent parking map to their car so they can find an
available spot more easily. Of course, when a meter expires, it might also check
for the presence of a car (by bouncing a signal off it) and report the expiration to
parking enforcement. It has been estimated that city governments in the U.S.
alone could collect an additional $10 billion this way (Harte et al., 2000).
Wearable computers are another promising application. Smart watches with
radios have been part of our mental space since their appearance in the Dick
Tracy comic strip in 1946; now you can buy them. Other such devices may be
implanted, such as pacemakers and insulin pumps. Some of these can be con-
trolled over a wireless network. This lets doctors test and reconfigure them more
easily. It could also lead to some nasty problems if the devices are as insecure as
the average PC and can be hacked easily (Halperin et al., 2008).

14 INTRODUCTION CHAP. 1
1.1.4 Social Issues
Computer networks, like the printing press 500 years ago, allow ordinary
citizens to distribute and view content in ways that were not previously possible.
But along with the good comes the bad, as this new-found freedom brings with it
many unsolved social, political, and ethical issues. Let us just briefly mention a
few of them; a thorough study would require a full book, at least.
Social networks, message boards, content sharing sites, and a host of other ap-
plications allow people to share their views with like-minded individuals. As long
as the subjects are restricted to technical topics or hobbies like gardening, not too
many problems will arise.
The trouble comes with topics that people actually care about, like politics,
religion, or sex. Views that are publicly posted may be deeply offensive to some
people. Worse yet, they may not be politically correct. Furthermore, opinions
need not be limited to text; high-resolution color photographs and video clips are
easily shared over computer networks. Some people take a live-and-let-live view,
but others feel that posting certain material (e.g., verbal attacks on particular
countries or religions, pornography, etc.) is simply unacceptable and that such
content must be censored. Different countries have different and conflicting laws
in this area. Thus, the debate rages.
In the past, people have sued network operators, claiming that they are re-
sponsible for the contents of what they carry, just as newspapers and magazines
are. The inevitable response is that a network is like a telephone company or the
post office and cannot be expected to police what its users say.
It should now come only as a slight surprise to learn that some network opera-
tors block content for their own reasons. Some users of peer-to-peer applications
had their network service cut off because the network operators did not find it pro-
fitable to carry the large amounts of traffic sent by those applications. Those
same operators would probably like to treat different companies differently. If
you are a big company and pay well then you get good service, but if you are a
small-time player, you get poor service. Opponents of this practice argue that
peer-to-peer and other content should be treated in the same way because they are
all just bits to the network. This argument for communications that are not dif-
ferentiated by their content or source or who is providing the content is known as
network neutrality (Wu, 2003). It is probably safe to say that this debate will go
on for a while.
Many other parties are involved in the tussle over content. For instance, pi-
rated music and movies fueled the massive growth of peer-to-peer networks,
which did not please the copyright holders, who have threatened (and sometimes
taken) legal action. There are now automated systems that search peer-to-peer
networks and fire off warnings to network operators and users who are suspected
of infringing copyright. In the United States, these warnings are known as
DMCA takedown notices after the Digital Millennium Copyright Act. This

SEC. 1.1 USES OF COMPUTER NETWORKS 15
search is an arms’ race because it is hard to reliably catch copyright infringement.
Even your printer might be mistaken for a culprit (Piatek et al., 2008).
Computer networks make it very easy to communicate. They also make it
easy for the people who run the network to snoop on the traffic. This sets up con-
flicts over issues such as employee rights versus employer rights. Many people
read and write email at work. Many employers have claimed the right to read and
possibly censor employee messages, including messages sent from a home com-
puter outside working hours. Not all employees agree with this, especially the lat-
ter part.
Another conflict is centered around government versus citizen’s rights. The
FBI has installed systems at many Internet service providers to snoop on all in-
coming and outgoing email for nuggets of interest. One early system was origi-
nally called Carnivore, but bad publicity caused it to be renamed to the more
innocent-sounding DCS1000 (Blaze and Bellovin, 2000; Sobel, 2001; and Zacks,
2001). The goal of such systems is to spy on millions of people in the hope of
perhaps finding information about illegal activities. Unfortunately for the spies,
the Fourth Amendment to the U.S. Constitution prohibits government searches
without a search warrant, but the government often ignores it.
Of course, the government does not have a monopoly on threatening people’s
privacy. The private sector does its bit too by profiling users. For example,
small files called cookies that Web browsers store on users’ computers allow
companies to track users’ activities in cyberspace and may also allow credit card
numbers, social security numbers, and other confidential information to leak all
over the Internet (Berghel, 2001). Companies that provide Web-based services
may maintain large amounts of personal information about their users that allows
them to study user activities directly. For example, Google can read your email
and show you advertisements based on your interests if you use its email service,
Gmail.
A new twist with mobile devices is location privacy (Beresford and Stajano,
2003). As part of the process of providing service to your mobile device the net-
work operators learn where you are at different times of day. This allows them to
track your movements. They may know which nightclub you frequent and which
medical center you visit.
Computer networks also offer the potential to increase privacy by sending
anonymous messages. In some situations, this capability may be desirable.
Beyond preventing companies from learning your habits, it provides, for example,
a way for students, soldiers, employees, and citizens to blow the whistle on illegal
behavior on the part of professors, officers, superiors, and politicians without fear
of reprisals. On the other hand, in the United States and most other democracies,
the law specifically permits an accused person the right to confront and challenge
his accuser in court so anonymous accusations cannot be used as evidence.
The Internet makes it possible to find information quickly, but a great deal of
it is ill considered, misleading, or downright wrong. That medical advice you

16 INTRODUCTION CHAP. 1
plucked from the Internet about the pain in your chest may have come from a
Nobel Prize winner or from a high-school dropout.
Other information is frequently unwanted. Electronic junk mail (spam) has
become a part of life because spammers have collected millions of email address-
es and would-be marketers can cheaply send computer-generated messages to
them. The resulting flood of spam rivals the flow messages from real people.
Fortunately, filtering software is able to read and discard the spam generated by
other computers, with lesser or greater degrees of success.
Still other content is intended for criminal behavior. Web pages and email
messages containing active content (basically, programs or macros that execute on
the receiver’s machine) can contain viruses that take over your computer. They
might be used to steal your bank account passwords, or to have your computer
send spam as part of a botnet or pool of compromised machines.
Phishing messages masquerade as originating from a trustworthy party, for
example, your bank, to try to trick you into revealing sensitive information, for
example, credit card numbers. Identity theft is becoming a serious problem as
thieves collect enough information about a victim to obtain credit cards and other
documents in the victim’s name.
It can be difficult to prevent computers from impersonating people on the In-
ternet. This problem has led to the development of CAPTCHAs, in which a com-
puter asks a person to solve a short recognition task, for example, typing in the
letters shown in a distorted image, to show that they are human (von Ahn, 2001).
This process is a variation on the famous Turing test in which a person asks ques-
tions over a network to judge whether the entity responding is human.
A lot of these problems could be solved if the computer industry took com-
puter security seriously. If all messages were encrypted and authenticated, it
would be harder to commit mischief. Such technology is well established and we
will study it in detail in Chap. 8. The problem is that hardware and software ven-
dors know that putting in security features costs money and their customers are
not demanding such features. In addition, a substantial number of the problems
are caused by buggy software, which occurs because vendors keep adding more
and more features to their programs, which inevitably means more code and thus
more bugs. A tax on new features might help, but that might be a tough sell in
some quarters. A refund for defective software might be nice, except it would
bankrupt the entire software industry in the first year.
Computer networks raise new legal problems when they interact with old
laws. Electronic gambling provides an example. Computers have been simulating
things for decades, so why not simulate slot machines, roulette wheels, blackjack
dealers, and more gambling equipment? Well, because it is illegal in a lot of
places. The trouble is, gambling is legal in a lot of other places (England, for ex-
ample) and casino owners there have grasped the potential for Internet gambling.
What happens if the gambler, the casino, and the server are all in different coun-
tries, with conflicting laws? Good question.

SEC. 1.2 NETWORK HARDWARE 17
1.2 NETWORK HARDWARE
It is now time to turn our attention from the applications and social aspects of
networking (the dessert) to the technical issues involved in network design (the
spinach). There is no generally accepted taxonomy into which all computer net-
works fit, but two dimensions stand out as important: transmission technology and
scale. We will now examine each of these in turn.
Broadly speaking, there are two types of transmission technology that are in
widespread use: broadcast links and point-to-point links.
Point-to-point links connect individual pairs of machines. To go from the
source to the destination on a network made up of point-to-point links, short mes-
sages, called packets in certain contexts, may have to first visit one or more inter-
mediate machines. Often multiple routes, of different lengths, are possible, so
finding good ones is important in point-to-point networks. Point-to-point
transmission with exactly one sender and exactly one receiver is sometimes called
unicasting.
In contrast, on a broadcast network, the communication channel is shared by
all the machines on the network; packets sent by any machine are received by all
the others. An address field within each packet specifies the intended recipient.
Upon receiving a packet, a machine checks the address field. If the packet is in-
tended for the receiving machine, that machine processes the packet; if the packet
is intended for some other machine, it is just ignored.
A wireless network is a common example of a broadcast link, with communi-
cation shared over a coverage region that depends on the wireless channel and the
transmitting machine. As an analogy, consider someone standing in a meeting
room and shouting ‘‘Watson, come here. I want you.’’ Although the packet may
actually be received (heard) by many people, only Watson will respond; the others
just ignore it.
Broadcast systems usually also allow the possibility of addressing a packet to
all destinations by using a special code in the address field. When a packet with
this code is transmitted, it is received and processed by every machine on the net-
work. This mode of operation is called broadcasting. Some broadcast systems
also support transmission to a subset of the machines, which known as multicast-
ing.
An alternative criterion for classifying networks is by scale. Distance is im-
portant as a classification metric because different technologies are used at dif-
ferent scales.
In Fig. 1-6 we classify multiple processor systems by their rough physical
size. At the top are the personal area networks, networks that are meant for one
person. Beyond these come longer-range networks. These can be divided into
local, metropolitan, and wide area networks, each with increasing scale. Finally,
the connection of two or more networks is called an internetwork. The worldwide
Internet is certainly the best-known (but not the only) example of an internetwork.

18 INTRODUCTION CHAP. 1
Soon we will have even larger internetworks with the Interplanetary Internet
that connects networks across space (Burleigh et al., 2003).
1 m Square meter
10 m Room
100 m Building
Campus1 km
City10 km
Interprocessor
distance
Processors
located in same
Example
100 km Country
Continent1000 km
Planet
Personal area network
The Internet
Local area network
Metropolitan area network
Wide area network
10,000 km
Figure 1-6. Classification of interconnected processors by scale.
In this book we will be concerned with networks at all these scales. In the
following sections, we give a brief introduction to network hardware by scale.
1.2.1 Personal Area Networks
PANs (Personal Area Networks) let devices communicate over the range of
a person. A common example is a wireless network that connects a computer
with its peripherals. Almost every computer has an attached monitor, keyboard,
mouse, and printer. Without using wireless, this connection must be done with
cables. So many new users have a hard time finding the right cables and plugging
them into the right little holes (even though they are usually color coded) that
most computer vendors offer the option of sending a technician to the user’s home
to do it. To help these users, some companies got together to design a short-range
wireless network called Bluetooth to connect these components without wires.
The idea is that if your devices have Bluetooth, then you need no cables. You just
put them down, turn them on, and they work together. For many people, this ease
of operation is a big plus.
In the simplest form, Bluetooth networks use the master-slave paradigm of
Fig. 1-7. The system unit (the PC) is normally the master, talking to the mouse,
keyboard, etc., as slaves. The master tells the slaves what addresses to use, when
they can broadcast, how long they can transmit, what frequencies they can use,
and so on.
Bluetooth can be used in other settings, too. It is often used to connect a
headset to a mobile phone without cords and it can allow your digital music player

SEC. 1.2 NETWORK HARDWARE 19
Figure 1-7. Bluetooth PAN configuration.
to connect to your car merely being brought within range. A completely different
kind of PAN is formed when an embedded medical device such as a pacemaker,
insulin pump, or hearing aid talks to a user-operated remote control. We will dis-
cuss Bluetooth in more detail in Chap. 4.
PANs can also be built with other technologies that communicate over short
ranges, such as RFID on smartcards and library books. We will study RFID in
Chap. 4.
1.2.2 Local Area Networks
The next step up is the LAN (Local Area Network). A LAN is a privately
owned network that operates within and nearby a single building like a home, of-
fice or factory. LANs are widely used to connect personal computers and consu-
mer electronics to let them share resources (e.g., printers) and exchange informa-
tion. When LANs are used by companies, they are called enterprise networks.
Wireless LANs are very popular these days, especially in homes, older office
buildings, cafeterias, and other places where it is too much trouble to install
cables. In these systems, every computer has a radio modem and an antenna that
it uses to communicate with other computers. In most cases, each computer talks
to a device in the ceiling as shown in Fig. 1-8(a). This device, called an AP
(Access Point), wireless router, or base station, relays packets between the
wireless computers and also between them and the Internet. Being the AP is like
being the popular kid as school because everyone wants to talk to you. However,
if other computers are close enough, they can communicate directly with one an-
other in a peer-to-peer configuration.
There is a standard for wireless LANs called IEEE 802.11, popularly known
as WiFi, which has become very widespread. It runs at speeds anywhere from 11

20 INTRODUCTION CHAP. 1
Ethernet
switchPorts To rest of
network
To wired networkAccess
point
Figure 1-8. Wireless and wired LANs. (a) 802.11. (b) Switched Ethernet.
to hundreds of Mbps. (In this book we will adhere to tradition and measure line
speeds in megabits/sec, where 1 Mbps is 1,000,000 bits/sec, and gigabits/sec,
where 1 Gbps is 1,000,000,000 bits/sec.) We will discuss 802.11 in Chap. 4.
Wired LANs use a range of different transmission technologies. Most of
them use copper wires, but some use optical fiber. LANs are restricted in size,
which means that the worst-case transmission time is bounded and known in ad-
vance. Knowing these bounds helps with the task of designing network protocols.
Typically, wired LANs run at speeds of 100 Mbps to 1 Gbps, have low delay
(microseconds or nanoseconds), and make very few errors. Newer LANs can op-
erate at up to 10 Gbps. Compared to wireless networks, wired LANs exceed them
in all dimensions of performance. It is just easier to send signals over a wire or
through a fiber than through the air.
The topology of many wired LANs is built from point-to-point links. IEEE
802.3, popularly called Ethernet, is, by far, the most common type of wired
LAN. Fig. 1-8(b) shows a sample topology of switched Ethernet. Each com-
puter speaks the Ethernet protocol and connects to a box called a switch with a
point-to-point link. Hence the name. A switch has multiple ports, each of which
can connect to one computer. The job of the switch is to relay packets between
computers that are attached to it, using the address in each packet to determine
which computer to send it to.
To build larger LANs, switches can be plugged into each other using their
ports. What happens if you plug them together in a loop? Will the network still
work? Luckily, the designers thought of this case. It is the job of the protocol to
sort out what paths packets should travel to safely reach the intended computer.
We will see how this works in Chap. 4.
It is also possible to divide one large physical LAN into two smaller logical
LANs. You might wonder why this would be useful. Sometimes, the layout of the
network equipment does not match the organization’s structure. For example, the

SEC. 1.2 NETWORK HARDWARE 21
engineering and finance departments of a company might have computers on the
same physical LAN because they are in the same wing of the building but it might
be easier to manage the system if engineering and finance logically each had its
own network Virtual LAN or VLAN. In this design each port is tagged with a
‘‘color,’’ say green for engineering and red for finance. The switch then forwards
packets so that computers attached to the green ports are separated from the com-
puters attached to the red ports. Broadcast packets sent on a red port, for example,
will not be received on a green port, just as though there were two different
LANs. We will cover VLANs at the end of Chap. 4.
There are other wired LAN topologies too. In fact, switched Ethernet is a
modern version of the original Ethernet design that broadcast all the packets over
a single linear cable. At most one machine could successfully transmit at a time,
and a distributed arbitration mechanism was used to resolve conflicts. It used a
simple algorithm: computers could transmit whenever the cable was idle. If two
or more packets collided, each computer just waited a random time and tried later.
We will call that version classic Ethernet for clarity, and as you suspected, you
will learn about it in Chap. 4.
Both wireless and wired broadcast networks can be divided into static and
dynamic designs, depending on how the channel is allocated. A typical static al-
location would be to divide time into discrete intervals and use a round-robin al-
gorithm, allowing each machine to broadcast only when its time slot comes up.
Static allocation wastes channel capacity when a machine has nothing to say dur-
ing its allocated slot, so most systems attempt to allocate the channel dynamically
(i.e., on demand).
Dynamic allocation methods for a common channel are either centralized or
decentralized. In the centralized channel allocation method, there is a single enti-
ty, for example, the base station in cellular networks, which determines who goes
next. It might do this by accepting multiple packets and prioritizing them accord-
ing to some internal algorithm. In the decentralized channel allocation method,
there is no central entity; each machine must decide for itself whether to transmit.
You might think that this approach would lead to chaos, but it does not. Later we
will study many algorithms designed to bring order out of the potential chaos.
It is worth spending a little more time discussing LANs in the home. In the
future, it is likely that every appliance in the home will be capable of communi-
cating with every other appliance, and all of them will be accessible over the In-
ternet. This development is likely to be one of those visionary concepts that
nobody asked for (like TV remote controls or mobile phones), but once they
arrived nobody can imagine how they lived without them.
Many devices are already capable of being networked. These include com-
puters, entertainment devices such as TVs and DVDs, phones and other consumer
electronics such as cameras, appliances like clock radios, and infrastructure like
utility meters and thermostats. This trend will only continue. For instance, the
average home probably has a dozen clocks (e.g., in appliances), all of which could

22 INTRODUCTION CHAP. 1
adjust to daylight savings time automatically if the clocks were on the Internet.
Remote monitoring of the home is a likely winner, as many grown children would
be willing to spend some money to help their aging parents live safely in their
own homes.
While we could think of the home network as just another LAN, it is more
likely to have different properties than other networks. First, the networked de-
vices have to be very easy to install. Wireless routers are the most returned con-
sumer electronic item. People buy one because they want a wireless network at
home, find that it does not work ‘‘out of the box,’’ and then return it rather than
listen to elevator music while on hold on the technical helpline.
Second, the network and devices have to be foolproof in operation. Air con-
ditioners used to have one knob with four settings: OFF, LOW, MEDIUM, and
HIGH. Now they have 30-page manuals. Once they are networked, expect the
chapter on security alone to be 30 pages. This is a problem because only com-
puter users are accustomed to putting up with products that do not work; the car-,
television-, and refrigerator-buying public is far less tolerant. They expect pro-
ducts to work 100% without the need to hire a geek.
Third, low price is essential for success. People will not pay a $50 premium
for an Internet thermostat because few people regard monitoring their home tem-
perature from work that important. For $5 extra, though, it might sell.
Fourth, it must be possible to start out with one or two devices and expand the
reach of the network gradually. This means no format wars. Telling consumers
to buy peripherals with IEEE 1394 (FireWire) interfaces and a few years later
retracting that and saying USB 2.0 is the interface-of-the-month and then switch-
ing that to 802.11g—oops, no, make that 802.11n—I mean 802.16 (different wire-
less networks)—is going to make consumers very skittish. The network interface
will have to remain stable for decades, like the television broadcasting standards.
Fifth, security and reliability will be very important. Losing a few files to an
email virus is one thing; having a burglar disarm your security system from his
mobile computer and then plunder your house is something quite different.
An interesting question is whether home networks will be wired or wireless.
Convenience and cost favors wireless networking because there are no wires to
fit, or worse, retrofit. Security favors wired networking because the radio waves
that wireless networks use are quite good at going through walls. Not everyone is
overjoyed at the thought of having the neighbors piggybacking on their Internet
connection and reading their email. In Chap. 8 we will study how encryption can
be used to provide security, but it is easier said than done with inexperienced
users.
A third option that may be appealing is to reuse the networks that are already
in the home. The obvious candidate is the electric wires that are installed
throughout the house. Power-line networks let devices that plug into outlets
broadcast information throughout the house. You have to plug in the TV anyway,
and this way it can get Internet connectivity at the same time. The difficulty is

SEC. 1.2 NETWORK HARDWARE 23
how to carry both power and data signals at the same time. Part of the answer is
that they use different frequency bands.
In short, home LANs offer many opportunities and challenges. Most of the
latter relate to the need for the networks to be easy to manage, dependable, and
secure, especially in the hands of nontechnical users, as well as low cost.
1.2.3 Metropolitan Area Networks
A MAN (Metropolitan Area Network) covers a city. The best-known ex-
amples of MANs are the cable television networks available in many cities.
These systems grew from earlier community antenna systems used in areas with
poor over-the-air television reception. In those early systems, a large antenna was
placed on top of a nearby hill and a signal was then piped to the subscribers’
houses.
At first, these were locally designed, ad hoc systems. Then companies began
jumping into the business, getting contracts from local governments to wire up en-
tire cities. The next step was television programming and even entire channels
designed for cable only. Often these channels were highly specialized, such as all
news, all sports, all cooking, all gardening, and so on. But from their inception
until the late 1990s, they were intended for television reception only.
When the Internet began attracting a mass audience, the cable TV network
operators began to realize that with some changes to the system, they could pro-
vide two-way Internet service in unused parts of the spectrum. At that point, the
cable TV system began to morph from simply a way to distribute television to a
metropolitan area network. To a first approximation, a MAN might look some-
thing like the system shown in Fig. 1-9. In this figure we see both television sig-
nals and Internet being fed into the centralized cable headend for subsequent dis-
tribution to people’s homes. We will come back to this subject in detail in Chap.
2.
Cable television is not the only MAN, though. Recent developments in high-
speed wireless Internet access have resulted in another MAN, which has been
standardized as IEEE 802.16 and is popularly known as WiMAX. We will look
at it in Chap. 4.
1.2.4 Wide Area Networks
A WAN (Wide Area Network) spans a large geographical area, often a
country or continent. We will begin our discussion with wired WANs, using the
example of a company with branch offices in different cities.
The WAN in Fig. 1-10 is a network that connects offices in Perth, Melbourne,
and Brisbane. Each of these offices contains computers intended for running user
(i.e., application) programs. We will follow traditional usage and call these ma-
chines hosts. The rest of the network that connects these hosts is then called the

24 INTRODUCTION CHAP. 1
Internet
Antenna
Junction
box
Head end
Figure 1-9. A metropolitan area network based on cable TV.
communication subnet, or just subnet for short. The job of the subnet is to carry
messages from host to host, just as the telephone system carries words (really just
sounds) from speaker to listener.
In most WANs, the subnet consists of two distinct components: transmission
lines and switching elements. Transmission lines move bits between machines.
They can be made of copper wire, optical fiber, or even radio links. Most com-
panies do not have transmission lines lying about, so instead they lease the lines
from a telecommunications company. Switching elements, or just switches, are
specialized computers that connect two or more transmission lines. When data
arrive on an incoming line, the switching element must choose an outgoing line on
which to forward them. These switching computers have been called by various
names in the past; the name router is now most commonly used. Unfortunately,
some people pronounce it ‘‘rooter’’ while others have it rhyme with ‘‘doubter.’’
Determining the correct pronunciation will be left as an exercise for the reader.
(Note: the perceived correct answer may depend on where you live.)
A short comment about the term ‘‘subnet’’ is in order here. Originally, its
only meaning was the collection of routers and communication lines that moved
packets from the source host to the destination host. Readers should be aware that
it has acquired a second, more recent meaning in conjunction with network ad-
dressing. We will discuss that meaning in Chap. 5 and stick with the original
meaning (a collection of lines and routers) until then.
The WAN as we have described it looks similar to a large wired LAN, but
there are some important differences that go beyond long wires. Usually in a
WAN, the hosts and subnet are owned and operated by different people. In our

SEC. 1.2 NETWORK HARDWARE 25
Subnet
Router
Perth
Brisbane
Melbourne
Transmission
line
Figure 1-10. WAN that connects three branch offices in Australia.
example, the employees might be responsible for their own computers, while the
company’s IT department is in charge of the rest of the network. We will see
clearer boundaries in the coming examples, in which the network provider or tele-
phone company operates the subnet. Separation of the pure communication
aspects of the network (the subnet) from the application aspects (the hosts) greatly
simplifies the overall network design.
A second difference is that the routers will usually connect different kinds of
networking technology. The networks inside the offices may be switched Ether-
net, for example, while the long-distance transmission lines may be SONET links
(which we will cover in Chap. 2). Some device needs to join them. The astute
reader will notice that this goes beyond our definition of a network. This means
that many WANs will in fact be internetworks , or composite networks that are
made up of more than one network. We will have more to say about internet-
works in the next section.
A final difference is in what is connected to the subnet. This could be indivi-
dual computers, as was the case for connecting to LANs, or it could be entire
LANs. This is how larger networks are built from smaller ones. As far as the sub-
net is concerned, it does the same job.
We are now in a position to look at two other varieties of WANs. First, rather
than lease dedicated transmission lines, a company might connect its offices to the
Internet This allows connections to be made between the offices as virtual links

26 INTRODUCTION CHAP. 1
that use the underlying capacity of the Internet. This arrangement, shown in
Fig. 1-11, is called a VPN (Virtual Private Network). Compared to the dedi-
cated arrangement, a VPN has the usual advantage of virtualization, which is that
it provides flexible reuse of a resource (Internet connectivity). Consider how easy
it is to add a fourth office to see this. A VPN also has the usual disadvantage of
virtualization, which is a lack of control over the underlying resources. With a
dedicated line, the capacity is clear. With a VPN your mileage may vary with
your Internet service.
Internet
Perth
Brisbane
Melbourne
Link via the
internet
Figure 1-11. WAN using a virtual private network.
The second variation is that the subnet may be run by a different company.
The subnet operator is known as a network service provider and the offices are
its customers. This structure is shown in Fig. 1-12. The subnet operator will con-
nect to other customers too, as long as they can pay and it can provide service.
Since it would be a disappointing network service if the customers could only
send packets to each other, the subnet operator will also connect to other networks
that are part of the Internet. Such a subnet operator is called an ISP (Internet
Service Provider) and the subnet is an ISP network. Its customers who connect
to the ISP receive Internet service.
We can use the ISP network to preview some key issues that we will study in
later chapters. In most WANs, the network contains many transmission lines,
each connecting a pair of routers. If two routers that do not share a transmission
line wish to communicate, they must do this indirectly, via other routers. There

SEC. 1.2 NETWORK HARDWARE 27
ISP network
Perth
Brisbane
Melbourne
Transmission
line
Customer
network
Figure 1-12. WAN using an ISP network.
may be many paths in the network that connect these two routers. How the net-
work makes the decision as to which path to use is called the routing algorithm.
Many such algorithms exist. How each router makes the decision as to where to
send a packet next is called the forwarding algorithm. Many of them exist too.
We will study some of both types in detail in Chap. 5.
Other kinds of WANs make heavy use of wireless technologies. In satellite
systems, each computer on the ground has an antenna through which it can send
data to and receive data from to a satellite in orbit. All computers can hear the
output from the satellite, and in some cases they can also hear the upward
transmissions of their fellow computers to the satellite as well. Satellite networks
are inherently broadcast and are most useful when the broadcast property is im-
portant.
The cellular telephone network is another example of a WAN that uses wire-
less technology. This system has already gone through three generations and a
fourth one is on the horizon. The first generation was analog and for voice only.
The second generation was digital and for voice only. The third generation is dig-
ital and is for both voice and data. Each cellular base station covers a distance
much larger than a wireless LAN, with a range measured in kilometers rather than
tens of meters. The base stations are connected to each other by a backbone net-
work that is usually wired. The data rates of cellular networks are often on the
order of 1 Mbps, much smaller than a wireless LAN that can range up to on the
order of 100 Mbps. We will have a lot to say about these networks in Chap. 2.

28 INTRODUCTION CHAP. 1
1.2.5 Internetworks
Many networks exist in the world, often with different hardware and software.
People connected to one network often want to communicate with people attached
to a different one. The fulfillment of this desire requires that different, and fre-
quently incompatible, networks be connected. A collection of interconnected net-
works is called an internetwork or internet. These terms will be used in a gen-
eric sense, in contrast to the worldwide Internet (which is one specific internet),
which we will always capitalize. The Internet uses ISP networks to connect en-
terprise networks, home networks, and many other networks. We will look at the
Internet in great detail later in this book.
Subnets, networks, and internetworks are often confused. The term ‘‘subnet’’
makes the most sense in the context of a wide area network, where it refers to the
collection of routers and communication lines owned by the network operator. As
an analogy, the telephone system consists of telephone switching offices connect-
ed to one another by high-speed lines, and to houses and businesses by low-speed
lines. These lines and equipment, owned and managed by the telephone com-
pany, form the subnet of the telephone system. The telephones themselves (the
hosts in this analogy) are not part of the subnet.
A network is formed by the combination of a subnet and its hosts. However,
the word ‘‘network’’ is often used in a loose sense as well. A subnet might be de-
scribed as a network, as in the case of the ‘‘ISP network’’ of Fig. 1-12. An inter-
network might also be described as a network, as in the case of the WAN in
Fig. 1-10. We will follow similar practice, and if we are distinguishing a network
from other arrangements, we will stick with our original definition of a collection
of computers interconnected by a single technology.
Let us say more about what constitutes an internetwork. We know that an in-
ternet is formed when distinct networks are interconnected. In our view, connect-
ing a LAN and a WAN or connecting two LANs is the usual way to form an inter-
network, but there is little agreement in the industry over terminology in this area.
There are two rules of thumb that are useful. First, if different organizations have
paid to construct different parts of the network and each maintains its part, we
have an internetwork rather than a single network. Second, if the underlying tech-
nology is different in different parts (e.g., broadcast versus point-to-point and
wired versus wireless), we probably have an internetwork.
To go deeper, we need to talk about how two different networks can be con-
nected. The general name for a machine that makes a connection between two or
more networks and provides the necessary translation, both in terms of hardware
and software, is a gateway. Gateways are distinguished by the layer at which
they operate in the protocol hierarchy. We will have much more to say about lay-
ers and protocol hierarchies starting in the next section, but for now imagine that
higher layers are more tied to applications, such as the Web, and lower layers are
more tied to transmission links, such as Ethernet.

SEC. 1.2 NETWORK HARDWARE 29
Since the benefit of forming an internet is to connect computers across net-
works, we do not want to use too low-level a gateway or we will be unable to
make connections between different kinds of networks. We do not want to use
too high-level a gateway either, or the connection will only work for particular ap-
plications. The level in the middle that is ‘‘just right’’ is often called the network
layer, and a router is a gateway that switches packets at the network layer. We
can now spot an internet by finding a network that has routers.
1.3 NETWORK SOFTWARE
The first computer networks were designed with the hardware as the main
concern and the software as an afterthought. This strategy no longer works. Net-
work software is now highly structured. In the following sections we examine the
software structuring technique in some detail. The approach described here forms
the keystone of the entire book and will occur repeatedly later on.
1.3.1 Protocol Hierarchies
To reduce their design complexity, most networks are organized as a stack of
layers or levels, each one built upon the one below it. The number of layers, the
name of each layer, the contents of each layer, and the function of each layer dif-
fer from network to network. The purpose of each layer is to offer certain ser-
vices to the higher layers while shielding those layers from the details of how the
offered services are actually implemented. In a sense, each layer is a kind of vir-
tual machine, offering certain services to the layer above it.
This concept is actually a familiar one and is used throughout computer sci-
ence, where it is variously known as information hiding, abstract data types, data
encapsulation, and object-oriented programming. The fundamental idea is that a
particular piece of software (or hardware) provides a service to its users but keeps
the details of its internal state and algorithms hidden from them.
When layer n on one machine carries on a conversation with layer n on anoth-
er machine, the rules and conventions used in this conversation are collectively
known as the layer n protocol. Basically, a protocol is an agreement between the
communicating parties on how communication is to proceed. As an analogy,
when a woman is introduced to a man, she may choose to stick out her hand. He,
in turn, may decide to either shake it or kiss it, depending, for example, on wheth-
er she is an American lawyer at a business meeting or a European princess at a
formal ball. Violating the protocol will make communication more difficult, if
not completely impossible.
A five-layer network is illustrated in Fig. 1-13. The entities comprising the
corresponding layers on different machines are called peers. The peers may be

30 INTRODUCTION CHAP. 1
software processes, hardware devices, or even human beings. In other words, it is
the peers that communicate by using the protocol to talk to each other.
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
Host 1
Layer 4/5 interface
Layer 3/4 interface
Layer 2/3 interface
Layer 1/2 interface
Layer 5 protocol
Layer 5
Layer 4
Layer 3
Layer 2
Layer 1
Host 2
Layer 4 protocol
Layer 3 protocol
Layer 2 protocol
Layer 1 protocol
Physical medium
Figure 1-13. Layers, protocols, and interfaces.
In reality, no data are directly transferred from layer n on one machine to
layer n on another machine. Instead, each layer passes data and control infor-
mation to the layer immediately below it, until the lowest layer is reached. Below
layer 1 is the physical medium through which actual communication occurs. In
Fig. 1-13, virtual communication is shown by dotted lines and physical communi-
cation by solid lines.
Between each pair of adjacent layers is an interface. The interface defines
which primitive operations and services the lower layer makes available to the
upper one. When network designers decide how many layers to include in a net-
work and what each one should do, one of the most important considerations is
defining clean interfaces between the layers. Doing so, in turn, requires that each
layer perform a specific collection of well-understood functions. In addition to
minimizing the amount of information that must be passed between layers, clear-
cut interfaces also make it simpler to replace one layer with a completely different
protocol or implementation (e.g., replacing all the telephone lines by satellite
channels) because all that is required of the new protocol or implementation is
that it offer exactly the same set of services to its upstairs neighbor as the old one
did. It is common that different hosts use different implementations of the same
protocol (often written by different companies). In fact, the protocol itself can
change in some layer without the layers above and below it even noticing.

SEC. 1.3 NETWORK SOFTWARE 31
A set of layers and protocols is called a network architecture . The specif-
ication of an architecture must contain enough information to allow an imple-
menter to write the program or build the hardware for each layer so that it will
correctly obey the appropriate protocol. Neither the details of the implementation
nor the specification of the interfaces is part of the architecture because these are
hidden away inside the machines and not visible from the outside. It is not even
necessary that the interfaces on all machines in a network be the same, provided
that each machine can correctly use all the protocols. A list of the protocols used
by a certain system, one protocol per layer, is called a protocol stack. Network
architectures, protocol stacks, and the protocols themselves are the principal sub-
jects of this book.
An analogy may help explain the idea of multilayer communication. Imagine
two philosophers (peer processes in layer 3), one of whom speaks Urdu and
English and one of whom speaks Chinese and French. Since they have no com-
mon language, they each engage a translator (peer processes at layer 2), each of
whom in turn contacts a secretary (peer processes in layer 1). Philosopher 1
wishes to convey his affection for oryctolagus cuniculus to his peer. To do so, he
passes a message (in English) across the 2/3 interface to his translator, saying ‘‘I
like rabbits,’’ as illustrated in Fig. 1-14. The translators have agreed on a neutral
language known to both of them, Dutch, so the message is converted to ‘‘Ik vind
konijnen leuk.’’ The choice of the language is the layer 2 protocol and is up to the
layer 2 peer processes.
The translator then gives the message to a secretary for transmission, for ex-
ample, by email (the layer 1 protocol). When the message arrives at the other
secretary, it is passed to the local translator, who translates it into French and
passes it across the 2/3 interface to the second philosopher. Note that each proto-
col is completely independent of the other ones as long as the interfaces are not
changed. The translators can switch from Dutch to, say, Finnish, at will, provided
that they both agree and neither changes his interface with either layer 1 or layer
3. Similarly, the secretaries can switch from email to telephone without disturb-
ing (or even informing) the other layers. Each process may add some information
intended only for its peer. This information is not passed up to the layer above.
Now consider a more technical example: how to provide communication to
the top layer of the five-layer network in Fig. 1-15. A message, M, is produced by
an application process running in layer 5 and given to layer 4 for transmission.
Layer 4 puts a header in front of the message to identify the message and passes
the result to layer 3. The header includes control information, such as addresses,
to allow layer 4 on the destination machine to deliver the message. Other ex-
amples of control information used in some layers are sequence numbers (in case
the lower layer does not preserve message order), sizes, and times.
In many networks, no limit is placed on the size of messages transmitted in
the layer 4 protocol but there is nearly always a limit imposed by the layer 3 pro-
tocol. Consequently, layer 3 must break up the incoming messages into smaller

32 INTRODUCTION CHAP. 1
I like
rabbits
Location A
3
2
1
3
2
1
Location B
Message Philosopher
Translator
Secretary
Information
for the remote
translator
Information
for the remote
secretary
L: Dutch
Ik vind
konijnen
leuk
Fax #—
L: Dutch
Ik vind
konijnen
leuk
J’aime
bien les
lapins
L: Dutch
Ik vind
konijnen
leuk
Fax #—
L: Dutch
Ik vind
konijnen
leuk
Figure 1-14. The philosopher-translator-secretary architecture.
units, packets, prepending a layer 3 header to each packet. In this example, M is
split into two parts, M 1 and M 2, that will be transmitted separately.
Layer 3 decides which of the outgoing lines to use and passes the packets to
layer 2. Layer 2 adds to each piece not only a header but also a trailer, and gives
the resulting unit to layer 1 for physical transmission. At the receiving machine
the message moves upward, from layer to layer, with headers being stripped off as
it progresses. None of the headers for layers below n are passed up to layer n.
The important thing to understand about Fig. 1-15 is the relation between the
virtual and actual communication and the difference between protocols and inter-
faces. The peer processes in layer 4, for example, conceptually think of their
communication as being ‘‘horizontal,’’ using the layer 4 protocol. Each one is
likely to have procedures called something like SendToOtherSide and GetFrom-
OtherSide, even though these procedures actually communicate with lower layers
across the 3/4 interface, and not with the other side.

SEC. 1.3 NETWORK SOFTWARE 33
H2 H3 H4 M1 T2 H2 H3 M2 T2 H2 H3 H4 M1 T2 H2 H3 M2 T2
H3 H4 M1 H3 M2 H3 H4 M1 H3 M2
H4 M H4 M
M M
Layer 2
protocol
2
Layer 3
protocol
Layer 4 protocol
Layer 5 protocol
3
4
5
1
Layer
Source machine Destination machine
Figure 1-15. Example information flow supporting virtual communication in
layer 5.
The peer process abstraction is crucial to all network design. Using it, the
unmanageable task of designing the complete network can be broken into several
smaller, manageable design problems, namely, the design of the individual layers.
Although Sec. 1.3 is called ‘‘Network Software,’’ it is worth pointing out that
the lower layers of a protocol hierarchy are frequently implemented in hardware
or firmware. Nevertheless, complex protocol algorithms are involved, even if
they are embedded (in whole or in part) in hardware.
1.3.2 Design Issues for the Layers
Some of the key design issues that occur in computer networks will come up
in layer after layer. Below, we will briefly mention the more important ones.
Reliability is the design issue of making a network that operates correctly
even though it is made up of a collection of components that are themselves
unreliable. Think about the bits of a packet traveling through the network. There
is a chance that some of these bits will be received damaged (inverted) due to
fluke electrical noise, random wireless signals, hardware flaws, software bugs and
so on. How is it possible that we find and fix these errors?
One mechanism for finding errors in received information uses codes for er-
ror detection. Information that is incorrectly received can then be retransmitted

34 INTRODUCTION CHAP. 1
until it is received correctly. More powerful codes allow for error correction,
where the correct message is recovered from the possibly incorrect bits that were
originally received. Both of these mechanisms work by adding redundant infor-
mation. They are used at low layers, to protect packets sent over individual links,
and high layers, to check that the right contents were received.
Another reliability issue is finding a working path through a network. Often
there are multiple paths between a source and destination, and in a large network,
there may be some links or routers that are broken. Suppose that the network is
down in Germany. Packets sent from London to Rome via Germany will not get
through, but we could instead send packets from London to Rome via Paris. The
network should automatically make this decision. This topic is called routing.
A second design issue concerns the evolution of the network. Over time, net-
works grow larger and new designs emerge that need to be connected to the exist-
ing network. We have recently seen the key structuring mechanism used to sup-
port change by dividing the overall problem and hiding implementation details:
protocol layering. There are many other strategies as well.
Since there are many computers on the network, every layer needs a mechan-
ism for identifying the senders and receivers that are involved in a particular mes-
sage. This mechanism is called addressing or naming, in the low and high lay-
ers, respectively.
An aspect of growth is that different network technologies often have dif-
ferent limitations. For example, not all communication channels preserve the
order of messages sent on them, leading to solutions that number messages. An-
other example is differences in the maximum size of a message that the networks
can transmit. This leads to mechanisms for disassembling, transmitting, and then
reassembling messages. This overall topic is called internetworking .
When networks get large, new problems arise. Cities can have traffic jams, a
shortage of telephone numbers, and it is easy to get lost. Not many people have
these problems in their own neighborhood, but citywide they may be a big issue.
Designs that continue to work well when the network gets large are said to be
scalable.
A third design issue is resource allocation. Networks provide a service to
hosts from their underlying resources, such as the capacity of transmission lines.
To do this well, they need mechanisms that divide their resources so that one host
does not interfere with another too much.
Many designs share network bandwidth dynamically, according to the short-
term needs of hosts, rather than by giving each host a fixed fraction of the band-
width that it may or may not use. This design is called statistical multiplexing,
meaning sharing based on the statistics of demand. It can be applied at low layers
for a single link, or at high layers for a network or even applications that use the
network.
An allocation problem that occurs at every level is how to keep a fast sender
from swamping a slow receiver with data. Feedback from the receiver to the

SEC. 1.3 NETWORK SOFTWARE 35
sender is often used. This subject is called flow control. Sometimes the problem
is that the network is oversubscribed because too many computers want to send
too much traffic, and the network cannot deliver it all. This overloading of the
network is called congestion. One strategy is for each computer to reduce its de-
mand when it experiences congestion. It, too, can be used in all layers.
It is interesting to observe that the network has more resources to offer than
simply bandwidth. For uses such as carrying live video, the timeliness of delivery
matters a great deal. Most networks must provide service to applications that want
this real-time delivery at the same time that they provide service to applications
that want high throughput. Quality of service is the name given to mechanisms
that reconcile these competing demands.
The last major design issue is to secure the network by defending it against
different kinds of threats. One of the threats we have mentioned previously is that
of eavesdropping on communications. Mechanisms that provide confidentiality
defend against this threat, and they are used in multiple layers. Mechanisms for
authentication prevent someone from impersonating someone else. They might
be used to tell fake banking Web sites from the real one, or to let the cellular net-
work check that a call is really coming from your phone so that you will pay the
bill. Other mechanisms for integrity prevent surreptitious changes to messages,
such as altering ‘‘debit my account $10’’ to ‘‘debit my account $1000.’’ All of
these designs are based on cryptography, which we shall study in Chap. 8.
1.3.3 Connection-Oriented Versus Connectionless Service
Layers can offer two different types of service to the layers above them: con-
nection-oriented and connectionless. In this section we will look at these two
types and examine the differences between them.
Connection-oriented service is modeled after the telephone system. To talk
to someone, you pick up the phone, dial the number, talk, and then hang up. Simi-
larly, to use a connection-oriented network service, the service user first estab-
lishes a connection, uses the connection, and then releases the connection. The
essential aspect of a connection is that it acts like a tube: the sender pushes objects
(bits) in at one end, and the receiver takes them out at the other end. In most
cases the order is preserved so that the bits arrive in the order they were sent.
In some cases when a connection is established, the sender, receiver, and sub-
net conduct a negotiation about the parameters to be used, such as maximum
message size, quality of service required, and other issues. Typically, one side
makes a proposal and the other side can accept it, reject it, or make a counter-
proposal. A circuit is another name for a connection with associated resources,
such as a fixed bandwidth. This dates from the telephone network in which a cir-
cuit was a path over copper wire that carried a phone conversation.
In contrast to connection-oriented service, connectionless service is modeled
after the postal system. Each message (letter) carries the full destination address,

36 INTRODUCTION CHAP. 1
and each one is routed through the intermediate nodes inside the system indepen-
dent of all the subsequent messages. There are different names for messages in
different contexts; a packet is a message at the network layer. When the inter-
mediate nodes receive a message in full before sending it on to the next node, this
is called store-and-forward switching. The alternative, in which the onward
transmission of a message at a node starts before it is completely received by the
node, is called cut-through switching. Normally, when two messages are sent to
the same destination, the first one sent will be the first one to arrive. However, it
is possible that the first one sent can be delayed so that the second one arrives
first.
Each kind of service can further be characterized by its reliability. Some ser-
vices are reliable in the sense that they never lose data. Usually, a reliable service
is implemented by having the receiver acknowledge the receipt of each message
so the sender is sure that it arrived. The acknowledgement process introduces
overhead and delays, which are often worth it but are sometimes undesirable.
A typical situation in which a reliable connection-oriented service is appropri-
ate is file transfer. The owner of the file wants to be sure that all the bits arrive
correctly and in the same order they were sent. Very few file transfer customers
would prefer a service that occasionally scrambles or loses a few bits, even if it is
much faster.
Reliable connection-oriented service has two minor variations: message se-
quences and byte streams. In the former variant, the message boundaries are pre-
served. When two 1024-byte messages are sent, they arrive as two distinct 1024-
byte messages, never as one 2048-byte message. In the latter, the connection is
simply a stream of bytes, with no message boundaries. When 2048 bytes arrive at
the receiver, there is no way to tell if they were sent as one 2048-byte message,
two 1024-byte messages, or 2048 1-byte messages. If the pages of a book are sent
over a network to a phototypesetter as separate messages, it might be important to
preserve the message boundaries. On the other hand, to download a DVD movie,
a byte stream from the server to the user’s computer is all that is needed. Mes-
sage boundaries within the movie are not relevant.
For some applications, the transit delays introduced by acknowledgements are
unacceptable. One such application is digitized voice traffic for voice over IP. It
is less disruptive for telephone users to hear a bit of noise on the line from time to
time than to experience a delay waiting for acknowledgements. Similarly, when
transmitting a video conference, having a few pixels wrong is no problem, but
having the image jerk along as the flow stops and starts to correct errors is irritat-
ing.
Not all applications require connections. For example, spammers send elec-
tronic junk-mail to many recipients. The spammer probably does not want to go
to the trouble of setting up and later tearing down a connection to a recipient just
to send them one item. Nor is 100 percent reliable delivery essential, especially if
it costs more. All that is needed is a way to send a single message that has a high

SEC. 1.3 NETWORK SOFTWARE 37
probability of arrival, but no guarantee. Unreliable (meaning not acknowledged)
connectionless service is often called datagram service, in analogy with telegram
service, which also does not return an acknowledgement to the sender. Despite it
being unreliable, it is the dominant form in most networks for reasons that will
become clear later
In other situations, the convenience of not having to establish a connection to
send one message is desired, but reliability is essential. The acknowledged
datagram service can be provided for these applications. It is like sending a reg-
istered letter and requesting a return receipt. When the receipt comes back, the
sender is absolutely sure that the letter was delivered to the intended party and not
lost along the way. Text messaging on mobile phones is an example.
Still another service is the request-reply service. In this service the sender
transmits a single datagram containing a request; the reply contains the answer.
Request-reply is commonly used to implement communication in the client-server
model: the client issues a request and the server responds to it. For example, a
mobile phone client might send a query to a map server to retrieve the map data
for the current location. Figure 1-16 summarizes the types of services discussed
above.
Reliable message stream
Reliable byte stream
Unreliable connection
Unreliable datagram
Acknowledged datagram
Request-reply
Service
Connection-
oriented
Connection-
less
Sequence of pages
Movie download
Voice over IP
Electronic junk mail
Text messaging
Database query
Example
Figure 1-16. Six different types of service.
The concept of using unreliable communication may be confusing at first.
After all, why would anyone actually prefer unreliable communication to reliable
communication? First of all, reliable communication (in our sense, that is,
acknowledged) may not be available in a given layer. For example, Ethernet does
not provide reliable communication. Packets can occasionally be damaged in
transit. It is up to higher protocol levels to recover from this problem. In particu-
lar, many reliable services are built on top of an unreliable datagram service. Sec-
ond, the delays inherent in providing a reliable service may be unacceptable, espe-
cially in real-time applications such as multimedia. For these reasons, both reli-
able and unreliable communication coexist.

38 INTRODUCTION CHAP. 1
1.3.4 Service Primitives
A service is formally specified by a set of primitives (operations) available to
user processes to access the service. These primitives tell the service to perform
some action or report on an action taken by a peer entity. If the protocol stack is
located in the operating system, as it often is, the primitives are normally system
calls. These calls cause a trap to kernel mode, which then turns control of the ma-
chine over to the operating system to send the necessary packets.
The set of primitives available depends on the nature of the service being pro-
vided. The primitives for connection-oriented service are different from those of
connectionless service. As a minimal example of the service primitives that
might provide a reliable byte stream, consider the primitives listed in Fig. 1-17.
They will be familiar to fans of the Berkeley socket interface, as the primitives are
a simplified version of that interface.
Primitive Meaning
LISTEN Block waiting for an incoming connection
CONNECT Establish a connection with a waiting peer
ACCEPT Accept an incoming connection from a peer
RECEIVE Block waiting for an incoming message
SEND Send a message to the peer
DISCONNECT Terminate a connection
Figure 1-17. Six service primitives that provide a simple connection-oriented
service.
These primitives might be used for a request-reply interaction in a client-ser-
ver environment. To illustrate how, We sketch a simple protocol that implements
the service using acknowledged datagrams.
First, the server executes LISTEN to indicate that it is prepared to accept in-
coming connections. A common way to implement LISTEN is to make it a block-
ing system call. After executing the primitive, the server process is blocked until
a request for connection appears.
Next, the client process executes CONNECT to establish a connection with the
server. The CONNECT call needs to specify who to connect to, so it might have a
parameter giving the server’s address. The operating system then typically sends
a packet to the peer asking it to connect, as shown by (1) in Fig. 1-18. The client
process is suspended until there is a response.
When the packet arrives at the server, the operating system sees that the pack-
et is requesting a connection. It checks to see if there is a listener, and if so it
unblocks the listener. The server process can then establish the connection with
the ACCEPT call. This sends a response (2) back to the client process to accept the

SEC. 1.3 NETWORK SOFTWARE 39
Client machine
(1) Connect request
(2) Accept response
System
calls
KernelOperatingsystem
Client
process
DriversProtocolstack
Server machine
System
process
Kernel DriversProtocolstack
(3) Request for data
(4) Reply
(5) Disconnect
(6) Disconnect
Figure 1-18. A simple client-server interaction using acknowledged datagrams.
connection. The arrival of this response then releases the client. At this point the
client and server are both running and they have a connection established.
The obvious analogy between this protocol and real life is a customer (client)
calling a company’s customer service manager. At the start of the day, the service
manager sits next to his telephone in case it rings. Later, a client places a call.
When the manager picks up the phone, the connection is established.
The next step is for the server to execute RECEIVE to prepare to accept the first
request. Normally, the server does this immediately upon being released from the
LISTEN, before the acknowledgement can get back to the client. The RECEIVE call
blocks the server.
Then the client executes SEND to transmit its request (3) followed by the ex-
ecution of RECEIVE to get the reply. The arrival of the request packet at the server
machine unblocks the server so it can handle the request. After it has done the
work, the server uses SEND to return the answer to the client (4). The arrival of
this packet unblocks the client, which can now inspect the answer. If the client
has additional requests, it can make them now.
When the client is done, it executes DISCONNECT to terminate the connection
(5). Usually, an initial DISCONNECT is a blocking call, suspending the client and
sending a packet to the server saying that the connection is no longer needed.
When the server gets the packet, it also issues a DISCONNECT of its own, ack-
nowledging the client and releasing the connection (6). When the server’s packet
gets back to the client machine, the client process is released and the connection is
broken. In a nutshell, this is how connection-oriented communication works.
Of course, life is not so simple. Many things can go wrong here. The timing
can be wrong (e.g., the CONNECT is done before the LISTEN), packets can get lost,
and much more. We will look at these issues in great detail later, but for the
moment, Fig. 1-18 briefly summarizes how client-server communication might
work with acknowledged datagrams so that we can ignore lost packets.
Given that six packets are required to complete this protocol, one might
wonder why a connectionless protocol is not used instead. The answer is that in a
perfect world it could be, in which case only two packets would be needed: one

40 INTRODUCTION CHAP. 1
for the request and one for the reply. However, in the face of large messages in
either direction (e.g., a megabyte file), transmission errors, and lost packets, the
situation changes. If the reply consisted of hundreds of packets, some of which
could be lost during transmission, how would the client know if some pieces were
missing? How would the client know whether the last packet actually received
was really the last packet sent? Suppose the client wanted a second file. How
could it tell packet 1 from the second file from a lost packet 1 from the first file
that suddenly found its way to the client? In short, in the real world, a simple re-
quest-reply protocol over an unreliable network is often inadequate. In Chap. 3
we will study a variety of protocols in detail that overcome these and other prob-
lems. For the moment, suffice it to say that having a reliable, ordered byte stream
between processes is sometimes very convenient.
1.3.5 The Relationship of Services to Protocols
Services and protocols are distinct concepts. This distinction is so important
that we emphasize it again here. A service is a set of primitives (operations) that
a layer provides to the layer above it. The service defines what operations the
layer is prepared to perform on behalf of its users, but it says nothing at all about
how these operations are implemented. A service relates to an interface between
two layers, with the lower layer being the service provider and the upper layer
being the service user.
A protocol, in contrast, is a set of rules governing the format and meaning of
the packets, or messages that are exchanged by the peer entities within a layer.
Entities use protocols to implement their service definitions. They are free to
change their protocols at will, provided they do not change the service visible to
their users. In this way, the service and the protocol are completely decoupled.
This is a key concept that any network designer should understand well.
To repeat this crucial point, services relate to the interfaces between layers, as
illustrated in Fig. 1-19. In contrast, protocols relate to the packets sent between
peer entities on different machines. It is very important not to confuse the two
concepts.
An analogy with programming languages is worth making. A service is like
an abstract data type or an object in an object-oriented language. It defines opera-
tions that can be performed on an object but does not specify how these operations
are implemented. In contrast, a protocol relates to the implementation of the ser-
vice and as such is not visible to the user of the service.
Many older protocols did not distinguish the service from the protocol. In ef-
fect, a typical layer might have had a service primitive SEND PACKET with the user
providing a pointer to a fully assembled packet. This arrangement meant that all
changes to the protocol were immediately visible to the users. Most network de-
signers now regard such a design as a serious blunder.

SEC. 1.4 REFERENCE MODELS 41
Layer k
Layer k + 1
Layer k – 1
Protocol
Service provided by layer k
Layer k
Layer k + 1
Layer k – 1
Figure 1-19. The relationship between a service and a protocol.
1.4 REFERENCE MODELS
Now that we have discussed layered networks in the abstract, it is time to look
at some examples. We will discuss two important network architectures: the OSI
reference model and the TCP/IP reference model. Although the protocols associ-
ated with the OSI model are not used any more, the model itself is actually quite
general and still valid, and the features discussed at each layer are still very im-
portant. The TCP/IP model has the opposite properties: the model itself is not of
much use but the protocols are widely used. For this reason we will look at both
of them in detail. Also, sometimes you can learn more from failures than from
successes.
1.4.1 The OSI Reference Model
The OSI model (minus the physical medium) is shown in Fig. 1-20. This
model is based on a proposal developed by the International Standards Organiza-
tion (ISO) as a first step toward international standardization of the protocols used
in the various layers (Day and Zimmermann, 1983). It was revised in 1995 (Day,
1995). The model is called the ISO OSI (Open Systems Interconnection) Ref-
erence Model because it deals with connecting open systems—that is, systems
that are open for communication with other systems. We will just call it the OSI
model for short.
The OSI model has seven layers. The principles that were applied to arrive at
the seven layers can be briefly summarized as follows:
1. A layer should be created where a different abstraction is needed.
2. Each layer should perform a well-defined function.
3. The function of each layer should be chosen with an eye toward
defining internationally standardized protocols.

42 INTRODUCTION CHAP. 1
Layer
Presentation
Application
Session
Transport
Network
Data link
Physical
7
6
5
4
3
2
1
Interface
Host A
Name of unit
exchanged
APDU
PPDU
SPDU
TPDU
Packet
Frame
Bit
Presentation
Application
Session
Transport
Network
Data link
Physical
Host B
Network Network
Data link Data link
Physical Physical
Router Router
Internal subnet protocol
Application protocol
Presentation protocol
Transport protocol
Session protocol
Communication subnet boundary
Network layer host-router protocol
Data link layer host-router protocol
Physical layer host-router protocol
Figure 1-20. The OSI reference model.
4. The layer boundaries should be chosen to minimize the information
flow across the interfaces.
5. The number of layers should be large enough that distinct functions
need not be thrown together in the same layer out of necessity and
small enough that the architecture does not become unwieldy.
Below we will discuss each layer of the model in turn, starting at the bottom
layer. Note that the OSI model itself is not a network architecture because it does
not specify the exact services and protocols to be used in each layer. It just tells
what each layer should do. However, ISO has also produced standards for all the
layers, although these are not part of the reference model itself. Each one has
been published as a separate international standard. The model (in part) is widely
used although the associated protocols have been long forgotten.

SEC. 1.4 REFERENCE MODELS 43
The Physical Layer
The physical layer is concerned with transmitting raw bits over a communi-
cation channel. The design issues have to do with making sure that when one side
sends a 1 bit it is received by the other side as a 1 bit, not as a 0 bit. Typical ques-
tions here are what electrical signals should be used to represent a 1 and a 0, how
many nanoseconds a bit lasts, whether transmission may proceed simultaneously
in both directions, how the initial connection is established, how it is torn down
when both sides are finished, how many pins the network connector has, and what
each pin is used for. These design issues largely deal with mechanical, electrical,
and timing interfaces, as well as the physical transmission medium, which lies
below the physical layer.
The Data Link Layer
The main task of the data link layer is to transform a raw transmission facil-
ity into a line that appears free of undetected transmission errors. It does so by
masking the real errors so the network layer does not see them. It accomplishes
this task by having the sender break up the input data into data frames (typically
a few hundred or a few thousand bytes) and transmit the frames sequentially. If
the service is reliable, the receiver confirms correct receipt of each frame by send-
ing back an acknowledgement frame.
Another issue that arises in the data link layer (and most of the higher layers
as well) is how to keep a fast transmitter from drowning a slow receiver in data.
Some traffic regulation mechanism may be needed to let the transmitter know
when the receiver can accept more data.
Broadcast networks have an additional issue in the data link layer: how to
control access to the shared channel. A special sublayer of the data link layer, the
medium access control sublayer, deals with this problem.
The Network Layer
The network layer controls the operation of the subnet. A key design issue is
determining how packets are routed from source to destination. Routes can be
based on static tables that are ‘‘wired into’’ the network and rarely changed, or
more often they can be updated automatically to avoid failed components. They
can also be determined at the start of each conversation, for example, a terminal
session, such as a login to a remote machine. Finally, they can be highly dynam-
ic, being determined anew for each packet to reflect the current network load.
If too many packets are present in the subnet at the same time, they will get in
one another’s way, forming bottlenecks. Handling congestion is also a responsi-
bility of the network layer, in conjunction with higher layers that adapt the load

44 INTRODUCTION CHAP. 1
they place on the network. More generally, the quality of service provided (delay,
transit time, jitter, etc.) is also a network layer issue.
When a packet has to travel from one network to another to get to its destina-
tion, many problems can arise. The addressing used by the second network may
be different from that used by the first one. The second one may not accept the
packet at all because it is too large. The protocols may differ, and so on. It is up
to the network layer to overcome all these problems to allow heterogeneous net-
works to be interconnected.
In broadcast networks, the routing problem is simple, so the network layer is
often thin or even nonexistent.
The Transport Layer
The basic function of the transport layer is to accept data from above it, split
it up into smaller units if need be, pass these to the network layer, and ensure that
the pieces all arrive correctly at the other end. Furthermore, all this must be done
efficiently and in a way that isolates the upper layers from the inevitable changes
in the hardware technology over the course of time.
The transport layer also determines what type of service to provide to the ses-
sion layer, and, ultimately, to the users of the network. The most popular type of
transport connection is an error-free point-to-point channel that delivers messages
or bytes in the order in which they were sent. However, other possible kinds of
transport service exist, such as the transporting of isolated messages with no guar-
antee about the order of delivery, and the broadcasting of messages to multiple
destinations. The type of service is determined when the connection is esta-
blished. (As an aside, an error-free channel is completely impossible to achieve;
what people really mean by this term is that the error rate is low enough to ignore
in practice.)
The transport layer is a true end-to-end layer; it carries data all the way from
the source to the destination. In other words, a program on the source machine
carries on a conversation with a similar program on the destination machine, using
the message headers and control messages. In the lower layers, each protocols is
between a machine and its immediate neighbors, and not between the ultimate
source and destination machines, which may be separated by many routers. The
difference between layers 1 through 3, which are chained, and layers 4 through 7,
which are end-to-end, is illustrated in Fig. 1-20.
The Session Layer
The session layer allows users on different machines to establish sessions be-
tween them. Sessions offer various services, including dialog control (keeping
track of whose turn it is to transmit), token management (preventing two parties
from attempting the same critical operation simultaneously), and synchronization

SEC. 1.4 REFERENCE MODELS 45
(checkpointing long transmissions to allow them to pick up from where they left
off in the event of a crash and subsequent recovery).
The Presentation Layer
Unlike the lower layers, which are mostly concerned with moving bits around,
the presentation layer is concerned with the syntax and semantics of the infor-
mation transmitted. In order to make it possible for computers with different in-
ternal data representations to communicate, the data structures to be exchanged
can be defined in an abstract way, along with a standard encoding to be used ‘‘on
the wire.’’ The presentation layer manages these abstract data structures and al-
lows higher-level data structures (e.g., banking records) to be defined and
exchanged.
The Application Layer
The application layer contains a variety of protocols that are commonly
needed by users. One widely used application protocol is HTTP (HyperText
Transfer Protocol), which is the basis for the World Wide Web. When a
browser wants a Web page, it sends the name of the page it wants to the server
hosting the page using HTTP. The server then sends the page back. Other appli-
cation protocols are used for file transfer, electronic mail, and network news.
1.4.2 The TCP/IP Reference Model
Let us now turn from the OSI reference model to the reference model used in
the grandparent of all wide area computer networks, the ARPANET, and its suc-
cessor, the worldwide Internet. Although we will give a brief history of the
ARPANET later, it is useful to mention a few key aspects of it now. The
ARPANET was a research network sponsored by the DoD (U.S. Department of
Defense). It eventually connected hundreds of universities and government instal-
lations, using leased telephone lines. When satellite and radio networks were
added later, the existing protocols had trouble interworking with them, so a new
reference architecture was needed. Thus, from nearly the beginning, the ability to
connect multiple networks in a seamless way was one of the major design goals.
This architecture later became known as the TCP/IP Reference Model, after its
two primary protocols. It was first described by Cerf and Kahn (1974), and later
refined and defined as a standard in the Internet community (Braden, 1989). The
design philosophy behind the model is discussed by Clark (1988).
Given the DoD’s worry that some of its precious hosts, routers, and internet-
work gateways might get blown to pieces at a moment’s notice by an attack from
the Soviet Union, another major goal was that the network be able to survive loss
of subnet hardware, without existing conversations being broken off. In other

46 INTRODUCTION CHAP. 1
words, the DoD wanted connections to remain intact as long as the source and
destination machines were functioning, even if some of the machines or transmis-
sion lines in between were suddenly put out of operation. Furthermore, since ap-
plications with divergent requirements were envisioned, ranging from transferring
files to real-time speech transmission, a flexible architecture was needed.
The Link Layer
All these requirements led to the choice of a packet-switching network based
on a connectionless layer that runs across different networks. The lowest layer in
the model, the link layer describes what links such as serial lines and classic Eth-
ernet must do to meet the needs of this connectionless internet layer. It is not
really a layer at all, in the normal sense of the term, but rather an interface be-
tween hosts and transmission links. Early material on the TCP/IP model has little
to say about it.
The Internet Layer
The internet layer is the linchpin that holds the whole architecture together.
It is shown in Fig. 1-21 as corresponding roughly to the OSI network layer. Its
job is to permit hosts to inject packets into any network and have them travel in-
dependently to the destination (potentially on a different network). They may
even arrive in a completely different order than they were sent, in which case it is
the job of higher layers to rearrange them, if in-order delivery is desired. Note
that ‘‘internet’’ is used here in a generic sense, even though this layer is present in
the Internet.
TCP/IPOSI
Application
Presentation
Session
Transport
Network
Data link
Physical
7
6
5
4
3
2
1
Application
Transport
Internet
Link
Not present
in the model
Figure 1-21. The TCP/IP reference model.
The analogy here is with the (snail) mail system. A person can drop a se-
quence of international letters into a mailbox in one country, and with a little luck,

SEC. 1.4 REFERENCE MODELS 47
most of them will be delivered to the correct address in the destination country.
The letters will probably travel through one or more international mail gateways
along the way, but this is transparent to the users. Furthermore, that each country
(i.e., each network) has its own stamps, preferred envelope sizes, and delivery
rules is hidden from the users.
The internet layer defines an official packet format and protocol called IP
(Internet Protocol), plus a companion protocol called ICMP (Internet Control
Message Protocol) that helps it function. The job of the internet layer is to
deliver IP packets where they are supposed to go. Packet routing is clearly a
major issue here, as is congestion (though IP has not proven effective at avoiding
congestion).
The Transport Layer
The layer above the internet layer in the TCP/IP model is now usually called
the transport layer. It is designed to allow peer entities on the source and desti-
nation hosts to carry on a conversation, just as in the OSI transport layer. Two
end-to-end transport protocols have been defined here. The first one, TCP
(Transmission Control Protocol), is a reliable connection-oriented protocol that
allows a byte stream originating on one machine to be delivered without error on
any other machine in the internet. It segments the incoming byte stream into
discrete messages and passes each one on to the internet layer. At the destination,
the receiving TCP process reassembles the received messages into the output
stream. TCP also handles flow control to make sure a fast sender cannot swamp a
slow receiver with more messages than it can handle.
The second protocol in this layer, UDP (User Datagram Protocol), is an
unreliable, connectionless protocol for applications that do not want TCP’s
sequencing or flow control and wish to provide their own. It is also widely used
for one-shot, client-server-type request-reply queries and applications in which
prompt delivery is more important than accurate delivery, such as transmitting
speech or video. The relation of IP, TCP, and UDP is shown in Fig. 1-22. Since
the model was developed, IP has been implemented on many other networks.
The Application Layer
The TCP/IP model does not have session or presentation layers. No need for
them was perceived. Instead, applications simply include any session and pres-
entation functions that they require. Experience with the OSI model has proven
this view correct: these layers are of little use to most applications.
On top of the transport layer is the application layer. It contains all the high-
er-level protocols. The early ones included virtual terminal (TELNET), file trans-
fer (FTP), and electronic mail (SMTP). Many other protocols have been added to
these over the years. Some important ones that we will study, shown in Fig. 1-22,

48 INTRODUCTION CHAP. 1
Link Ethernet802.11SONETDSL
IP ICMP
HTTP RTPSMTP DNS
TCP UDP
Internet
Transport
Layers Protocols
Application
Figure 1-22. The TCP/IP model with some protocols we will study.
include the Domain Name System (DNS), for mapping host names onto their net-
work addresses, HTTP, the protocol for fetching pages on the World Wide Web,
and RTP, the protocol for delivering real-time media such as voice or movies.
1.4.3 The Model Used in This Book
As mentioned earlier, the strength of the OSI reference model is the model it-
self (minus the presentation and session layers), which has proven to be ex-
ceptionally useful for discussing computer networks. In contrast, the strength of
the TCP/IP reference model is the protocols, which have been widely used for
many years. Since computer scientists like to have their cake and eat it, too, we
will use the hybrid model of Fig. 1-23 as the framework for this book.
5 Application
4 Transport
3 Network
2 Link
1 Physical
Figure 1-23. The reference model used in this book.
This model has five layers, running from the physical layer up through the
link, network and transport layers to the application layer. The physical layer
specifies how to transmit bits across different kinds of media as electrical (or
other analog) signals. The link layer is concerned with how to send finite-length
messages between directly connected computers with specified levels of reliabil-
ity. Ethernet and 802.11 are examples of link layer protocols.

SEC. 1.4 REFERENCE MODELS 49
The network layer deals with how to combine multiple links into networks,
and networks of networks, into internetworks so that we can send packets between
distant computers. This includes the task of finding the path along which to send
the packets. IP is the main example protocol we will study for this layer. The
transport layer strengthens the delivery guarantees of the Network layer, usually
with increased reliability, and provide delivery abstractions, such as a reliable
byte stream, that match the needs of different applications. TCP is an important
example of a transport layer protocol.
Finally, the application layer contains programs that make use of the network.
Many, but not all, networked applications have user interfaces, such as a Web
browser. Our concern, however, is with the portion of the program that uses the
network. This is the HTTP protocol in the case of the Web browser. There are
also important support programs in the application layer, such as the DNS, that
are used by many applications.
Our chapter sequence is based on this model. In this way, we retain the value
of the OSI model for understanding network architectures, but concentrate pri-
marily on protocols that are important in practice, from TCP/IP and related proto-
cols to newer ones such as 802.11, SONET, and Bluetooth.
1.4.4 A Comparison of the OSI and TCP/IP Reference Models
The OSI and TCP/IP reference models have much in common. Both are
based on the concept of a stack of independent protocols. Also, the functionality
of the layers is roughly similar. For example, in both models the layers up
through and including the transport layer are there to provide an end-to-end, net-
work-independent transport service to processes wishing to communicate. These
layers form the transport provider. Again in both models, the layers above tran-
sport are application-oriented users of the transport service.
Despite these fundamental similarities, the two models also have many dif-
ferences. In this section we will focus on the key differences between the two ref-
erence models. It is important to note that we are comparing the reference models
here, not the corresponding protocol stacks. The protocols themselves will be dis-
cussed later. For an entire book comparing and contrasting TCP/IP and OSI, see
Piscitello and Chapin (1993).
Three concepts are central to the OSI model:
1. Services.
2. Interfaces.
3. Protocols.
Probably the biggest contribution of the OSI model is that it makes the distinction
between these three concepts explicit. Each layer performs some services for the

50 INTRODUCTION CHAP. 1
layer above it. The service definition tells what the layer does, not how entities
above it access it or how the layer works. It defines the layer’s semantics.
A layer’s interface tells the processes above it how to access it. It specifies
what the parameters are and what results to expect. It, too, says nothing about
how the layer works inside.
Finally, the peer protocols used in a layer are the layer’s own business. It can
use any protocols it wants to, as long as it gets the job done (i.e., provides the
offered services). It can also change them at will without affecting software in
higher layers.
These ideas fit very nicely with modern ideas about object-oriented pro-
gramming. An object, like a layer, has a set of methods (operations) that proc-
esses outside the object can invoke. The semantics of these methods define the set
of services that the object offers. The methods’ parameters and results form the
object’s interface. The code internal to the object is its protocol and is not visible
or of any concern outside the object.
The TCP/IP model did not originally clearly distinguish between services, in-
terfaces, and protocols, although people have tried to retrofit it after the fact to
make it more OSI-like. For example, the only real services offered by the internet
layer are SEND IP PACKET and RECEIVE IP PACKET. As a consequence, the proto-
cols in the OSI model are better hidden than in the TCP/IP model and can be
replaced relatively easily as the technology changes. Being able to make such
changes transparently is one of the main purposes of having layered protocols in
the first place.
The OSI reference model was devised before the corresponding protocols
were invented. This ordering meant that the model was not biased toward one
particular set of protocols, a fact that made it quite general. The downside of this
ordering was that the designers did not have much experience with the subject and
did not have a good idea of which functionality to put in which layer.
For example, the data link layer originally dealt only with point-to-point net-
works. When broadcast networks came around, a new sublayer had to be hacked
into the model. Furthermore, when people started to build real networks using the
OSI model and existing protocols, it was discovered that these networks did not
match the required service specifications (wonder of wonders), so convergence
sublayers had to be grafted onto the model to provide a place for papering over
the differences. Finally, the committee originally expected that each country
would have one network, run by the government and using the OSI protocols, so
no thought was given to internetworking. To make a long story short, things did
not turn out that way.
With TCP/IP the reverse was true: the protocols came first, and the model was
really just a description of the existing protocols. There was no problem with the
protocols fitting the model. They fit perfectly. The only trouble was that the
model did not fit any other protocol stacks. Consequently, it was not especially
useful for describing other, non-TCP/IP networks.

SEC. 1.4 REFERENCE MODELS 51
Turning from philosophical matters to more specific ones, an obvious dif-
ference between the two models is the number of layers: the OSI model has seven
layers and the TCP/IP model has four. Both have (inter)network, transport, and
application layers, but the other layers are different.
Another difference is in the area of connectionless versus connection-oriented
communication. The OSI model supports both connectionless and connection-
oriented communication in the network layer, but only connection-oriented com-
munication in the transport layer, where it counts (because the transport service is
visible to the users). The TCP/IP model supports only one mode in the network
layer (connectionless) but both in the transport layer, giving the users a choice.
This choice is especially important for simple request-response protocols.
1.4.5 A Critique of the OSI Model and Protocols
Neither the OSI model and its protocols nor the TCP/IP model and its proto-
cols are perfect. Quite a bit of criticism can be, and has been, directed at both of
them. In this section and the next one, we will look at some of these criticisms.
We will begin with OSI and examine TCP/IP afterward.
At the time the second edition of this book was published (1989), it appeared
to many experts in the field that the OSI model and its protocols were going to
take over the world and push everything else out of their way. This did not hap-
pen. Why? A look back at some of the reasons may be useful. They can be sum-
marized as:
1. Bad timing.
2. Bad technology.
3. Bad implementations.
4. Bad politics.
Bad Timing
First let us look at reason one: bad timing. The time at which a standard is
established is absolutely critical to its success. David Clark of M.I.T. has a theory
of standards that he calls the apocalypse of the two elephants, which is illustrated
in Fig. 1-24.
This figure shows the amount of activity surrounding a new subject. When
the subject is first discovered, there is a burst of research activity in the form of
discussions, papers, and meetings. After a while this activity subsides, corpora-
tions discover the subject, and the billion-dollar wave of investment hits.
It is essential that the standards be written in the trough in between the two
‘‘elephants.’’ If they are written too early (before the research results are well

52 INTRODUCTION CHAP. 1
Time
A
ct
iv
ity
Research
Standards
Billion dollar
investment
Figure 1-24. The apocalypse of the two elephants.
established), the subject may still be poorly understood; the result is a bad stan-
dard. If they are written too late, so many companies may have already made ma-
jor investments in different ways of doing things that the standards are effectively
ignored. If the interval between the two elephants is very short (because everyone
is in a hurry to get started), the people developing the standards may get crushed.
It now appears that the standard OSI protocols got crushed. The competing
TCP/IP protocols were already in widespread use by research universities by the
time the OSI protocols appeared. While the billion-dollar wave of investment had
not yet hit, the academic market was large enough that many vendors had begun
cautiously offering TCP/IP products. When OSI came around, they did not want
to support a second protocol stack until they were forced to, so there were no ini-
tial offerings. With every company waiting for every other company to go first,
no company went first and OSI never happened.
Bad Technology
The second reason that OSI never caught on is that both the model and the
protocols are flawed. The choice of seven layers was more political than techni-
cal, and two of the layers (session and presentation) are nearly empty, whereas
two other ones (data link and network) are overfull.
The OSI model, along with its associated service definitions and protocols, is
extraordinarily complex. When piled up, the printed standards occupy a signifi-
cant fraction of a meter of paper. They are also difficult to implement and ineffi-
cient in operation. In this context, a riddle posed by Paul Mockapetris and cited
by Rose (1993) comes to mind:
Q: What do you get when you cross a mobster with an international standard?
A: Someone who makes you an offer you can’t understand.

SEC. 1.4 REFERENCE MODELS 53
In addition to being incomprehensible, another problem with OSI is that some
functions, such as addressing, flow control, and error control, reappear again and
again in each layer. Saltzer et al. (1984), for example, have pointed out that to be
effective, error control must be done in the highest layer, so that repeating it over
and over in each of the lower layers is often unnecessary and inefficient.
Bad Implementations
Given the enormous complexity of the model and the protocols, it will come
as no surprise that the initial implementations were huge, unwieldy, and slow.
Everyone who tried them got burned. It did not take long for people to associate
‘‘OSI’’ with ‘‘poor quality.’’ Although the products improved in the course of
time, the image stuck.
In contrast, one of the first implementations of TCP/IP was part of Berkeley
UNIX and was quite good (not to mention, free). People began using it quickly,
which led to a large user community, which led to improvements, which led to an
even larger community. Here the spiral was upward instead of downward.
Bad Politics
On account of the initial implementation, many people, especially in
academia, thought of TCP/IP as part of UNIX, and UNIX in the 1980s in academia
was not unlike parenthood (then incorrectly called motherhood) and apple pie.
OSI, on the other hand, was widely thought to be the creature of the European
telecommunication ministries, the European Community, and later the U.S. Gov-
ernment. This belief was only partly true, but the very idea of a bunch of govern-
ment bureaucrats trying to shove a technically inferior standard down the throats
of the poor researchers and programmers down in the trenches actually develop-
ing computer networks did not aid OSI’s cause. Some people viewed this de-
velopment in the same light as IBM announcing in the 1960s that PL/I was the
language of the future, or the DoD correcting this later by announcing that it was
actually Ada.
1.4.6 A Critique of the TCP/IP Reference Model
The TCP/IP model and protocols have their problems too. First, the model
does not clearly distinguish the concepts of services, interfaces, and protocols.
Good software engineering practice requires differentiating between the specif-
ication and the implementation, something that OSI does very carefully, but
TCP/IP does not. Consequently, the TCP/IP model is not much of a guide for de-
signing new networks using new technologies.
Second, the TCP/IP model is not at all general and is poorly suited to describ-
ing any protocol stack other than TCP/IP. Trying to use the TCP/IP model to
describe Bluetooth, for example, is completely impossible.

54 INTRODUCTION CHAP. 1
Third, the link layer is not really a layer at all in the normal sense of the term
as used in the context of layered protocols. It is an interface (between the network
and data link layers). The distinction between an interface and a layer is crucial,
and one should not be sloppy about it.
Fourth, the TCP/IP model does not distinguish between the physical and data
link layers. These are completely different. The physical layer has to do with the
transmission characteristics of copper wire, fiber optics, and wireless communica-
tion. The data link layer’s job is to delimit the start and end of frames and get
them from one side to the other with the desired degree of reliability. A proper
model should include both as separate layers. The TCP/IP model does not do this.
Finally, although the IP and TCP protocols were carefully thought out and
well implemented, many of the other protocols were ad hoc, generally produced
by a couple of graduate students hacking away until they got tired. The protocol
implementations were then distributed free, which resulted in their becoming
widely used, deeply entrenched, and thus hard to replace. Some of them are a bit
of an embarrassment now. The virtual terminal protocol, TELNET, for example,
was designed for a ten-character-per-second mechanical Teletype terminal. It
knows nothing of graphical user interfaces and mice. Nevertheless, it is still in
use some 30 years later.
1.5 EXAMPLE NETWORKS
The subject of computer networking covers many different kinds of networks,
large and small, well known and less well known. They have different goals,
scales, and technologies. In the following sections, we will look at some ex-
amples, to get an idea of the variety one finds in the area of computer networking.
We will start with the Internet, probably the best known network, and look at
its history, evolution, and technology. Then we will consider the mobile phone
network. Technically, it is quite different from the Internet, contrasting nicely
with it. Next we will introduce IEEE 802.11, the dominant standard for wireless
LANs. Finally, we will look at RFID and sensor networks, technologies that ex-
tend the reach of the network to include the physical world and everyday objects.
1.5.1 The Internet
The Internet is not really a network at all, but a vast collection of different
networks that use certain common protocols and provide certain common ser-
vices. It is an unusual system in that it was not planned by anyone and is not con-
trolled by anyone. To better understand it, let us start from the beginning and see
how it has developed and why. For a wonderful history of the Internet, John
Naughton’s (2000) book is highly recommended. It is one of those rare books that
is not only fun to read, but also has 20 pages of ibid.’s and op. cit.’s for the serious
historian. Some of the material in this section is based on this book.

SEC. 1.5 EXAMPLE NETWORKS 55
Of course, countless technical books have been written about the Internet and
its protocols as well. For more information, see, for example, Maufer (1999).
The ARPANET
The story begins in the late 1950s. At the height of the Cold War, the U.S.
DoD wanted a command-and-control network that could survive a nuclear war.
At that time, all military communications used the public telephone network,
which was considered vulnerable. The reason for this belief can be gleaned from
Fig. 1-25(a). Here the black dots represent telephone switching offices, each of
which was connected to thousands of telephones. These switching offices were,
in turn, connected to higher-level switching offices (toll offices), to form a
national hierarchy with only a small amount of redundancy. The vulnerability of
the system was that the destruction of a few key toll offices could fragment it into
many isolated islands.
(a)
Toll
office
Switching
office
(b)
Figure 1-25. (a) Structure of the telephone system. (b) Baran’s proposed dis-
tributed switching system.
Around 1960, the DoD awarded a contract to the RAND Corporation to find a
solution. One of its employees, Paul Baran, came up with the highly distributed
and fault-tolerant design of Fig. 1-25(b). Since the paths between any two switch-
ing offices were now much longer than analog signals could travel without distor-
tion, Baran proposed using digital packet-switching technology. Baran wrote sev-
eral reports for the DoD describing his ideas in detail (Baran, 1964). Officials at
the Pentagon liked the concept and asked AT&T, then the U.S.’ national tele-
phone monopoly, to build a prototype. AT&T dismissed Baran’s ideas out of
hand. The biggest and richest corporation in the world was not about to allow

56 INTRODUCTION CHAP. 1
some young whippersnapper tell it how to build a telephone system. They said
Baran’s network could not be built and the idea was killed.
Several years went by and still the DoD did not have a better command-and-
control system. To understand what happened next, we have to go back all the
way to October 1957, when the Soviet Union beat the U.S. into space with the
launch of the first artificial satellite, Sputnik. When President Eisenhower tried to
find out who was asleep at the switch, he was appalled to find the Army, Navy,
and Air Force squabbling over the Pentagon’s research budget. His immediate
response was to create a single defense research organization, ARPA, the
Advanced Research Projects Agency. ARPA had no scientists or laboratories;
in fact, it had nothing more than an office and a small (by Pentagon standards)
budget. It did its work by issuing grants and contracts to universities and com-
panies whose ideas looked promising to it.
For the first few years, ARPA tried to figure out what its mission should be.
In 1967, the attention of Larry Roberts, a program manager at ARPA who was
trying to figure out how to provide remote access to computers, turned to net-
working. He contacted various experts to decide what to do. One of them, Wes-
ley Clark, suggested building a packet-switched subnet, connecting each host to
its own router.
After some initial skepticism, Roberts bought the idea and presented a some-
what vague paper about it at the ACM SIGOPS Symposium on Operating System
Principles held in Gatlinburg, Tennessee in late 1967 (Roberts, 1967). Much to
Roberts’ surprise, another paper at the conference described a similar system that
had not only been designed but actually fully implemented under the direction of
Donald Davies at the National Physical Laboratory in England. The NPL system
was not a national system (it just connected several computers on the NPL
campus), but it demonstrated that packet switching could be made to work. Fur-
thermore, it cited Baran’s now discarded earlier work. Roberts came away from
Gatlinburg determined to build what later became known as the ARPANET.
The subnet would consist of minicomputers called IMPs (Interface Message
Processors) connected by 56-kbps transmission lines. For high reliability, each
IMP would be connected to at least two other IMPs. The subnet was to be a
datagram subnet, so if some lines and IMPs were destroyed, messages could be
automatically rerouted along alternative paths.
Each node of the network was to consist of an IMP and a host, in the same
room, connected by a short wire. A host could send messages of up to 8063 bits
to its IMP, which would then break these up into packets of at most 1008 bits and
forward them independently toward the destination. Each packet was received in
its entirety before being forwarded, so the subnet was the first electronic store-
and-forward packet-switching network.
ARPA then put out a tender for building the subnet. Twelve companies bid
for it. After evaluating all the proposals, ARPA selected BBN, a consulting firm
based in Cambridge, Massachusetts, and in December 1968 awarded it a contract

SEC. 1.5 EXAMPLE NETWORKS 57
to build the subnet and write the subnet software. BBN chose to use specially
modified Honeywell DDP-316 minicomputers with 12K 16-bit words of core
memory as the IMPs. The IMPs did not have disks, since moving parts were con-
sidered unreliable. The IMPs were interconnected by 56-kbps lines leased from
telephone companies. Although 56 kbps is now the choice of teenagers who can-
not afford DSL or cable, it was then the best money could buy.
The software was split into two parts: subnet and host. The subnet software
consisted of the IMP end of the host-IMP connection, the IMP-IMP protocol, and
a source IMP to destination IMP protocol designed to improve reliability. The
original ARPANET design is shown in Fig. 1-26.
Host-IMP
protocol
Host-host protocol
Source IMP to
destination IM
P protocol
IMP-IMP protocol
IMP
-IMP
proto
col
Host
IMP
Subnet
Figure 1-26. The original ARPANET design.
Outside the subnet, software was also needed, namely, the host end of the
host-IMP connection, the host-host protocol, and the application software. It soon
became clear that BBN was of the opinion that when it had accepted a message on
a host-IMP wire and placed it on the host-IMP wire at the destination, its job was
done.
Roberts had a problem, though: the hosts needed software too. To deal with
it, he convened a meeting of network researchers, mostly graduate students, at
Snowbird, Utah, in the summer of 1969. The graduate students expected some
network expert to explain the grand design of the network and its software to them
and then assign each of them the job of writing part of it. They were astounded
when there was no network expert and no grand design. They had to figure out
what to do on their own.
Nevertheless, somehow an experimental network went online in December
1969 with four nodes: at UCLA, UCSB, SRI, and the University of Utah. These
four were chosen because all had a large number of ARPA contracts, and all had
different and completely incompatible host computers (just to make it more fun).
The first host-to-host message had been sent two months earlier from the UCLA

58 INTRODUCTION CHAP. 1
node by a team led by Len Kleinrock (a pioneer of the theory of packet switching)
to the SRI node. The network grew quickly as more IMPs were delivered and
installed; it soon spanned the United States. Figure 1-27 shows how rapidly the
ARPANET grew in the first 3 years.
MIT
BBNRANDUCLAUCLA
SRI UTAH ILLINOIS MIT LINCOLN CASE
CARN
HARVARD BURROUGHSBBNRAND
SDC
STAN
UCLA
SRI UTAH
UCSB SDC UCSB
SRI UTAH
UCSB
NCAR GWC LINCOLN CASE
MITRE
ETAC
HARVARD NBSBBNTINKERRAND
SDC
USCAMES
STAN
UCLA
CARN
SRI UTAH
MCCLELLAN
UCSB
ILLINOIS
LINC
RADC
MIT
ILLINOIS MIT
LINC
RADC
UTAH
TINKER
RAND
MCCLELLANLBLSRI
AMES TIP
AMES IMP
X-PARC
FNWC
UCSB UCSD
STANFORD
CCA
BBN
HARVARD
ABERDEEN
NBS
ETAC
ARPA
MITRE
SAAC
BELVOIR
CMU
GWC CASENOAAUSCSDCUCLA
(a)
(d)
(b) (c)
(e)
Figure 1-27. Growth of the ARPANET. (a) December 1969. (b) July 1970.
(c) March 1971. (d) April 1972. (e) September 1972.
In addition to helping the fledgling ARPANET grow, ARPA also funded re-
search on the use of satellite networks and mobile packet radio networks. In one
now famous demonstration, a truck driving around in California used the packet
radio network to send messages to SRI, which were then forwarded over the
ARPANET to the East Coast, where they were shipped to University College in
London over the satellite network. This allowed a researcher in the truck to use a
computer in London while driving around in California.
This experiment also demonstrated that the existing ARPANET protocols
were not suitable for running over different networks. This observation led to
more research on protocols, culminating with the invention of the TCP/IP model
and protocols (Cerf and Kahn, 1974). TCP/IP was specifically designed to handle
communication over internetworks, something becoming increasingly important
as more and more networks were hooked up to the ARPANET.

SEC. 1.5 EXAMPLE NETWORKS 59
To encourage adoption of these new protocols, ARPA awarded several con-
tracts to implement TCP/IP on different computer platforms, including IBM,
DEC, and HP systems, as well as for Berkeley UNIX. Researchers at the Univer-
sity of California at Berkeley rewrote TCP/IP with a new programming interface
called sockets for the upcoming 4.2BSD release of Berkeley UNIX. They also
wrote many application, utility, and management programs to show how con-
venient it was to use the network with sockets.
The timing was perfect. Many universities had just acquired a second or third
VAX computer and a LAN to connect them, but they had no networking software.
When 4.2BSD came along, with TCP/IP, sockets, and many network utilities, the
complete package was adopted immediately. Furthermore, with TCP/IP, it was
easy for the LANs to connect to the ARPANET, and many did.
During the 1980s, additional networks, especially LANs, were connected to
the ARPANET. As the scale increased, finding hosts became increasingly expen-
sive, so DNS (Domain Name System) was created to organize machines into do-
mains and map host names onto IP addresses. Since then, DNS has become a
generalized, distributed database system for storing a variety of information relat-
ed to naming. We will study it in detail in Chap. 7.
NSFNET
By the late 1970s, NSF (the U.S. National Science Foundation) saw the enor-
mous impact the ARPANET was having on university research, allowing scien-
tists across the country to share data and collaborate on research projects. How-
ever, to get on the ARPANET a university had to have a research contract with
the DoD. Many did not have a contract. NSF’s initial response was to fund the
Computer Science Network (CSNET) in 1981. It connected computer science de-
partments and industrial research labs to the ARPANET via dial-up and leased
lines. In the late 1980s, the NSF went further and decided to design a successor to
the ARPANET that would be open to all university research groups.
To have something concrete to start with, NSF decided to build a backbone
network to connect its six supercomputer centers, in San Diego, Boulder, Cham-
paign, Pittsburgh, Ithaca, and Princeton. Each supercomputer was given a little
brother, consisting of an LSI-11 microcomputer called a fuzzball. The fuzzballs
were connected with 56-kbps leased lines and formed the subnet, the same hard-
ware technology the ARPANET used. The software technology was different
however: the fuzzballs spoke TCP/IP right from the start, making it the first
TCP/IP WAN.
NSF also funded some (eventually about 20) regional networks that connected
to the backbone to allow users at thousands of universities, research labs, libraries,
and museums to access any of the supercomputers and to communicate with one
another. The complete network, including backbone and the regional networks,
was called NSFNET. It connected to the ARPANET through a link between an

60 INTRODUCTION CHAP. 1
IMP and a fuzzball in the Carnegie-Mellon machine room. The first NSFNET
backbone is illustrated in Fig. 1-28 superimposed on a map of the U.S.
NSF Supercomputer center
NSF Midlevel network
Both
Figure 1-28. The NSFNET backbone in 1988.
NSFNET was an instantaneous success and was overloaded from the word go.
NSF immediately began planning its successor and awarded a contract to the
Michigan-based MERIT consortium to run it. Fiber optic channels at 448 kbps
were leased from MCI (since merged with WorldCom) to provide the version 2
backbone. IBM PC-RTs were used as routers. This, too, was soon overwhelmed,
and by 1990, the second backbone was upgraded to 1.5 Mbps.
As growth continued, NSF realized that the government could not continue
financing networking forever. Furthermore, commercial organizations wanted to
join but were forbidden by NSF’s charter from using networks NSF paid for.
Consequently, NSF encouraged MERIT, MCI, and IBM to form a nonprofit cor-
poration, ANS (Advanced Networks and Services), as the first step along the
road to commercialization. In 1990, ANS took over NSFNET and upgraded the
1.5-Mbps links to 45 Mbps to form ANSNET. This network operated for 5 years
and was then sold to America Online. But by then, various companies were offer-
ing commercial IP service and it was clear the government should now get out of
the networking business.
To ease the transition and make sure every regional network could communi-
cate with every other regional network, NSF awarded contracts to four different
network operators to establish a NAP (Network Access Point). These operators
were PacBell (San Francisco), Ameritech (Chicago), MFS (Washington, D.C.),
and Sprint (New York City, where for NAP purposes, Pennsauken, New Jersey
counts as New York City). Every network operator that wanted to provide back-
bone service to the NSF regional networks had to connect to all the NAPs.

SEC. 1.5 EXAMPLE NETWORKS 61
This arrangement meant that a packet originating on any regional network had
a choice of backbone carriers to get from its NAP to the destination’s NAP. Con-
sequently, the backbone carriers were forced to compete for the regional net-
works’ business on the basis of service and price, which was the idea, of course.
As a result, the concept of a single default backbone was replaced by a commer-
cially driven competitive infrastructure. Many people like to criticize the Federal
Government for not being innovative, but in the area of networking, it was DoD
and NSF that created the infrastructure that formed the basis for the Internet and
then handed it over to industry to operate.
During the 1990s, many other countries and regions also built national re-
search networks, often patterned on the ARPANET and NSFNET. These in-
cluded EuropaNET and EBONE in Europe, which started out with 2-Mbps lines
and then upgraded to 34-Mbps lines. Eventually, the network infrastructure in
Europe was handed over to industry as well.
The Internet has changed a great deal since those early days. It exploded in
size with the emergence of the World Wide Web (WWW) in the early 1990s.
Recent data from the Internet Systems Consortium puts the number of visible In-
ternet hosts at over 600 million. This guess is only a low-ball estimate, but it far
exceeds the few million hosts that were around when the first conference on the
WWW was held at CERN in 1994.
The way we use the Internet has also changed radically. Initially, applications
such as email-for-academics, newsgroups, remote login, and file transfer dom-
inated. Later it switched to email-for-everyman, then the Web and peer-to-peer
content distribution, such as the now-shuttered Napster. Now real-time media dis-
tribution, social networks (e.g., Facebook), and microblogging (e.g., Twitter) are
taking off. These switches brought richer kinds of media to the Internet and hence
much more traffic. In fact, the dominant traffic on the Internet seems to change
with some regularity as, for example, new and better ways to work with music or
movies can become very popular very quickly.
Architecture of the Internet
The architecture of the Internet has also changed a great deal as it has grown
explosively. In this section, we will attempt to give a brief overview of what it
looks like today. The picture is complicated by continuous upheavals in the
businesses of telephone companies (telcos), cable companies and ISPs that often
make it hard to tell who is doing what. One driver of these upheavals is telecom-
munications convergence, in which one network is used for previously different
uses. For example, in a ‘‘triple play’’ one company sells you telephony, TV, and
Internet service over the same network connection on the assumption that this will
save you money. Consequently, the description given here will be of necessity
somewhat simpler than reality. And what is true today may not be true tomorrow.

62 INTRODUCTION CHAP. 1
The big picture is shown in Fig. 1-29. Let us examine this figure piece by
piece, starting with a computer at home (at the edges of the figure). To join the
Internet, the computer is connected to an Internet Service Provider, or simply
ISP, from who the user purchases Internet access or connectivity. This lets the
computer exchange packets with all of the other accessible hosts on the Internet.
The user might send packets to surf the Web or for any of a thousand other uses, it
does not matter. There are many kinds of Internet access, and they are usually
distinguished by how much bandwidth they provide and how much they cost, but
the most important attribute is connectivity.
Data
center
Fiber
(FTTH)
DSL
Dialup
Cable
3G mobile
phone
Tier 1 ISP
Other
ISPs
Peering
at IXP
POP
Data
path
Router
Cable
modem
CMTS
Backbone
DSLAM
DSL modem
Figure 1-29. Overview of the Internet architecture.
A common way to connect to an ISP is to use the phone line to your house, in
which case your phone company is your ISP. DSL, short for Digital Subscriber
Line, reuses the telephone line that connects to your house for digital data
transmission. The computer is connected to a device called a DSL modem that
converts between digital packets and analog signals that can pass unhindered over
the telephone line. At the other end, a device called a DSLAM (Digital Sub-
scriber Line Access Multiplexer) converts between signals and packets.
Several other popular ways to connect to an ISP are shown in Fig. 1-29. DSL
is a higher-bandwidth way to use the local telephone line than to send bits over a
traditional telephone call instead of a voice conversation. That is called dial-up
and done with a different kind of modem at both ends. The word modem is short
for ‘‘modulator demodulator’’ and refers to any device that converts between digi-
tal bits and analog signals.
Another method is to send signals over the cable TV system. Like DSL, this
is a way to reuse existing infrastructure, in this case otherwise unused cable TV

SEC. 1.5 EXAMPLE NETWORKS 63
channels. The device at the home end is called a cable modem and the device at
the cable headend is called the CMTS (Cable Modem Termination System).
DSL and cable provide Internet access at rates from a small fraction of a
megabit/sec to multiple megabit/sec, depending on the system. These rates are
much greater than dial-up rates, which are limited to 56 kbps because of the nar-
row bandwidth used for voice calls. Internet access at much greater than dial-up
speeds is called broadband. The name refers to the broader bandwidth that is
used for faster networks, rather than any particular speed.
The access methods mentioned so far are limited by the bandwidth of the
‘‘last mile’’ or last leg of transmission. By running optical fiber to residences, fast-
er Internet access can be provided at rates on the order of 10 to 100 Mbps. This
design is called FTTH (Fiber to the Home). For businesses in commercial
areas, it may make sense to lease a high-speed transmission line from the offices
to the nearest ISP. For example, in North America, a T3 line runs at roughly 45
Mbps.
Wireless is used for Internet access too. An example we will explore shortly is
that of 3G mobile phone networks. They can provide data delivery at rates of 1
Mbps or higher to mobile phones and fixed subscribers in the coverage area.
We can now move packets between the home and the ISP. We call the loca-
tion at which customer packets enter the ISP network for service the ISP’s POP
(Point of Presence). We will next explain how packets are moved between the
POPs of different ISPs. From this point on, the system is fully digital and packet
switched.
ISP networks may be regional, national, or international in scope. We have
already seen that their architecture is made up of long-distance transmission lines
that interconnect routers at POPs in the different cities that the ISPs serve. This
equipment is called the backbone of the ISP. If a packet is destined for a host
served directly by the ISP, that packet is routed over the backbone and delivered
to the host. Otherwise, it must be handed over to another ISP.
ISPs connect their networks to exchange traffic at IXPs (Internet eXchange
Points). The connected ISPs are said to peer with each other. There are many
IXPs in cities around the world. They are drawn vertically in Fig. 1-29 because
ISP networks overlap geographically. Basically, an IXP is a room full of routers,
at least one per ISP. A LAN in the room connects all the routers, so packets can
be forwarded from any ISP backbone to any other ISP backbone. IXPs can be
large and independently owned facilities. One of the largest is the Amsterdam In-
ternet Exchange, to which hundreds of ISPs connect and through which they
exchange hundreds of gigabits/sec of traffic.
The peering that happens at IXPs depends on the business relationships be-
tween ISPs. There are many possible relationships. For example, a small ISP
might pay a larger ISP for Internet connectivity to reach distant hosts, much as a
customer purchases service from an Internet provider. In this case, the small ISP
is said to pay for transit. Alternatively, two large ISPs might decide to exchange

64 INTRODUCTION CHAP. 1
traffic so that each ISP can deliver some traffic to the other ISP without having to
pay for transit. One of the many paradoxes of the Internet is that ISPs who pub-
licly compete with one another for customers often privately cooperate to do peer-
ing (Metz, 2001).
The path a packet takes through the Internet depends on the peering choices of
the ISPs. If the ISP delivering a packet peers with the destination ISP, it might
deliver the packet directly to its peer. Otherwise, it might route the packet to the
nearest place at which it connects to a paid transit provider so that provider can
deliver the packet. Two example paths across ISPs are drawn in Fig. 1-29. Often,
the path a packet takes will not be the shortest path through the Internet.
At the top of the food chain are a small handful of companies, like AT&T and
Sprint, that operate large international backbone networks with thousands of rout-
ers connected by high-bandwidth fiber optic links. These ISPs do not pay for
transit. They are usually called tier 1 ISPs and are said to form the backbone of
the Internet, since everyone else must connect to them to be able to reach the en-
tire Internet.
Companies that provide lots of content, such as Google and Yahoo!, locate
their computers in data centers that are well connected to the rest of the Internet.
These data centers are designed for computers, not humans, and may be filled
with rack upon rack of machines called a server farm. Colocation or hosting
data centers let customers put equipment such as servers at ISP POPs so that
short, fast connections can be made between the servers and the ISP backbones.
The Internet hosting industry has become increasingly virtualized so that it is now
common to rent a virtual machine that is run on a server farm instead of installing
a physical computer. These data centers are so large (tens or hundreds of
thousands of machines) that electricity is a major cost, so data centers are some-
times built in areas where electricity is cheap.
This ends our quick tour of the Internet. We will have a great deal to say
about the individual components and their design, algorithms, and protocols in
subsequent chapters. One further point worth mentioning here is that what it
means to be on the Internet is changing. It used to be that a machine was on the
Internet if it: (1) ran the TCP/IP protocol stack; (2) had an IP address; and (3)
could send IP packets to all the other machines on the Internet. However, ISPs
often reuse IP addresses depending on which computers are in use at the moment,
and home networks often share one IP address between multiple computers. This
practice undermines the second condition. Security measures such as firewalls
can also partly block computers from receiving packets, undermining the third
condition. Despite these difficulties, it makes sense to regard such machines as
being on the Internet while they are connected to their ISPs.
Also worth mentioning in passing is that some companies have interconnected
all their existing internal networks, often using the same technology as the Inter-
net. These intranets are typically accessible only on company premises or from
company notebooks but otherwise work the same way as the Internet.

SEC. 1.5 EXAMPLE NETWORKS 65
1.5.2 Third-Generation Mobile Phone Networks
People love to talk on the phone even more than they like to surf the Internet,
and this has made the mobile phone network the most successful network in the
world. It has more than four billion subscribers worldwide. To put this number in
perspective, it is roughly 60% of the world’s population and more than the number
of Internet hosts and fixed telephone lines combined (ITU, 2009).
The architecture of the mobile phone network has changed greatly over the
past 40 years along with its tremendous growth. First-generation mobile phone
systems transmitted voice calls as continuously varying (analog) signals rather
than sequences of (digital) bits. AMPS (Advanced Mobile Phone System),
which was deployed in the United States in 1982, was a widely used first-
generation system. Second-generation mobile phone systems switched to trans-
mitting voice calls in digital form to increase capacity, improve security, and offer
text messaging. GSM (Global System for Mobile communications), which was
deployed starting in 1991 and has become the most widely used mobile phone
system in the world, is a 2G system.
The third generation, or 3G, systems were initially deployed in 2001 and offer
both digital voice and broadband digital data services. They also come with a lot
of jargon and many different standards to choose from. 3G is loosely defined by
the ITU (an international standards body we will discuss in the next section) as
providing rates of at least 2 Mbps for stationary or walking users and 384 kbps in
a moving vehicle. UMTS (Universal Mobile Telecommunications System),
also called WCDMA (Wideband Code Division Multiple Access), is the main
3G system that is being rapidly deployed worldwide. It can provide up to 14
Mbps on the downlink and almost 6 Mbps on the uplink. Future releases will use
multiple antennas and radios to provide even greater speeds for users.
The scarce resource in 3G systems, as in 2G and 1G systems before them, is
radio spectrum. Governments license the right to use parts of the spectrum to the
mobile phone network operators, often using a spectrum auction in which network
operators submit bids. Having a piece of licensed spectrum makes it easier to de-
sign and operate systems, since no one else is allowed transmit on that spectrum,
but it often costs a serious amount of money. In the UK in 2000, for example, five
3G licenses were auctioned for a total of about $40 billion.
It is the scarcity of spectrum that led to the cellular network design shown in
Fig. 1-30 that is now used for mobile phone networks. To manage the radio
interference between users, the coverage area is divided into cells. Within a cell,
users are assigned channels that do not interfere with each other and do not cause
too much interference for adjacent cells. This allows for good reuse of the spec-
trum, or frequency reuse, in the neighboring cells, which increases the capacity
of the network. In 1G systems, which carried each voice call on a specific fre-
quency band, the frequencies were carefully chosen so that they did not conflict
with neighboring cells. In this way, a given frequency might only be reused once

66 INTRODUCTION CHAP. 1
in several cells. Modern 3G systems allow each cell to use all frequencies, but in
a way that results in a tolerable level of interference to the neighboring cells.
There are variations on the cellular design, including the use of directional or sec-
tored antennas on cell towers to further reduce interference, but the basic idea is
the same.
Cells
Base station
Figure 1-30. Cellular design of mobile phone networks.
The architecture of the mobile phone network is very different than that of the
Internet. It has several parts, as shown in the simplified version of the UMTS ar-
chitecture in Fig. 1-31. First, there is the air interface. This term is a fancy name
for the radio communication protocol that is used over the air between the mobile
device (e.g., the cell phone) and the cellular base station. Advances in the air in-
terface over the past decades have greatly increased wireless data rates. The
UMTS air interface is based on Code Division Multiple Access (CDMA), a tech-
nique that we will study in Chap. 2.
The cellular base station together with its controller forms the radio access
network. This part is the wireless side of the mobile phone network. The con-
troller node or RNC (Radio Network Controller) controls how the spectrum is
used. The base station implements the air interface. It is called Node B, a tem-
porary label that stuck.
The rest of the mobile phone network carries the traffic for the radio access
network. It is called the core network. The UMTS core network evolved from
the core network used for the 2G GSM system that came before it. However,
something surprising is happening in the UMTS core network.
Since the beginning of networking, a war has been going on between the peo-
ple who support packet networks (i.e., connectionless subnets) and the people who
support circuit networks (i.e., connection-oriented subnets). The main proponents
of packets come from the Internet community. In a connectionless design, every
packet is routed independently of every other packet. As a consequence, if some
routers go down during a session, no harm will be done as long as the system can

SEC. 1.5 EXAMPLE NETWORKS 67
RNC
RNC
MSC /
MGW
GMSC
/ MGW
SGSN GGSN
Radio access network Core network
Air
interface
(“Uu”)
Node B
PSTN
Internet
Packets
Circuits
(“Iu-CS”)
Access
/ Core
interface
(“Iu”)
Packets
(“Iu-PS”)
HSS
Figure 1-31. Architecture of the UMTS 3G mobile phone network.
dynamically reconfigure itself so that subsequent packets can find some route to
the destination, even if it is different from that which previous packets used.
The circuit camp comes from the world of telephone companies. In the tele-
phone system, a caller must dial the called party’s number and wait for a connec-
tion before talking or sending data. This connection setup establishes a route
through the telephone system that is maintained until the call is terminated. All
words or packets follow the same route. If a line or switch on the path goes down,
the call is aborted, making it less fault tolerant than a connectionless design.
The advantage of circuits is that they can support quality of service more easi-
ly. By setting up a connection in advance, the subnet can reserve resources such
as link bandwidth, switch buffer space, and CPU. If an attempt is made to set up
a call and insufficient resources are available, the call is rejected and the caller
gets a kind of busy signal. In this way, once a connection has been set up, the
connection will get good service.
With a connectionless network, if too many packets arrive at the same router
at the same moment, the router will choke and probably lose packets. The sender
will eventually notice this and resend them, but the quality of service will be jerky
and unsuitable for audio or video unless the network is lightly loaded. Needless to
say, providing adequate audio quality is something telephone companies care
about very much, hence their preference for connections.
The surprise in Fig. 1-31 is that there is both packet and circuit switched
equipment in the core network. This shows the mobile phone network in transi-
tion, with mobile phone companies able to implement one or sometimes both of

68 INTRODUCTION CHAP. 1
the alternatives. Older mobile phone networks used a circuit-switched core in the
style of the traditional phone network to carry voice calls. This legacy is seen in
the UMTS network with the MSC (Mobile Switching Center), GMSC (Gate-
way Mobile Switching Center), and MGW (Media Gateway) elements that set
up connections over a circuit-switched core network such as the PSTN (Public
Switched Telephone Network).
Data services have become a much more important part of the mobile phone
network than they used to be, starting with text messaging and early packet data
services such as GPRS (General Packet Radio Service) in the GSM system.
These older data services ran at tens of kbps, but users wanted more. Newer mo-
bile phone networks carry packet data at rates of multiple Mbps. For comparison,
a voice call is carried at a rate of 64 kbps, typically 3–4x less with compression.
To carry all this data, the UMTS core network nodes connect directly to a
packet-switched network. The SGSN (Serving GPRS Support Node) and the
GGSN (Gateway GPRS Support Node) deliver data packets to and from
mobiles and interface to external packet networks such as the Internet.
This transition is set to continue in the mobile phone networks that are now
being planned and deployed. Internet protocols are even used on mobiles to set up
connections for voice calls over a packet data network, in the manner of voice-
over-IP. IP and packets are used all the way from the radio access through to the
core network. Of course, the way that IP networks are designed is also changing
to support better quality of service. If it did not, then problems with chopped-up
audio and jerky video would not impress paying customers. We will return to this
subject in Chap. 5.
Another difference between mobile phone networks and the traditional Inter-
net is mobility. When a user moves out of the range of one cellular base station
and into the range of another one, the flow of data must be re-routed from the old
to the new cell base station. This technique is known as handover or handoff,
and it is illustrated in Fig. 1-32.
(a) (b)
Figure 1-32. Mobile phone handover (a) before, (b) after.
Either the mobile device or the base station may request a handover when the
quality of the signal drops. In some cell networks, usually those based on CDMA

SEC. 1.5 EXAMPLE NETWORKS 69
technology, it is possible to connect to the new base station before disconnecting
from the old base station. This improves the connection quality for the mobile be-
cause there is no break in service; the mobile is actually connected to two base
stations for a short while. This way of doing a handover is called a soft handover
to distinguish it from a hard handover, in which the mobile disconnects from the
old base station before connecting to the new one.
A related issue is how to find a mobile in the first place when there is an in-
coming call. Each mobile phone network has a HSS (Home Subscriber Server)
in the core network that knows the location of each subscriber, as well as other
profile information that is used for authentication and authorization. In this way,
each mobile can be found by contacting the HSS.
A final area to discuss is security. Historically, phone companies have taken
security much more seriously than Internet companies for a long time because of
the need to bill for service and avoid (payment) fraud. Unfortunately that is not
saying much. Nevertheless, in the evolution from 1G through 3G technologies,
mobile phone companies have been able to roll out some basic security mechan-
isms for mobiles.
Starting with the 2G GSM system, the mobile phone was divided into a
handset and a removable chip containing the subscriber’s identity and account
information. The chip is informally called a SIM card, short for Subscriber
Identity Module. SIM cards can be switched to different handsets to activate
them, and they provide a basis for security. When GSM customers travel to other
countries on vacation or business, they often bring their handsets but buy a new
SIM card for few dollars upon arrival in order to make local calls with no roaming
charges.
To reduce fraud, information on SIM cards is also used by the mobile phone
network to authenticate subscribers and check that they are allowed to use the net-
work. With UMTS, the mobile also uses the information on the SIM card to
check that it is talking to a legitimate network.
Another aspect of security is privacy. Wireless signals are broadcast to all
nearby receivers, so to make it difficult to eavesdrop on conversations, crypto-
graphic keys on the SIM card are used to encrypt transmissions. This approach
provides much better privacy than in 1G systems, which were easily tapped, but is
not a panacea due to weaknesses in the encryption schemes.
Mobile phone networks are destined to play a central role in future networks.
They are now more about mobile broadband applications than voice calls, and this
has major implications for the air interfaces, core network architecture, and secu-
rity of future networks. 4G technologies that are faster and better are on the draw-
ing board under the name of LTE (Long Term Evolution), even as 3G design
and deployment continues. Other wireless technologies also offer broadband In-
ternet access to fixed and mobile clients, notably 802.16 networks under the com-
mon name of WiMAX. It is entirely possible that LTE and WiMAX are on a col-
lision course with each other and it is hard to predict what will happen to them.

70 INTRODUCTION CHAP. 1
1.5.3 Wireless LANs: 802.11
Almost as soon as laptop computers appeared, many people had a dream of
walking into an office and magically having their laptop computer be connected to
the Internet. Consequently, various groups began working on ways to accomplish
this goal. The most practical approach is to equip both the office and the laptop
computers with short-range radio transmitters and receivers to allow them to talk.
Work in this field rapidly led to wireless LANs being marketed by a variety of
companies. The trouble was that no two of them were compatible. The prolifera-
tion of standards meant that a computer equipped with a brand X radio would not
work in a room equipped with a brand Y base station. In the mid 1990s, the indus-
try decided that a wireless LAN standard might be a good idea, so the IEEE com-
mittee that had standardized wired LANs was given the task of drawing up a wire-
less LAN standard.
The first decision was the easiest: what to call it. All the other LAN standards
had numbers like 802.1, 802.2, and 802.3, up to 802.10, so the wireless LAN stan-
dard was dubbed 802.11. A common slang name for it is WiFi but it is an impor-
tant standard and deserves respect, so we will call it by its proper name, 802.11.
The rest was harder. The first problem was to find a suitable frequency band
that was available, preferably worldwide. The approach taken was the opposite of
that used in mobile phone networks. Instead of expensive, licensed spectrum,
802.11 systems operate in unlicensed bands such as the ISM (Industrial, Scien-
tific, and Medical) bands defined by ITU-R (e.g., 902-928 MHz, 2.4-2.5 GHz,
5.725-5.825 GHz). All devices are allowed to use this spectrum provided that
they limit their transmit power to let different devices coexist. Of course, this
means that 802.11 radios may find themselves competing with cordless phones,
garage door openers, and microwave ovens.
802.11 networks are made up of clients, such as laptops and mobile phones,
and infrastructure called APs (access points) that is installed in buildings. Access
points are sometimes called base stations. The access points connect to the wired
network, and all communication between clients goes through an access point. It
is also possible for clients that are in radio range to talk directly, such as two com-
puters in an office without an access point. This arrangement is called an ad hoc
network. It is used much less often than the access point mode. Both modes are
shown in Fig. 1-33.
802.11 transmission is complicated by wireless conditions that vary with even
small changes in the environment. At the frequencies used for 802.11, radio sig-
nals can be reflected off solid objects so that multiple echoes of a transmission
may reach a receiver along different paths. The echoes can cancel or reinforce
each other, causing the received signal to fluctuate greatly. This phenomenon is
called multipath fading, and it is shown in Fig. 1-34.
The key idea for overcoming variable wireless conditions is path diversity,
or the sending of information along multiple, independent paths. In this way, the

SEC. 1.5 EXAMPLE NETWORKS 71
(a) (b)
To wired networkAccess
point
Figure 1-33. (a) Wireless network with an access point. (b) Ad hoc network.
information is likely to be received even if one of the paths happens to be poor
due to a fade. These independent paths are typically built into the digital modula-
tion scheme at the physical layer. Options include using different frequencies a-
cross the allowed band, following different spatial paths between different pairs of
antennas, or repeating bits over different periods of time.
Faded signalReflector
Wireless
transmitter
Non-faded signal
Multiple paths
Wireless
receiver
Figure 1-34. Multipath fading.
Different versions of 802.11 have used all of these techniques. The initial
(1997) standard defined a wireless LAN that ran at either 1 Mbps or 2 Mbps by
hopping between frequencies or spreading the signal across the allowed spectrum.
Almost immediately, people complained that it was too slow, so work began on
faster standards. The spread spectrum design was extended and became the
(1999) 802.11b standard running at rates up to 11 Mbps. The 802.11a (1999) and
802.11g (2003) standards switched to a different modulation scheme called
OFDM (Orthogonal Frequency Division Multiplexing). It divides a wide band
of spectrum into many narrow slices over which different bits are sent in parallel.
This improved scheme, which we will study in Chap. 2, boosted the 802.11a/g bit

72 INTRODUCTION CHAP. 1
rates up to 54 Mbps. That is a significant increase, but people still wanted more
throughput to support more demanding uses. The latest version is 802.11n (2009).
It uses wider frequency bands and up to four antennas per computer to achieve
rates up to 450 Mbps.
Since wireless is inherently a broadcast medium, 802.11 radios also have to
deal with the problem that multiple transmissions that are sent at the same time
will collide, which may interfere with reception. To handle this problem, 802.11
uses a CSMA (Carrier Sense Multiple Access) scheme that draws on ideas from
classic wired Ethernet, which, ironically, drew from an early wireless network
developed in Hawaii and called ALOHA. Computers wait for a short random
interval before transmitting, and defer their transmissions if they hear that some-
one else is already transmitting. This scheme makes it less likely that two com-
puters will send at the same time. It does not work as well as in the case of wired
networks, though. To see why, examine Fig. 1-35. Suppose that computer A is
transmitting to computer B, but the radio range of A’s transmitter is too short to
reach computer C. If C wants to transmit to B it can listen before starting, but the
fact that it does not hear anything does not mean that its transmission will
succeed. The inability of C to hear A before starting causes some collisions to oc-
cur. After any collision, the sender then waits another, longer, random delay and
retransmits the packet. Despite this and some other issues, the scheme works well
enough in practice.
A CB
Range
of A’s
radio
Range
of C’s
radio
Figure 1-35. The range of a single radio may not cover the entire system.
Another problem is that of mobility. If a mobile client is moved away from
the access point it is using and into the range of a different access point, some way
of handing it off is needed. The solution is that an 802.11 network can consist of
multiple cells, each with its own access point, and a distribution system that con-
nects the cells. The distribution system is often switched Ethernet, but it can use
any technology. As the clients move, they may find another access point with a
better signal than the one they are currently using and change their association.
From the outside, the entire system looks like a single wired LAN.

SEC. 1.5 EXAMPLE NETWORKS 73
That said, mobility in 802.11 has been of limited value so far compared to
mobility in the mobile phone network. Typically, 802.11 is used by nomadic cli-
ents that go from one fixed location to another, rather than being used on-the-go.
Mobility is not really needed for nomadic usage. Even when 802.11 mobility is
used, it extends over a single 802.11 network, which might cover at most a large
building. Future schemes will need to provide mobility across different networks
and across different technologies (e.g., 802.21).
Finally, there is the problem of security. Since wireless transmissions are
broadcast, it is easy for nearby computers to receive packets of information that
were not intended for them. To prevent this, the 802.11 standard included an en-
cryption scheme known as WEP (Wired Equivalent Privacy). The idea was to
make wireless security like that of wired security. It is a good idea, but unfor-
tunately the scheme was flawed and soon broken (Borisov et al., 2001). It has
since been replaced with newer schemes that have different cryptographic details
in the 802.11i standard, also called WiFi Protected Access, initially called WPA
but now replaced by WPA2.
802.11 has caused a revolution in wireless networking that is set to continue.
Beyond buildings, it is starting to be installed in trains, planes, boats, and automo-
biles so that people can surf the Internet wherever they go. Mobile phones and all
manner of consumer electronics, from game consoles to digital cameras, can com-
municate with it. We will come back to it in detail in Chap. 4.
1.5.4 RFID and Sensor Networks
The networks we have studied so far are made up of computing devices that
are easy to recognize, from computers to mobile phones. With Radio Frequency
IDentification (RFID), everyday objects can also be part of a computer network.
An RFID tag looks like a postage stamp-sized sticker that can be affixed to
(or embedded in) an object so that it can be tracked. The object might be a cow, a
passport, a book or a shipping pallet. The tag consists of a small microchip with a
unique identifier and an antenna that receives radio transmissions. RFID readers
installed at tracking points find tags when they come into range and interrogate
them for their information as shown in Fig. 1-36. Applications include checking
identities, managing the supply chain, timing races, and replacing barcodes.
There are many kinds of RFID, each with different properties, but perhaps the
most fascinating aspect of RFID technology is that most RFID tags have neither
an electric plug nor a battery. Instead, all of the energy needed to operate them is
supplied in the form of radio waves by RFID readers. This technology is called
passive RFID to distinguish it from the (less common) active RFID in which
there is a power source on the tag.
One common form of RFID is UHF RFID (Ultra-High Frequency RFID).
It is used on shipping pallets and some drivers licenses. Readers send signals in

74 INTRODUCTION CHAP. 1
RFID
reader
RFID
tag
Figure 1-36. RFID used to network everyday objects.
the 902-928 MHz band in the United States. Tags communicate at distances of
several meters by changing the way they reflect the reader signals; the reader is
able to pick up these reflections. This way of operating is called backscatter.
Another popular kind of RFID is HF RFID (High Frequency RFID). It
operates at 13.56 MHz and is likely to be in your passport, credit cards, books,
and noncontact payment systems. HF RFID has a short range, typically a meter
or less, because the physical mechanism is based on induction rather than back-
scatter. There are also other forms of RFID using other frequencies, such as LF
RFID (Low Frequency RFID), which was developed before HF RFID and used
for animal tracking. It is the kind of RFID likely to be in your cat.
RFID readers must somehow solve the problem of dealing with multiple tags
within reading range. This means that a tag cannot simply respond when it hears
a reader, or the signals from multiple tags may collide. The solution is similar to
the approach taken in 802.11: tags wait for a short random interval before re-
sponding with their identification, which allows the reader to narrow down indivi-
dual tags and interrogate them further.
Security is another problem. The ability of RFID readers to easily track an ob-
ject, and hence the person who uses it, can be an invasion of privacy. Unfor-
tunately, it is difficult to secure RFID tags because they lack the computation and
communication power to run strong cryptographic algorithms. Instead, weak
measures like passwords (which can easily be cracked) are used. If an identity
card can be remotely read by an official at a border, what is to stop the same card
from being tracked by other people without your knowledge? Not much.
RFID tags started as identification chips, but are rapidly turning into full-
fledged computers. For example, many tags have memory that can be updated and
later queried, so that information about what has happened to the tagged object
can be stored with it. Rieback et al. (2006) demonstrated that this means that all
of the usual problems of computer malware apply, only now your cat or your
passport might be used to spread an RFID virus.
A step up in capability from RFID is the sensor network. Sensor networks
are deployed to monitor aspects of the physical world. So far, they have mostly
been used for scientific experimentation, such as monitoring bird habitats, vol-
canic activity, and zebra migration, but business applications including healthcare,

SEC. 1.5 EXAMPLE NETWORKS 75
monitoring equipment for vibration, and tracking of frozen, refrigerated, or other-
wise perishable goods cannot be too far behind.
Sensor nodes are small computers, often the size of a key fob, that have tem-
perature, vibration, and other sensors. Many nodes are placed in the environment
that is to be monitored. Typically, they have batteries, though they may scavenge
energy from vibrations or the sun. As with RFID, having enough energy is a key
challenge, and the nodes must communicate carefully to be able to deliver their
sensor information to an external collection point. A common strategy is for the
nodes to self-organize to relay messages for each other, as shown in Fig. 1-37.
This design is called a multihop network.
Data
collection
point
Sensor
node
Wireless
hop
Figure 1-37. Multihop topology of a sensor network.
RFID and sensor networks are likely to become much more capable and per-
vasive in the future. Researchers have already combined the best of both technolo-
gies by prototyping programmable RFID tags with light, movement, and other
sensors (Sample et al., 2008).
1.6 NETWORK STANDARDIZATION
Many network vendors and suppliers exist, each with its own ideas of how
things should be done. Without coordination, there would be complete chaos, and
users would get nothing done. The only way out is to agree on some network
standards. Not only do good standards allow different computers to communicate,
but they also increase the market for products adhering to the standards. A larger
market leads to mass production, economies of scale in manufacturing, better im-
plementations, and other benefits that decrease price and further increase ac-
ceptance.
In this section we will take a quick look at the important but little-known,
world of international standardization. But let us first discuss what belongs in a

76 INTRODUCTION CHAP. 1
standard. A reasonable person might assume that a standard tells you how a pro-
tocol should work so that you can do a good job of implementing it. That person
would be wrong.
Standards define what is needed for interoperability: no more, no less. That
lets the larger market emerge and also lets companies compete on the basis of
how good their products are. For example, the 802.11 standard defines many
transmission rates but does not say when a sender should use which rate, which is
a key factor in good performance. That is up to whoever makes the product.
Often getting to interoperability this way is difficult, since there are many imple-
mentation choices and standards usually define many options. For 802.11, there
were so many problems that, in a strategy that has become common practice, a
trade group called the WiFi Alliance was started to work on interoperability with-
in the 802.11 standard.
Similarly, a protocol standard defines the protocol over the wire but not the
service interface inside the box, except to help explain the protocol. Real service
interfaces are often proprietary. For example, the way TCP interfaces to IP within
a computer does not matter for talking to a remote host. It only matters that the re-
mote host speaks TCP/IP. In fact, TCP and IP are commonly implemented toget-
her without any distinct interface. That said, good service interfaces, like good
APIs, are valuable for getting protocols used, and the best ones (such as Berkeley
sockets) can become very popular.
Standards fall into two categories: de facto and de jure. De facto (Latin for
‘‘from the fact’’) standards are those that have just happened, without any formal
plan. HTTP, the protocol on which the Web runs, started life as a de facto stan-
dard. It was part of early WWW browsers developed by Tim Berners-Lee at
CERN, and its use took off with the growth of the Web. Bluetooth is another ex-
ample. It was originally developed by Ericsson but now everyone is using it.
De jure (Latin for ‘‘by law’’) standards, in contrast, are adopted through the
rules of some formal standardization body. International standardization authori-
ties are generally divided into two classes: those established by treaty among
national governments, and those comprising voluntary, nontreaty organizations.
In the area of computer network standards, there are several organizations of each
type, notably ITU, ISO, IETF and IEEE, all of which we will discuss below.
In practice, the relationships between standards, companies, and stan-
dardization bodies are complicated. De facto standards often evolve into de jure
standards, especially if they are successful. This happened in the case of HTTP,
which was quickly picked up by IETF. Standards bodies often ratify each others’
standards, in what looks like patting one another on the back, to increase the
market for a technology. These days, many ad hoc business alliances that are
formed around particular technologies also play a significant role in developing
and refining network standards. For example, 3GPP (Third Generation
Partnership Project) is a collaboration between telecommunications associations
that drives the UMTS 3G mobile phone standards.

SEC. 1.6 NETWORK STANDARDIZATION 77
1.6.1 Who’s Who in the Telecommunications World
The legal status of the world’s telephone companies varies considerably from
country to country. At one extreme is the United States, which has over 2000 sep-
arate, (mostly very small) privately owned telephone companies. A few more
were added with the breakup of AT&T in 1984 (which was then the world’s larg-
est corporation, providing telephone service to about 80 percent of America’s
telephones), and the Telecommunications Act of 1996 that overhauled regulation
to foster competition.
At the other extreme are countries in which the national government has a
complete monopoly on all communication, including the mail, telegraph, tele-
phone, and often radio and television. Much of the world falls into this category.
In some cases the telecommunication authority is a nationalized company, and in
others it is simply a branch of the government, usually known as the PTT (Post,
Telegraph & Telephone administration). Worldwide, the trend is toward liberal-
ization and competition and away from government monopoly. Most European
countries have now (partially) privatized their PTTs, but elsewhere the process is
still only slowly gaining steam.
With all these different suppliers of services, there is clearly a need to provide
compatibility on a worldwide scale to ensure that people (and computers) in one
country can call their counterparts in another one. Actually, this need has existed
for a long time. In 1865, representatives from many European governments met
to form the predecessor to today’s ITU (International Telecommunication
Union). Its job was to standardize international telecommunications, which in
those days meant telegraphy. Even then it was clear that if half the countries used
Morse code and the other half used some other code, there was going to be a prob-
lem. When the telephone was put into international service, ITU took over the job
of standardizing telephony (pronounced te-LEF-ony) as well. In 1947, ITU
became an agency of the United Nations.
ITU has about 200 governmental members, including almost every member of
the United Nations. Since the United States does not have a PTT, somebody else
had to represent it in ITU. This task fell to the State Department, probably on the
grounds that ITU had to do with foreign countries, the State Department’s spe-
cialty. ITU also has more than 700 sector and associate members. They include
telephone companies (e.g., AT&T, Vodafone, Sprint), telecom equipment manu-
facturers (e.g., Cisco, Nokia, Nortel), computer vendors (e.g., Microsoft, Agilent,
Toshiba), chip manufacturers (e.g., Intel, Motorola, TI), and other interested com-
panies (e.g., Boeing, CBS, VeriSign).
ITU has three main sectors. We will focus primarily on ITU-T, the Telecom-
munications Standardization Sector, which is concerned with telephone and data
communication systems. Before 1993, this sector was called CCITT, which is an
acronym for its French name, Comité Consultatif International Télégraphique et
Téléphonique. ITU-R, the Radiocommunications Sector, is concerned with

78 INTRODUCTION CHAP. 1
coordinating the use by competing interest groups of radio frequencies worldwide.
The other sector is ITU-D, the Development Sector. It promotes the development
of information and communication technologies to narrow the ‘‘digital divide’’
between countries with effective access to the information technologies and coun-
tries with limited access.
ITU-T’s task is to make technical recommendations about telephone, tele-
graph, and data communication interfaces. These often become internationally
recognized standards, though technically the recommendations are only sugges-
tions that governments can adopt or ignore, as they wish (because governments
are like 13-year-old boys—they do not take kindly to being given orders). In
practice, a country that wishes to adopt a telephone standard different from that
used by the rest of the world is free to do so, but at the price of cutting itself off
from everyone else. This might work for North Korea, but elsewhere it would be
a real problem.
The real work of ITU-T is done in its Study Groups. There are currently 10
Study Groups, often as large as 400 people, that cover topics ranging from tele-
phone billing to multimedia services to security. SG 15, for example, standardizes
the DSL technologies popularly used to connect to the Internet. In order to make
it possible to get anything at all done, the Study Groups are divided into Working
Parties, which are in turn divided into Expert Teams, which are in turn divided
into ad hoc groups. Once a bureaucracy, always a bureaucracy.
Despite all this, ITU-T actually does get things done. Since its inception, it
has produced more than 3000 recommendations, many of which are widely used
in practice. For example, Recommendation H.264 (also an ISO standard known
as MPEG-4 AVC) is widely used for video compression, and X.509 public key
certificates are used for secure Web browsing and digitally signed email.
As the field of telecommunications completes the transition started in the
1980s from being entirely national to being entirely global, standards will become
increasingly important, and more and more organizations will want to become
involved in setting them. For more information about ITU, see Irmer (1994).
1.6.2 Who’s Who in the International Standards World
International standards are produced and published by ISO (International
Standards Organization†), a voluntary nontreaty organization founded in 1946.
Its members are the national standards organizations of the 157 member countries.
These members include ANSI (U.S.), BSI (Great Britain), AFNOR (France), DIN
(Germany), and 153 others.
ISO issues standards on a truly vast number of subjects, ranging from nuts and
bolts (literally) to telephone pole coatings [not to mention cocoa beans (ISO
2451), fishing nets (ISO 1530), women’s underwear (ISO 4416) and quite a few
† For the purist, ISO’s true name is the International Organization for Standardization.

SEC. 1.6 NETWORK STANDARDIZATION 79
other subjects one might not think were subject to standardization]. On issues of
telecommunication standards, ISO and ITU-T often cooperate (ISO is a member
of ITU-T) to avoid the irony of two official and mutually incompatible interna-
tional standards.
Over 17,000 standards have been issued, including the OSI standards. ISO
has over 200 Technical Committees (TCs), numbered in the order of their crea-
tion, each dealing with a specific subject. TC1 deals with the nuts and bolts (stan-
dardizing screw thread pitches). JTC1 deals with information technology, includ-
ing networks, computers, and software. It is the first (and so far only) Joint
Technical Committee, created in 1987 by merging TC97 with activities in IEC,
yet another standardization body. Each TC has subcommittees (SCs) divided into
working groups (WGs).
The real work is done largely in the WGs by over 100,000 volunteers world-
wide. Many of these ‘‘volunteers’’ are assigned to work on ISO matters by their
employers, whose products are being standardized. Others are government offi-
cials keen on having their country’s way of doing things become the international
standard. Academic experts also are active in many of the WGs.
The procedure used by ISO for adopting standards has been designed to
achieve as broad a consensus as possible. The process begins when one of the
national standards organizations feels the need for an international standard in
some area. A working group is then formed to come up with a CD (Committee
Draft). The CD is then circulated to all the member bodies, which get 6 months
to criticize it. If a substantial majority approves, a revised document, called a DIS
(Draft International Standard) is produced and circulated for comments and
voting. Based on the results of this round, the final text of the IS (International
Standard) is prepared, approved, and published. In areas of great controversy, a
CD or DIS may have to go through several versions before acquiring enough
votes, and the whole process can take years.
NIST (National Institute of Standards and Technology) is part of the U.S.
Department of Commerce. It used to be called the National Bureau of Standards.
It issues standards that are mandatory for purchases made by the U.S. Govern-
ment, except for those of the Department of Defense, which defines its own stan-
dards.
Another major player in the standards world is IEEE (Institute of Electrical
and Electronics Engineers), the largest professional organization in the world.
In addition to publishing scores of journals and running hundreds of conferences
each year, IEEE has a standardization group that develops standards in the area of
electrical engineering and computing. IEEE’s 802 committee has standardized
many kinds of LANs. We will study some of its output later in this book. The ac-
tual work is done by a collection of working groups, which are listed in Fig. 1-38.
The success rate of the various 802 working groups has been low; having an 802.x
number is no guarantee of success. Still, the impact of the success stories (espe-
cially 802.3 and 802.11) on the industry and the world has been enormous.

80 INTRODUCTION CHAP. 1
Number Topic
802.1 Overview and architecture of LANs
802.2 ↓ Logical link control
802.3 * Ethernet
802.4 ↓ Token bus (was briefly used in manufacturing plants)
802.5 Token ring (IBM’s entry into the LAN world)
802.6 ↓ Dual queue dual bus (early metropolitan area network)
802.7 ↓ Technical advisory group on broadband technologies
802.8 † Technical advisory group on fiber optic technologies
802.9 ↓ Isochronous LANs (for real-time applications)
802.10 ↓ Virtual LANs and security
802.11 * Wireless LANs (WiFi)
802.12 ↓ Demand priority (Hewlett-Packard’s AnyLAN)
802.13 Unlucky number; nobody wanted it
802.14 ↓ Cable modems (defunct: an industry consortium got there first)
802.15 * Personal area networks (Bluetooth, Zigbee)
802.16 * Broadband wireless (WiMAX)
802.17 Resilient packet ring
802.18 Technical advisory group on radio regulatory issues
802.19 Technical advisory group on coexistence of all these standards
802.20 Mobile broadband wireless (similar to 802.16e)
802.21 Media independent handoff (for roaming over technologies)
802.22 Wireless regional area network
Figure 1-38. The 802 working groups. The important ones are marked with *.
The ones marked with ↓ are hibernating. The one marked with † gave up and
disbanded itself.
1.6.3 Who’s Who in the Internet Standards World
The worldwide Internet has its own standardization mechanisms, very dif-
ferent from those of ITU-T and ISO. The difference can be crudely summed up
by saying that the people who come to ITU or ISO standardization meetings wear
suits, while the people who come to Internet standardization meetings wear jeans
(except when they meet in San Diego, when they wear shorts and T-shirts).
ITU-T and ISO meetings are populated by corporate officials and government
civil servants for whom standardization is their job. They regard standardization
as a Good Thing and devote their lives to it. Internet people, on the other hand,
prefer anarchy as a matter of principle. However, with hundreds of millions of

SEC. 1.6 NETWORK STANDARDIZATION 81
people all doing their own thing, little communication can occur. Thus, standards,
however regrettable, are sometimes needed. In this context, David Clark of
M.I.T. once made a now-famous remark about Internet standardization consisting
of ‘‘rough consensus and running code.’’
When the ARPANET was set up, DoD created an informal committee to
oversee it. In 1983, the committee was renamed the IAB (Internet Activities
Board) and was given a slighter broader mission, namely, to keep the researchers
involved with the ARPANET and the Internet pointed more or less in the same
direction, an activity not unlike herding cats. The meaning of the acronym
‘‘IAB’’ was later changed to Internet Architecture Board.
Each of the approximately ten members of the IAB headed a task force on
some issue of importance. The IAB met several times a year to discuss results
and to give feedback to the DoD and NSF, which were providing most of the
funding at this time. When a standard was needed (e.g., a new routing algorithm),
the IAB members would thrash it out and then announce the change so the gradu-
ate students who were the heart of the software effort could implement it. Com-
munication was done by a series of technical reports called RFCs (Request For
Comments). RFCs are stored online and can be fetched by anyone interested in
them from www.ietf.org/rfc. They are numbered in chronological order of crea-
tion. Over 5000 now exist. We will refer to many RFCs in this book.
By 1989, the Internet had grown so large that this highly informal style no
longer worked. Many vendors by then offered TCP/IP products and did not want
to change them just because ten researchers had thought of a better idea. In the
summer of 1989, the IAB was reorganized again. The researchers were moved to
the IRTF (Internet Research Task Force), which was made subsidiary to IAB,
along with the IETF (Internet Engineering Task Force). The IAB was repopu-
lated with people representing a broader range of organizations than just the re-
search community. It was initially a self-perpetuating group, with members serv-
ing for a 2-year term and new members being appointed by the old ones. Later,
the Internet Society was created, populated by people interested in the Internet.
The Internet Society is thus in a sense comparable to ACM or IEEE. It is
governed by elected trustees who appoint the IAB’s members.
The idea of this split was to have the IRTF concentrate on long-term research
while the IETF dealt with short-term engineering issues. The IETF was divided
up into working groups, each with a specific problem to solve. The chairmen of
these working groups initially met as a steering committee to direct the engineer-
ing effort. The working group topics include new applications, user information,
OSI integration, routing and addressing, security, network management, and stan-
dards. Eventually, so many working groups were formed (more than 70) that they
were grouped into areas and the area chairmen met as the steering committee.
In addition, a more formal standardization process was adopted, patterned
after ISOs. To become a Proposed Standard, the basic idea must be explained
in an RFC and have sufficient interest in the community to warrant consideration.

www.ietf.org/rfc

82 INTRODUCTION CHAP. 1
To advance to the Draft Standard stage, a working implementation must have
been rigorously tested by at least two independent sites for at least 4 months. If
the IAB is convinced that the idea is sound and the software works, it can declare
the RFC to be an Internet Standard. Some Internet Standards have become
DoD standards (MIL-STD), making them mandatory for DoD suppliers.
For Web standards, the World Wide Web Consortium (W3C) develops pro-
tocols and guidelines to facilitate the long-term growth of the Web. It is an indus-
try consortium led by Tim Berners-Lee and set up in 1994 as the Web really
begun to take off. W3C now has more than 300 members from around the world
and has produced more than 100 W3C Recommendations, as its standards are
called, covering topics such as HTML and Web privacy.
1.7 METRIC UNITS
To avoid any confusion, it is worth stating explicitly that in this book, as in
computer science in general, metric units are used instead of traditional English
units (the furlong-stone-fortnight system). The principal metric prefixes are listed
in Fig. 1-39. The prefixes are typically abbreviated by their first letters, with the
units greater than 1 capitalized (KB, MB, etc.). One exception (for historical rea-
sons) is kbps for kilobits/sec. Thus, a 1-Mbps communication line transmits 106
bits/sec and a 100-psec (or 100-ps) clock ticks every 10−10 seconds. Since milli
and micro both begin with the letter ‘‘m,’’ a choice had to be made. Normally,
‘‘m’’ is used for milli and ‘‘μ’’ (the Greek letter mu) is used for micro.
Exp. Explicit Prefix Exp. Explicit Prefix
10−3 0.001 milli 103 1,000 Kilo
10−6 0.000001 micro 106 1,000,000 Mega
10−9 0.000000001 nano 109 1,000,000,000 Giga
10−12 0.000000000001 pico 1012 1,000,000,000,000 Tera
10−15 0.000000000000001 femto 1015 1,000,000,000,000,000 Peta
10−18 0.0000000000000000001 atto 1018 1,000,000,000,000,000,000 Exa
10−21 0.0000000000000000000001 zepto 1021 1,000,000,000,000,000,000,000 Zetta
10−24 0.0000000000000000000000001 yocto 1024 1,000,000,000,000,000,000,000,000 Yotta
Figure 1-39. The principal metric prefixes.
It is also worth pointing out that for measuring memory, disk, file, and data-
base sizes, in common industry practice, the units have slightly different mean-
ings. There, kilo means 210 (1024) rather than 103 (1000) because memories are
always a power of two. Thus, a 1-KB memory contains 1024 bytes, not 1000
bytes. Note also the capital ‘‘B’’ in that usage to mean ‘‘bytes’’ (units of eight

SEC. 1.7 METRIC UNITS 83
bits), instead of a lowercase ‘‘b’’ that means ‘‘bits.’’ Similarly, a 1-MB memory
contains 220 (1,048,576) bytes, a 1-GB memory contains 230 (1,073,741,824)
bytes, and a 1-TB database contains 240 (1,099,511,627,776) bytes. However, a
1-kbps communication line transmits 1000 bits per second and a 10-Mbps LAN
runs at 10,000,000 bits/sec because these speeds are not powers of two. Unfor-
tunately, many people tend to mix up these two systems, especially for disk sizes.
To avoid ambiguity, in this book, we will use the symbols KB, MB, GB, and TB
for 210, 220, 230, and 240 bytes, respectively, and the symbols kbps, Mbps, Gbps,
and Tbps for 103, 106, 109, and 1012 bits/sec, respectively.
1.8 OUTLINE OF THE REST OF THE BOOK
This book discusses both the principles and practice of computer networking.
Most chapters start with a discussion of the relevant principles, followed by a
number of examples that illustrate these principles. These examples are usually
taken from the Internet and wireless networks such as the mobile phone network
since these are both important and very different. Other examples will be given
where relevant.
The book is structured according to the hybrid model of Fig. 1-23. Starting
with Chap. 2, we begin working our way up the protocol hierarchy beginning at
the bottom. We provide some background in the field of data communication that
covers both wired and wireless transmission systems. This material is concerned
with how to deliver information over physical channels, although we cover only
the architectural rather than the hardware aspects. Several examples of the physi-
cal layer, such as the public switched telephone network, the mobile telephone
network, and the cable television network are also discussed.
Chapters 3 and 4 discuss the data link layer in two parts. Chap. 3 looks at the
problem of how to send packets across a link, including error detection and cor-
rection. We look at DSL (used for broadband Internet access over phone lines) as
a real-world example of a data link protocol.
In Chap. 4, we examine the medium access sublayer. This is the part of the
data link layer that deals with how to share a channel between multiple com-
puters. The examples we look at include wireless, such as 802.11 and RFID, and
wired LANs such as classic Ethernet. Link layer switches that connect LANs,
such as switched Ethernet, are also discussed here.
Chapter 5 deals with the network layer, especially routing. Many routing algo-
rithms, both static and dynamic, are covered. Even with good routing algorithms,
though, if more traffic is offered than the network can handle, some packets will
be delayed or discarded. We discuss this issue from how to prevent congestion to
how to guarantee a certain quality of service. Connecting heterogeneous net-
works to form internetworks also leads to numerous problems that are discussed
here. The network layer in the Internet is given extensive coverage.

84 INTRODUCTION CHAP. 1
Chapter 6 deals with the transport layer. Much of the emphasis is on connec-
tion-oriented protocols and reliability, since many applications need these. Both
Internet transport protocols, UDP and TCP, are covered in detail, as are their per-
formance issues.
Chapter 7 deals with the application layer, its protocols, and its applications.
The first topic is DNS, which is the Internet’s telephone book. Next comes email,
including a discussion of its protocols. Then we move on to the Web, with de-
tailed discussions of static and dynamic content, and what happens on the client
and server sides. We follow this with a look at networked multimedia, including
streaming audio and video. Finally, we discuss content-delivery networks, includ-
ing peer-to-peer technology.
Chapter 8 is about network security. This topic has aspects that relate to all
layers, so it is easiest to treat it after all the layers have been thoroughly explain-
ed. The chapter starts with an introduction to cryptography. Later, it shows how
cryptography can be used to secure communication, email, and the Web. The
chapter ends with a discussion of some areas in which security collides with
privacy, freedom of speech, censorship, and other social issues.
Chapter 9 contains an annotated list of suggested readings arranged by chap-
ter. It is intended to help those readers who would like to pursue their study of
networking further. The chapter also has an alphabetical bibliography of all the
references cited in this book.
The authors’ Web site at Pearson:
http://www.pearsonhighered.com/tanenbaum
has a page with links to many tutorials, FAQs, companies, industry consortia, pro-
fessional organizations, standards organizations, technologies, papers, and more.
1.9 SUMMARY
Computer networks have many uses, both for companies and for individuals,
in the home and while on the move. Companies use networks of computers to
share corporate information, typically using the client-server model with
employee desktops acting as clients accessing powerful servers in the machine
room. For individuals, networks offer access to a variety of information and
entertainment resources, as well as a way to buy and sell products and services.
Individuals often access the Internet via their phone or cable providers at home,
though increasingly wireless access is used for laptops and phones. Technology
advances are enabling new kinds of mobile applications and networks with com-
puters embedded in appliances and other consumer devices. The same advances
raise social issues such as privacy concerns.
Roughly speaking, networks can be divided into LANs, MANs, WANs, and
internetworks. LANs typical cover a building and operate at high speeds. MANs

http://www.pearsonhighered.com/tanenbaum

SEC. 1.9 SUMMARY 85
usually cover a city. An example is the cable television system, which is now used
by many people to access the Internet. WANs may cover a country or a continent.
Some of the technologies used to build these networks are point-to-point (e.g., a
cable) while others are broadcast (e.g.,wireless). Networks can be interconnected
with routers to form internetworks, of which the Internet is the largest and best
known example. Wireless networks, for example 802.11 LANs and 3G mobile
telephony, are also becoming extremely popular.
Network software is built around protocols, which are rules by which proc-
esses communicate. Most networks support protocol hierarchies, with each layer
providing services to the layer above it and insulating them from the details of the
protocols used in the lower layers. Protocol stacks are typically based either on
the OSI model or on the TCP/IP model. Both have link, network, transport, and
application layers, but they differ on the other layers. Design issues include
reliability, resource allocation, growth, security, and more. Much of this book
deals with protocols and their design.
Networks provide various services to their users. These services can range
from connectionless best-efforts packet delivery to connection-oriented guaran-
teed delivery. In some networks, connectionless service is provided in one layer
and connection-oriented service is provided in the layer above it.
Well-known networks include the Internet, the 3G mobile telephone network,
and 802.11 LANs. The Internet evolved from the ARPANET, to which other net-
works were added to form an internetwork. The present-day Internet is actually a
collection of many thousands of networks that use the TCP/IP protocol stack. The
3G mobile telephone network provides wireless and mobile access to the Internet
at speeds of multiple Mbps, and, of course, carries voice calls as well. Wireless
LANs based on the IEEE 802.11 standard are deployed in many homes and cafes
and can provide connectivity at rates in excess of 100 Mbps. New kinds of net-
works are emerging too, such as embedded sensor networks and networks based
on RFID technology.
Enabling multiple computers to talk to each other requires a large amount of
standardization, both in the hardware and software. Organizations such as ITU-T,
ISO, IEEE, and IAB manage different parts of the standardization process.
PROBLEMS
1. Imagine that you have trained your St. Bernard, Bernie, to carry a box of three 8-mm
tapes instead of a flask of brandy. (When your disk fills up, you consider that an
emergency.) These tapes each contain 7 gigabytes. The dog can travel to your side,
wherever you may be, at 18 km/hour. For what range of distances does Bernie have a
higher data rate than a transmission line whose data rate (excluding overhead) is 150
Mbps? How does your answer change if (i) Bernie’s speed is doubled; (ii) each tape
capacity is doubled; (iii) the data rate of the transmission line is doubled.

86 INTRODUCTION CHAP. 1
2. An alternative to a LAN is simply a big timesharing system with terminals for all
users. Give two advantages of a client-server system using a LAN.
3. The performance of a client-server system is strongly influenced by two major net-
work characteristics: the bandwidth of the network (that is, how many bits/sec it can
transport) and the latency (that is, how many seconds it takes for the first bit to get
from the client to the server). Give an example of a network that exhibits high band-
width but also high latency. Then give an example of one that has both low bandwidth
and low latency.
4. Besides bandwidth and latency, what other parameter is needed to give a good charac-
terization of the quality of service offered by a network used for (i) digitized voice
traffic? (ii) video traffic? (iii) financial transaction traffic?
5. A factor in the delay of a store-and-forward packet-switching system is how long it
takes to store and forward a packet through a switch. If switching time is 10 μsec, is
this likely to be a major factor in the response of a client-server system where the cli-
ent is in New York and the server is in California? Assume the propagation speed in
copper and fiber to be 2/3 the speed of light in vacuum.
6. A client-server system uses a satellite network, with the satellite at a height of 40,000
km. What is the best-case delay in response to a request?
7. In the future, when everyone has a home terminal connected to a computer network,
instant public referendums on important pending legislation will become possible.
Ultimately, existing legislatures could be eliminated, to let the will of the people be
expressed directly. The positive aspects of such a direct democracy are fairly obvious;
discuss some of the negative aspects.
8. Five routers are to be connected in a point-to-point subnet. Between each pair of
routers, the designers may put a high-speed line, a medium-speed line, a low-speed
line, or no line. If it takes 100 ms of computer time to generate and inspect each
topology, how long will it take to inspect all of them?
9. A disadvantage of a broadcast subnet is the capacity wasted when multiple hosts at-
tempt to access the channel at the same time. As a simplistic example, suppose that
time is divided into discrete slots, with each of the n hosts attempting to use the chan-
nel with probability p during each slot. What fraction of the slots will be wasted due
to collisions?
10. What are two reasons for using layered protocols? What is one possible disadvantage
of using layered protocols?
11. The president of the Specialty Paint Corp. gets the idea to work with a local beer
brewer to produce an invisible beer can (as an anti-litter measure). The president tells
her legal department to look into it, and they in turn ask engineering for help. As a re-
sult, the chief engineer calls his counterpart at the brewery to discuss the technical
aspects of the project. The engineers then report back to their respective legal depart-
ments, which then confer by telephone to arrange the legal aspects. Finally, the two
corporate presidents discuss the financial side of the deal. What principle of a mul-
tilayer protocol in the sense of the OSI model does this communication mechanism
violate?

CHAP. 1 PROBLEMS 87
12. Two networks each provide reliable connection-oriented service. One of them offers
a reliable byte stream and the other offers a reliable message stream. Are these identi-
cal? If so, why is the distinction made? If not, give an example of how they differ.
13. What does ‘‘negotiation’’ mean when discussing network protocols? Give an example.
14. In Fig. 1-19, a service is shown. Are any other services implicit in this figure? If so,
where? If not, why not?
15. In some networks, the data link layer handles transmission errors by requesting that
damaged frames be retransmitted. If the probability of a frame’s being damaged is p,
what is the mean number of transmissions required to send a frame? Assume that
acknowledgements are never lost.
16. A system has an n-layer protocol hierarchy. Applications generate messages of length
M bytes. At each of the layers, an h-byte header is added. What fraction of the net-
work bandwidth is filled with headers?
17. What is the main difference between TCP and UDP?
18. The subnet of Fig. 1-25(b) was designed to withstand a nuclear war. How many
bombs would it take to partition the nodes into two disconnected sets? Assume that
any bomb wipes out a node and all of the links connected to it.
19. The Internet is roughly doubling in size every 18 months. Although no one really
knows for sure, one estimate put the number of hosts on it at 600 million in 2009. Use
these data to compute the expected number of Internet hosts in the year 2018. Do you
believe this? Explain why or why not.
20. When a file is transferred between two computers, two acknowledgement strategies
are possible. In the first one, the file is chopped up into packets, which are individu-
ally acknowledged by the receiver, but the file transfer as a whole is not acknow-
ledged. In the second one, the packets are not acknowledged individually, but the en-
tire file is acknowledged when it arrives. Discuss these two approaches.
21. Mobile phone network operators need to know where their subscribers’ mobile phones
(hence their users) are located. Explain why this is bad for users. Now give reasons
why this is good for users.
22. How long was a bit in the original 802.3 standard in meters? Use a transmission speed
of 10 Mbps and assume the propagation speed in coax is 2/3 the speed of light in
vacuum.
23. An image is 1600 × 1200 pixels with 3 bytes/pixel. Assume the image is
uncompressed. How long does it take to transmit it over a 56-kbps modem channel?
Over a 1-Mbps cable modem? Over a 10-Mbps Ethernet? Over 100-Mbps Ethernet?
Over gigabit Ethernet?
24. Ethernet and wireless networks have some similarities and some differences. One
property of Ethernet is that only one frame at a time can be transmitted on an Ethernet.
Does 802.11 share this property with Ethernet? Discuss your answer.
25. List two advantages and two disadvantages of having international standards for net-
work protocols.

88 INTRODUCTION CHAP. 1
26. When a system has a permanent part and a removable part (such as a CD-ROM drive
and the CD-ROM), it is important that the system be standardized, so that different
companies can make both the permanent and removable parts and everything still
works together. Give three examples outside the computer industry where such inter-
national standards exist. Now give three areas outside the computer industry where
they do not exist.
27. Suppose the algorithms used to implement the operations at layer k is changed. How
does this impact operations at layers k − 1 and k + 1?
28. Suppose there is a change in the service (set of operations) provided by layer k. How
does this impact services at layers k-1 and k+1?
29. Provide a list of reasons for why the response time of a client may be larger than the
best-case delay.
30. What are the disadvantages of using small, fixed-length cells in ATM?
31. Make a list of activities that you do every day in which computer networks are used.
How would your life be altered if these networks were suddenly switched off?
32. Find out what networks are used at your school or place of work. Describe the net-
work types, topologies, and switching methods used there.
33. The ping program allows you to send a test packet to a given location and see how
long it takes to get there and back. Try using ping to see how long it takes to get from
your location to several known locations. From these data, plot the one-way transit
time over the Internet as a function of distance. It is best to use universities since the
location of their servers is known very accurately. For example, berkeley.edu is in
Berkeley, California; mit.edu is in Cambridge, Massachusetts; vu.nl is in Amsterdam;
The Netherlands; www.usyd.edu.au is in Sydney, Australia; and www.uct.ac.za is in
Cape Town, South Africa.
34. Go to IETF’s Web site, www.ietf.org, to see what they are doing. Pick a project you
like and write a half-page report on the problem and the proposed solution.
35. The Internet is made up of a large number of networks. Their arrangement determines
the topology of the Internet. A considerable amount of information about the Internet
topology is available on line. Use a search engine to find out more about the Internet
topology and write a short report summarizing your findings.
36. Search the Internet to find out some of the important peering points used for routing
packets in the Internet at present.
37. Write a program that implements message flow from the top layer to the bottom layer
of the 7-layer protocol model. Your program should include a separate protocol func-
tion for each layer. Protocol headers are sequence up to 64 characters. Each protocol
function has two parameters: a message passed from the higher layer protocol (a char
buffer) and the size of the message. This function attaches its header in front of the
message, prints the new message on the standard output, and then invokes the protocol
function of the lower-layer protocol. Program input is an application message (a se-
quence of 80 characters or less).

www.usyd.edu.au

www.ietf.org

www.uct.ac.za

2
THE PHYSICAL LAYER
In this chapter we will look at the lowest layer in our protocol model, the
physical layer. It defines the electrical, timing and other interfaces by which bits
are sent as signals over channels. The physical layer is the foundation on which
the network is built. The properties of different kinds of physical channels deter-
mine the performance (e.g., throughput, latency, and error rate) so it is a good
place to start our journey into networkland.
We will begin with a theoretical analysis of data transmission, only to dis-
cover that Mother (Parent?) Nature puts some limits on what can be sent over a
channel. Then we will cover three kinds of transmission media: guided (copper
wire and fiber optics), wireless (terrestrial radio), and satellite. Each of these
technologies has different properties that affect the design and performance of the
networks that use them. This material will provide background information on the
key transmission technologies used in modern networks.
Next comes digital modulation, which is all about how analog signals are con-
verted into digital bits and back again. After that we will look at multiplexing
schemes, exploring how multiple conversations can be put on the same transmis-
sion medium at the same time without interfering with one another.
Finally, we will look at three examples of communication systems used in
practice for wide area computer networks: the (fixed) telephone system, the
mobile phone system, and the cable television system. Each of these is important
in practice, so we will devote a fair amount of space to each one.
89

90 THE PHYSICAL LAYER CHAP. 2
2.1 THE THEORETICAL BASIS FOR DATA COMMUNICATION
Information can be transmitted on wires by varying some physical property
such as voltage or current. By representing the value of this voltage or current as
a single-valued function of time, f(t), we can model the behavior of the signal and
analyze it mathematically. This analysis is the subject of the following sections.
2.1.1 Fourier Analysis
In the early 19th century, the French mathematician Jean-Baptiste Fourier
proved that any reasonably behaved periodic function, g(t) with period T, can be
constructed as the sum of a (possibly infinite) number of sines and cosines:
g(t) =
2
1
c +
n =1
Σ
∞
an sin(2πnft) +
n =1
Σ
∞
bn cos(2πnft) (2-1)
where f = 1/T is the fundamental frequency, an and bn are the sine and cosine am-
plitudes of the nth harmonics (terms), and c is a constant. Such a decomposition
is called a Fourier series. From the Fourier series, the function can be recon-
structed. That is, if the period, T, is known and the amplitudes are given, the orig-
inal function of time can be found by performing the sums of Eq. (2-1).
A data signal that has a finite duration, which all of them do, can be handled
by just imagining that it repeats the entire pattern over and over forever (i.e., the
interval from T to 2T is the same as from 0 to T, etc.).
The an amplitudes can be computed for any given g(t) by multiplying both
sides of Eq. (2-1) by sin(2πkft) and then integrating from 0 to T. Since
0
∫
T
sin(2πkft) sin(2πnft) dt =
⎧
⎨
⎩T /2 for k = n
0 for k ≠ n
only one term of the summation survives: an. The bn summation vanishes com-
pletely. Similarly, by multiplying Eq. (2-1) by cos(2πkft ) and integrating between
0 and T, we can derive bn. By just integrating both sides of the equation as it
stands, we can find c. The results of performing these operations are as follows:
an = T
2
0
∫
T
g(t) sin(2πnft) dt bn = T
2
0
∫
T
g(t) cos(2πnft) dt c =
T
2
0
∫
T
g(t) dt
2.1.2 Bandwidth-Limited Signals
The relevance of all of this to data communication is that real channels affect
different frequency signals differently. Let us consider a specific example: the
transmission of the ASCII character ‘‘b’’ encoded in an 8-bit byte. The bit pattern
that is to be transmitted is 01100010. The left-hand part of Fig. 2-1(a) shows the

SEC. 2.1 THE THEORETICAL BASIS FOR DATA COMMUNICATION 91
voltage output by the transmitting computer. The Fourier analysis of this signal
yields the coefficients:
an = πn
1
[cos(πn /4) − cos(3πn /4) + cos(6πn /4) − cos(7πn /4)]
bn = πn
1
[sin(3πn /4) − sin(πn /4) + sin(7πn /4) − sin(6πn /4)]
c = 3/4
The root-mean-square amplitudes, √an2 + bn2 , for the first few terms are shown on
the right-hand side of Fig. 2-1(a). These values are of interest because their
squares are proportional to the energy transmitted at the corresponding frequency.
No transmission facility can transmit signals without losing some power in the
process. If all the Fourier components were equally diminished, the resulting sig-
nal would be reduced in amplitude but not distorted [i.e., it would have the same
nice squared-off shape as Fig. 2-1(a)]. Unfortunately, all transmission facilities
diminish different Fourier components by different amounts, thus introducing dis-
tortion. Usually, for a wire, the amplitudes are transmitted mostly undiminished
from 0 up to some frequency fc [measured in cycles/sec or Hertz (Hz)], with all
frequencies above this cutoff frequency attenuated. The width of the frequency
range transmitted without being strongly attenuated is called the bandwidth. In
practice, the cutoff is not really sharp, so often the quoted bandwidth is from 0 to
the frequency at which the received power has fallen by half.
The bandwidth is a physical property of the transmission medium that de-
pends on, for example, the construction, thickness, and length of a wire or fiber.
Filters are often used to further limit the bandwidth of a signal. 802.11 wireless
channels are allowed to use up to roughly 20 MHz, for example, so 802.11 radios
filter the signal bandwidth to this size. As another example, traditional (analog)
television channels occupy 6 MHz each, on a wire or over the air. This filtering
lets more signals share a given region of spectrum, which improves the overall ef-
ficiency of the system. It means that the frequency range for some signals will
not start at zero, but this does not matter. The bandwidth is still the width of the
band of frequencies that are passed, and the information that can be carried de-
pends only on this width and not on the starting and ending frequencies. Signals
that run from 0 up to a maximum frequency are called baseband signals. Signals
that are shifted to occupy a higher range of frequencies, as is the case for all wire-
less transmissions, are called passband signals.
Now let us consider how the signal of Fig. 2-1(a) would look if the bandwidth
were so low that only the lowest frequencies were transmitted [i.e., if the function
were being approximated by the first few terms of Eq. (2-1)]. Figure 2-1(b)
shows the signal that results from a channel that allows only the first harmonic

92 THE PHYSICAL LAYER CHAP. 2
0 1 1 0 0 0 1 0
1
0 Time T
1
0
1
0
1
0
1
0
Time
rm
s
am
pl
itu
de
1 152 3 4 5 6 7 9 10111213 148
0.50
0.25
Harmonic number
1 harmonic
2 harmonics
4 harmonics
8 harmonics
1
1 2
1 2 3 4
1 2 3 4 5 6 7 8
Harmonic number
(a)
(b)
(c)
(d)
(e)
Figure 2-1. (a) A binary signal and its root-mean-square Fourier amplitudes.
(b)–(e) Successive approximations to the original signal.

SEC. 2.1 THE THEORETICAL BASIS FOR DATA COMMUNICATION 93
(the fundamental, f) to pass through. Similarly, Fig. 2-1(c)–(e) show the spectra
and reconstructed functions for higher-bandwidth channels. For digital transmis-
sion, the goal is to receive a signal with just enough fidelity to reconstruct the se-
quence of bits that was sent. We can already do this easily in Fig. 2-1(e), so it is
wasteful to use more harmonics to receive a more accurate replica.
Given a bit rate of b bits/sec, the time required to send the 8 bits in our ex-
ample 1 bit at a time is 8/b sec, so the frequency of the first harmonic of this sig-
nal is b /8 Hz. An ordinary telephone line, often called a voice-grade line, has an
artificially introduced cutoff frequency just above 3000 Hz. The presence of this
restriction means that the number of the highest harmonic passed through is
roughly 3000/(b/8), or 24,000/b (the cutoff is not sharp).
For some data rates, the numbers work out as shown in Fig. 2-2. From these
numbers, it is clear that trying to send at 9600 bps over a voice-grade telephone
line will transform Fig. 2-1(a) into something looking like Fig. 2-1(c), making
accurate reception of the original binary bit stream tricky. It should be obvious
that at data rates much higher than 38.4 kbps, there is no hope at all for binary sig-
nals, even if the transmission facility is completely noiseless. In other words, lim-
iting the bandwidth limits the data rate, even for perfect channels. However, cod-
ing schemes that make use of several voltage levels do exist and can achieve high-
er data rates. We will discuss these later in this chapter.
Bps T (msec) First harmonic (Hz) # Harmonics sent
300 26.67 37.5 80
600 13.33 75 40
1200 6.67 150 20
2400 3.33 300 10
4800 1.67 600 5
9600 0.83 1200 2
19200 0.42 2400 1
38400 0.21 4800 0
Figure 2-2. Relation between data rate and harmonics for our example.
There is much confusion about bandwidth because it means different things to
electrical engineers and to computer scientists. To electrical engineers, (analog)
bandwidth is (as we have described above) a quantity measured in Hz. To com-
puter scientists, (digital) bandwidth is the maximum data rate of a channel, a
quantity measured in bits/sec. That data rate is the end result of using the analog
bandwidth of a physical channel for digital transmission, and the two are related,
as we discuss next. In this book, it will be clear from the context whether we
mean analog bandwidth (Hz) or digital bandwidth (bits/sec).

94 THE PHYSICAL LAYER CHAP. 2
2.1.3 The Maximum Data Rate of a Channel
As early as 1924, an AT&T engineer, Henry Nyquist, realized that even a per-
fect channel has a finite transmission capacity. He derived an equation expressing
the maximum data rate for a finite-bandwidth noiseless channel. In 1948, Claude
Shannon carried Nyquist’s work further and extended it to the case of a channel
subject to random (that is, thermodynamic) noise (Shannon, 1948). This paper is
the most important paper in all of information theory. We will just briefly sum-
marize their now classical results here.
Nyquist proved that if an arbitrary signal has been run through a low-pass fil-
ter of bandwidth B, the filtered signal can be completely reconstructed by making
only 2B (exact) samples per second. Sampling the line faster than 2B times per
second is pointless because the higher-frequency components that such sampling
could recover have already been filtered out. If the signal consists of V discrete
levels, Nyquist’s theorem states:
maximum data rate = 2B log2 V bits/sec (2-2)
For example, a noiseless 3-kHz channel cannot transmit binary (i.e., two-level)
signals at a rate exceeding 6000 bps.
So far we have considered only noiseless channels. If random noise is pres-
ent, the situation deteriorates rapidly. And there is always random (thermal) noise
present due to the motion of the molecules in the system. The amount of thermal
noise present is measured by the ratio of the signal power to the noise power, call-
ed the SNR (Signal-to-Noise Ratio). If we denote the signal power by S and the
noise power by N, the signal-to-noise ratio is S/N. Usually, the ratio is expressed
on a log scale as the quantity 10 log10 S /N because it can vary over a tremendous
range. The units of this log scale are called decibels (dB), with ‘‘deci’’ meaning
10 and ‘‘bel’’ chosen to honor Alexander Graham Bell, who invented the tele-
phone. An S /N ratio of 10 is 10 dB, a ratio of 100 is 20 dB, a ratio of 1000 is 30
dB, and so on. The manufacturers of stereo amplifiers often characterize the
bandwidth (frequency range) over which their products are linear by giving the 3-
dB frequency on each end. These are the points at which the amplification factor
has been approximately halved (because 10 log100.5 ∼∼ −3).
Shannon’s major result is that the maximum data rate or capacity of a noisy
channel whose bandwidth is B Hz and whose signal-to-noise ratio is S/N, is given
by:
maximum number of bits/sec = B log2 (1 + S/N) (2-3)
This tells us the best capacities that real channels can have. For example, ADSL
(Asymmetric Digital Subscriber Line), which provides Internet access over nor-
mal telephone lines, uses a bandwidth of around 1 MHz. The SNR depends
strongly on the distance of the home from the telephone exchange, and an SNR of
around 40 dB for short lines of 1 to 2 km is very good. With these characteristics,

SEC. 2.1 THE THEORETICAL BASIS FOR DATA COMMUNICATION 95
the channel can never transmit much more than 13 Mbps, no matter how many or
how few signal levels are used and no matter how often or how infrequently sam-
ples are taken. In practice, ADSL is specified up to 12 Mbps, though users often
see lower rates. This data rate is actually very good, with over 60 years of com-
munications techniques having greatly reduced the gap between the Shannon ca-
pacity and the capacity of real systems.
Shannon’s result was derived from information-theory arguments and applies
to any channel subject to thermal noise. Counterexamples should be treated in the
same category as perpetual motion machines. For ADSL to exceed 13 Mbps, it
must either improve the SNR (for example by inserting digital repeaters in the
lines closer to the customers) or use more bandwidth, as is done with the evolu-
tion to ASDL2+.
2.2 GUIDED TRANSMISSION MEDIA
The purpose of the physical layer is to transport bits from one machine to an-
other. Various physical media can be used for the actual transmission. Each one
has its own niche in terms of bandwidth, delay, cost, and ease of installation and
maintenance. Media are roughly grouped into guided media, such as copper wire
and fiber optics, and unguided media, such as terrestrial wireless, satellite, and
lasers through the air. We will look at guided media in this section, and unguided
media in the next sections.
2.2.1 Magnetic Media
One of the most common ways to transport data from one computer to another
is to write them onto magnetic tape or removable media (e.g., recordable DVDs),
physically transport the tape or disks to the destination machine, and read them
back in again. Although this method is not as sophisticated as using a geosyn-
chronous communication satellite, it is often more cost effective, especially for
applications in which high bandwidth or cost per bit transported is the key factor.
A simple calculation will make this point clear. An industry-standard Ultrium
tape can hold 800 gigabytes. A box 60 × 60 × 60 cm can hold about 1000 of these
tapes, for a total capacity of 800 terabytes, or 6400 terabits (6.4 petabits). A box
of tapes can be delivered anywhere in the United States in 24 hours by Federal
Express and other companies. The effective bandwidth of this transmission is
6400 terabits/86,400 sec, or a bit over 70 Gbps. If the destination is only an hour
away by road, the bandwidth is increased to over 1700 Gbps. No computer net-
work can even approach this. Of course, networks are getting faster, but tape den-
sities are increasing, too.
If we now look at cost, we get a similar picture. The cost of an Ultrium tape
is around $40 when bought in bulk. A tape can be reused at least 10 times, so the

96 THE PHYSICAL LAYER CHAP. 2
tape cost is maybe $4000 per box per usage. Add to this another $1000 for ship-
ping (probably much less), and we have a cost of roughly $5000 to ship 800 TB.
This amounts to shipping a gigabyte for a little over half a cent. No network can
beat that. The moral of the story is:
Never underestimate the bandwidth of a station wagon full of tapes
hurtling down the highway.
2.2.2 Twisted Pairs
Although the bandwidth characteristics of magnetic tape are excellent, the de-
lay characteristics are poor. Transmission time is measured in minutes or hours,
not milliseconds. For many applications an online connection is needed. One of
the oldest and still most common transmission media is twisted pair. A twisted
pair consists of two insulated copper wires, typically about 1 mm thick. The wires
are twisted together in a helical form, just like a DNA molecule. Twisting is done
because two parallel wires constitute a fine antenna. When the wires are twisted,
the waves from different twists cancel out, so the wire radiates less effectively. A
signal is usually carried as the difference in voltage between the two wires in the
pair. This provides better immunity to external noise because the noise tends to
affect both wires the same, leaving the differential unchanged.
The most common application of the twisted pair is the telephone system.
Nearly all telephones are connected to the telephone company (telco) office by a
twisted pair. Both telephone calls and ADSL Internet access run over these lines.
Twisted pairs can run several kilometers without amplification, but for longer dis-
tances the signal becomes too attenuated and repeaters are needed. When many
twisted pairs run in parallel for a substantial distance, such as all the wires coming
from an apartment building to the telephone company office, they are bundled to-
gether and encased in a protective sheath. The pairs in these bundles would inter-
fere with one another if it were not for the twisting. In parts of the world where
telephone lines run on poles above ground, it is common to see bundles several
centimeters in diameter.
Twisted pairs can be used for transmitting either analog or digital information.
The bandwidth depends on the thickness of the wire and the distance traveled, but
several megabits/sec can be achieved for a few kilometers in many cases. Due to
their adequate performance and low cost, twisted pairs are widely used and are
likely to remain so for years to come.
Twisted-pair cabling comes in several varieties. The garden variety deployed
in many office buildings is called Category 5 cabling, or ‘‘Cat 5.’’ A category 5
twisted pair consists of two insulated wires gently twisted together. Four such
pairs are typically grouped in a plastic sheath to protect the wires and keep them
together. This arrangement is shown in Fig. 2-3.
Different LAN standards may use the twisted pairs differently. For example,
100-Mbps Ethernet uses two (out of the four) pairs, one pair for each direction.

SEC. 2.2 GUIDED TRANSMISSION MEDIA 97
Twisted pair
Figure 2-3. Category 5 UTP cable with four twisted pairs.
To reach higher speeds, 1-Gbps Ethernet uses all four pairs in both directions si-
multaneously; this requires the receiver to factor out the signal that is transmitted
locally.
Some general terminology is now in order. Links that can be used in both di-
rections at the same time, like a two-lane road, are called full-duplex links. In
contrast, links that can be used in either direction, but only one way at a time, like
a single-track railroad line. are called half-duplex links. A third category con-
sists of links that allow traffic in only one direction, like a one-way street. They
are called simplex links.
Returning to twisted pair, Cat 5 replaced earlier Category 3 cables with a
similar cable that uses the same connector, but has more twists per meter. More
twists result in less crosstalk and a better-quality signal over longer distances,
making the cables more suitable for high-speed computer communication, espe-
cially 100-Mbps and 1-Gbps Ethernet LANs.
New wiring is more likely to be Category 6 or even Category 7. These
categories has more stringent specifications to handle signals with greater band-
widths. Some cables in Category 6 and above are rated for signals of 500 MHz
and can support the 10-Gbps links that will soon be deployed.
Through Category 6, these wiring types are referred to as UTP (Unshielded
Twisted Pair) as they consist simply of wires and insulators. In contrast to these,
Category 7 cables have shielding on the individual twisted pairs, as well as around
the entire cable (but inside the plastic protective sheath). Shielding reduces the
susceptibility to external interference and crosstalk with other nearby cables to
meet demanding performance specifications. The cables are reminiscent of the
high-quality, but bulky and expensive shielded twisted pair cables that IBM intro-
duced in the early 1980s, but which did not prove popular outside of IBM in-
stallations. Evidently, it is time to try again.
2.2.3 Coaxial Cable
Another common transmission medium is the coaxial cable (known to its
many friends as just ‘‘coax’’ and pronounced ‘‘co-ax’’). It has better shielding and
greater bandwidth than unshielded twisted pairs, so it can span longer distances at

98 THE PHYSICAL LAYER CHAP. 2
higher speeds. Two kinds of coaxial cable are widely used. One kind, 50-ohm
cable, is commonly used when it is intended for digital transmission from the
start. The other kind, 75-ohm cable, is commonly used for analog transmission
and cable television. This distinction is based on historical, rather than technical,
factors (e.g., early dipole antennas had an impedance of 300 ohms, and it was
easy to use existing 4:1 impedance-matching transformers). Starting in the mid-
1990s, cable TV operators began to provide Internet access over cable, which has
made 75-ohm cable more important for data communication.
A coaxial cable consists of a stiff copper wire as the core, surrounded by an
insulating material. The insulator is encased by a cylindrical conductor, often as a
closely woven braided mesh. The outer conductor is covered in a protective plas-
tic sheath. A cutaway view of a coaxial cable is shown in Fig. 2-4.
Copper
core
Insulating
material
Braided
outer
conductor
Protective
plastic
covering
Figure 2-4. A coaxial cable.
The construction and shielding of the coaxial cable give it a good combination
of high bandwidth and excellent noise immunity. The bandwidth possible de-
pends on the cable quality and length. Modern cables have a bandwidth of up to a
few GHz. Coaxial cables used to be widely used within the telephone system for
long-distance lines but have now largely been replaced by fiber optics on long-
haul routes. Coax is still widely used for cable television and metropolitan area
networks, however.
2.2.4 Power Lines
The telephone and cable television networks are not the only sources of wir-
ing that can be reused for data communication. There is a yet more common kind
of wiring: electrical power lines. Power lines deliver electrical power to houses,
and electrical wiring within houses distributes the power to electrical outlets.
The use of power lines for data communication is an old idea. Power lines
have been used by electricity companies for low-rate communication such as re-
mote metering for many years, as well in the home to control devices (e.g., the
X10 standard). In recent years there has been renewed interest in high-rate com-
munication over these lines, both inside the home as a LAN and outside the home

SEC. 2.2 GUIDED TRANSMISSION MEDIA 99
for broadband Internet access. We will concentrate on the most common scenario:
using electrical wires inside the home.
The convenience of using power lines for networking should be clear. Simply
plug a TV and a receiver into the wall, which you must do anyway because they
need power, and they can send and receive movies over the electrical wiring. This
configuration is shown in Fig. 2-5. There is no other plug or radio. The data sig-
nal is superimposed on the low-frequency power signal (on the active or ‘‘hot’’
wire) as both signals use the wiring at the same time.
Power signal
Data signalElectric cable
Figure 2-5. A network that uses household electrical wiring.
The difficulty with using household electrical wiring for a network is that it
was designed to distribute power signals. This task is quite different than distri-
buting data signals, at which household wiring does a horrible job. Electrical sig-
nals are sent at 50–60 Hz and the wiring attenuates the much higher frequency
(MHz) signals needed for high-rate data communication. The electrical properties
of the wiring vary from one house to the next and change as appliances are turned
on and off, which causes data signals to bounce around the wiring. Transient cur-
rents when appliances switch on and off create electrical noise over a wide range
of frequencies. And without the careful twisting of twisted pairs, electrical wiring
acts as a fine antenna, picking up external signals and radiating signals of its own.
This behavior means that to meet regulatory requirements, the data signal must
exclude licensed frequencies such as the amateur radio bands.
Despite these difficulties, it is practical to send at least 100 Mbps over typical
household electrical wiring by using communication schemes that resist impaired
frequencies and bursts of errors. Many products use various proprietary standards
for power-line networking, so international standards are actively under develop-
ment.
2.2.5 Fiber Optics
Many people in the computer industry take enormous pride in how fast com-
puter technology is improving as it follows Moore’s law, which predicts a dou-
bling of the number of transistors per chip roughly every two years (Schaller,

100 THE PHYSICAL LAYER CHAP. 2
1997). The original (1981) IBM PC ran at a clock speed of 4.77 MHz. Twenty-
eight years later, PCs could run a four-core CPU at 3 GHz. This increase is a gain
of a factor of around 2500, or 16 per decade. Impressive.
In the same period, wide area communication links went from 45 Mbps (a T3
line in the telephone system) to 100 Gbps (a modern long distance line). This
gain is similarly impressive, more than a factor of 2000 and close to 16 per
decade, while at the same time the error rate went from 10−5 per bit to almost
zero. Furthermore, single CPUs are beginning to approach physical limits, which
is why it is now the number of CPUs that is being increased per chip. In contrast,
the achievable bandwidth with fiber technology is in excess of 50,000 Gbps (50
Tbps) and we are nowhere near reaching these limits. The current practical limit
of around 100 Gbps is due to our inability to convert between electrical and opti-
cal signals any faster. To build higher-capacity links, many channels are simply
carried in parallel over a single fiber.
In this section we will study fiber optics to learn how that transmission tech-
nology works. In the ongoing race between computing and communication, com-
munication may yet win because of fiber optic networks. The implication of this
would be essentially infinite bandwidth and a new conventional wisdom that com-
puters are hopelessly slow so that networks should try to avoid computation at all
costs, no matter how much bandwidth that wastes. This change will take a while
to sink in to a generation of computer scientists and engineers taught to think in
terms of the low Shannon limits imposed by copper.
Of course, this scenario does not tell the whole story because it does not in-
clude cost. The cost to install fiber over the last mile to reach consumers and
bypass the low bandwidth of wires and limited availability of spectrum is tremen-
dous. It also costs more energy to move bits than to compute. We may always
have islands of inequities where either computation or communication is essen-
tially free. For example, at the edge of the Internet we throw computation and
storage at the problem of compressing and caching content, all to make better use
of Internet access links. Within the Internet, we may do the reverse, with com-
panies such as Google moving huge amounts of data across the network to where
it is cheaper to store or compute on it.
Fiber optics are used for long-haul transmission in network backbones, high-
speed LANs (although so far, copper has always managed catch up eventually),
and high-speed Internet access such as FttH (Fiber to the Home). An optical
transmission system has three key components: the light source, the transmission
medium, and the detector. Conventionally, a pulse of light indicates a 1 bit and
the absence of light indicates a 0 bit. The transmission medium is an ultra-thin
fiber of glass. The detector generates an electrical pulse when light falls on it. By
attaching a light source to one end of an optical fiber and a detector to the other,
we have a unidirectional data transmission system that accepts an electrical sig-
nal, converts and transmits it by light pulses, and then reconverts the output to an
electrical signal at the receiving end.

SEC. 2.2 GUIDED TRANSMISSION MEDIA 101
This transmission system would leak light and be useless in practice were it
not for an interesting principle of physics. When a light ray passes from one
medium to another—for example, from fused silica to air—the ray is refracted
(bent) at the silica/air boundary, as shown in Fig. 2-6(a). Here we see a light ray
incident on the boundary at an angle α1 emerging at an angle β1 . The amount of
refraction depends on the properties of the two media (in particular, their indices
of refraction). For angles of incidence above a certain critical value, the light is
refracted back into the silica; none of it escapes into the air. Thus, a light ray
incident at or above the critical angle is trapped inside the fiber, as shown in
Fig. 2-6(b), and can propagate for many kilometers with virtually no loss.
Total internal
reflection.
Air/silica
boundary
Light sourceSilica
Air
(a) (b)
β1 β2 β3
α1 α2 α3
Figure 2-6. (a) Three examples of a light ray from inside a silica fiber imping-
ing on the air/silica boundary at different angles. (b) Light trapped by total inter-
nal reflection.
The sketch of Fig. 2-6(b) shows only one trapped ray, but since any light ray
incident on the boundary above the critical angle will be reflected internally,
many different rays will be bouncing around at different angles. Each ray is said
to have a different mode, so a fiber having this property is called a multimode
fiber.
However, if the fiber’s diameter is reduced to a few wavelengths of light the
fiber acts like a wave guide and the light can propagate only in a straight line,
without bouncing, yielding a single-mode fiber. Single-mode fibers are more ex-
pensive but are widely used for longer distances. Currently available single-mode
fibers can transmit data at 100 Gbps for 100 km without amplification. Even
higher data rates have been achieved in the laboratory for shorter distances.
Transmission of Light Through Fiber
Optical fibers are made of glass, which, in turn, is made from sand, an inex-
pensive raw material available in unlimited amounts. Glassmaking was known to
the ancient Egyptians, but their glass had to be no more than 1 mm thick or the

102 THE PHYSICAL LAYER CHAP. 2
light could not shine through. Glass transparent enough to be useful for windows
was developed during the Renaissance. The glass used for modern optical fibers
is so transparent that if the oceans were full of it instead of water, the seabed
would be as visible from the surface as the ground is from an airplane on a clear
day.
The attenuation of light through glass depends on the wavelength of the light
(as well as on some physical properties of the glass). It is defined as the ratio of
input to output signal power. For the kind of glass used in fibers, the attenuation
is shown in Fig. 2-7 in units of decibels per linear kilometer of fiber. For exam-
ple, a factor of two loss of signal power gives an attenuation of 10 log10 2 = 3 dB.
The figure shows the near-infrared part of the spectrum, which is what is used in
practice. Visible light has slightly shorter wavelengths, from 0.4 to 0.7 microns.
(1 micron is 10−6 meters.) The true metric purist would refer to these wave-
lengths as 400 nm to 700 nm, but we will stick with traditional usage.
0.80 0.9
2.0
1.8
1.6
1.4
1.2
1.0
0.8
0.6
0.4
0.2
1.0 1.1 1.2 1.3
Wavelength (microns)
0.85μ
Band
1.30μ
Band
1.55μ
Band
A
tte
nu
at
io
n
(d
B
/k
m
)
1.4 1.5 1.6 1.7 1.8
Figure 2-7. Attenuation of light through fiber in the infrared region.
Three wavelength bands are most commonly used at present for optical com-
munication. They are centered at 0.85, 1.30, and 1.55 microns, respectively. All
three bands are 25,000 to 30,000 GHz wide. The 0.85-micron band was used first.
It has higher attenuation and so is used for shorter distances, but at that wave-
length the lasers and electronics could be made from the same material (gallium
arsenide). The last two bands have good attenuation properties (less than 5% loss
per kilometer). The 1.55-micron band is now widely used with erbium-doped
amplifiers that work directly in the optical domain.

SEC. 2.2 GUIDED TRANSMISSION MEDIA 103
Light pulses sent down a fiber spread out in length as they propagate. This
spreading is called chromatic dispersion. The amount of it is wavelength depen-
dent. One way to keep these spread-out pulses from overlapping is to increase the
distance between them, but this can be done only by reducing the signaling rate.
Fortunately, it has been discovered that making the pulses in a special shape relat-
ed to the reciprocal of the hyperbolic cosine causes nearly all the dispersion ef-
fects cancel out, so it is possible to send pulses for thousands of kilometers with-
out appreciable shape distortion. These pulses are called solitons. A considerable
amount of research is going on to take solitons out of the lab and into the field.
Fiber Cables
Fiber optic cables are similar to coax, except without the braid. Figure 2-8(a)
shows a single fiber viewed from the side. At the center is the glass core through
which the light propagates. In multimode fibers, the core is typically 50 microns
in diameter, about the thickness of a human hair. In single-mode fibers, the core
is 8 to 10 microns.
Jacket
(plastic) Core Cladding
Sheath Jacket
Cladding
(glass)
Core
(glass)
(a) (b)
Figure 2-8. (a) Side view of a single fiber. (b) End view of a sheath with three fibers.
The core is surrounded by a glass cladding with a lower index of refraction
than the core, to keep all the light in the core. Next comes a thin plastic jacket to
protect the cladding. Fibers are typically grouped in bundles, protected by an
outer sheath. Figure 2-8(b) shows a sheath with three fibers.
Terrestrial fiber sheaths are normally laid in the ground within a meter of the
surface, where they are occasionally subject to attacks by backhoes or gophers.
Near the shore, transoceanic fiber sheaths are buried in trenches by a kind of
seaplow. In deep water, they just lie on the bottom, where they can be snagged by
fishing trawlers or attacked by giant squid.
Fibers can be connected in three different ways. First, they can terminate in
connectors and be plugged into fiber sockets. Connectors lose about 10 to 20% of
the light, but they make it easy to reconfigure systems.
Second, they can be spliced mechanically. Mechanical splices just lay the
two carefully cut ends next to each other in a special sleeve and clamp them in

104 THE PHYSICAL LAYER CHAP. 2
place. Alignment can be improved by passing light through the junction and then
making small adjustments to maximize the signal. Mechanical splices take train-
ed personnel about 5 minutes and result in a 10% light loss.
Third, two pieces of fiber can be fused (melted) to form a solid connection. A
fusion splice is almost as good as a single drawn fiber, but even here, a small
amount of attenuation occurs.
For all three kinds of splices, reflections can occur at the point of the splice,
and the reflected energy can interfere with the signal.
Two kinds of light sources are typically used to do the signaling. These are
LEDs (Light Emitting Diodes) and semiconductor lasers. They have different
properties, as shown in Fig. 2-9. They can be tuned in wavelength by inserting
Fabry-Perot or Mach-Zehnder interferometers between the source and the fiber.
Fabry-Perot interferometers are simple resonant cavities consisting of two parallel
mirrors. The light is incident perpendicular to the mirrors. The length of the cav-
ity selects out those wavelengths that fit inside an integral number of times.
Mach-Zehnder interferometers separate the light into two beams. The two beams
travel slightly different distances. They are recombined at the end and are in
phase for only certain wavelengths.
Item LED Semiconductor laser
Data rate Low High
Fiber type Multi-mode Multi-mode or single-mode
Distance Short Long
Lifetime Long life Short life
Temperature sensitivity Minor Substantial
Cost Low cost Expensive
Figure 2-9. A comparison of semiconductor diodes and LEDs as light sources.
The receiving end of an optical fiber consists of a photodiode, which gives off
an electrical pulse when struck by light. The response time of photodiodes, which
convert the signal from the optical to the electrical domain, limits data rates to
about 100 Gbps. Thermal noise is also an issue, so a pulse of light must carry
enough energy to be detected. By making the pulses powerful enough, the error
rate can be made arbitrarily small.
Comparison of Fiber Optics and Copper Wire
It is instructive to compare fiber to copper. Fiber has many advantages. To
start with, it can handle much higher bandwidths than copper. This alone would
require its use in high-end networks. Due to the low attenuation, repeaters are
needed only about every 50 km on long lines, versus about every 5 km for copper,

SEC. 2.2 GUIDED TRANSMISSION MEDIA 105
resulting in a big cost saving. Fiber also has the advantage of not being affected
by power surges, electromagnetic interference, or power failures. Nor is it affect-
ed by corrosive chemicals in the air, important for harsh factory environments.
Oddly enough, telephone companies like fiber for a different reason: it is thin
and lightweight. Many existing cable ducts are completely full, so there is no
room to add new capacity. Removing all the copper and replacing it with fiber
empties the ducts, and the copper has excellent resale value to copper refiners
who see it as very high-grade ore. Also, fiber is much lighter than copper. One
thousand twisted pairs 1 km long weigh 8000 kg. Two fibers have more capacity
and weigh only 100 kg, which reduces the need for expensive mechanical support
systems that must be maintained. For new routes, fiber wins hands down due to
its much lower installation cost. Finally, fibers do not leak light and are difficult
to tap. These properties give fiber good security against potential wiretappers.
On the downside, fiber is a less familiar technology requiring skills not all en-
gineers have, and fibers can be damaged easily by being bent too much. Since op-
tical transmission is inherently unidirectional, two-way communication requires
either two fibers or two frequency bands on one fiber. Finally, fiber interfaces
cost more than electrical interfaces. Nevertheless, the future of all fixed data
communication over more than short distances is clearly with fiber. For a dis-
cussion of all aspects of fiber optics and their networks, see Hecht (2005).
2.3 WIRELESS TRANSMISSION
Our age has given rise to information junkies: people who need to be online
all the time. For these mobile users, twisted pair, coax, and fiber optics are of no
use. They need to get their ‘‘hits’’ of data for their laptop, notebook, shirt pocket,
palmtop, or wristwatch computers without being tethered to the terrestrial com-
munication infrastructure. For these users, wireless communication is the answer.
In the following sections, we will look at wireless communication in general.
It has many other important applications besides providing connectivity to users
who want to surf the Web from the beach. Wireless has advantages for even fixed
devices in some circumstances. For example, if running a fiber to a building is
difficult due to the terrain (mountains, jungles, swamps, etc.), wireless may be
better. It is noteworthy that modern wireless digital communication began in the
Hawaiian Islands, where large chunks of Pacific Ocean separated the users from
their computer center and the telephone system was inadequate.
2.3.1 The Electromagnetic Spectrum
When electrons move, they create electromagnetic waves that can propagate
through space (even in a vacuum). These waves were predicted by the British
physicist James Clerk Maxwell in 1865 and first observed by the German

106 THE PHYSICAL LAYER CHAP. 2
physicist Heinrich Hertz in 1887. The number of oscillations per second of a
wave is called its frequency, f, and is measured in Hz (in honor of Heinrich
Hertz). The distance between two consecutive maxima (or minima) is called the
wavelength, which is universally designated by the Greek letter λ (lambda).
When an antenna of the appropriate size is attached to an electrical circuit, the
electromagnetic waves can be broadcast efficiently and received by a receiver
some distance away. All wireless communication is based on this principle.
In a vacuum, all electromagnetic waves travel at the same speed, no matter
what their frequency. This speed, usually called the speed of light, c, is approxi-
mately 3 × 108 m/sec, or about 1 foot (30 cm) per nanosecond. (A case could be
made for redefining the foot as the distance light travels in a vacuum in 1 nsec
rather than basing it on the shoe size of some long-dead king.) In copper or fiber
the speed slows to about 2/3 of this value and becomes slightly frequency depen-
dent. The speed of light is the ultimate speed limit. No object or signal can ever
move faster than it.
The fundamental relation between f, λ, and c (in a vacuum) is
λ f = c (2-4)
Since c is a constant, if we know f, we can find λ, and vice versa. As a rule of
thumb, when λ is in meters and f is in MHz, λ f ∼∼ 300. For example, 100-MHz
waves are about 3 meters long, 1000-MHz waves are 0.3 meters long, and 0.1-
meter waves have a frequency of 3000 MHz.
The electromagnetic spectrum is shown in Fig. 2-10. The radio, microwave,
infrared, and visible light portions of the spectrum can all be used for transmitting
information by modulating the amplitude, frequency, or phase of the waves.
Ultraviolet light, X-rays, and gamma rays would be even better, due to their high-
er frequencies, but they are hard to produce and modulate, do not propagate well
through buildings, and are dangerous to living things. The bands listed at the bot-
tom of Fig. 2-10 are the official ITU (International Telecommunication Union)
names and are based on the wavelengths, so the LF band goes from 1 km to 10 km
(approximately 30 kHz to 300 kHz). The terms LF, MF, and HF refer to Low,
Medium, and High Frequency, respectively. Clearly, when the names were as-
signed nobody expected to go above 10 MHz, so the higher bands were later
named the Very, Ultra, Super, Extremely, and Tremendously High Frequency
bands. Beyond that there are no names, but Incredibly, Astonishingly, and Prodi-
giously High Frequency (IHF, AHF, and PHF) would sound nice.
We know from Shannon [Eq. (2-3)] that the amount of information that a sig-
nal such as an electromagnetic wave can carry depends on the received power and
is proportional to its bandwidth. From Fig. 2-10 it should now be obvious why
networking people like fiber optics so much. Many GHz of bandwidth are avail-
able to tap for data transmission in the microwave band, and even more in fiber
because it is further to the right in our logarithmic scale. As an example, consider
the 1.30-micron band of Fig. 2-7, which has a width of 0.17 microns. If we use

SEC. 2.3 WIRELESS TRANSMISSION 107
100 102 104 106 108 1010 1012 1014 1016 1018 1020 1022 1024
Radio Microwave Infrared UV X-ray Gamma ray
f (Hz)
Visible
light
104 105 106 107 108 109 1010 1011 1012 1013 1014 1015 1016
f (Hz)
Twisted pair
Coax
Satellite
TV
Terrestrial
microwave
Fiber
optics
Maritime
AM
radio
FM
radio
Band LF MF HF VHF UHF SHF EHF THF
Figure 2-10. The electromagnetic spectrum and its uses for communication.
Eq. (2-4) to find the start and end frequencies from the start and end wavelengths,
we find the frequency range to be about 30,000 GHz. With a reasonable signal-
to-noise ratio of 10 dB, this is 300 Tbps.
Most transmissions use a relatively narrow frequency band (i.e., Δ f / f << 1). They concentrate their signals in this narrow band to use the spectrum efficiently and obtain reasonable data rates by transmitting with enough power. However, in some cases, a wider band is used, with three variations. In frequency hopping spread spectrum, the transmitter hops from frequency to frequency hundreds of times per second. It is popular for military communication because it makes transmissions hard to detect and next to impossible to jam. It also offers good resistance to multipath fading and narrowband interference because the receiver will not be stuck on an impaired frequency for long enough to shut down commu- nication. This robustness makes it useful for crowded parts of the spectrum, such as the ISM bands we will describe shortly. This technique is used commercially, for example, in Bluetooth and older versions of 802.11. As a curious footnote, the technique was coinvented by the Austrian-born sex goddess Hedy Lamarr, the first woman to appear nude in a motion picture (the 1933 Czech film Extase). Her first husband was an armaments manufacturer who told her how easy it was to block the radio signals then used to control torpedoes. When she discovered that he was selling weapons to Hitler, she was horrified, dis- guised herself as a maid to escape him, and fled to Hollywood to continue her career as a movie actress. In her spare time, she invented frequency hopping to help the Allied war effort. Her scheme used 88 frequencies, the number of keys 108 THE PHYSICAL LAYER CHAP. 2 (and frequencies) on the piano. For their invention, she and her friend, the mu- sical composer George Antheil, received U.S. patent 2,292,387. However, they were unable to convince the U.S. Navy that their invention had any practical use and never received any royalties. Only years after the patent expired did it be- come popular. A second form of spread spectrum, direct sequence spread spectrum, uses a code sequence to spread the data signal over a wider frequency band. It is widely used commercially as a spectrally efficient way to let multiple signals share the same frequency band. These signals can be given different codes, a method called CDMA (Code Division Multiple Access) that we will return to later in this chap- ter. This method is shown in contrast with frequency hopping in Fig. 2-11. It forms the basis of 3G mobile phone networks and is also used in GPS (Global Positioning System). Even without different codes, direct sequence spread spec- trum, like frequency hopping spread spectrum, can tolerate narrowband inter- ference and multipath fading because only a fraction of the desired signal is lost. It is used in this role in older 802.11b wireless LANs. For a fascinating and de- tailed history of spread spectrum communication, see Scholtz (1982). Ultrawideband underlay (CDMA user with different code) Direct sequence spread spectrum Frequency hopping spread spectrum Frequency (CDMA user with different code) Figure 2-11. Spread spectrum and ultra-wideband (UWB) communication. A third method of communication with a wider band is UWB (Ultra- WideBand) communication. UWB sends a series of rapid pulses, varying their positions to communicate information. The rapid transitions lead to a signal that is spread thinly over a very wide frequency band. UWB is defined as signals that have a bandwidth of at least 500 MHz or at least 20% of the center frequency of their frequency band. UWB is also shown in Fig. 2-11. With this much band- width, UWB has the potential to communicate at high rates. Because it is spread across a wide band of frequencies, it can tolerate a substantial amount of relative- ly strong interference from other narrowband signals. Just as importantly, since UWB has very little energy at any given frequency when used for short-range transmission, it does not cause harmful interference to those other narrowband radio signals. It is said to underlay the other signals. This peaceful coexistence has led to its application in wireless PANs that run at up to 1 Gbps, although com- mercial success has been mixed. It can also be used for imaging through solid ob- jects (ground, walls, and bodies) or as part of precise location systems. SEC. 2.3 WIRELESS TRANSMISSION 109 We will now discuss how the various parts of the electromagnetic spectrum of Fig. 2-11 are used, starting with radio. We will assume that all transmissions use a narrow frequency band unless otherwise stated. 2.3.2 Radio Transmission Radio frequency (RF) waves are easy to generate, can travel long distances, and can penetrate buildings easily, so they are widely used for communication, both indoors and outdoors. Radio waves also are omnidirectional, meaning that they travel in all directions from the source, so the transmitter and receiver do not have to be carefully aligned physically. Sometimes omnidirectional radio is good, but sometimes it is bad. In the 1970s, General Motors decided to equip all its new Cadillacs with computer-con- trolled antilock brakes. When the driver stepped on the brake pedal, the computer pulsed the brakes on and off instead of locking them on hard. One fine day an Ohio Highway Patrolman began using his new mobile radio to call headquarters, and suddenly the Cadillac next to him began behaving like a bucking bronco. When the officer pulled the car over, the driver claimed that he had done nothing and that the car had gone crazy. Eventually, a pattern began to emerge: Cadillacs would sometimes go berserk, but only on major highways in Ohio and then only when the Highway Patrol was watching. For a long, long time General Motors could not understand why Cadil- lacs worked fine in all the other states and also on minor roads in Ohio. Only after much searching did they discover that the Cadillac’s wiring made a fine an- tenna for the frequency used by the Ohio Highway Patrol’s new radio system. The properties of radio waves are frequency dependent. At low frequencies, radio waves pass through obstacles well, but the power falls off sharply with dis- tance from the source—at least as fast as 1/r 2 in air—as the signal energy is spread more thinly over a larger surface. This attenuation is called path loss. At high frequencies, radio waves tend to travel in straight lines and bounce off obsta- cles. Path loss still reduces power, though the received signal can depend strongly on reflections as well. High-frequency radio waves are also absorbed by rain and other obstacles to a larger extent than are low-frequency ones. At all frequencies, radio waves are subject to interference from motors and other electrical equip- ment. It is interesting to compare the attenuation of radio waves to that of signals in guided media. With fiber, coax and twisted pair, the signal drops by the same fraction per unit distance, for example 20 dB per 100m for twisted pair. With radio, the signal drops by the same fraction as the distance doubles, for example 6 dB per doubling in free space. This behavior means that radio waves can travel long distances, and interference between users is a problem. For this reason, all governments tightly regulate the use of radio transmitters, with few notable ex- ceptions, which are discussed later in this chapter. 110 THE PHYSICAL LAYER CHAP. 2 In the VLF, LF, and MF bands, radio waves follow the ground, as illustrated in Fig. 2-12(a). These waves can be detected for perhaps 1000 km at the lower frequencies, less at the higher ones. AM radio broadcasting uses the MF band, which is why the ground waves from Boston AM radio stations cannot be heard easily in New York. Radio waves in these bands pass through buildings easily, which is why portable radios work indoors. The main problem with using these bands for data communication is their low bandwidth [see Eq. (2-4)]. erehpsonoI Earth's surface Earth's surface (a) (b) Ground wave Figure 2-12. (a) In the VLF, LF, and MF bands, radio waves follow the curva- ture of the earth. (b) In the HF band, they bounce off the ionosphere. In the HF and VHF bands, the ground waves tend to be absorbed by the earth. However, the waves that reach the ionosphere, a layer of charged particles cir- cling the earth at a height of 100 to 500 km, are refracted by it and sent back to earth, as shown in Fig. 2-12(b). Under certain atmospheric conditions, the signals can bounce several times. Amateur radio operators (hams) use these bands to talk long distance. The military also communicate in the HF and VHF bands. 2.3.3 Microwave Transmission Above 100 MHz, the waves travel in nearly straight lines and can therefore be narrowly focused. Concentrating all the energy into a small beam by means of a parabolic antenna (like the familiar satellite TV dish) gives a much higher signal- to-noise ratio, but the transmitting and receiving antennas must be accurately aligned with each other. In addition, this directionality allows multiple trans- mitters lined up in a row to communicate with multiple receivers in a row without interference, provided some minimum spacing rules are observed. Before fiber optics, for decades these microwaves formed the heart of the long-distance tele- phone transmission system. In fact, MCI, one of AT&T’s first competitors after it was deregulated, built its entire system with microwave communications passing between towers tens of kilometers apart. Even the company’s name reflected this (MCI stood for Microwave Communications, Inc.). MCI has since gone over to fiber and through a long series of corporate mergers and bankruptcies in the telecommunications shuffle has become part of Verizon. SEC. 2.3 WIRELESS TRANSMISSION 111 Microwaves travel in a straight line, so if the towers are too far apart, the earth will get in the way (think about a Seattle-to-Amsterdam link). Thus, re- peaters are needed periodically. The higher the towers are, the farther apart they can be. The distance between repeaters goes up very roughly with the square root of the tower height. For 100-meter-high towers, repeaters can be 80 km apart. Unlike radio waves at lower frequencies, microwaves do not pass through buildings well. In addition, even though the beam may be well focused at the transmitter, there is still some divergence in space. Some waves may be refracted off low-lying atmospheric layers and may take slightly longer to arrive than the direct waves. The delayed waves may arrive out of phase with the direct wave and thus cancel the signal. This effect is called multipath fading and is often a serious problem. It is weather and frequency dependent. Some operators keep 10% of their channels idle as spares to switch on when multipath fading tem- porarily wipes out some frequency band. The demand for more and more spectrum drives operators to yet higher fre- quencies. Bands up to 10 GHz are now in routine use, but at about 4 GHz a new problem sets in: absorption by water. These waves are only a few centimeters long and are absorbed by rain. This effect would be fine if one were planning to build a huge outdoor microwave oven for roasting passing birds, but for communi- cation it is a severe problem. As with multipath fading, the only solution is to shut off links that are being rained on and route around them. In summary, microwave communication is so widely used for long-distance telephone communication, mobile phones, television distribution, and other pur- poses that a severe shortage of spectrum has developed. It has several key advan- tages over fiber. The main one is that no right of way is needed to lay down cables. By buying a small plot of ground every 50 km and putting a microwave tower on it, one can bypass the telephone system entirely. This is how MCI man- aged to get started as a new long-distance telephone company so quickly. (Sprint, another early competitor to the deregulated AT&T, went a completely different route: it was formed by the Southern Pacific Railroad, which already owned a large amount of right of way and just buried fiber next to the tracks.) Microwave is also relatively inexpensive. Putting up two simple towers (which can be just big poles with four guy wires) and putting antennas on each one may be cheaper than burying 50 km of fiber through a congested urban area or up over a mountain, and it may also be cheaper than leasing the telephone com- pany’s fiber, especially if the telephone company has not yet even fully paid for the copper it ripped out when it put in the fiber. The Politics of the Electromagnetic Spectrum To prevent total chaos, there are national and international agreements about who gets to use which frequencies. Since everyone wants a higher data rate, everyone wants more spectrum. National governments allocate spectrum for AM 112 THE PHYSICAL LAYER CHAP. 2 and FM radio, television, and mobile phones, as well as for telephone companies, police, maritime, navigation, military, government, and many other competing users. Worldwide, an agency of ITU-R (WRC) tries to coordinate this allocation so devices that work in multiple countries can be manufactured. However, coun- tries are not bound by ITU-R’s recommendations, and the FCC (Federal Commu- nication Commission), which does the allocation for the United States, has occa- sionally rejected ITU-R’s recommendations (usually because they required some politically powerful group to give up some piece of the spectrum). Even when a piece of spectrum has been allocated to some use, such as mobile phones, there is the additional issue of which carrier is allowed to use which frequencies. Three algorithms were widely used in the past. The oldest al- gorithm, often called the beauty contest, requires each carrier to explain why its proposal serves the public interest best. Government officials then decide which of the nice stories they enjoy most. Having some government official award prop- erty worth billions of dollars to his favorite company often leads to bribery, corr- uption, nepotism, and worse. Furthermore, even a scrupulously honest govern- ment official who thought that a foreign company could do a better job than any of the national companies would have a lot of explaining to do. This observation led to algorithm 2, holding a lottery among the interested companies. The problem with that idea is that companies with no interest in using the spectrum can enter the lottery. If, say, a fast food restaurant or shoe store chain wins, it can resell the spectrum to a carrier at a huge profit and with no risk. Bestowing huge windfalls on alert but otherwise random companies has been severely criticized by many, which led to algorithm 3: auction off the bandwidth to the highest bidder. When the British government auctioned off the frequencies needed for third-generation mobile systems in 2000, it expected to get about $4 billion. It actually received about $40 billion because the carriers got into a feed- ing frenzy, scared to death of missing the mobile boat. This event switched on nearby governments’ greedy bits and inspired them to hold their own auctions. It worked, but it also left some of the carriers with so much debt that they are close to bankruptcy. Even in the best cases, it will take many years to recoup the licensing fee. A completely different approach to allocating frequencies is to not allocate them at all. Instead, let everyone transmit at will, but regulate the power used so that stations have such a short range that they do not interfere with each other. Accordingly, most governments have set aside some frequency bands, called the ISM (Industrial, Scientific, Medical) bands for unlicensed usage. Garage door openers, cordless phones, radio-controlled toys, wireless mice, and numerous other wireless household devices use the ISM bands. To minimize interference between these uncoordinated devices, the FCC mandates that all devices in the ISM bands limit their transmit power (e.g., to 1 watt) and use other techniques to spread their signals over a range of frequencies. Devices may also need to take care to avoid interference with radar installations. SEC. 2.3 WIRELESS TRANSMISSION 113 The location of these bands varies somewhat from country to country. In the United States, for example, the bands that networking devices use in practice without requiring a FCC license are shown in Fig. 2-13. The 900-MHz band was used for early versions of 802.11, but it is crowded. The 2.4-GHz band is avail- able in most countries and widely used for 802.11b/g and Bluetooth, though it is subject to interference from microwave ovens and radar installations. The 5-GHz part of the spectrum includes U-NII (Unlicensed National Information Infrastructure) bands. The 5-GHz bands are relatively undeveloped but, since they have the most bandwidth and are used by 802.11a, they are quickly gaining in popularity. 26 MHz 902 MHz 928 MHz 2.4 GHz 5.25 GHz 5.35 GHz 5.47 GHz 5.725 GHz U-NII bands 5.825 GHz 2.4835 GHz ISM band 83.5 MHz 100 MHz 255 MHz ISM band 100 MHz ISM band Figure 2-13. ISM and U-NII bands used in the United States by wireless devices. The unlicensed bands have been a roaring success over the past decade. The ability to use the spectrum freely has unleashed a huge amount of innovation in wireless LANs and PANs, evidenced by the widespread deployment of technolo- gies such as 802.11 and Bluetooth. To continue this innovation, more spectrum is needed. One exciting development in the U.S. is the FCC decision in 2009 to allow unlicensed use of white spaces around 700 MHz. White spaces are fre- quency bands that have been allocated but are not being used locally. The tran- sition from analog to all-digital television broadcasts in the U.S. in 2010 freed up white spaces around 700 MHz. The only difficulty is that, to use the white spaces, unlicensed devices must be able to detect any nearby licensed trans- mitters, including wireless microphones, that have first rights to use the frequency band. Another flurry of activity is happening around the 60-GHz band. The FCC opened 57 GHz to 64 GHz for unlicensed operation in 2001. This range is an enormous portion of spectrum, more than all the other ISM bands combined, so it can support the kind of high-speed networks that would be needed to stream high-definition TV through the air across your living room. At 60 GHz, radio 114 THE PHYSICAL LAYER CHAP. 2 waves are absorbed by oxygen. This means that signals do not propagate far, making them well suited to short-range networks. The high frequencies (60 GHz is in the Extremely High Frequency or ‘‘millimeter’’ band, just below infrared radiation) posed an initial challenge for equipment makers, but products are now on the market. 2.3.4 Infrared Transmission Unguided infrared waves are widely used for short-range communication. The remote controls used for televisions, VCRs, and stereos all use infrared com- munication. They are relatively directional, cheap, and easy to build but have a major drawback: they do not pass through solid objects. (Try standing between your remote control and your television and see if it still works.) In general, as we go from long-wave radio toward visible light, the waves behave more and more like light and less and less like radio. On the other hand, the fact that infrared waves do not pass through solid walls well is also a plus. It means that an infrared system in one room of a building will not interfere with a similar system in adjacent rooms or buildings: you cannot control your neighbor’s television with your remote control. Furthermore, securi- ty of infrared systems against eavesdropping is better than that of radio systems precisely for this reason. Therefore, no government license is needed to operate an infrared system, in contrast to radio systems, which must be licensed outside the ISM bands. Infrared communication has a limited use on the desktop, for ex- ample, to connect notebook computers and printers with the IrDA (Infrared Data Association) standard, but it is not a major player in the communication game. 2.3.5 Light Transmission Unguided optical signaling or free-space optics has been in use for centuries. Paul Revere used binary optical signaling from the Old North Church just prior to his famous ride. A more modern application is to connect the LANs in two build- ings via lasers mounted on their rooftops. Optical signaling using lasers is inherently unidirectional, so each end needs its own laser and its own photodetec- tor. This scheme offers very high bandwidth at very low cost and is relatively secure because it is difficult to tap a narrow laser beam. It is also relatively easy to install and, unlike microwave transmission, does not require an FCC license. The laser’s strength, a very narrow beam, is also its weakness here. Aiming a laser beam 1 mm wide at a target the size of a pin head 500 meters away requires the marksmanship of a latter-day Annie Oakley. Usually, lenses are put into the system to defocus the beam slightly. To add to the difficulty, wind and tempera- ture changes can distort the beam and laser beams also cannot penetrate rain or thick fog, although they normally work well on sunny days. However, many of these factors are not an issue when the use is to connect two spacecraft. SEC. 2.3 WIRELESS TRANSMISSION 115 One of the authors (AST) once attended a conference at a modern hotel in Europe at which the conference organizers thoughtfully provided a room full of terminals to allow the attendees to read their email during boring presentations. Since the local PTT was unwilling to install a large number of telephone lines for just 3 days, the organizers put a laser on the roof and aimed it at their university’s computer science building a few kilometers away. They tested it the night before the conference and it worked perfectly. At 9 A.M. on a bright, sunny day, the link failed completely and stayed down all day. The pattern repeated itself the next two days. It was not until after the conference that the organizers discovered the problem: heat from the sun during the daytime caused convection currents to rise up from the roof of the building, as shown in Fig. 2-14. This turbulent air diverted the beam and made it dance around the detector, much like a shimmering road on a hot day. The lesson here is that to work well in difficult conditions as well as good conditions, unguided optical links need to be engineered with a sufficient margin of error. Laser beam misses the detector Laser Photodetector Region of turbulent seeing Heat rising off the building Figure 2-14. Convection currents can interfere with laser communication sys- tems. A bidirectional system with two lasers is pictured here. Unguided optical communication may seem like an exotic networking tech- nology today, but it might soon become much more prevalent. We are surrounded 116 THE PHYSICAL LAYER CHAP. 2 by cameras (that sense light) and displays (that emit light using LEDs and other technology). Data communication can be layered on top of these displays by en- coding information in the pattern at which LEDs turn on and off that is below the threshold of human perception. Communicating with visible light in this way is inherently safe and creates a low-speed network in the immediate vicinity of the display. This could enable all sorts of fanciful ubiquitous computing scenarios. The flashing lights on emergency vehicles might alert nearby traffic lights and vehicles to help clear a path. Informational signs might broadcast maps. Even fes- tive lights might broadcast songs that are synchronized with their display. 2.4 COMMUNICATION SATELLITES In the 1950s and early 1960s, people tried to set up communication systems by bouncing signals off metallized weather balloons. Unfortunately, the received signals were too weak to be of any practical use. Then the U.S. Navy noticed a kind of permanent weather balloon in the sky—the moon—and built an opera- tional system for ship-to-shore communication by bouncing signals off it. Further progress in the celestial communication field had to wait until the first communication satellite was launched. The key difference between an artificial satellite and a real one is that the artificial one can amplify the signals before sending them back, turning a strange curiosity into a powerful communication system. Communication satellites have some interesting properties that make them attractive for many applications. In its simplest form, a communication satellite can be thought of as a big microwave repeater in the sky. It contains several transponders, each of which listens to some portion of the spectrum, amplifies the incoming signal, and then rebroadcasts it at another frequency to avoid inter- ference with the incoming signal. This mode of operation is known as a bent pipe. Digital processing can be added to separately manipulate or redirect data streams in the overall band, or digital information can even be received by the sat- ellite and rebroadcast. Regenerating signals in this way improves performance compared to a bent pipe because the satellite does not amplify noise in the upward signal. The downward beams can be broad, covering a substantial fraction of the earth’s surface, or narrow, covering an area only hundreds of kilometers in diame- ter. According to Kepler’s law, the orbital period of a satellite varies as the radius of the orbit to the 3/2 power. The higher the satellite, the longer the period. Near the surface of the earth, the period is about 90 minutes. Consequently, low-orbit satellites pass out of view fairly quickly, so many of them are needed to provide continuous coverage and ground antennas must track them. At an altitude of about 35,800 km, the period is 24 hours. At an altitude of 384,000 km, the period is about one month, as anyone who has observed the moon regularly can testify. SEC. 2.4 COMMUNICATION SATELLITES 117 A satellite’s period is important, but it is not the only issue in determining where to place it. Another issue is the presence of the Van Allen belts, layers of highly charged particles trapped by the earth’s magnetic field. Any satellite flying within them would be destroyed fairly quickly by the particles. These factors lead to three regions in which satellites can be placed safely. These regions and some of their properties are illustrated in Fig. 2-15. Below we will briefly describe the satellites that inhabit each of these regions. Altitude (km) Type 35,000 30,000 25,000 20,000 15,000 10,000 5,000 0 GEO MEO Upper Van Allen belt Lower Van Allen belt LEO Latency (ms) 270 35–85 1–7 Sats needed 3 10 50 Figure 2-15. Communication satellites and some of their properties, including altitude above the earth, round-trip delay time, and number of satellites needed for global coverage. 2.4.1 Geostationary Satellites In 1945, the science fiction writer Arthur C. Clarke calculated that a satellite at an altitude of 35,800 km in a circular equatorial orbit would appear to remain motionless in the sky, so it would not need to be tracked (Clarke, 1945). He went on to describe a complete communication system that used these (manned) geo- stationary satellites, including the orbits, solar panels, radio frequencies, and launch procedures. Unfortunately, he concluded that satellites were impractical due to the impossibility of putting power-hungry, fragile vacuum tube amplifiers into orbit, so he never pursued this idea further, although he wrote some science fiction stories about it. The invention of the transistor changed all that, and the first artificial commu- nication satellite, Telstar, was launched in July 1962. Since then, communication satellites have become a multibillion dollar business and the only aspect of outer space that has become highly profitable. These high-flying satellites are often called GEO (Geostationary Earth Orbit) satellites. 118 THE PHYSICAL LAYER CHAP. 2 With current technology, it is unwise to have geostationary satellites spaced much closer than 2 degrees in the 360-degree equatorial plane, to avoid inter- ference. With a spacing of 2 degrees, there can only be 360/2 = 180 of these sat- ellites in the sky at once. However, each transponder can use multiple frequen- cies and polarizations to increase the available bandwidth. To prevent total chaos in the sky, orbit slot allocation is done by ITU. This process is highly political, with countries barely out of the stone age demanding ‘‘their’’ orbit slots (for the purpose of leasing them to the highest bidder). Other countries, however, maintain that national property rights do not extend up to the moon and that no country has a legal right to the orbit slots above its territory. To add to the fight, commercial telecommunication is not the only application. Tele- vision broadcasters, governments, and the military also want a piece of the orbit- ing pie. Modern satellites can be quite large, weighing over 5000 kg and consuming several kilowatts of electric power produced by the solar panels. The effects of solar, lunar, and planetary gravity tend to move them away from their assigned orbit slots and orientations, an effect countered by on-board rocket motors. This fine-tuning activity is called station keeping. However, when the fuel for the motors has been exhausted (typically after about 10 years) the satellite drifts and tumbles helplessly, so it has to be turned off. Eventually, the orbit decays and the satellite reenters the atmosphere and burns up (or very rarely crashes to earth). Orbit slots are not the only bone of contention. Frequencies are an issue, too, because the downlink transmissions interfere with existing microwave users. Consequently, ITU has allocated certain frequency bands to satellite users. The main ones are listed in Fig. 2-16. The C band was the first to be designated for commercial satellite traffic. Two frequency ranges are assigned in it, the lower one for downlink traffic (from the satellite) and the upper one for uplink traffic (to the satellite). To allow traffic to go both ways at the same time, two channels are required. These channels are already overcrowded because they are also used by the common carriers for terrestrial microwave links. The L and S bands were added by international agreement in 2000. However, they are narrow and also crowded. Band Downlink Uplink Bandwidth Problems L 1.5 GHz 1.6 GHz 15 MHz Low bandwidth; crowded S 1.9 GHz 2.2 GHz 70 MHz Low bandwidth; crowded C 4.0 GHz 6.0 GHz 500 MHz Terrestrial interference Ku 11 GHz 14 GHz 500 MHz Rain Ka 20 GHz 30 GHz 3500 MHz Rain, equipment cost Figure 2-16. The principal satellite bands. SEC. 2.4 COMMUNICATION SATELLITES 119 The next-highest band available to commercial telecommunication carriers is the Ku (K under) band. This band is not (yet) congested, and at its higher fre- quencies, satellites can be spaced as close as 1 degree. However, another problem exists: rain. Water absorbs these short microwaves well. Fortunately, heavy storms are usually localized, so using several widely separated ground stations in- stead of just one circumvents the problem, but at the price of extra antennas, extra cables, and extra electronics to enable rapid switching between stations. Band- width has also been allocated in the Ka (K above) band for commercial satellite traffic, but the equipment needed to use it is expensive. In addition to these com- mercial bands, many government and military bands also exist. A modern satellite has around 40 transponders, most often with a 36-MHz bandwidth. Usually, each transponder operates as a bent pipe, but recent satellites have some on-board processing capacity, allowing more sophisticated operation. In the earliest satellites, the division of the transponders into channels was static: the bandwidth was simply split up into fixed frequency bands. Nowadays, each transponder beam is divided into time slots, with various users taking turns. We will study these two techniques (frequency division multiplexing and time divis- ion multiplexing) in detail later in this chapter. The first geostationary satellites had a single spatial beam that illuminated about 1/3 of the earth’s surface, called its footprint. With the enormous decline in the price, size, and power requirements of microelectronics, a much more sophisticated broadcasting strategy has become possible. Each satellite is equipped with multiple antennas and multiple transponders. Each downward beam can be focused on a small geographical area, so multiple upward and down- ward transmissions can take place simultaneously. Typically, these so-called spot beams are elliptically shaped, and can be as small as a few hundred km in diame- ter. A communication satellite for the United States typically has one wide beam for the contiguous 48 states, plus spot beams for Alaska and Hawaii. A recent development in the communication satellite world is the develop- ment of low-cost microstations, sometimes called VSATs (Very Small Aperture Terminals) (Abramson, 2000). These tiny terminals have 1-meter or smaller an- tennas (versus 10 m for a standard GEO antenna) and can put out about 1 watt of power. The uplink is generally good for up to 1 Mbps, but the downlink is often up to several megabits/sec. Direct broadcast satellite television uses this technol- ogy for one-way transmission. In many VSAT systems, the microstations do not have enough power to com- municate directly with one another (via the satellite, of course). Instead, a special ground station, the hub, with a large, high-gain antenna is needed to relay traffic between VSATs, as shown in Fig. 2-17. In this mode of operation, either the sender or the receiver has a large antenna and a powerful amplifier. The trade-off is a longer delay in return for having cheaper end-user stations. VSATs have great potential in rural areas. It is not widely appreciated, but over half the world’s population lives more than hour’s walk from the nearest 120 THE PHYSICAL LAYER CHAP. 2 Communication satellite 1 3 2 4 Hub VSAT Figure 2-17. VSATs using a hub. telephone. Stringing telephone wires to thousands of small villages is far beyond the budgets of most Third World governments, but installing 1-meter VSAT dishes powered by solar cells is often feasible. VSATs provide the technology that will wire the world. Communication satellites have several properties that are radically different from terrestrial point-to-point links. To begin with, even though signals to and from a satellite travel at the speed of light (nearly 300,000 km/sec), the long round-trip distance introduces a substantial delay for GEO satellites. Depending on the distance between the user and the ground station and the elevation of the satellite above the horizon, the end-to-end transit time is between 250 and 300 msec. A typical value is 270 msec (540 msec for a VSAT system with a hub). For comparison purposes, terrestrial microwave links have a propagation delay of roughly 3 μsec /km, and coaxial cable or fiber optic links have a delay of approximately 5 μsec /km. The latter are slower than the former because electro- magnetic signals travel faster in air than in solid materials. Another important property of satellites is that they are inherently broadcast media. It does not cost more to send a message to thousands of stations within a transponder’s footprint than it does to send to one. For some applications, this property is very useful. For example, one could imagine a satellite broadcasting popular Web pages to the caches of a large number of computers spread over a wide area. Even when broadcasting can be simulated with point-to-point lines, SEC. 2.4 COMMUNICATION SATELLITES 121 satellite broadcasting may be much cheaper. On the other hand, from a privacy point of view, satellites are a complete disaster: everybody can hear everything. Encryption is essential when security is required. Satellites also have the property that the cost of transmitting a message is in- dependent of the distance traversed. A call across the ocean costs no more to ser- vice than a call across the street. Satellites also have excellent error rates and can be deployed almost instantly, a major consideration for disaster response and mili- tary communication. 2.4.2 Medium-Earth Orbit Satellites At much lower altitudes, between the two Van Allen belts, we find the MEO (Medium-Earth Orbit) satellites. As viewed from the earth, these drift slowly in longitude, taking something like 6 hours to circle the earth. Accordingly, they must be tracked as they move through the sky. Because they are lower than the GEOs, they have a smaller footprint on the ground and require less powerful transmitters to reach them. Currently they are used for navigation systems rather than telecommunications, so we will not examine them further here. The constel- lation of roughly 30 GPS (Global Positioning System) satellites orbiting at about 20,200 km are examples of MEO satellites. 2.4.3 Low-Earth Orbit Satellites Moving down in altitude, we come to the LEO (Low-Earth Orbit) satellites. Due to their rapid motion, large numbers of them are needed for a complete sys- tem. On the other hand, because the satellites are so close to the earth, the ground stations do not need much power, and the round-trip delay is only a few millisec- onds. The launch cost is substantially cheaper too. In this section we will exam- ine two examples of satellite constellations for voice service, Iridium and Glo- balstar. For the first 30 years of the satellite era, low-orbit satellites were rarely used because they zip into and out of view so quickly. In 1990, Motorola broke new ground by filing an application with the FCC asking for permission to launch 77 low-orbit satellites for the Iridium project (element 77 is iridium). The plan was later revised to use only 66 satellites, so the project should have been renamed Dysprosium (element 66), but that probably sounded too much like a disease. The idea was that as soon as one satellite went out of view, another would replace it. This proposal set off a feeding frenzy among other communication companies. All of a sudden, everyone wanted to launch a chain of low-orbit satellites. After seven years of cobbling together partners and financing, communication service began in November 1998. Unfortunately, the commercial demand for large, heavy satellite telephones was negligible because the mobile phone network had grown in a spectacular way since 1990. As a consequence, Iridium was not 122 THE PHYSICAL LAYER CHAP. 2 profitable and was forced into bankruptcy in August 1999 in one of the most spec- tacular corporate fiascos in history. The satellites and other assets (worth $5 bil- lion) were later purchased by an investor for $25 million at a kind of extraterres- trial garage sale. Other satellite business ventures promptly followed suit. The Iridium service restarted in March 2001 and has been growing ever since. It provides voice, data, paging, fax, and navigation service everywhere on land, air, and sea, via hand-held devices that communicate directly with the Iridium sat- ellites. Customers include the maritime, aviation, and oil exploration industries, as well as people traveling in parts of the world lacking a telecom infrastructure (e.g., deserts, mountains, the South Pole, and some Third World countries). The Iridium satellites are positioned at an altitude of 750 km, in circular polar orbits. They are arranged in north-south necklaces, with one satellite every 32 degrees of latitude, as shown in Fig. 2-18. Each satellite has a maximum of 48 cells (spot beams) and a capacity of 3840 channels, some of which are used for paging and navigation, while others are used for data and voice. Each satellite has four neighbors Figure 2-18. The Iridium satellites form six necklaces around the earth. With six satellite necklaces the entire earth is covered, as suggested by Fig. 2-18. An interesting property of Iridium is that communication between dis- tant customers takes place in space, as shown in Fig. 2-19(a). Here we see a call- er at the North Pole contacting a satellite directly overhead. Each satellite has four neighbors with which it can communicate, two in the same necklace (shown) and two in adjacent necklaces (not shown). The satellites relay the call across this grid until it is finally sent down to the callee at the South Pole. An alternative design to Iridium is Globalstar. It is based on 48 LEO satel- lites but uses a different switching scheme than that of Iridium. Whereas Iridium relays calls from satellite to satellite, which requires sophisticated switching equipment in the satellites, Globalstar uses a traditional bent-pipe design. The call originating at the North Pole in Fig. 2-19(b) is sent back to earth and picked SEC. 2.4 COMMUNICATION SATELLITES 123 Bent-pipe satellite Satellite switches in space Switching on the ground (a) (b) Figure 2-19. (a) Relaying in space. (b) Relaying on the ground. up by the large ground station at Santa’s Workshop. The call is then routed via a terrestrial network to the ground station nearest the callee and delivered by a bent-pipe connection as shown. The advantage of this scheme is that it puts much of the complexity on the ground, where it is easier to manage. Also, the use of large ground station antennas that can put out a powerful signal and receive a weak one means that lower-powered telephones can be used. After all, the tele- phone puts out only a few milliwatts of power, so the signal that gets back to the ground station is fairly weak, even after having been amplified by the satellite. Satellites continue to be launched at a rate of around 20 per year, including ever-larger satellites that now weigh over 5000 kilograms. But there are also very small satellites for the more budget-conscious organization. To make space re- search more accessible, academics from Cal Poly and Stanford got together in 1999 to define a standard for miniature satellites and an associated launcher that would greatly lower launch costs (Nugent et al., 2008). CubeSats are satellites in units of 10 cm × 10 cm × 10 cm cubes, each weighing no more than 1 kilogram, that can be launched for as little as $40,000 each. The launcher flies as a sec- ondary payload on commercial space missions. It is basically a tube that takes up to three units of cubesats and uses springs to release them into orbit. Roughly 20 cubesats have launched so far, with many more in the works. Most of them com- municate with ground stations on the UHF and VHF bands. 2.4.4 Satellites Versus Fiber A comparison between satellite communication and terrestrial communication is instructive. As recently as 25 years ago, a case could be made that the future of communication lay with communication satellites. After all, the telephone system 124 THE PHYSICAL LAYER CHAP. 2 had changed little in the previous 100 years and showed no signs of changing in the next 100 years. This glacial movement was caused in no small part by the regulatory environment in which the telephone companies were expected to pro- vide good voice service at reasonable prices (which they did), and in return got a guaranteed profit on their investment. For people with data to transmit, 1200-bps modems were available. That was pretty much all there was. The introduction of competition in 1984 in the United States and somewhat later in Europe changed all that radically. Telephone companies began replacing their long-haul networks with fiber and introduced high-bandwidth services like ADSL (Asymmetric Digital Subscriber Line). They also stopped their long-time practice of charging artificially high prices to long-distance users to subsidize local service. All of a sudden, terrestrial fiber connections looked like the winner. Nevertheless, communication satellites have some major niche markets that fiber does not (and, sometimes, cannot) address. First, when rapid deployment is critical, satellites win easily. A quick response is useful for military communica- tion systems in times of war and disaster response in times of peace. Following the massive December 2004 Sumatra earthquake and subsequent tsunami, for ex- ample, communications satellites were able to restore communications to first re- sponders within 24 hours. This rapid response was possible because there is a de- veloped satellite service provider market in which large players, such as Intelsat with over 50 satellites, can rent out capacity pretty much anywhere it is needed. For customers served by existing satellite networks, a VSAT can be set up easily and quickly to provide a megabit/sec link to elsewhere in the world. A second niche is for communication in places where the terrestrial infra- structure is poorly developed. Many people nowadays want to communicate everywhere they go. Mobile phone networks cover those locations with good population density, but do not do an adequate job in other places (e.g., at sea or in the desert). Conversely, Iridium provides voice service everywhere on Earth, even at the South Pole. Terrestrial infrastructure can also be expensive to install, depending on the terrain and necessary rights of way. Indonesia, for example, has its own satellite for domestic telephone traffic. Launching one satellite was cheaper than stringing thousands of undersea cables among the 13,677 islands in the archipelago. A third niche is when broadcasting is essential. A message sent by satellite can be received by thousands of ground stations at once. Satellites are used to dis- tribute much network TV programming to local stations for this reason. There is now a large market for satellite broadcasts of digital TV and radio directly to end users with satellite receivers in their homes and cars. All sorts of other content can be broadcast too. For example, an organization transmitting a stream of stock, bond, or commodity prices to thousands of dealers might find a satellite system to be much cheaper than simulating broadcasting on the ground. In short, it looks like the mainstream communication of the future will be ter- restrial fiber optics combined with cellular radio, but for some specialized uses, SEC. 2.4 COMMUNICATION SATELLITES 125 satellites are better. However, there is one caveat that applies to all of this: economics. Although fiber offers more bandwidth, it is conceivable that terres- trial and satellite communication could compete aggressively on price. If ad- vances in technology radically cut the cost of deploying a satellite (e.g., if some future space vehicle can toss out dozens of satellites on one launch) or low-orbit satellites catch on in a big way, it is not certain that fiber will win all markets. 2.5 DIGITAL MODULATION AND MULTIPLEXING Now that we have studied the properties of wired and wireless channels, we turn our attention to the problem of sending digital information. Wires and wire- less channels carry analog signals such as continuously varying voltage, light intensity, or sound intensity. To send digital information, we must devise analog signals to represent bits. The process of converting between bits and signals that represent them is called digital modulation. We will start with schemes that directly convert bits into a signal. These schemes result in baseband transmission, in which the signal occupies frequen- cies from zero up to a maximum that depends on the signaling rate. It is common for wires. Then we will consider schemes that regulate the amplitude, phase, or frequency of a carrier signal to convey bits. These schemes result in passband transmission, in which the signal occupies a band of frequencies around the fre- quency of the carrier signal. It is common for wireless and optical channels for which the signals must reside in a given frequency band. Channels are often shared by multiple signals. After all, it is much more con- venient to use a single wire to carry several signals than to install a wire for every signal. This kind of sharing is called multiplexing. It can be accomplished in several different ways. We will present methods for time, frequency, and code di- vision multiplexing. The modulation and multiplexing techniques we describe in this section are all widely used for wires, fiber, terrestrial wireless, and satellite channels. In the following sections, we will look at examples of networks to see them in action. 2.5.1 Baseband Transmission The most straightforward form of digital modulation is to use a positive volt- age to represent a 1 and a negative voltage to represent a 0. For an optical fiber, the presence of light might represent a 1 and the absence of light might represent a 0. This scheme is called NRZ (Non-Return-to-Zero). The odd name is for his- torical reasons, and simply means that the signal follows the data. An example is shown in Fig. 2-20(b). Once sent, the NRZ signal propagates down the wire. At the other end, the receiver converts it into bits by sampling the signal at regular intervals of time. 126 THE PHYSICAL LAYER CHAP. 2 (Clock that is XORed with bits) (a) Bit stream (b) Non-Return to Zero (NRZ) (c) NRZ Invert (NRZI) (d) Manchester (e) Bipolar encoding (also Alternate Mark Inversion, AMI) 1 0 0 0 0 1 0 1 1 1 1 Figure 2-20. Line codes: (a) Bits, (b) NRZ, (c) NRZI, (d) Manchester, (e) Bi- polar or AMI. This signal will not look exactly like the signal that was sent. It will be attenuated and distorted by the channel and noise at the receiver. To decode the bits, the re- ceiver maps the signal samples to the closest symbols. For NRZ, a positive volt- age will be taken to indicate that a 1 was sent and a negative voltage will be taken to indicate that a 0 was sent. NRZ is a good starting point for our studies because it is simple, but it is sel- dom used by itself in practice. More complex schemes can convert bits to signals that better meet engineering considerations. These schemes are called line codes. Below, we describe line codes that help with bandwidth efficiency, clock recov- ery, and DC balance. Bandwidth Efficiency With NRZ, the signal may cycle between the positive and negative levels up to every 2 bits (in the case of alternating 1s and 0s). This means that we need a bandwidth of at least B/2 Hz when the bit rate is B bits/sec. This relation comes from the Nyquist rate [Eq. (2-2)]. It is a fundamental limit, so we cannot run NRZ faster without using more bandwidth. Bandwidth is often a limited resource, even for wired channels, Higher-frequency signals are increasingly attenuated, making them less useful, and higher-frequency signals also require faster electronics. One strategy for using limited bandwidth more efficiently is to use more than two signaling levels. By using four voltages, for instance, we can send 2 bits at once as a single symbol. This design will work as long as the signal at the re- ceiver is sufficiently strong to distinguish the four levels. The rate at which the signal changes is then half the bit rate, so the needed bandwidth has been reduced. SEC. 2.5 DIGITAL MODULATION AND MULTIPLEXING 127 We call the rate at which the signal changes the symbol rate to distinguish it from the bit rate. The bit rate is the symbol rate multiplied by the number of bits per symbol. An older name for the symbol rate, particularly in the context of de- vices called telephone modems that convey digital data over telephone lines, is the baud rate. In the literature, the terms ‘‘bit rate’’ and ‘‘baud rate’’ are often used incorrectly. Note that the number of signal levels does not need to be a power of two. Often it is not, with some of the levels used for protecting against errors and sim- plifying the design of the receiver. Clock Recovery For all schemes that encode bits into symbols, the receiver must know when one symbol ends and the next symbol begins to correctly decode the bits. With NRZ, in which the symbols are simply voltage levels, a long run of 0s or 1s leaves the signal unchanged. After a while it is hard to tell the bits apart, as 15 zeros look much like 16 zeros unless you have a very accurate clock. Accurate clocks would help with this problem, but they are an expensive solu- tion for commodity equipment. Remember, we are timing bits on links that run at many megabits/sec, so the clock would have to drift less than a fraction of a microsecond over the longest permitted run. This might be reasonable for slow links or short messages, but it is not a general solution. One strategy is to send a separate clock signal to the receiver. Another clock line is no big deal for computer buses or short cables in which there are many lines in parallel, but it is wasteful for most network links since if we had another line to send a signal we could use it to send data. A clever trick here is to mix the clock signal with the data signal by XORing them together so that no extra line is needed. The results are shown in Fig. 2-20(d). The clock makes a clock tran- sition in every bit time, so it runs at twice the bit rate. When it is XORed with the 0 level it makes a low-to-high transition that is simply the clock. This transition is a logical 0. When it is XORed with the 1 level it is inverted and makes a high-to- low transition. This transition is a logical 1. This scheme is called Manchester encoding and was used for classic Ethernet. The downside of Manchester encoding is that it requires twice as much band- width as NRZ because of the clock, and we have learned that bandwidth often matters. A different strategy is based on the idea that we should code the data to ensure that there are enough transitions in the signal. Consider that NRZ will have clock recovery problems only for long runs of 0s and 1s. If there are fre- quent transitions, it will be easy for the receiver to stay synchronized with the in- coming stream of symbols. As a step in the right direction, we can simplify the situation by coding a 1 as a transition and a 0 as no transition, or vice versa. This coding is called NRZI (Non-Return-to-Zero Inverted), a twist on NRZ. An example is shown in 128 THE PHYSICAL LAYER CHAP. 2 Fig. 2-20(c). The popular USB (Universal Serial Bus) standard for connecting computer peripherals uses NRZI. With it, long runs of 1s do not cause a problem. Of course, long runs of 0s still cause a problem that we must fix. If we were the telephone company, we might simply require that the sender not transmit too many 0s. Older digital telephone lines in the U.S., called T1 lines, did in fact re- quire that no more than 15 consecutive 0s be sent for them to work correctly. To really fix the problem we can break up runs of 0s by mapping small groups of bits to be transmitted so that groups with successive 0s are mapped to slightly longer patterns that do not have too many consecutive 0s. A well-known code to do this is called 4B/5B. Every 4 bits is mapped into a5-bit pattern with a fixed translation table. The five bit patterns are chosen so that there will never be a run of more than three consecutive 0s. The mapping is shown in Fig. 2-21. This scheme adds 25% overhead, which is better than the 100% overhead of Manchester encoding. Since there are 16 input combinations and 32 output combinations, some of the output combinations are not used. Put- ting aside the combinations with too many successive 0s, there are still some codes left. As a bonus, we can use these nondata codes to represent physical layer control signals. For example, in some uses ‘‘11111’’ represents an idle line and ‘‘11000’’ represents the start of a frame. Data (4B) Codeword (5B) Data (4B) Codeword (5B) 0000 11110 1000 10010 0001 01001 1001 10011 0010 10100 1010 10110 0011 10101 1011 10111 0100 01010 1100 11010 0101 01011 1101 11011 0110 01110 1110 11100 0111 01111 1111 11101 Figure 2-21. 4B/5B mapping. An alternative approach is to make the data look random, known as scram- bling. In this case it is very likely that there will be frequent transitions. A scrambler works by XORing the data with a pseudorandom sequence before it is transmitted. This mixing will make the data as random as the pseudorandom se- quence (assuming it is independent of the pseudorandom sequence). The receiver then XORs the incoming bits with the same pseudorandom sequence to recover the real data. For this to be practical, the pseudorandom sequence must be easy to create. It is commonly given as the seed to a simple random number generator. Scrambling is attractive because it adds no bandwidth or time overhead. In fact, it often helps to condition the signal so that it does not have its energy in SEC. 2.5 DIGITAL MODULATION AND MULTIPLEXING 129 dominant frequency components (caused by repetitive data patterns) that might radiate electromagnetic interference. Scrambling helps because random signals tend to be ‘‘white,’’ or have energy spread across the frequency components. However, scrambling does not guarantee that there will be no long runs. It is possible to get unlucky occasionally. If the data are the same as the pseudorandom sequence, they will XOR to all 0s. This outcome does not generally occur with a long pseudorandom sequence that is difficult to predict. However, with a short or predictable sequence, it might be possible for malicious users to send bit patterns that cause long runs of 0s after scrambling and cause links to fail. Early versions of the standards for sending IP packets over SONET links in the telephone system had this defect (Malis and Simpson, 1999). It was possible for users to send cer- tain ‘‘killer packets’’ that were guaranteed to cause problems. Balanced Signals Signals that have as much positive voltage as negative voltage even over short periods of time are called balanced signals. They average to zero, which means that they have no DC electrical component. The lack of a DC component is an advantage because some channels, such as coaxial cable or lines with transform- ers, strongly attenuate a DC component due to their physical properties. Also, one method of connecting the receiver to the channel called capacitive coupling passes only the AC portion of a signal. In either case, if we send a signal whose average is not zero, we waste energy as the DC component will be filtered out. Balancing helps to provide transitions for clock recovery since there is a mix of positive and negative voltages. It also provides a simple way to calibrate re- ceivers because the average of the signal can be measured and used as a decision threshold to decode symbols. With unbalanced signals, the average may be drift away from the true decision level due to a density of 1s, for example, which would cause more symbols to be decoded with errors. A straightforward way to construct a balanced code is to use two voltage lev- els to represent a logical 1, (say +1 V or −1 V) with 0 V representing a logical zero. To send a 1, the transmitter alternates between the +1 V and −1 V levels so that they always average out. This scheme is called bipolar encoding. In tele- phone networks it is called AMI (Alternate Mark Inversion), building on old terminology in which a 1 is called a ‘‘mark’’ and a 0 is called a ‘‘space.’’ An ex- ample is given in Fig. 2-20(e). Bipolar encoding adds a voltage level to achieve balance. Alternatively we can use a mapping like 4B/5B to achieve balance (as well as transitions for clock recovery). An example of this kind of balanced code is the 8B/10B line code. It maps 8 bits of input to 10 bits of output, so it is 80% efficient, just like the 4B/5B line code. The 8 bits are split into a group of 5 bits, which is mapped to 6 bits, and a group of 3 bits, which is mapped to 4 bits. The 6-bit and 4-bit symbols are 130 THE PHYSICAL LAYER CHAP. 2 then concatenated. In each group, some input patterns can be mapped to balanced output patterns that have the same number of 0s and 1s. For example, ‘‘001’’ is mapped to ‘‘1001,’’ which is balanced. But there are not enough combinations for all output patterns to be balanced. For these cases, each input pattern is mapped to two output patterns. One will have an extra 1 and the alternate will have an extra 0. For example, ‘‘000’’ is mapped to both ‘‘1011’’ and its complement ‘‘0100.’’ As input bits are mapped to output bits, the encoder remembers the disparity from the previous symbol. The disparity is the total number of 0s or 1s by which the signal is out of balance. The encoder then selects either an output pattern or its alternate to reduce the disparity. With 8B/10B, the disparity will be at most 2 bits. Thus, the signal will never be far from balanced. There will also never be more than five consecutive 1s or 0s, to help with clock recovery. 2.5.2 Passband Transmission Often, we want to use a range of frequencies that does not start at zero to send information across a channel. For wireless channels, it is not practical to send very low frequency signals because the size of the antenna needs to be a fraction of the signal wavelength, which becomes large. In any case, regulatory con- straints and the need to avoid interference usually dictate the choice of frequen- cies. Even for wires, placing a signal in a given frequency band is useful to let different kinds of signals coexist on the channel. This kind of transmission is call- ed passband transmission because an arbitrary band of frequencies is used to pass the signal. Fortunately, our fundamental results from earlier in the chapter are all in terms of bandwidth, or the width of the frequency band. The absolute frequency values do not matter for capacity. This means that we can take a baseband signal that occupies 0 to B Hz and shift it up to occupy a passband of S to S +B Hz with- out changing the amount of information that it can carry, even though the signal will look different. To process a signal at the receiver, we can shift it back down to baseband, where it is more convenient to detect symbols. Digital modulation is accomplished with passband transmission by regulating or modulating a carrier signal that sits in the passband. We can modulate the am- plitude, frequency, or phase of the carrier signal. Each of these methods has a cor- responding name. In ASK (Amplitude Shift Keying), two different amplitudes are used to represent 0 and 1. An example with a nonzero and a zero level is shown in Fig. 2-22(b). More than two levels can be used to represent more symb- ols. Similarly, with FSK (Frequency Shift Keying), two or more different tones are used. The example in Fig. 2-21(c) uses just two frequencies. In the simplest form of PSK (Phase Shift Keying), the carrier wave is systematically shifted 0 or 180 degrees at each symbol period. Because there are two phases, it is called BPSK (Binary Phase Shift Keying). ‘‘Binary’’ here refers to the two symbols, not that the symbols represent 2 bits. An example is shown in Fig. 2-22(c). A SEC. 2.5 DIGITAL MODULATION AND MULTIPLEXING 131 better scheme that uses the channel bandwidth more efficiently is to use four shifts, e.g., 45, 135, 225, or 315 degrees, to transmit 2 bits of information per sym- bol. This version is called QPSK (Quadrature Phase Shift Keying). Phase changes 0 (a) (b) (c) (d) 1 0 1 1 0 0 1 0 0 1 0 0 Figure 2-22. (a) A binary signal. (b) Amplitude shift keying. (c) Frequency shift keying. (d) Phase shift keying. We can combine these schemes and use more levels to transmit more bits per symbol. Only one of frequency and phase can be modulated at a time because they are related, with frequency being the rate of change of phase over time. Usually, amplitude and phase are modulated in combination. Three examples are shown in Fig. 2-23. In each example, the points give the legal amplitude and phase combinations of each symbol. In Fig. 2-23(a), we see equidistant dots at 45, 135, 225, and 315 degrees. The phase of a dot is indicated by the angle a line from it to the origin makes with the positive x-axis. The amplitude of a dot is the distance from the origin. This figure is a representation of QPSK. This kind of diagram is called a constellation diagram. In Fig. 2-23(b) we see a modulation scheme with a denser constellation. Sixteen combinations of amplitudes and phase are used, so the modulation scheme can be used to transmit 132 THE PHYSICAL LAYER CHAP. 2 270 (a) 90 0180 270 (b) 90 0 270 (c) 90 0180 Figure 2-23. (a) QPSK. (b) QAM-16. (c) QAM-64. 4 bits per symbol. It is called QAM-16, where QAM stands for Quadrature Am- plitude Modulation. Figure 2-23(c) is a still denser modulation scheme with 64 different combinations, so 6 bits can be transmitted per symbol. It is called QAM-64. Even higher-order QAMs are used too. As you might suspect from these constellations, it is easier to build electronics to produce symbols as a com- bination of values on each axis than as a combination of amplitude and phase values. That is why the patterns look like squares rather than concentric circles. The constellations we have seen so far do not show how bits are assigned to symbols. When making the assignment, an important consideration is that a small burst of noise at the receiver not lead to many bit errors. This might happen if we assigned consecutive bit values to adjacent symbols. With QAM-16, for example, if one symbol stood for 0111 and the neighboring symbol stood for 1000, if the re- ceiver mistakenly picks the adjacent symbol it will cause all of the bits to be wrong. A better solution is to map bits to symbols so that adjacent symbols differ in only 1 bit position. This mapping is called a Gray code. Fig. 2-24 shows a QAM-16 constellation that has been Gray coded. Now if the receiver decodes the symbol in error, it will make only a single bit error in the expected case that the decoded symbol is close to the transmitted symbol. 2.5.3 Frequency Division Multiplexing The modulation schemes we have seen let us send one signal to convey bits along a wired or wireless link. However, economies of scale play an important role in how we use networks. It costs essentially the same amount of money to in- stall and maintain a high-bandwidth transmission line as a low-bandwidth line be- tween two different offices (i.e., the costs come from having to dig the trench and not from what kind of cable or fiber goes into it). Consequently, multiplexing schemes have been developed to share lines among many signals. SEC. 2.5 DIGITAL MODULATION AND MULTIPLEXING 133 A B C D E When 1101 is sent: Point Decodes as Bit errors A 1101 0 B 1100 1 C 1001 1 D 1111 1 E 0101 1 1100 1000 1101 1001 1111 1011 1110 1010 0011 0111 0010 0110 0000 0100 0001 0101 Q I Figure 2-24. Gray-coded QAM-16. FDM (Frequency Division Multiplexing) takes advantage of passband trans- mission to share a channel. It divides the spectrum into frequency bands, with each user having exclusive possession of some band in which to send their signal. AM radio broadcasting illustrates FDM. The allocated spectrum is about 1 MHz, roughly 500 to 1500 kHz. Different frequencies are allocated to different logical channels (stations), each operating in a portion of the spectrum, with the interchannel separation great enough to prevent interference. For a more detailed example, in Fig. 2-25 we show three voice-grade tele- phone channels multiplexed using FDM. Filters limit the usable bandwidth to about 3100 Hz per voice-grade channel. When many channels are multiplexed to- gether, 4000 Hz is allocated per channel. The excess is called a guard band. It keeps the channels well separated. First the voice channels are raised in frequen- cy, each by a different amount. Then they can be combined because no two chan- nels now occupy the same portion of the spectrum. Notice that even though there are gaps between the channels thanks to the guard bands, there is some overlap between adjacent channels. The overlap is there because real filters do not have ideal sharp edges. This means that a strong spike at the edge of one channel will be felt in the adjacent one as nonthermal noise. This scheme has been used to multiplex calls in the telephone system for many years, but multiplexing in time is now preferred instead. However, FDM continues to be used in telephone networks, as well as cellular, terrestrial wireless, and satellite networks at a higher level of granularity. When sending digital data, it is possible to divide the spectrum efficiently without using guard bands. In OFDM (Orthogonal Frequency Division Multi- plexing), the channel bandwidth is divided into many subcarriers that indepen- dently send data (e.g., with QAM). The subcarriers are packed tightly together in the frequency domain. Thus, signals from each subcarrier extend into adjacent ones. However, as seen in Fig. 2-26, the frequency response of each subcarrier is 134 THE PHYSICAL LAYER CHAP. 2 300 3100 Channel 3 Channel 2 Channel 1 1 1 1 A tte nu at io n fa ct or 64 Frequency (kHz) (c) Channel 1 Channel 3 Channel 2 68 72 60 64 Frequency (kHz) (b) Frequency (Hz) (a) 68 72 60 Figure 2-25. Frequency division multiplexing. (a) The original bandwidths. (b) The bandwidths raised in frequency. (c) The multiplexed channel. designed so that it is zero at the center of the adjacent subcarriers. The subcarriers can therefore be sampled at their center frequencies without interference from their neighbors. To make this work, a guard time is needed to repeat a portion of the symbol signals in time so that they have the desired frequency response. However, this overhead is much less than is needed for many guard bands. Frequency Power f3 f4f2f1 f5 Separation f One OFDM subcarrier(shaded) Figure 2-26. Orthogonal frequency division multiplexing (OFDM). The idea of OFDM has been around for a long time, but it is only in the last decade that it has been widely adopted, following the realization that it is possible SEC. 2.5 DIGITAL MODULATION AND MULTIPLEXING 135 to implement OFDM efficiently in terms of a Fourier transform of digital data over all subcarriers (instead of separately modulating each subcarrier). OFDM is used in 802.11, cable networks and power line networking, and is planned for fourth-generation cellular systems. Usually, one high-rate stream of digital infor- mation is split into many low-rate streams that are transmitted on the subcarriers in parallel. This division is valuable because degradations of the channel are easi- er to cope with at the subcarrier level; some subcarriers may be very degraded and excluded in favor of subcarriers that are received well. 2.5.4 Time Division Multiplexing An alternative to FDM is TDM (Time Division Multiplexing). Here, the users take turns (in a round-robin fashion), each one periodically getting the entire bandwidth for a little burst of time. An example of three streams being multi- plexed with TDM is shown in Fig. 2-27. Bits from each input stream are taken in a fixed time slot and output to the aggregate stream. This stream runs at the sum rate of the individual streams. For this to work, the streams must be synchronized in time. Small intervals of guard time analogous to a frequency guard band may be added to accommodate small timing variations. 1 2 3 Round-robin TDM multiplexer 32312 1 Guard time 2 Figure 2-27. Time Division Multiplexing (TDM). TDM is used widely as part of the telephone and cellular networks. To avoid one point of confusion, let us be clear that it is quite different from the alternative STDM (Statistical Time Division Multiplexing). The prefix ‘‘statistical’’ is added to indicate that the individual streams contribute to the multiplexed stream not on a fixed schedule, but according to the statistics of their demand. STDM is packet switching by another name. 2.5.5 Code Division Multiplexing There is a third kind of multiplexing that works in a completely different way than FDM and TDM. CDM (Code Division Multiplexing) is a form of spread spectrum communication in which a narrowband signal is spread out over a wider frequency band. This can make it more tolerant of interference, as well as allowing multiple signals from different users to share the same frequency band. Because code division multiplexing is mostly used for the latter purpose it is com- monly called CDMA (Code Division Multiple Access). 136 THE PHYSICAL LAYER CHAP. 2 CDMA allows each station to transmit over the entire frequency spectrum all the time. Multiple simultaneous transmissions are separated using coding theory. Before getting into the algorithm, let us consider an analogy: an airport lounge with many pairs of people conversing. TDM is comparable to pairs of people in the room taking turns speaking. FDM is comparable to the pairs of people speak- ing at different pitches, some high-pitched and some low-pitched such that each pair can hold its own conversation at the same time as but independently of the others. CDMA is comparable to each pair of people talking at once, but in a dif- ferent language. The French-speaking couple just hones in on the French, reject- ing everything that is not French as noise. Thus, the key to CDMA is to be able to extract the desired signal while rejecting everything else as random noise. A somewhat simplified description of CDMA follows. In CDMA, each bit time is subdivided into m short intervals called chips. Typically, there are 64 or 128 chips per bit, but in the example given here we will use 8 chips/bit for simplicity. Each station is assigned a unique m-bit code called a chip sequence. For pedagogical purposes, it is convenient to use a bipolar nota- tion to write these codes as sequences of −1 and +1. We will show chip se- quences in parentheses. To transmit a 1 bit, a station sends its chip sequence. To transmit a 0 bit, it sends the negation of its chip sequence. No other patterns are permitted. Thus, for m = 8, if station A is assigned the chip sequence (−1 −1 −1 +1 +1 −1 +1 +1), it can send a 1 bit by transmiting the chip sequence and a 0 by transmitting (+1 +1 +1 −1 −1 +1 −1 −1). It is really signals with these voltage levels that are sent, but it is sufficient for us to think in terms of the sequences. Increasing the amount of information to be sent from b bits/sec to mb chips/sec for each station means that the bandwidth needed for CDMA is greater by a factor of m than the bandwidth needed for a station not using CDMA (assum- ing no changes in the modulation or encoding techniques). If we have a 1-MHz band available for 100 stations, with FDM each one would have 10 kHz and could send at 10 kbps (assuming 1 bit per Hz). With CDMA, each station uses the full 1 MHz, so the chip rate is 100 chips per bit to spread the station’s bit rate of 10 kbps across the channel. In Fig. 2-28(a) and (b) we show the chip sequences assigned to four example stations and the signals that they represent. Each station has its own unique chip sequence. Let us use the symbol S to indicate the m-chip vector for station S, and S for its negation. All chip sequences are pairwise orthogonal, by which we mean that the normalized inner product of any two distinct chip sequences, S and T (written as S T), is 0. It is known how to generate such orthogonal chip se- quences using a method known as Walsh codes. In mathematical terms, ortho- gonality of the chip sequences can be expressed as follows: S T ≡ m 1 i =1 Σ m SiTi = 0 (2-5) SEC. 2.5 DIGITAL MODULATION AND MULTIPLEXING 137 In plain English, as many pairs are the same as are different. This orthogonality property will prove crucial later. Note that if S T = 0, then S T is also 0. The normalized inner product of any chip sequence with itself is 1: S S = m 1 i =1 Σ m SiSi = m 1 i =1 Σ m Si 2 = m 1 i =1 Σ m (±1)2 = 1 This follows because each of the m terms in the inner product is 1, so the sum is m. Also note that S S = −1. (b) A = (–1 –1 –1 +1 +1 –1 +1 +1) B = (–1 –1 +1 –1 +1 +1 +1 –1) C = (–1 +1 –1 +1 +1 +1 –1 –1) D = (–1 +1 –1 –1 –1 –1 +1 –1) (a) (c) (d) S1 = C = (–1 +1 –1 +1 +1 +1 –1 –1) S2 = B+C = (–2 0 0 0 +2 +2 0 –2) S3 = A+B = ( 0 0 –2 +2 0 –2 0 +2) S4 = A+B+C = (–1 +1 –3 +3 +1 –1 –1 +1) S5 = A+B+C+D = (–4 0 –2 0 +2 0 +2 –2) S6 = A+B+C+D = (–2 –2 0 –2 0 –2 +4 0) S1 C = [1+1–1+1+1+1–1–1]/8 = 1 S2 C = [2+0+0+0+2+2+0+2]/8 = 1 S3 C = [0+0+2+2+0–2+0–2]/8 = 0 S4 C = [1+1+3+3+1–1+1–1]/8 = 1 S5 C = [4+0+2+0+2+0–2+2]/8 = 1 S6 C = [2–2+0–2+0–2–4+0]/8 = –1 Figure 2-28. (a) Chip sequences for four stations. (b) Signals the sequences represent (c) Six examples of transmissions. (d) Recovery of station C’s signal. During each bit time, a station can transmit a 1 (by sending its chip sequence), it can transmit a 0 (by sending the negative of its chip sequence), or it can be silent and transmit nothing. We assume for now that all stations are synchronized in time, so all chip sequences begin at the same instant. When two or more sta- tions transmit simultaneously, their bipolar sequences add linearly. For example, if in one chip period three stations output +1 and one station outputs −1, +2 will be received. One can think of this as signals that add as voltages superimposed on the channel: three stations output +1 V and one station outputs −1 V, so that 2 V is received. For instance, in Fig. 2-28(c) we see six examples of one or more sta- tions transmitting 1 bit at the same time. In the first example, C transmits a 1 bit, so we just get C’s chip sequence. In the second example, both B and C transmit 1 bits, so we get the sum of their bipolar chip sequences, namely: (−1 −1 +1 −1 +1 +1 +1 −1) + (−1 +1 −1 +1 +1 +1 −1 −1) = (−2 0 0 0 +2 +2 0 −2) To recover the bit stream of an individual station, the receiver must know that station’s chip sequence in advance. It does the recovery by computing the nor- malized inner product of the received chip sequence and the chip sequence of the station whose bit stream it is trying to recover. If the received chip sequence is S and the receiver is trying to listen to a station whose chip sequence is C, it just computes the normalized inner product, S C. 138 THE PHYSICAL LAYER CHAP. 2 To see why this works, just imagine that two stations, A and C, both transmit a 1 bit at the same time that B transmits a 0 bit, as is the case in the third example. The receiver sees the sum, S = A + B + C, and computes S C = (A + B + C) C = A C + B C + C C = 0 + 0 + 1 = 1 The first two terms vanish because all pairs of chip sequences have been carefully chosen to be orthogonal, as shown in Eq. (2-5). Now it should be clear why this property must be imposed on the chip sequences. To make the decoding process more concrete, we show six examples in Fig. 2-28(d). Suppose that the receiver is interested in extracting the bit sent by station C from each of the six signals S 1 through S 6. It calculates the bit by sum- ming the pairwise products of the received S and the C vector of Fig. 2-28(a) and then taking 1/8 of the result (since m = 8 here). The examples include cases where C is silent, sends a 1 bit, and sends a 0 bit, individually and in combination with other transmissions. As shown, the correct bit is decoded each time. It is just like speaking French. In principle, given enough computing capacity, the receiver can listen to all the senders at once by running the decoding algorithm for each of them in paral- lel. In real life, suffice it to say that this is easier said than done, and it is useful to know which senders might be transmitting. In the ideal, noiseless CDMA system we have studied here, the number of sta- tions that send concurrently can be made arbitrarily large by using longer chip se- quences. For 2n stations, Walsh codes can provide 2n orthogonal chip sequences of length 2n . However, one significant limitation is that we have assumed that all the chips are synchronized in time at the receiver. This synchronization is not even approximately true in some applications, such as cellular networks (in which CDMA has been widely deployed starting in the 1990s). It leads to different de- signs. We will return to this topic later in the chapter and describe how asynchro- nous CDMA differs from synchronous CDMA. As well as cellular networks, CDMA is used by satellites and cable networks. We have glossed over many complicating factors in this brief introduction. En- gineers who want to gain a deep understanding of CDMA should read Viterbi (1995) and Lee and Miller (1998). These references require quite a bit of back- ground in communication engineering, however. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK When two computers owned by the same company or organization and locat- ed close to each other need to communicate, it is often easiest just to run a cable between them. LANs work this way. However, when the distances are large or there are many computers or the cables have to pass through a public road or other public right of way, the costs of running private cables are usually prohibitive. SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 139 Furthermore, in just about every country in the world, stringing private transmis- sion lines across (or underneath) public property is also illegal. Consequently, the network designers must rely on the existing telecommunication facilities. These facilities, especially the PSTN (Public Switched Telephone Net- work), were usually designed many years ago, with a completely different goal in mind: transmitting the human voice in a more-or-less recognizable form. Their suitability for use in computer-computer communication is often marginal at best. To see the size of the problem, consider that a cheap commodity cable running be- tween two computers can transfer data at 1 Gbps or more. In contrast, typical ADSL, the blazingly fast alternative to a telephone modem, runs at around 1 Mbps. The difference between the two is the difference between cruising in an airplane and taking a leisurely stroll. Nonetheless, the telephone system is tightly intertwined with (wide area) computer networks, so it is worth devoting some time to study it in detail. The limiting factor for networking purposes turns out to be the ‘‘last mile’’ over which customers connect, not the trunks and switches inside the telephone network. This situation is changing with the gradual rollout of fiber and digital technology at the edge of the network, but it will take time and money. During the long wait, computer systems designers used to working with systems that give at least three orders of magnitude better performance have devoted much time and effort to fig- ure out how to use the telephone network efficiently. In the following sections we will describe the telephone system and show how it works. For additional information about the innards of the telephone system see Bellamy (2000). 2.6.1 Structure of the Telephone System Soon after Alexander Graham Bell patented the telephone in 1876 (just a few hours ahead of his rival, Elisha Gray), there was an enormous demand for his new invention. The initial market was for the sale of telephones, which came in pairs. It was up to the customer to string a single wire between them. If a telephone owner wanted to talk to n other telephone owners, separate wires had to be strung to all n houses. Within a year, the cities were covered with wires passing over houses and trees in a wild jumble. It became immediately obvious that the model of connecting every telephone to every other telephone, as shown in Fig. 2-29(a), was not going to work. To his credit, Bell saw this problem early on and formed the Bell Telephone Company, which opened its first switching office (in New Haven, Connecticut) in 1878. The company ran a wire to each customer’s house or office. To make a call, the customer would crank the phone to make a ringing sound in the telephone company office to attract the attention of an operator, who would then manually connect the caller to the callee by using a short jumper cable to connect the caller to the callee. The model of a single switching office is illustrated in Fig. 2-29(b). 140 THE PHYSICAL LAYER CHAP. 2 (a) (b) (c) Figure 2-29. (a) Fully interconnected network. (b) Centralized switch. (c) Two-level hierarchy. Pretty soon, Bell System switching offices were springing up everywhere and people wanted to make long-distance calls between cities, so the Bell System began to connect the switching offices. The original problem soon returned: to connect every switching office to every other switching office by means of a wire between them quickly became unmanageable, so second-level switching offices were invented. After a while, multiple second-level offices were needed, as illus- trated in Fig. 2-29(c). Eventually, the hierarchy grew to five levels. By 1890, the three major parts of the telephone system were in place: the switching offices, the wires between the customers and the switching offices (by now balanced, insulated, twisted pairs instead of open wires with an earth return), and the long-distance connections between the switching offices. For a short technical history of the telephone system, see Hawley (1991). While there have been improvements in all three areas since then, the basic Bell System model has remained essentially intact for over 100 years. The fol- lowing description is highly simplified but gives the essential flavor nevertheless. Each telephone has two copper wires coming out of it that go directly to the tele- phone company’s nearest end office (also called a local central office). The dis- tance is typically 1 to 10 km, being shorter in cities than in rural areas. In the United States alone there are about 22,000 end offices. The two-wire connections between each subscriber’s telephone and the end office are known in the trade as the local loop. If the world’s local loops were stretched out end to end, they would extend to the moon and back 1000 times. At one time, 80% of AT&T’s capital value was the copper in the local loops. AT&T was then, in effect, the world’s largest copper mine. Fortunately, this fact was not well known in the investment community. Had it been known, some cor- porate raider might have bought AT&T, ended all telephone service in the United States, ripped out all the wire, and sold it to a copper refiner for a quick payback. SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 141 If a subscriber attached to a given end office calls another subscriber attached to the same end office, the switching mechanism within the office sets up a direct electrical connection between the two local loops. This connection remains intact for the duration of the call. If the called telephone is attached to another end office, a different procedure has to be used. Each end office has a number of outgoing lines to one or more nearby switching centers, called toll offices (or, if they are within the same local area, tandem offices). These lines are called toll connecting trunks. The num- ber of different kinds of switching centers and their topology varies from country to country depending on the country’s telephone density. If both the caller’s and callee’s end offices happen to have a toll connecting trunk to the same toll office (a likely occurrence if they are relatively close by), the connection may be established within the toll office. A telephone network consisting only of telephones (the small dots), end offices (the large dots), and toll offices (the squares) is shown in Fig. 2-29(c). If the caller and callee do not have a toll office in common, a path will have to be established between two toll offices. The toll offices communicate with each other via high-bandwidth intertoll trunks (also called interoffice trunks). Prior to the 1984 breakup of AT&T, the U.S. telephone system used hierarchical rout- ing to find a path, going to higher levels of the hierarchy until there was a switch- ing office in common. This was then replaced with more flexible, nonhierarchical routing. Figure 2-30 shows how a long-distance connection might be routed. Telephone End office Toll office Intermediate switching office(s) TelephoneEnd office Toll office Local loop Toll connecting trunk Very high bandwidth intertoll trunks Toll connecting trunk Local loop Figure 2-30. A typical circuit route for a long-distance call. A variety of transmission media are used for telecommunication. Unlike modern office buildings, where the wiring is commonly Category 5, local loops to homes mostly consist of Category 3 twisted pairs, with fiber just starting to appear. Between switching offices, coaxial cables, microwaves, and especially fiber optics are widely used. In the past, transmission throughout the telephone system was analog, with the actual voice signal being transmitted as an electrical voltage from source to destination. With the advent of fiber optics, digital electronics, and computers, all the trunks and switches are now digital, leaving the local loop as the last piece of 142 THE PHYSICAL LAYER CHAP. 2 analog technology in the system. Digital transmission is preferred because it is not necessary to accurately reproduce an analog waveform after it has passed through many amplifiers on a long call. Being able to correctly distinguish a 0 from a 1 is enough. This property makes digital transmission more reliable than analog. It is also cheaper and easier to maintain. In summary, the telephone system consists of three major components: 1. Local loops (analog twisted pairs going to houses and businesses). 2. Trunks (digital fiber optic links connecting the switching offices). 3. Switching offices (where calls are moved from one trunk to another). After a short digression on the politics of telephones, we will come back to each of these three components in some detail. The local loops provide everyone ac- cess to the whole system, so they are critical. Unfortunately, they are also the weakest link in the system. For the long-haul trunks, the main issue is how to col- lect multiple calls together and send them out over the same fiber. This calls for multiplexing, and we apply FDM and TDM to do it. Finally, there are two funda- mentally different ways of doing switching; we will look at both. 2.6.2 The Politics of Telephones For decades prior to 1984, the Bell System provided both local and long-dis- tance service throughout most of the United States. In the 1970s, the U.S. Federal Government came to believe that this was an illegal monopoly and sued to break it up. The government won, and on January 1, 1984, AT&T was broken up into AT&T Long Lines, 23 BOCs (Bell Operating Companies), and a few other pieces. The 23 BOCs were grouped into seven regional BOCs (RBOCs) to make them economically viable. The entire nature of telecommunication in the United States was changed overnight by court order (not by an act of Congress). The exact specifications of the divestiture were described in the so-called MFJ (Modified Final Judgment), an oxymoron if ever there was one—if the judgment could be modified, it clearly was not final. This event led to increased competition, better service, and lower long-distance rates for consumers and busi- nesses. However, prices for local service rose as the cross subsidies from long- distance calling were eliminated and local service had to become self supporting. Many other countries have now introduced competition along similar lines. Of direct relevance to our studies is that the new competitive framework caused a key technical feature to be added to the architecture of the telephone net- work. To make it clear who could do what, the United States was divided up into 164 LATAs (Local Access and Transport Areas). Very roughly, a LATA is about as big as the area covered by one area code. Within each LATA, there was one LEC (Local Exchange Carrier) with a monopoly on traditional telephone SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 143 service within its area. The most important LECs were the BOCs, although some LATAs contained one or more of the 1500 independent telephone companies op- erating as LECs. The new feature was that all inter-LATA traffic was handled by a different kind of company, an IXC (IntereXchange Carrier). Originally, AT&T Long Lines was the only serious IXC, but now there are well-established competitors such as Verizon and Sprint in the IXC business. One of the concerns at the breakup was to ensure that all the IXCs would be treated equally in terms of line quality, tariffs, and the number of digits their customers would have to dial to use them. The way this is handled is illustrated in Fig. 2-31. Here we see three ex- ample LATAs, each with several end offices. LATAs 2 and 3 also have a small hierarchy with tandem offices (intra-LATA toll offices). 1 2 To local loops IXC #1’s toll office IXC #2’s toll office IXC POP Tandem office End office LATA 3LATA 2LATA 1 1 2 1 2 1 2 Figure 2-31. The relationship of LATAs, LECs, and IXCs. All the circles are LEC switching offices. Each hexagon belongs to the IXC whose number is in it. Any IXC that wishes to handle calls originating in a LATA can build a switching office called a POP (Point of Presence) there. The LEC is required to connect each IXC to every end office, either directly, as in LATAs 1 and 3, or indirectly, as in LATA 2. Furthermore, the terms of the connection, both techni- cal and financial, must be identical for all IXCs. This requirement enables, a sub- scriber in, say, LATA 1, to choose which IXC to use for calling subscribers in LATA 3. As part of the MFJ, the IXCs were forbidden to offer local telephone service and the LECs were forbidden to offer inter-LATA telephone service, although 144 THE PHYSICAL LAYER CHAP. 2 both were free to enter any other business, such as operating fried chicken restau- rants. In 1984, that was a fairly unambiguous statement. Unfortunately, technolo- gy has a funny way of making the law obsolete. Neither cable television nor mo- bile phones were covered by the agreement. As cable television went from one way to two way and mobile phones exploded in popularity, both LECs and IXCs began buying up or merging with cable and mobile operators. By 1995, Congress saw that trying to maintain a distinction between the vari- ous kinds of companies was no longer tenable and drafted a bill to preserve ac- cessibility for competition but allow cable TV companies, local telephone com- panies, long-distance carriers, and mobile operators to enter one another’s busi- nesses. The idea was that any company could then offer its customers a single integrated package containing cable TV, telephone, and information services and that different companies would compete on service and price. The bill was en- acted into law in February 1996 as a major overhaul of telecommunications regu- lation. As a result, some BOCs became IXCs and some other companies, such as cable television operators, began offering local telephone service in competition with the LECs. One interesting property of the 1996 law is the requirement that LECs imple- ment local number portability. This means that a customer can change local telephone companies without having to get a new telephone number. Portability for mobile phone numbers (and between fixed and mobile lines) followed suit in 2003. These provisions removed a huge hurdle for many people, making them much more inclined to switch LECs. As a result, the U.S. telecommunications landscape became much more competitive, and other countries have followed suit. Often other countries wait to see how this kind of experiment works out in the U.S. If it works well, they do the same thing; if it works badly, they try some- thing else. 2.6.3 The Local Loop: Modems, ADSL, and Fiber It is now time to start our detailed study of how the telephone system works. Let us begin with the part that most people are familiar with: the two-wire local loop coming from a telephone company end office into houses. The local loop is also frequently referred to as the ‘‘last mile,’’ although the length can be up to several miles. It has carried analog information for over 100 years and is likely to continue doing so for some years to come, due to the high cost of converting to digital. Much effort has been devoted to squeezing data networking out of the copper local loops that are already deployed. Telephone modems send digital data be- tween computers over the narrow channel the telephone network provides for a voice call. They were once widely used, but have been largely displaced by broadband technologies such as ADSL that. reuse the local loop to send digital data from a customer to the end office, where they are siphoned off to the Internet. SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 145 Both modems and ADSL must deal with the limitations of old local loops: rel- atively narrow bandwidth, attenuation and distortion of signals, and susceptibility to electrical noise such as crosstalk. In some places, the local loop has been modernized by installing optical fiber to (or very close to) the home. Fiber is the way of the future. These installations support computer networks from the ground up, with the local loop having ample bandwidth for data services. The limiting factor is what people will pay, not the physics of the local loop. In this section we will study the local loop, both old and new. We will cover telephone modems, ADSL, and fiber to the home. Telephone Modems To send bits over the local loop, or any other physical channel for that matter, they must be converted to analog signals that can be transmitted over the channel. This conversion is accomplished using the methods for digital modulation that we studied in the previous section. At the other end of the channel, the analog signal is converted back to bits. A device that converts between a stream of digital bits and an analog signal that represents the bits is called a modem, which is short for ‘‘modulator demodu- lator.’’ Modems come in many varieties: telephone modems, DSL modems, cable modems, wireless modems, etc. The modem may be built into the computer (which is now common for telephone modems) or be a separate box (which is common for DSL and cable modems). Logically, the modem is inserted between the (digital) computer and the (analog) telephone system, as seen in Fig. 2-32. End office CodecModem Computer Local loop (analog) Trunk (digital, fiber) Digital line Analog line Codec Modem ISP 1 ISP 2 Figure 2-32. The use of both analog and digital transmission for a computer- to-computer call. Conversion is done by the modems and codecs. Telephone modems are used to send bits between two computers over a voice-grade telephone line, in place of the conversation that usually fills the line. The main difficulty in doing so is that a voice-grade telephone line is limited to 3100 Hz, about what is sufficient to carry a conversation. This bandwidth is more than four orders of magnitude less than the bandwidth that is used for Ethernet or 146 THE PHYSICAL LAYER CHAP. 2 802.11 (WiFi). Unsurprisingly, the data rates of telephone modems are also four orders of magnitude less than that of Ethernet and 802.11. Let us run the numbers to see why this is the case. The Nyquist theorem tells us that even with a perfect 3000-Hz line (which a telephone line is decidedly not), there is no point in sending symbols at a rate faster than 6000 baud. In practice, most modems send at a rate of 2400 symbols/sec, or 2400 baud, and focus on get- ting multiple bits per symbol while allowing traffic in both directions at the same time (by using different frequencies for different directions). The humble 2400-bps modem uses 0 volts for a logical 0 and 1 volt for a logi- cal 1, with 1 bit per symbol. One step up, it can use four different symbols, as in the four phases of QPSK, so with 2 bits/symbol it can get a data rate of 4800 bps. A long progression of higher rates has been achieved as technology has im- proved. Higher rates require a larger set of symbols or constellation. With many symbols, even a small amount of noise in the detected amplitude or phase can re- sult in an error. To reduce the chance of errors, standards for the higher-speed modems use some of the symbols for error correction. The schemes are known as TCM (Trellis Coded Modulation) (Ungerboeck, 1987). The V.32 modem standard uses 32 constellation points to transmit 4 data bits and 1 check bit per symbol at 2400 baud to achieve 9600 bps with error cor- rection. The next step above 9600 bps is 14,400 bps. It is called V.32 bis and transmits 6 data bits and 1 check bit per symbol at 2400 baud. Then comes V.34, which achieves 28,800 bps by transmitting 12 data bits/symbol at 2400 baud. The constellation now has thousands of points. The final modem in this series is V.34 bis which uses 14 data bits/symbol at 2400 baud to achieve 33,600 bps. Why stop here? The reason that standard modems stop at 33,600 is that the Shannon limit for the telephone system is about 35 kbps based on the average length of local loops and the quality of these lines. Going faster than this would violate the laws of physics (department of thermodynamics). However, there is one way we can change the situation. At the telephone company end office, the data are converted to digital form for transmission within the telephone network (the core of the telephone network converted from analog to digital long ago). The 35-kbps limit is for the situation in which there are two local loops, one at each end. Each of these adds noise to the signal. If we could get rid of one of these local loops, we would increase the SNR and the maximum rate would be doubled. This approach is how 56-kbps modems are made to work. One end, typically an ISP, gets a high-quality digital feed from the nearest end office. Thus, when one end of the connection is a high-quality signal, as it is with most ISPs now, the maximum data rate can be as high as 70 kbps. Between two home users with modems and analog lines, the maximum is still 33.6 kbps. The reason that 56-kbps modems (rather than 70-kbps modems) are in use has to do with the Nyquist theorem. A telephone channel is carried inside the tele- phone system as digital samples. Each telephone channel is 4000 Hz wide when SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 147 the guard bands are included. The number of samples per second needed to reconstruct it is thus 8000. The number of bits per sample in the U.S. is 8, one of which may be used for control purposes, allowing 56,000 bits/sec of user data. In Europe, all 8 bits are available to users, so 64,000-bit/sec modems could have been used, but to get international agreement on a standard, 56,000 was chosen. The end result is the V.90 and V.92 modem standards. They provide for a 56-kbps downstream channel (ISP to user) and a 33.6-kbps and 48-kbps upstream channel (user to ISP), respectively. The asymmetry is because there is usually more data transported from the ISP to the user than the other way. It also means that more of the limited bandwidth can be allocated to the downstream channel to increase the chances of it actually working at 56 kbps. Digital Subscriber Lines When the telephone industry finally got to 56 kbps, it patted itself on the back for a job well done. Meanwhile, the cable TV industry was offering speeds up to 10 Mbps on shared cables. As Internet access became an increasingly important part of their business, the telephone companies (LECs) began to realize they need- ed a more competitive product. Their answer was to offer new digital services over the local loop. Initially, there were many overlapping high-speed offerings, all under the gen- eral name of xDSL (Digital Subscriber Line), for various x. Services with more bandwidth than standard telephone service are sometimes called broadband, al- though the term really is more of a marketing concept than a specific technical concept. Later, we will discuss what has become the most popular of these ser- vices, ADSL (Asymmetric DSL). We will also use the term DSL or xDSL as shorthand for all flavors. The reason that modems are so slow is that telephones were invented for car- rying the human voice and the entire system has been carefully optimized for this purpose. Data have always been stepchildren. At the point where each local loop terminates in the end office, the wire runs through a filter that attenuates all fre- quencies below 300 Hz and above 3400 Hz. The cutoff is not sharp—300 Hz and 3400 Hz are the 3-dB points—so the bandwidth is usually quoted as 4000 Hz even though the distance between the 3 dB points is 3100 Hz. Data on the wire are thus also restricted to this narrow band. The trick that makes xDSL work is that when a customer subscribes to it, the incoming line is connected to a different kind of switch, one that does not have this filter, thus making the entire capacity of the local loop available. The limiting factor then becomes the physics of the local loop, which supports roughly 1 MHz, not the artificial 3100 Hz bandwidth created by the filter. Unfortunately, the capacity of the local loop falls rather quickly with distance from the end office as the signal is increasingly degraded along the wire. It also depends on the thickness and general quality of the twisted pair. A plot of the 148 THE PHYSICAL LAYER CHAP. 2 potential bandwidth as a function of distance is given in Fig. 2-33. This figure as- sumes that all the other factors are optimal (new wires, modest bundles, etc.). 50 40 20 30 10 0 0 1000 2000 3000 4000 Meters 5000 6000 M bp s Figure 2-33. Bandwidth versus distance over Category 3 UTP for DSL. The implication of this figure creates a problem for the telephone company. When it picks a speed to offer, it is simultaneously picking a radius from its end offices beyond which the service cannot be offered. This means that when distant customers try to sign up for the service, they may be told ‘‘Thanks a lot for your interest, but you live 100 meters too far from the nearest end office to get this ser- vice. Could you please move?’’ The lower the chosen speed is, the larger the radius and the more customers are covered. But the lower the speed, the less attractive the service is and the fewer the people who will be willing to pay for it. This is where business meets technology. The xDSL services have all been designed with certain goals in mind. First, the services must work over the existing Category 3 twisted pair local loops. Sec- ond, they must not affect customers’ existing telephones and fax machines. Third, they must be much faster than 56 kbps. Fourth, they should be always on, with just a monthly charge and no per-minute charge. To meet the technical goals, the available 1.1 MHz spectrum on the local loop is divided into 256 independent channels of 4312.5 Hz each. This arrangement is shown in Fig. 2-34. The OFDM scheme, which we saw in the previous section, is used to send data over these channels, though it is often called DMT (Discrete MultiTone) in the context of ADSL. Channel 0 is used for POTS (Plain Old Telephone Service). Channels 1–5 are not used, to keep the voice and data sig- nals from interfering with each other. Of the remaining 250 channels, one is used for upstream control and one is used for downstream control. The rest are avail- able for user data. In principle, each of the remaining channels can be used for a full-duplex data stream, but harmonics, crosstalk, and other effects keep practical systems well SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 149 P ow er Voice Upstream Downstream 256 4-kHz Channels 0 25 1100 kHz Figure 2-34. Operation of ADSL using discrete multitone modulation. below the theoretical limit. It is up to the provider to determine how many chan- nels are used for upstream and how many for downstream. A 50/50 mix of upstream and downstream is technically possible, but most providers allocate something like 80–90% of the bandwidth to the downstream channel since most users download more data than they upload. This choice gives rise to the ‘‘A’’ in ADSL. A common split is 32 channels for upstream and the rest downstream. It is also possible to have a few of the highest upstream channels be bidirectional for increased bandwidth, although making this optimization requires adding a special circuit to cancel echoes. The international ADSL standard, known as G.dmt, was approved in 1999. It allows speeds of as much as 8 Mbps downstream and 1 Mbps upstream. It was superseded by a second generation in 2002, called ADSL2, with various im- provements to allow speeds of as much as 12 Mbps downstream and 1 Mbps up- stream. Now we have ADSL2+, which doubles the downstream speed to 24 Mbps by doubling the bandwidth to use 2.2 MHz over the twisted pair. However, the numbers quoted here are best-case speeds for good lines close (within 1 to 2 km) to the exchange. Few lines support these rates, and few pro- viders offer these speeds. Typically, providers offer something like 1 Mbps downstream and 256 kbps upstream (standard service), 4 Mbps downstream and 1 Mbps upstream (improved service), and 8 Mbps downstream and 2 Mbps upstream (premium service). Within each channel, QAM modulation is used at a rate of roughly 4000 symbols/sec. The line quality in each channel is constantly monitored and the data rate is adjusted by using a larger or smaller constellation, like those in Fig. 2-23. Different channels may have different data rates, with up to 15 bits per symbol sent on a channel with a high SNR, and down to 2, 1, or no bits per sym- bol sent on a channel with a low SNR depending on the standard. A typical ADSL arrangement is shown in Fig. 2-35. In this scheme, a tele- phone company technician must install a NID (Network Interface Device) on the customer’s premises. This small plastic box marks the end of the telephone com- pany’s property and the start of the customer’s property. Close to the NID (or sometimes combined with it) is a splitter, an analog filter that separates the 150 THE PHYSICAL LAYER CHAP. 2 0–4000-Hz band used by POTS from the data. The POTS signal is routed to the existing telephone or fax machine. The data signal is routed to an ADSL modem, which uses digital signal processing to implement OFDM. Since most ADSL modems are external, the computer must be connected to them at high speed. Usually, this is done using Ethernet, a USB cable, or 802.11. DSLAM Splitter Codec Splitter Telephone To ISP ADSL modem Ethernet Computer Telephone line Telephone company end office Customer premises Voice switch NID Figure 2-35. A typical ADSL equipment configuration. At the other end of the wire, on the end office side, a corresponding splitter is installed. Here, the voice portion of the signal is filtered out and sent to the nor- mal voice switch. The signal above 26 kHz is routed to a new kind of device call- ed a DSLAM (Digital Subscriber Line Access Multiplexer), which contains the same kind of digital signal processor as the ADSL modem. Once the bits have been recovered from the signal, packets are formed and sent off to the ISP. This complete separation between the voice system and ADSL makes it rel- atively easy for a telephone company to deploy ADSL. All that is needed is buy- ing a DSLAM and splitter and attaching the ADSL subscribers to the splitter. Other high-bandwidth services (e.g., ISDN) require much greater changes to the existing switching equipment. One disadvantage of the design of Fig. 2-35 is the need for a NID and splitter on the customer’s premises. Installing these can only be done by a telephone company technician, necessitating an expensive ‘‘truck roll’’ (i.e., sending a tech- nician to the customer’s premises). Therefore, an alternative, splitterless design, informally called G.lite, has also been standardized. It is the same as Fig. 2-35 but without the customer’s splitter. The existing telephone line is used as is. The only difference is that a microfilter has to be inserted into each telephone jack SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 151 between the telephone or ADSL modem and the wire. The microfilter for the telephone is a low-pass filter eliminating frequencies above 3400 Hz; the microfil- ter for the ADSL modem is a high-pass filter eliminating frequencies below 26 kHz. However, this system is not as reliable as having a splitter, so G.lite can be used only up to 1.5 Mbps (versus 8 Mbps for ADSL with a splitter). For more information about ADSL, see Starr (2003). Fiber To The Home Deployed copper local loops limit the performance of ADSL and telephone modems. To let them provide faster and better network services, telephone com- panies are upgrading local loops at every opportunity by installing optical fiber all the way to houses and offices. The result is called FttH (Fiber To The Home). While FttH technology has been available for some time, deployments only began to take off in 2005 with growth in the demand for high-speed Internet from cus- tomers used to DSL and cable who wanted to download movies. Around 4% of U.S. houses are now connected to FttH with Internet access speeds of up to 100 Mbps. Several variations of the form ‘‘FttX’’ (where X stands for the basement, curb, or neighborhood) exist. They are used to note that the fiber deployment may reach close to the house. In this case, copper (twisted pair or coaxial cable) pro- vides fast enough speeds over the last short distance. The choice of how far to lay the fiber is an economic one, balancing cost with expected revenue. In any case, the point is that optical fiber has crossed the traditional barrier of the ‘‘last mile.’’ We will focus on FttH in our discussion. Like the copper wires before it, the fiber local loop is passive. This means no powered equipment is required to amplify or otherwise process signals. The fiber simply carries signals between the home and the end office. This in turn reduces cost and improves reliability. Usually, the fibers from the houses are joined together so that only a single fiber reaches the end office per group of up to 100 houses. In the downstream di- rection, optical splitters divide the signal from the end office so that it reaches all the houses. Encryption is needed for security if only one house should be able to decode the signal. In the upstream direction, optical combiners merge the signals from the houses into a single signal that is received at the end office. This architecture is called a PON (Passive Optical Network), and it is shown in Fig. 2-36. It is common to use one wavelength shared between all the houses for downstream transmission, and another wavelength for upstream transmission. Even with the splitting, the tremendous bandwidth and low attenuation of fiber mean that PONs can provide high rates to users over distances of up to 20 km. The actual data rates and other details depend on the type of PON. Two kinds are common. GPONs (Gigabit-capable PONs) come from the world of telecom- munications, so they are defined by an ITU standard. EPONs (Ethernet PONs) 152 THE PHYSICAL LAYER CHAP. 2 Fiber Optical splitter/combinerEnd office Rest of network Figure 2-36. Passive optical network for Fiber To The Home. are more in tune with the world of networking, so they are defined by an IEEE standard. Both run at around a gigabit and can carry traffic for different services, including Internet, video, and voice. For example, GPONs provide 2.4 Gbps downstream and 1.2 or 2.4 Gbps upstream. Some protocol is needed to share the capacity of the single fiber at the end office between the different houses. The downstream direction is easy. The end office can send messages to each different house in whatever order it likes. In the upstream direction, however, messages from different houses cannot be sent at the same time, or different signals would collide. The houses also cannot hear each other’s transmissions so they cannot listen before transmitting. The solution is that equipment at the houses requests and is granted time slots to use by equip- ment in the end office. For this to work, there is a ranging process to adjust the transmission times from the houses so that all the signals received at the end office are synchronized. The design is similar to cable modems, which we cover later in this chapter. For more information on the future of PONs, see Grobe and Elbers (2008). 2.6.4 Trunks and Multiplexing Trunks in the telephone network are not only much faster than the local loops, they are different in two other respects. The core of the telephone network carries digital information, not analog information; that is, bits not voice. This necessi- tates a conversion at the end office to digital form for transmission over the long- haul trunks. The trunks carry thousands, even millions, of calls simultaneously. This sharing is important for achieving economies of scale, since it costs essen- tially the same amount of money to install and maintain a high-bandwidth trunk as a low-bandwidth trunk between two switching offices. It is accomplished with versions of TDM and FDM multiplexing. Below we will briefly examine how voice signals are digitized so that they can be transported by the telephone network. After that, we will see how TDM is used to carry bits on trunks, including the TDM system used for fiber optics SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 153 (SONET). Then we will turn to FDM as it is applied to fiber optics, which is call- ed wavelength division multiplexing. Digitizing Voice Signals Early in the development of the telephone network, the core handled voice calls as analog information. FDM techniques were used for many years to multi- plex 4000-Hz voice channels (comprised of 3100 Hz plus guard bands) into larger and larger units. For example, 12 calls in the 60 kHz–to–108 kHz band is known as a group and five groups (a total of 60 calls) are known as a supergroup, and so on. These FDM methods are still used over some copper wires and microwave channels. However, FDM requires analog circuitry and is not amenable to being done by a computer. In contrast, TDM can be handled entirely by digital elec- tronics, so it has become far more widespread in recent years. Since TDM can only be used for digital data and the local loops produce analog signals, a conver- sion is needed from analog to digital in the end office, where all the individual local loops come together to be combined onto outgoing trunks. The analog signals are digitized in the end office by a device called a codec (short for ‘‘coder-decoder’’). The codec makes 8000 samples per second (125 μsec/sample) because the Nyquist theorem says that this is sufficient to capture all the information from the 4-kHz telephone channel bandwidth. At a lower sam- pling rate, information would be lost; at a higher one, no extra information would be gained. Each sample of the amplitude of the signal is quantized to an 8-bit number. This technique is called PCM (Pulse Code Modulation). It forms the heart of the modern telephone system. As a consequence, virtually all time intervals within the telephone system are multiples of 125 μsec. The standard uncompressed data rate for a voice-grade telephone call is thus 8 bits every 125 μsec, or 64 kbps. At the other end of the call, an analog signal is recreated from the quantized samples by playing them out (and smoothing them) over time. It will not be ex- actly the same as the original analog signal, even though we sampled at the Nyquist rate, because the samples were quantized. To reduce the error due to quantization, the quantization levels are unevenly spaced. A logarithmic scale is used that gives relatively more bits to smaller signal amplitudes and relatively fewer bits to large signal amplitudes. In this way the error is proportional to the signal amplitude. Two versions of quantization are widely used: μ-law, used in North America and Japan, and A-law, used in Europe and the rest of the world. Both versions are specified in standard ITU G.711. An equivalent way to think about this process is to imagine that the dynamic range of the signal (or the ratio between the largest and smallest possible values) is compressed before it is (evenly) quantized, and then expanded when the analog signal is recreated. For this reason it is called 154 THE PHYSICAL LAYER CHAP. 2 companding. It is also possible to compress the samples after they are digitized so that they require much less than 64 kbps. However, we will leave this topic for when we explore audio applications such as voice over IP. Time Division Multiplexing TDM based on PCM is used to carry multiple voice calls over trunks by send- ing a sample from each call every 125 μsec. When digital transmission began emerging as a feasible technology, ITU (then called CCITT) was unable to reach agreement on an international standard for PCM. Consequently, a variety of incompatible schemes are now in use in different countries around the world. The method used in North America and Japan is the T1 carrier, depicted in Fig. 2-37. (Technically speaking, the format is called DS1 and the carrier is call- ed T1, but following widespread industry tradition, we will not make that subtle distinction here.) The T1 carrier consists of 24 voice channels multiplexed toget- her. Each of the 24 channels, in turn, gets to insert 8 bits into the output stream. Channel 1 Channel 2 Channel 3 Channel 4 Channel 24 193-bit frame (125 μsec) 7 Data bits per channel per sample Bit 1 is a framing code Bit 8 is for signaling 0 1 Figure 2-37. The T1 carrier (1.544 Mbps). A frame consists of 24 × 8 = 192 bits plus one extra bit for control purposes, yielding 193 bits every 125 μsec. This gives a gross data rate of 1.544 Mbps, of which 8 kbps is for signaling. The 193rd bit is used for frame synchronization and signaling. In one variation, the 193rd bit is used across a group of 24 frames call- ed an extended superframe. Six of the bits, in the 4th, 8th, 12th, 16th, 20th, and 24th positions, take on the alternating pattern 001011 . . . . Normally, the receiver keeps checking for this pattern to make sure that it has not lost synchronization. Six more bits are used to send an error check code to help the receiver confirm that it is synchronized. If it does get out of sync, the receiver can scan for the pat- tern and validate the error check code to get resynchronized. The remaining 12 SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 155 bits are used for control information for operating and maintaining the network, such as performance reporting from the remote end. The T1 format has several variations. The earlier versions sent signaling information in-band, meaning in the same channel as the data, by using some of the data bits. This design is one form of channel-associated signaling, because each channel has its own private signaling subchannel. In one arrangement, the least significant bit out of an 8-bit sample on each channel is used in every sixth frame. It has the colorful name of robbed-bit signaling. The idea is that a few stolen bits will not matter for voice calls. No one will hear the difference. For data, however, it is another story. Delivering the wrong bits is unhelpful, to say the least. If older versions of T1 are used to carry data, only 7 of 8 bits, or 56 kbps can be used in each of the 24 channels. Instead, newer versions of T1 provide clear channels in which all of the bits may be used to send data. Clear channels are what businesses who lease a T1 line want when they send data across the telephone network in place of voice samples. Signaling for any voice calls is then handled out-of-band, meaning in a separate channel from the data. Often, the signaling is done with common-channel signaling in which there is a shared signaling channel. One of the 24 channels may be used for this purpose. Outside North America and Japan, the 2.048-Mbps E1 carrier is used instead of T1. This carrier has 32 8-bit data samples packed into the basic 125-μsec frame. Thirty of the channels are used for information and up to two are used for signaling. Each group of four frames provides 64 signaling bits, half of which are used for signaling (whether channel-associated or common-channel) and half of which are used for frame synchronization or are reserved for each country to use as it wishes. Time division multiplexing allows multiple T1 carriers to be multiplexed into higher-order carriers. Figure 2-38 shows how this can be done. At the left we see four T1 channels being multiplexed into one T2 channel. The multiplexing at T2 and above is done bit for bit, rather than byte for byte with the 24 voice channels that make up a T1 frame. Four T1 streams at 1.544 Mbps should generate 6.176 Mbps, but T2 is actually 6.312 Mbps. The extra bits are used for framing and re- covery in case the carrier slips. T1 and T3 are widely used by customers, whereas T2 and T4 are only used within the telephone system itself, so they are not well known. At the next level, seven T2 streams are combined bitwise to form a T3 stream. Then six T3 streams are joined to form a T4 stream. At each step a small amount of overhead is added for framing and recovery in case the synchronization be- tween sender and receiver is lost. Just as there is little agreement on the basic carrier between the United States and the rest of the world, there is equally little agreement on how it is to be multi- plexed into higher-bandwidth carriers. The U.S. scheme of stepping up by 4, 7, and 6 did not strike everyone else as the way to go, so the ITU standard calls for multiplexing four streams into one stream at each level. Also, the framing and 156 THE PHYSICAL LAYER CHAP. 2 6 5 4 3 2 1 0 5 1 4 0 6 2 7 3 6:17:14:1 4 T1 streams in 1 T2 stream out 6.312 Mbps T2 1.544 Mbps T1 44.736 Mbps T3 274.176 Mbps T4 7 T2 streams in 6 T3 streams in Figure 2-38. Multiplexing T1 streams into higher carriers. recovery data are different in the U.S. and ITU standards. The ITU hierarchy for 32, 128, 512, 2048, and 8192 channels runs at speeds of 2.048, 8.848, 34.304, 139.264, and 565.148 Mbps. SONET/SDH In the early days of fiber optics, every telephone company had its own proprietary optical TDM system. After AT&T was broken up in 1984, local tele- phone companies had to connect to multiple long-distance carriers, all with dif- ferent optical TDM systems, so the need for standardization became obvious. In 1985, Bellcore, the RBOC’s research arm, began working on a standard, called SONET (Synchronous Optical NETwork). Later, ITU joined the effort, which resulted in a SONET standard and a set of parallel ITU recommendations (G.707, G.708, and G.709) in 1989. The ITU recommendations are called SDH (Synchronous Digital Hierarchy) but differ from SONET only in minor ways. Virtually all the long-distance telephone traffic in the United States, and much of it elsewhere, now uses trunks running SONET in the physical layer. For additional information about SONET, see Bellamy (2000), Goralski (2002), and Shepard (2001). The SONET design had four major goals. First and foremost, SONET had to make it possible for different carriers to interwork. Achieving this goal required defining a common signaling standard with respect to wavelength, timing, fram- ing structure, and other issues. Second, some means was needed to unify the U.S., European, and Japanese digital systems, all of which were based on 64-kbps PCM channels but combined them in different (and incompatible) ways. Third, SONET had to provide a way to multiplex multiple digital channels. At the time SONET was devised, the highest-speed digital carrier actually used widely in the United States was T3, at 44.736 Mbps. T4 was defined, but not used SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 157 much, and nothing was even defined above T4 speed. Part of SONET’s mission was to continue the hierarchy to gigabits/sec and beyond. A standard way to mul- tiplex slower channels into one SONET channel was also needed. Fourth, SONET had to provide support for operations, administration, and maintenance (OAM), which are needed to manage the network. Previous systems did not do this very well. An early decision was to make SONET a traditional TDM system, with the entire bandwidth of the fiber devoted to one channel containing time slots for the various subchannels. As such, SONET is a synchronous system. Each sender and receiver is tied to a common clock. The master clock that controls the system has an accuracy of about 1 part in 109. Bits on a SONET line are sent out at extreme- ly precise intervals, controlled by the master clock. The basic SONET frame is a block of 810 bytes put out every 125 μsec. Since SONET is synchronous, frames are emitted whether or not there are any useful data to send. Having 8000 frames/sec exactly matches the sampling rate of the PCM channels used in all digital telephony systems. The 810-byte SONET frames are best described as a rectangle of bytes, 90 columns wide by 9 rows high. Thus, 8 × 810 = 6480 bits are transmitted 8000 times per second, for a gross data rate of 51.84 Mbps. This layout is the basic SONET channel, called STS-1 (Synchronous Transport Signal-1). All SONET trunks are multiples of STS-1. The first three columns of each frame are reserved for system management information, as illustrated in Fig. 2-39. In this block, the first three rows contain the section overhead; the next six contain the line overhead. The section overhead is generated and checked at the start and end of each section, whereas the line overhead is generated and checked at the start and end of each line. A SONET transmitter sends back-to-back 810-byte frames, without gaps be- tween them, even when there are no data (in which case it sends dummy data). From the receiver’s point of view, all it sees is a continuous bit stream, so how does it know where each frame begins? The answer is that the first 2 bytes of each frame contain a fixed pattern that the receiver searches for. If it finds this pattern in the same place in a large number of consecutive frames, it assumes that it is in sync with the sender. In theory, a user could insert this pattern into the payload in a regular way, but in practice it cannot be done due to the multiplexing of multiple users into the same frame and other reasons. The remaining 87 columns of each frame hold 87 × 9 × 8 × 8000 = 50.112 Mbps of user data. This user data could be voice samples, T1 and other carriers swallowed whole, or packets. SONET is simply a convenient container for tran- sporting bits. The SPE (Synchronous Payload Envelope), which carries the user data does not always begin in row 1, column 4. The SPE can begin anywhere within the frame. A pointer to the first byte is contained in the first row of the line overhead. The first column of the SPE is the path overhead (i.e., the header for the end-to-end path sublayer protocol). 158 THE PHYSICAL LAYER CHAP. 2 Sonet frame (125 μsec) Sonet frame (125 μsec) 9 Rows . . . . . . 87 Columns 3 Columns for overhead SPESectionoverhead Line overhead Path overhead Figure 2-39. Two back-to-back SONET frames. The ability to allow the SPE to begin anywhere within the SONET frame and even to span two frames, as shown in Fig. 2-39, gives added flexibility to the sys- tem. For example, if a payload arrives at the source while a dummy SONET frame is being constructed, it can be inserted into the current frame instead of being held until the start of the next one. The SONET/SDH multiplexing hierarchy is shown in Fig. 2-40. Rates from STS-1 to STS-768 have been defined, ranging from roughly a T3 line to 40 Gbps. Even higher rates will surely be defined over time, with OC-3072 at 160 Gbps being the next in line if and when it becomes technologically feasible. The opti- cal carrier corresponding to STS-n is called OC-n but is bit for bit the same except for a certain bit reordering needed for synchronization. The SDH names are dif- ferent, and they start at OC-3 because ITU-based systems do not have a rate near 51.84 Mbps. We have shown the common rates, which proceed from OC-3 in multiples of four. The gross data rate includes all the overhead. The SPE data rate excludes the line and section overhead. The user data rate excludes all over- head and counts only the 87 payload columns. As an aside, when a carrier, such as OC-3, is not multiplexed, but carries the data from only a single source, the letter c (for concatenated) is appended to the designation, so OC-3 indicates a 155.52-Mbps carrier consisting of three separate OC-1 carriers, but OC-3c indicates a data stream from a single source at 155.52 Mbps. The three OC-1 streams within an OC-3c stream are interleaved by column—first column 1 from stream 1, then column 1 from stream 2, then column 1 from stream 3, followed by column 2 from stream 1, and so on—leading to a frame 270 columns wide and 9 rows deep. SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 159 SONET SDH Data rate (Mbps) Electrical Optical Optical Gross SPE User STS-1 OC-1 51.84 50.112 49.536 STS-3 OC-3 STM-1 155.52 150.336 148.608 STS-12 OC-12 STM-4 622.08 601.344 594.432 STS-48 OC-48 STM-16 2488.32 2405.376 2377.728 STS-192 OC-192 STM-64 9953.28 9621.504 9510.912 STS-768 OC-768 STM-256 39813.12 38486.016 38043.648 Figure 2-40. SONET and SDH multiplex rates. Wavelength Division Multiplexing A form of frequency division multiplexing is used as well as TDM to harness the tremendous bandwidth of fiber optic channels. It is called WDM (Wave- length Division Multiplexing). The basic principle of WDM on fibers is dep- icted in Fig. 2-41. Here four fibers come together at an optical combiner, each with its energy present at a different wavelength. The four beams are combined onto a single shared fiber for transmission to a distant destination. At the far end, the beam is split up over as many fibers as there were on the input side. Each out- put fiber contains a short, specially constructed core that filters out all but one wavelength. The resulting signals can be routed to their destination or recombin- ed in different ways for additional multiplexed transport. There is really nothing new here. This way of operating is just frequency di- vision multiplexing at very high frequencies, with the term WDM owing to the description of fiber optic channels by their wavelength or ‘‘color’’ rather than fre- quency. As long as each channel has its own frequency (i.e., wavelength) range and all the ranges are disjoint, they can be multiplexed together on the long-haul fiber. The only difference with electrical FDM is that an optical system using a diffraction grating is completely passive and thus highly reliable. The reason WDM is popular is that the energy on a single channel is typically only a few gigahertz wide because that is the current limit of how fast we can con- vert between electrical and optical signals. By running many channels in parallel on different wavelengths, the aggregate bandwidth is increased linearly with the number of channels. Since the bandwidth of a single fiber band is about 25,000 GHz (see Fig. 2-7), there is theoretically room for 2500 10-Gbps channels even at 1 bit/Hz (and higher rates are also possible). WDM technology has been progressing at a rate that puts computer technolo- gy to shame. WDM was invented around 1990. The first commercial systems had eight channels of 2.5 Gbps per channel. By 1998, systems with 40 channels 160 THE PHYSICAL LAYER CHAP. 2 Spectrum on the shared fiber P ow er λ Fiber 4 spectrum P ow er λ Fiber 3 spectrum P ow er λ Fiber 2 spectrum P ow er λ λ1 λ1+λ2+λ3+λ4 Fiber 1 spectrum P ow er λ Fiber 1 λ2 Fiber 2 λ3 Fiber 3 Combiner Splitter Long-haul shared fiberλ4 λ2 λ4 λ1 λ3Fiber 4 Filter Figure 2-41. Wavelength division multiplexing. of 2.5 Gbps were on the market. By 2006, there were products with 192 channels of 10 Gbps and 64 channels of 40 Gbps, capable of moving up to 2.56 Tbps. This bandwidth is enough to transmit 80 full-length DVD movies per second. The channels are also packed tightly on the fiber, with 200, 100, or as little as 50 GHz of separation. Technology demonstrations by companies after bragging rights have shown 10 times this capacity in the lab, but going from the lab to the field usually takes at least a few years. When the number of channels is very large and the wavelengths are spaced close together, the system is referred to as DWDM (Dense WDM). One of the drivers of WDM technology is the development of all-optical com- ponents. Previously, every 100 km it was necessary to split up all the channels and convert each one to an electrical signal for amplification separately before reconverting them to optical signals and combining them. Nowadays, all-optical amplifiers can regenerate the entire signal once every 1000 km without the need for multiple opto-electrical conversions. In the example of Fig. 2-41, we have a fixed-wavelength system. Bits from input fiber 1 go to output fiber 3, bits from input fiber 2 go to output fiber 1, etc. However, it is also possible to build WDM systems that are switched in the opti- cal domain. In such a device, the output filters are tunable using Fabry-Perot or Mach-Zehnder interferometers. These devices allow the selected frequencies to be changed dynamically by a control computer. This ability provides a large amount of flexibility to provision many different wavelength paths through the telephone network from a fixed set of fibers. For more information about optical networks and WDM, see Ramaswami et al. (2009). SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 161 2.6.5 Switching From the point of view of the average telephone engineer, the phone system is divided into two principal parts: outside plant (the local loops and trunks, since they are physically outside the switching offices) and inside plant (the switches, which are inside the switching offices). We have just looked at the outside plant. Now it is time to examine the inside plant. Two different switching techniques are used by the network nowadays: circuit switching and packet switching. The traditional telephone system is based on cir- cuit switching, but packet switching is beginning to make inroads with the rise of voice over IP technology. We will go into circuit switching in some detail and contrast it with packet switching. Both kinds of switching are important enough that we will come back to them when we get to the network layer. Circuit Switching Conceptually, when you or your computer places a telephone call, the switch- ing equipment within the telephone system seeks out a physical path all the way from your telephone to the receiver’s telephone. This technique is called circuit switching. It is shown schematically in Fig. 2-42(a). Each of the six rectangles represents a carrier switching office (end office, toll office, etc.). In this example, each office has three incoming lines and three outgoing lines. When a call passes through a switching office, a physical connection is (conceptually) established be- tween the line on which the call came in and one of the output lines, as shown by the dotted lines. In the early days of the telephone, the connection was made by the operator plugging a jumper cable into the input and output sockets. In fact, a surprising lit- tle story is associated with the invention of automatic circuit switching equipment. It was invented by a 19th-century Missouri undertaker named Almon B. Strowger. Shortly after the telephone was invented, when someone died, one of the survivors would call the town operator and say ‘‘Please connect me to an undertaker.’’ Un- fortunately for Mr. Strowger, there were two undertakers in his town, and the other one’s wife was the town telephone operator. He quickly saw that either he was going to have to invent automatic telephone switching equipment or he was going to go out of business. He chose the first option. For nearly 100 years, the circuit-switching equipment used worldwide was known as Strowger gear. (His- tory does not record whether the now-unemployed switchboard operator got a job as an information operator, answering questions such as ‘‘What is the phone num- ber of an undertaker?’’) The model shown in Fig. 2-42(a) is highly simplified, of course, because parts of the physical path between the two telephones may, in fact, be microwave or fiber links onto which thousands of calls are multiplexed. Nevertheless, the basic idea is valid: once a call has been set up, a dedicated path between both ends exists and will continue to exist until the call is finished. 162 THE PHYSICAL LAYER CHAP. 2 (a) (b) Switching office Physical (copper) connection set up when call is made Packets queued for subsequent transmission Computer Computer Figure 2-42. (a) Circuit switching. (b) Packet switching. An important property of circuit switching is the need to set up an end-to-end path before any data can be sent. The elapsed time between the end of dialing and the start of ringing can easily be 10 sec, more on long-distance or international calls. During this time interval, the telephone system is hunting for a path, as shown in Fig. 2-43(a). Note that before data transmission can even begin, the call request signal must propagate all the way to the destination and be acknowledged. For many computer applications (e.g., point-of-sale credit verification), long setup times are undesirable. As a consequence of the reserved path between the calling parties, once the setup has been completed, the only delay for data is the propagation time for the electromagnetic signal, about 5 msec per 1000 km. Also as a consequence of the established path, there is no danger of congestion—that is, once the call has been put through, you never get busy signals. Of course, you might get one before the connection has been established due to lack of switching or trunk capacity. Packet Switching The alternative to circuit switching is packet switching, shown in Fig. 2- 42(b) and described in Chap. 1. With this technology, packets are sent as soon as they are available. There is no need to set up a dedicated path in advance, unlike SEC. 2.6 THE PUBLIC SWITCHED TELEPHONE NETWORK 163 Call request signal Data AB trunk A B C (a) D A B C (b) D BC trunk CD trunk Call accept signal Propagation delay Queuing delay Pkt 1 Pkt 2 Pkt 3 Pkt 1 Pkt 2 Pkt 3 Pkt 1 Pkt 2 Pkt 3 Time spent hunting for an outgoing trunk T im e Figure 2-43. Timing of events in (a) circuit switching, (b) packet switching. with circuit switching. It is up to routers to use store-and-forward transmission to send each packet on its way to the destination on its own. This procedure is unlike circuit switching, in which the result of the connection setup is the reserva- tion of bandwidth all the way from the sender to the receiver. All data on the cir- cuit follows this path. Among other properties, having all the data follow the same path means that it cannot arrive out of order. With packet switching there is no fixed path, so different packets can follow different paths, depending on net- work conditions at the time they are sent, and they may arrive out of order. Packet-switching networks place a tight upper limit on the size of packets. This ensures that no user can monopolize any transmission line for very long (e.g., many milliseconds), so that packet-switched networks can handle interactive traf- fic. It also reduces delay since the first packet of a long message can be for- warded before the second one has fully arrived. However, the store-and-forward delay of accumulating a packet in the router’s memory before it is sent on to the 164 THE PHYSICAL LAYER CHAP. 2 next router exceeds that of circuit switching. With circuit switching, the bits just flow through the wire continuously. Packet and circuit switching also differ in other ways. Because no bandwidth is reserved with packet switching, packets may have to wait to be forwarded. This introduces queuing delay and congestion if many packets are sent at the same time. On the other hand, there is no danger of getting a busy signal and being unable to use the network. Thus, congestion occurs at different times with circuit switching (at setup time) and packet switching (when packets are sent). If a circuit has been reserved for a particular user and there is no traffic, its bandwidth is wasted. It cannot be used for other traffic. Packet switching does not waste bandwidth and thus is more efficient from a system perspective. Under- standing this trade-off is crucial for comprehending the difference between circuit switching and packet switching. The trade-off is between guaranteed service and wasting resources versus not guaranteeing service and not wasting resources. Packet switching is more fault tolerant than circuit switching. In fact, that is why it was invented. If a switch goes down, all of the circuits using it are termi- nated and no more traffic can be sent on any of them. With packet switching, packets can be routed around dead switches. A final difference between circuit and packet switching is the charging algo- rithm. With circuit switching, charging has historically been based on distance and time. For mobile phones, distance usually does not play a role, except for in- ternational calls, and time plays only a coarse role (e.g., a calling plan with 2000 free minutes costs more than one with 1000 free minutes and sometimes nights or weekends are cheap). With packet switching, connect time is not an issue, but the volume of traffic is. For home users, ISPs usually charge a flat monthly rate be- cause it is less work for them and their customers can understand this model, but backbone carriers charge regional networks based on the volume of their traffic. The differences are summarized in Fig. 2-44. Traditionally, telephone net- works have used circuit switching to provide high-quality telephone calls, and computer networks have used packet switching for simplicity and efficiency. However, there are notable exceptions. Some older computer networks have been circuit switched under the covers (e.g., X.25) and some newer telephone networks use packet switching with voice over IP technology. This looks just like a stan- dard telephone call on the outside to users, but inside the network packets of voice data are switched. This approach has let upstarts market cheap international calls via calling cards, though perhaps with lower call quality than the incumbents. 2.7 THE MOBILE TELEPHONE SYSTEM The traditional telephone system, even if it someday gets multigigabit end-to- end fiber, will still not be able to satisfy a growing group of users: people on the go. People now expect to make phone calls and to use their phones to check SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 165 Item Circuit switched Packet switched Call setup Required Not needed Dedicated physical path Yes No Each packet follows the same route Yes No Packets arrive in order Yes No Is a switch crash fatal Yes No Bandwidth available Fixed Dynamic Time of possible congestion At setup time On every packet Potentially wasted bandwidth Yes No Store-and-forward transmission No Yes Charging Per minute Per packet Figure 2-44. A comparison of circuit-switched and packet-switched networks. email and surf the Web from airplanes, cars, swimming pools, and while jogging in the park. Consequently, there is a tremendous amount of interest in wireless telephony. In the following sections we will study this topic in some detail. The mobile phone system is used for wide area voice and data communica- tion. Mobile phones (sometimes called cell phones) have gone through three distinct generations, widely called 1G, 2G, and 3G. The generations are: 1. Analog voice. 2. Digital voice. 3. Digital voice and data (Internet, email, etc.). (Mobile phones should not be confused with cordless phones that consist of a base station and a handset sold as a set for use within the home. These are never used for networking, so we will not examine them further.) Although most of our discussion will be about the technology of these sys- tems, it is interesting to note how political and tiny marketing decisions can have a huge impact. The first mobile system was devised in the U.S. by AT&T and mandated for the whole country by the FCC. As a result, the entire U.S. had a single (analog) system and a mobile phone purchased in California also worked in New York. In contrast, when mobile phones came to Europe, every country de- vised its own system, which resulted in a fiasco. Europe learned from its mistake and when digital came around, the govern- ment-run PTTs got together and standardized on a single system (GSM), so any European mobile phone will work anywhere in Europe. By then, the U.S. had de- cided that government should not be in the standardization business, so it left digi- tal to the marketplace. This decision resulted in different equipment manufact- urers producing different kinds of mobile phones. As a consequence, in the U.S. 166 THE PHYSICAL LAYER CHAP. 2 two major—and completely incompatible—digital mobile phone systems were deployed, as well as other minor systems. Despite an initial lead by the U.S., mobile phone ownership and usage in Europe is now far greater than in the U.S. Having a single system that works any- where in Europe and with any provider is part of the reason, but there is more. A second area where the U.S. and Europe differed is in the humble matter of phone numbers. In the U.S., mobile phones are mixed in with regular (fixed) telephones. Thus, there is no way for a caller to see if, say, (212) 234-5678 is a fixed tele- phone (cheap or free call) or a mobile phone (expensive call). To keep people from getting nervous about placing calls, the telephone companies decided to make the mobile phone owner pay for incoming calls. As a consequence, many people hesitated buying a mobile phone for fear of running up a big bill by just re- ceiving calls. In Europe, mobile phone numbers have a special area code (analo- gous to 800 and 900 numbers) so they are instantly recognizable. Consequently, the usual rule of ‘‘caller pays’’ also applies to mobile phones in Europe (except for international calls, where costs are split). A third issue that has had a large impact on adoption is the widespread use of prepaid mobile phones in Europe (up to 75% in some areas). These can be pur- chased in many stores with no more formality than buying a digital camera. You pay and you go. They are preloaded with a balance of, for example, 20 or 50 euros and can be recharged (using a secret PIN code) when the balance drops to zero. As a consequence, practically every teenager and many small children in Europe have (usually prepaid) mobile phones so their parents can locate them, without the danger of the child running up a huge bill. If the mobile phone is used only occasionally, its use is essentially free since there is no monthly charge or charge for incoming calls. 2.7.1 First-Generation (1G) Mobile Phones: Analog Voice Enough about the politics and marketing aspects of mobile phones. Now let us look at the technology, starting with the earliest system. Mobile radiotele- phones were used sporadically for maritime and military communication during the early decades of the 20th century. In 1946, the first system for car-based tele- phones was set up in St. Louis. This system used a single large transmitter on top of a tall building and had a single channel, used for both sending and receiving. To talk, the user had to push a button that enabled the transmitter and disabled the receiver. Such systems, known as push-to-talk systems, were installed in several cities beginning in the late 1950s. CB radio, taxis, and police cars often use this technology. In the 1960s, IMTS (Improved Mobile Telephone System) was installed. It, too, used a high-powered (200-watt) transmitter on top of a hill but it had two frequencies, one for sending and one for receiving, so the push-to-talk button was SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 167 no longer needed. Since all communication from the mobile telephones went inbound on a different channel than the outbound signals, the mobile users could not hear each other (unlike the push-to-talk system used in taxis). IMTS supported 23 channels spread out from 150 MHz to 450 MHz. Due to the small number of channels, users often had to wait a long time before getting a dial tone. Also, due to the large power of the hilltop transmitters, adjacent sys- tems had to be several hundred kilometers apart to avoid interference. All in all, the limited capacity made the system impractical. Advanced Mobile Phone System All that changed with AMPS (Advanced Mobile Phone System), invented by Bell Labs and first installed in the United States in 1982. It was also used in England, where it was called TACS, and in Japan, where it was called MCS-L1. AMPS was formally retired in 2008, but we will look at it to understand the con- text for the 2G and 3G systems that improved on it. In all mobile phone systems, a geographic region is divided up into cells, which is why the devices are sometimes called cell phones. In AMPS, the cells are typically 10 to 20 km across; in digital systems, the cells are smaller. Each cell uses some set of frequencies not used by any of its neighbors. The key idea that gives cellular systems far more capacity than previous systems is the use of relatively small cells and the reuse of transmission frequencies in nearby (but not adjacent) cells. Whereas an IMTS system 100 km across can have only one call on each frequency, an AMPS system might have 100 10-km cells in the same area and be able to have 10 to 15 calls on each frequency, in widely separated cells. Thus, the cellular design increases the system capacity by at least an order of magnitude, more as the cells get smaller. Furthermore, smaller cells mean that less power is needed, which leads to smaller and cheaper transmitters and handsets. The idea of frequency reuse is illustrated in Fig. 2-45(a). The cells are nor- mally roughly circular, but they are easier to model as hexagons. In Fig. 2-45(a), the cells are all the same size. They are grouped in units of seven cells. Each letter indicates a group of frequencies. Notice that for each frequency set, there is a buffer about two cells wide where that frequency is not reused, providing for good separation and low interference. Finding locations high in the air to place base station antennas is a major issue. This problem has led some telecommunication carriers to forge alliances with the Roman Catholic Church, since the latter owns a substantial number of exalted potential antenna sites worldwide, all conveniently under a single man- agement. In an area where the number of users has grown to the point that the system is overloaded, the power can be reduced and the overloaded cells split into smaller 168 THE PHYSICAL LAYER CHAP. 2 G F A B C D E G F A B C D E G F A B C D E (a) (b) Figure 2-45. (a) Frequencies are not reused in adjacent cells. (b) To add more users, smaller cells can be used. microcells to permit more frequency reuse, as shown in Fig. 2-45(b). Telephone companies sometimes create temporary microcells, using portable towers with satellite links at sporting events, rock concerts, and other places where large num- bers of mobile users congregate for a few hours. At the center of each cell is a base station to which all the telephones in the cell transmit. The base station consists of a computer and transmitter/receiver connected to an antenna. In a small system, all the base stations are connected to a single device called an MSC (Mobile Switching Center) or MTSO (Mobile Telephone Switching Office). In a larger one, several MSCs may be needed, all of which are connected to a second-level MSC, and so on. The MSCs are essen- tially end offices as in the telephone system, and are in fact connected to at least one telephone system end office. The MSCs communicate with the base stations, each other, and the PSTN using a packet-switching network. At any instant, each mobile telephone is logically in one specific cell and un- der the control of that cell’s base station. When a mobile telephone physically leaves a cell, its base station notices the telephone’s signal fading away and asks all the surrounding base stations how much power they are getting from it. When the answers come back, the base station then transfers ownership to the cell get- ting the strongest signal; under most conditions that is the cell where the tele- phone is now located. The telephone is then informed of its new boss, and if a call is in progress, it is asked to switch to a new channel (because the old one is not reused in any of the adjacent cells). This process, called handoff, takes about 300 msec. Channel assignment is done by the MSC, the nerve center of the sys- tem. The base stations are really just dumb radio relays. SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 169 Channels AMPS uses FDM to separate the channels. The system uses 832 full-duplex channels, each consisting of a pair of simplex channels. This arrangement is known as FDD (Frequency Division Duplex). The 832 simplex channels from 824 to 849 MHz are used for mobile to base station transmission, and 832 simplex channels from 869 to 894 MHz are used for base station to mobile transmission. Each of these simplex channels is 30 kHz wide. The 832 channels are divided into four categories. Control channels (base to mobile) are used to manage the system. Paging channels (base to mobile) alert mobile users to calls for them. Access channels (bidirectional) are used for call setup and channel assignment. Finally, data channels (bidirectional) carry voice, fax, or data. Since the same frequencies cannot be reused in nearby cells and 21 channels are reserved in each cell for control, the actual number of voice channels available per cell is much smaller than 832, typically about 45. Call Management Each mobile telephone in AMPS has a 32-bit serial number and a 10-digit telephone number in its programmable read-only memory. The telephone number is represented as a 3-digit area code in 10 bits and a 7-digit subscriber number in 24 bits. When a phone is switched on, it scans a preprogrammed list of 21 control channels to find the most powerful signal. The phone then broadcasts its 32-bit serial number and 34-bit telephone number. Like all the control information in AMPS, this packet is sent in digital form, multiple times, and with an error-cor- recting code, even though the voice channels themselves are analog. When the base station hears the announcement, it tells the MSC, which records the existence of its new customer and also informs the customer’s home MSC of his current location. During normal operation, the mobile telephone reregisters about once every 15 minutes. To make a call, a mobile user switches on the phone, enters the number to be called on the keypad, and hits the SEND button. The phone then transmits the number to be called and its own identity on the access channel. If a collision oc- curs there, it tries again later. When the base station gets the request, it informs the MSC. If the caller is a customer of the MSC’s company (or one of its partners), the MSC looks for an idle channel for the call. If one is found, the channel number is sent back on the control channel. The mobile phone then auto- matically switches to the selected voice channel and waits until the called party picks up the phone. Incoming calls work differently. To start with, all idle phones continuously listen to the paging channel to detect messages directed at them. When a call is placed to a mobile phone (either from a fixed phone or another mobile phone), a packet is sent to the callee’s home MSC to find out where it is. A packet is then 170 THE PHYSICAL LAYER CHAP. 2 sent to the base station in its current cell, which sends a broadcast on the paging channel of the form ‘‘Unit 14, are you there?’’ The called phone responds with a ‘‘Yes’’ on the access channel. The base then says something like: ‘‘Unit 14, call for you on channel 3.’’ At this point, the called phone switches to channel 3 and starts making ringing sounds (or playing some melody the owner was given as a birthday present). 2.7.2 Second-Generation (2G) Mobile Phones: Digital Voice The first generation of mobile phones was analog; the second generation is digital. Switching to digital has several advantages. It provides capacity gains by allowing voice signals to be digitized and compressed. It improves security by al- lowing voice and control signals to be encrypted. This in turn deters fraud and eavesdropping, whether from intentional scanning or echoes of other calls due to RF propagation. Finally, it enables new services such as text messaging. Just as there was no worldwide standardization during the first generation, there was also no worldwide standardization during the second, either. Several different systems were developed, and three have been widely deployed. D- AMPS (Digital Advanced Mobile Phone System) is a digital version of AMPS that coexists with AMPS and uses TDM to place multiple calls on the same fre- quency channel. It is described in International Standard IS-54 and its successor IS-136. GSM (Global System for Mobile communications) has emerged as the dominant system, and while it was slow to catch on in the U.S. it is now used vir- tually everywhere in the world. Like D-AMPS, GSM is based on a mix of FDM and TDM. CDMA (Code Division Multiple Access), described in International Standard IS-95, is a completely different kind of system and is based on neither FDM mor TDM. While CDMA has not become the dominant 2G system, its technology has become the basis for 3G systems. Also, the name PCS (Personal Communications Services) is sometimes used in the marketing literature to indicate a second-generation (i.e., digital) sys- tem. Originally it meant a mobile phone using the 1900 MHz band, but that dis- tinction is rarely made now. We will now describe GSM, since it is the dominant 2G system. In the next section we will have more to say about CDMA when we describe 3G systems. GSM—The Global System for Mobile Communications GSM started life in the 1980s as an effort to produce a single European 2G standard. The task was assigned to a telecommunications group called (in French) Groupe Specialé Mobile. The first GSM systems were deployed starting in 1991 and were a quick success. It soon became clear that GSM was going to be more than a European success, with uptake stretching to countries as far away as Aus- tralia, so GSM was renamed to have a more worldwide appeal. SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 171 GSM and the other mobile phone systems we will study retain from 1G sys- tems a design based on cells, frequency reuse across cells, and mobility with handoffs as subscribers move. It is the details that differ. Here, we will briefly discuss some of the main properties of GSM. However, the printed GSM stan- dard is over 5000 [sic] pages long. A large fraction of this material relates to en- gineering aspects of the system, especially the design of receivers to handle mul- tipath signal propagation, and synchronizing transmitters and receivers. None of this will be even mentioned here. Fig. 2-46 shows that the GSM architecture is similar to the AMPS architec- ture, though the components have different names. The mobile itself is now di- vided into the handset and a removable chip with subscriber and account infor- mation called a SIM card, short for Subscriber Identity Module. It is the SIM card that activates the handset and contains secrets that let the mobile and the net- work identify each other and encrypt conversations. A SIM card can be removed and plugged into a different handset to turn that handset into your mobile as far as the network is concerned. VLR MSC Air interface Cell tower and base station PSTNSIM card Handset HLRBSC BSC Figure 2-46. GSM mobile network architecture. The mobile talks to cell base stations over an air interface that we will de- scribe in a moment. The cell base stations are each connected to a BSC (Base Station Controller) that controls the radio resources of cells and handles handoff. The BSC in turn is connected to an MSC (as in AMPS) that routes calls and con- nects to the PSTN (Public Switched Telephone Network). To be able to route calls, the MSC needs to know where mobiles can currently be found. It maintains a database of nearby mobiles that are associated with the cells it manages. This database is called the VLR (Visitor Location Register). There is also a database in the mobile network that gives the last known location of each mobile. It is called the HLR (Home Location Register). This database is used to route incoming calls to the right locations. Both databases must be kept up to date as mobiles move from cell to cell. We will now describe the air interface in some detail. GSM runs on a range of frequencies worldwide, including 900, 1800, and 1900 MHz. More spectrum is allocated than for AMPS in order to support a much larger number of users. GSM 172 THE PHYSICAL LAYER CHAP. 2 is a frequency division duplex cellular system, like AMPS. That is, each mobile transmits on one frequency and receives on another, higher frequency (55 MHz higher for GSM versus 80 MHz higher for AMPS). However, unlike with AMPS, with GSM a single frequency pair is split by time-division multiplexing into time slots. In this way it is shared by multiple mobiles. To handle multiple mobiles, GSM channels are much wider than the AMPS channels (200-kHz versus 30 kHz). One 200-kHz channel is shown in Fig. 2-47. A GSM system operating in the 900-MHz region has 124 pairs of simplex chan- nels. Each simplex channel is 200 kHz wide and supports eight separate con- nections on it, using time division multiplexing. Each currently active station is assigned one time slot on one channel pair. Theoretically, 992 channels can be supported in each cell, but many of them are not available, to avoid frequency conflicts with neighboring cells. In Fig. 2-47, the eight shaded time slots all be- long to the same connection, four of them in each direction. Transmitting and re- ceiving does not happen in the same time slot because the GSM radios cannot transmit and receive at the same time and it takes time to switch from one to the other. If the mobile device assigned to 890.4/935.4 MHz and time slot 2 wanted to transmit to the base station, it would use the lower four shaded slots (and the ones following them in time), putting some data in each slot until all the data had been sent. 959.8 MHz 935.4 MHz 935.2 MHz 914.8 MHz 890.4 MHz 890.2 MHz F re qu en cy Base to mobile Mobile to base 124 2 1 124 2 1 Channel TDM frame Time Figure 2-47. GSM uses 124 frequency channels, each of which uses an eight- slot TDM system. The TDM slots shown in Fig. 2-47 are part of a complex framing hierarchy. Each TDM slot has a specific structure, and groups of TDM slots form mul- tiframes, also with a specific structure. A simplified version of this hierarchy is shown in Fig. 2-48. Here we can see that each TDM slot consists of a 148-bit data frame that occupies the channel for 577 μsec (including a 30-μsec guard time SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 173 after each slot). Each data frame starts and ends with three 0 bits, for frame del- ineation purposes. It also contains two 57-bit Information fields, each one having a control bit that indicates whether the following Information field is for voice or data. Between the Information fields is a 26-bit Sync (training) field that is used by the receiver to synchronize to the sender’s frame boundaries. C T L 0 1 2 3 4 5 6 7 8 9 10 11 13 14 15 16 17 18 19 20 21 22 23 24 32,500-Bit multiframe sent in 120 msec 0 1 2 3 4 5 6 7 1250-Bit TDM frame sent in 4.615 msec 8.25–bit (30 μsec) guard time Reserved for future use 000 000Information InformationSync 148-Bit data frame sent in 547 μsec Bits 3 357 5726 Voice/data bit Figure 2-48. A portion of the GSM framing structure. A data frame is transmitted in 547 μsec, but a transmitter is only allowed to send one data frame every 4.615 msec, since it is sharing the channel with seven other stations. The gross rate of each channel is 270,833 bps, divided among eight users. However, as with AMPS, the overhead eats up a large fraction of the band- width, ultimately leaving 24.7 kbps worth of payload per user before error cor- rection. After error correction, 13 kbps is left for speech. While this is substan- tially less than 64 kbps PCM for uncompressed voice signals in the fixed tele- phone network, compression on the mobile device can reach these levels with lit- tle loss of quality. As can be seen from Fig. 2-48, eight data frames make up a TDM frame and 26 TDM frames make up a 120-msec multiframe. Of the 26 TDM frames in a multiframe, slot 12 is used for control and slot 25 is reserved for future use, so only 24 are available for user traffic. However, in addition to the 26-slot multiframe shown in Fig. 2-48, a 51-slot multiframe (not shown) is also used. Some of these slots are used to hold several control channels used to manage the system. The broadcast control channel is a continuous stream of output from the base station containing the base station’s identity and the channel status. All mobile stations monitor their signal strength to see when they have moved into a new cell. 174 THE PHYSICAL LAYER CHAP. 2 The dedicated control channel is used for location updating, registration, and call setup. In particular, each BSC maintains a database of mobile stations currently under its jurisdiction, the VLR. Information needed to maintain the VLR is sent on the dedicated control channel. Finally, there is the common control channel, which is split up into three logical subchannels. The first of these subchannels is the paging channel, which the base station uses to announce incoming calls. Each mobile station monitors it continuously to watch for calls it should answer. The second is the random ac- cess channel, which allows users to request a slot on the dedicated control chan- nel. If two requests collide, they are garbled and have to be retried later. Using the dedicated control channel slot, the station can set up a call. The assigned slot is announced on the third subchannel, the access grant channel. Finally, GSM differs from AMPS in how handoff is handled. In AMPS, the MSC manages it completely without help from the mobile devices. With time slots in GSM, the mobile is neither sending nor receiving most of the time. The idle slots are an opportunity for the mobile to measure signal quality to other nearby base stations. It does so and sends this information to the BSC. The BSC can use it to determine when a mobile is leaving one cell and entering another so it can perform the handoff. This design is called MAHO (Mobile Assisted HandOff). 2.7.3 Third-Generation (3G) Mobile Phones: Digital Voice and Data The first generation of mobile phones was analog voice, and the second gen- eration was digital voice. The third generation of mobile phones, or 3G as it is called, is all about digital voice and data. A number of factors are driving the industry. First, data traffic already exceeds voice traffic on the fixed network and is growing exponentially, whereas voice traffic is essentially flat. Many industry experts expect data traffic to dom- inate voice on mobile devices as well soon. Second, the telephone, entertainment, and computer industries have all gone digital and are rapidly converging. Many people are drooling over lightweight, portable devices that act as a telephone, mu- sic and video player, email terminal, Web interface, gaming machine, and more, all with worldwide wireless connectivity to the Internet at high bandwidth. Apple’s iPhone is a good example of this kind of 3G device. With it, people get hooked on wireless data services, and AT&T wireless data volumes are rising steeply with the popularity of iPhones. The trouble is, the iPhone uses a 2.5G net- work (an enhanced 2G network, but not a true 3G network) and there is not enough data capacity to keep users happy. 3G mobile telephony is all about pro- viding enough wireless bandwidth to keep these future users happy. ITU tried to get a bit more specific about this vision starting back around 1992. It issued a blueprint for getting there called IMT-2000, where IMT stood SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 175 for International Mobile Telecommunications . The basic services that the IMT-2000 network was supposed to provide to its users are: 1. High-quality voice transmission. 2. Messaging (replacing email, fax, SMS, chat, etc.). 3. Multimedia (playing music, viewing videos, films, television, etc.). 4. Internet access (Web surfing, including pages with audio and video). Additional services might be video conferencing, telepresence, group game play- ing, and m-commerce (waving your telephone at the cashier to pay in a store). Furthermore, all these services are supposed to be available worldwide (with automatic connection via a satellite when no terrestrial network can be located), instantly (always on), and with quality of service guarantees. ITU envisioned a single worldwide technology for IMT-2000, so manufact- urers could build a single device that could be sold and used anywhere in the world (like CD players and computers and unlike mobile phones and televisions). Having a single technology would also make life much simpler for network opera- tors and would encourage more people to use the services. Format wars, such as the Betamax versus VHS battle with videorecorders, are not good for business. As it turned out, this was a bit optimistic. The number 2000 stood for three things: (1) the year it was supposed to go into service, (2) the frequency it was supposed to operate at (in MHz), and (3) the bandwidth the service should have (in kbps). It did not make it on any of the three counts. Nothing was imple- mented by 2000. ITU recommended that all governments reserve spectrum at 2 GHz so devices could roam seamlessly from country to country. China reserved the required bandwidth but nobody else did. Finally, it was recognized that 2 Mbps is not currently feasible for users who are too mobile (due to the difficulty of performing handoffs quickly enough). More realistic is 2 Mbps for stationary indoor users (which will compete head-on with ADSL), 384 kbps for people walk- ing, and 144 kbps for connections in cars. Despite these initial setbacks, much has been accomplished since then. Sev- eral IMT proposals were made and, after some winnowing, it came down to two main ones. The first one, WCDMA (Wideband CDMA), was proposed by Ericsson and was pushed by the European Union, which called it UMTS (Univer- sal Mobile Telecommunications System). The other contender was CDMA2000, proposed by Qualcomm. Both of these systems are more similar than different in that they are based on broadband CDMA; WCDMA uses 5-MHz channels and CDMA2000 uses 1.25- MHz channels. If the Ericsson and Qualcomm engineers were put in a room and told to come to a common design, they probably could find one fairly quickly. The trouble is that the real problem is not engineering, but politics (as usual). Europe wanted a system that interworked with GSM, whereas the U.S. wanted a 176 THE PHYSICAL LAYER CHAP. 2 system that was compatible with one already widely deployed in the U.S. (IS-95). Each side also supported its local company (Ericsson is based in Sweden; Qual- comm is in California). Finally, Ericsson and Qualcomm were involved in num- erous lawsuits over their respective CDMA patents. Worldwide, 10–15% of mobile subscribers already use 3G technologies. In North America and Europe, around a third of mobile subscribers are 3G. Japan was an early adopter and now nearly all mobile phones in Japan are 3G. These figures include the deployment of both UMTS and CDMA2000, and 3G continues to be one great cauldron of activity as the market shakes out. To add to the confu- sion, UMTS became a single 3G standard with multiple incompatible options, in- cluding CDMA2000. This change was an effort to unify the various camps, but it just papers over the technical differences and obscures the focus of ongoing efforts. We will use UMTS to mean WCDMA, as distinct from CDMA2000. We will focus our discussion on the use of CDMA in cellular networks, as it is the distinguishing feature of both systems. CDMA is neither FDM nor TDM but a kind of mix in which each user sends on the same frequency band at the same time. When it was first proposed for cellular systems, the industry gave it approximately the same reaction that Columbus first got from Queen Isabella when he proposed reaching India by sailing in the wrong direction. However, through the persistence of a single company, Qualcomm, CDMA succeeded as a 2G system (IS-95) and matured to the point that it became the technical basis for 3G. To make CDMA work in the mobile phone setting requires more than the basic CDMA technique that we described in the previous section. Specifically, we described synchronous CDMA, in which the chip sequences are exactly orthogonal. This design works when all users are synchronized on the start time of their chip sequences, as in the case of the base station transmitting to mobiles. The base station can transmit the chip sequences starting at the same time so that the signals will be orthogonal and able to be separated. However, it is difficult to synchronize the transmissions of independent mobile phones. Without care, their transmissions would arrive at the base station at different times, with no guarantee of orthogonality. To let mobiles send to the base station without synchronization, we want code sequences that are orthogonal to each other at all possible offsets, not simply when they are aligned at the start. While it is not possible to find sequences that are exactly orthogonal for this general case, long pseudorandom sequences come close enough. They have the property that, with high probability, they have a low cross-correlation with each other at all offsets. This means that when one sequence is multiplied by another sequence and summed up to compute the inner product, the result will be small; it would be zero if they were orthogonal. (Intuitively, random sequences should al- ways look different from each other. Multiplying them together should then pro- duce a random signal, which will sum to a small result.) This lets a receiver filter unwanted transmissions out of the received signal. Also, the auto-correlation of SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 177 pseudorandom sequences is also small, with high probability, except at a zero off- set. This means that when one sequence is multiplied by a delayed copy of itself and summed, the result will be small, except when the delay is zero. (Intuitively, a delayed random sequence looks like a different random sequence, and we are back to the cross-correlation case.) This lets a receiver lock onto the beginning of the wanted transmission in the received signal. The use of pseudorandom sequences lets the base station receive CDMA mes- sages from unsynchronized mobiles. However, an implicit assumption in our dis- cussion of CDMA is that the power levels of all mobiles are the same at the re- ceiver. If they are not, a small cross-correlation with a powerful signal might overwhelm a large auto-correlation with a weak signal. Thus, the transmit power on mobiles must be controlled to minimize interference between competing sig- nals. It is this interference that limits the capacity of CDMA systems. The power levels received at a base station depend on how far away the trans- mitters are as well as how much power they transmit. There may be many mobile stations at varying distances from the base station. A good heuristic to equalize the received power is for each mobile station to transmit to the base station at the inverse of the power level it receives from the base station. In other words, a mobile station receiving a weak signal from the base station will use more power than one getting a strong signal. For more accuracy, the base station also gives each mobile feedback to increase, decrease, or hold steady its transmit power. The feedback is frequent (1500 times per second) because good power control is im- portant to minimize interference. Another improvement over the basic CDMA scheme we described earlier is to allow different users to send data at different rates. This trick is accomplished naturally in CDMA by fixing the rate at which chips are transmitted and assigning users chip sequences of different lengths. For example, in WCDMA, the chip rate is 3.84 Mchips/sec and the spreading codes vary from 4 to 256 chips. With a 256- chip code, around 12 kbps is left after error correction, and this capacity is suffi- cient for a voice call. With a 4-chip code, the user data rate is close to 1 Mbps. Intermediate-length codes give intermediate rates; to get to multiple Mbps, the mobile must use more than one 5-MHz channel at once. Now let us describe the advantages of CDMA, given that we have dealt with the problems of getting it to work. It has three main advantages. First, CDMA can improve capacity by taking advantage of small periods when some trans- mitters are silent. In polite voice calls, one party is silent while the other talks. On average, the line is busy only 40% of the time. However, the pauses may be small and are difficult to predict. With TDM or FDM systems, it is not possible to reas- sign time slots or frequency channels quickly enough to benefit from these small silences. However, in CDMA, by simply not transmitting one user lowers the in- terference for other users, and it is likely that some fraction of users will not be transmitting in a busy cell at any given time. Thus CDMA takes advantage of ex- pected silences to allow a larger number of simultaneous calls. 178 THE PHYSICAL LAYER CHAP. 2 Second, with CDMA each cell uses the same frequencies. Unlike GSM and AMPS, FDM is not needed to separate the transmissions of different users. This eliminates complicated frequency planning tasks and improves capacity. It also makes it easy for a base station to use multiple directional antennas, or sectored antennas, instead of an omnidirectional antenna. Directional antennas concen- trate a signal in the intended direction and reduce the signal, and hence inter- ference, in other directions. This in turn increases capacity. Three sector designs are common. The base station must track the mobile as it moves from sector to sector. This tracking is easy with CDMA because all frequencies are used in all sectors. Third, CDMA facilitates soft handoff, in which the mobile is acquired by the new base station before the previous one signs off. In this way there is no loss of continuity. Soft handoff is shown in Fig. 2-49. It is easy with CDMA because all frequencies are used in each cell. The alternative is a hard handoff, in which the old base station drops the call before the new one acquires it. If the new one is unable to acquire it (e.g., because there is no available frequency), the call is disconnected abruptly. Users tend to notice this, but it is inevitable occasionally with the current design. Hard handoff is the norm with FDM designs to avoid the cost of having the mobile transmit or receive on two frequencies simultaneously. (a) (b) (c) Figure 2-49. Soft handoff (a) before, (b) during, and (c) after. Much has been written about 3G, most of it praising it as the greatest thing since sliced bread. Meanwhile, many operators have taken cautious steps in the direction of 3G by going to what is sometimes called 2.5G, although 2.1G might be more accurate. One such system is EDGE (Enhanced Data rates for GSM Evolution), which is just GSM with more bits per symbol. The trouble is, more bits per symbol also means more errors per symbol, so EDGE has nine different schemes for modulation and error correction, differing in terms of how much of the bandwidth is devoted to fixing the errors introduced by the higher speed. EDGE is one step along an evolutionary path that is defined from GSM to WCDMA. Similarly, there is an evolutionary path defined for operators to upgrade from IS-95 to CDMA2000 networks. Even though 3G networks are not fully deployed yet, some researchers regard 3G as a done deal. These people are already working on 4G systems under the SEC. 2.7 THE MOBILE TELEPHONE SYSTEM 179 name of LTE (Long Term Evolution). Some of the proposed features of 4G in- clude: high bandwidth; ubiquity (connectivity everywhere); seamless integration with other wired and wireless IP networks, including 802.11 access points; adap- tive resource and spectrum management; and high quality of service for multi- media. For more information see Astely et al. (2009) and Larmo et al. (2009). Meanwhile, wireless networks with 4G levels of performance are already available. The main example is 802.16, also known as WiMAX. For an overview of mobile WiMAX see Ahmadi (2009). To say the industry is in a state of flux is a huge understatement. Check back in a few years to see what has happened. 2.8 CABLE TELEVISION We have now studied both the fixed and wireless telephone systems in a fair amount of detail. Both will clearly play a major role in future networks. But there is another major player that has emerged over the past decade for Internet access: cable television networks. Many people nowadays get their telephone and Internet service over cable. In the following sections we will look at cable tele- vision as a network in more detail and contrast it with the telephone systems we have just studied. Some relevant references for more information are Donaldson and Jones (2001), Dutta-Roy (2001), and Fellows and Jones (2001). 2.8.1 Community Antenna Television Cable television was conceived in the late 1940s as a way to provide better reception to people living in rural or mountainous areas. The system initially con- sisted of a big antenna on top of a hill to pluck the television signal out of the air, an amplifier, called the headend, to strengthen it, and a coaxial cable to deliver it to people’s houses, as illustrated in Fig. 2-50. Tap Coaxial cable Drop cable Headend Antenna for picking up distant signals Figure 2-50. An early cable television system. In the early years, cable television was called Community Antenna Televis- ion. It was very much a mom-and-pop operation; anyone handy with electronics 180 THE PHYSICAL LAYER CHAP. 2 could set up a service for his town, and the users would chip in to pay the costs. As the number of subscribers grew, additional cables were spliced onto the origi- nal cable and amplifiers were added as needed. Transmission was one way, from the headend to the users. By 1970, thousands of independent systems existed. In 1974, Time Inc. started a new channel, Home Box Office, with new content (movies) distributed only on cable. Other cable-only channels followed, focusing on news, sports, cooking, and many other topics. This development gave rise to two changes in the industry. First, large corporations began buying up existing cable systems and laying new cable to acquire new subscribers. Second, there was now a need to connect multiple systems, often in distant cities, in order to dis- tribute the new cable channels. The cable companies began to lay cable between the cities to connect them all into a single system. This pattern was analogous to what happened in the telephone industry 80 years earlier with the connection of previously isolated end offices to make long-distance calling possible. 2.8.2 Internet over Cable Over the course of the years the cable system grew and the cables between the various cities were replaced by high-bandwidth fiber, similar to what happened in the telephone system. A system with fiber for the long-haul runs and coaxial cable to the houses is called an HFC (Hybrid Fiber Coax) system. The electro- optical converters that interface between the optical and electrical parts of the sys- tem are called fiber nodes. Because the bandwidth of fiber is so much greater than that of coax, a fiber node can feed multiple coaxial cables. Part of a modern HFC system is shown in Fig. 2-51(a). Over the past decade, many cable operators decided to get into the Internet access business, and often the telephony business as well. Technical differences between the cable plant and telephone plant had an effect on what had to be done to achieve these goals. For one thing, all the one-way amplifiers in the system had to be replaced by two-way amplifiers to support upstream as well as down- stream transmissions. While this was happening, early Internet over cable sys- tems used the cable television network for downstream transmissions and a dial- up connection via the telephone network for upstream transmissions. It was a clever workaround, but not much of a network compared to what it could be. However, there is another difference between the HFC system of Fig. 2-51(a) and the telephone system of Fig. 2-51(b) that is much harder to remove. Down in the neighborhoods, a single cable is shared by many houses, whereas in the tele- phone system, every house has its own private local loop. When used for televis- ion broadcasting, this sharing is a natural fit. All the programs are broadcast on the cable and it does not matter whether there are 10 viewers or 10,000 viewers. When the same cable is used for Internet access, however, it matters a lot if there are 10 users or 10,000. If one user decides to download a very large file, that bandwidth is potentially being taken away from other users. The more users there SEC. 2.8 CABLE TELEVISION 181 Copper twisted pair Switch Toll office Head- end High-bandwidth fiber trunk End office Local loop (a) (b) House High-bandwidth fiber trunk Coaxial cable House Tap Fiber node Fiber Fiber Figure 2-51. (a) Cable television. (b) The fixed telephone system. are, the more competition there is for bandwidth. The telephone system does not have this particular property: downloading a large file over an ADSL line does not reduce your neighbor’s bandwidth. On the other hand, the bandwidth of coax is much higher than that of twisted pairs, so you can get lucky if your neighbors do not use the Internet much. The way the cable industry has tackled this problem is to split up long cables and connect each one directly to a fiber node. The bandwidth from the headend to each fiber node is effectively infinite, so as long as there are not too many sub- scribers on each cable segment, the amount of traffic is manageable. Typical 182 THE PHYSICAL LAYER CHAP. 2 cables nowadays have 500–2000 houses, but as more and more people subscribe to Internet over cable, the load may become too great, requiring more splitting and more fiber nodes. 2.8.3 Spectrum Allocation Throwing off all the TV channels and using the cable infrastructure strictly for Internet access would probably generate a fair number of irate customers, so cable companies are hesitant to do this. Furthermore, most cities heavily regulate what is on the cable, so the cable operators would not be allowed to do this even if they really wanted to. As a consequence, they needed to find a way to have tele- vision and Internet peacefully coexist on the same cable. The solution is to build on frequency division multiplexing. Cable television channels in North America occupy the 54–550 MHz region (except for FM radio, from 88 to 108 MHz). These channels are 6-MHz wide, including guard bands, and can carry one traditional analog television channel or several digital television channels. In Europe the low end is usually 65 MHz and the channels are 6–8 MHz wide for the higher resolution required by PAL and SECAM, but otherwise the allocation scheme is similar. The low part of the band is not used. Modern cables can also operate well above 550 MHz, often at up to 750 MHz or more. The solution chosen was to introduce upstream channels in the 5–42 MHz band (slightly higher in Europe) and use the frequencies at the high end for the down- stream signals. The cable spectrum is illustrated in Fig. 2-52. 0 108 TV TV Downstream data Downstream frequencies U ps tr ea m da ta U ps tr ea m fr eq ue nc ie s FM 550 750 MHz 5 42 54 88 Figure 2-52. Frequency allocation in a typical cable TV system used for Inter- net access. Note that since the television signals are all downstream, it is possible to use upstream amplifiers that work only in the 5–42 MHz region and downstream amplifiers that work only at 54 MHz and up, as shown in the figure. Thus, we get an asymmetry in the upstream and downstream bandwidths because more spec- trum is available above television than below it. On the other hand, most users want more downstream traffic, so cable operators are not unhappy with this fact SEC. 2.8 CABLE TELEVISION 183 of life. As we saw earlier, telephone companies usually offer an asymmetric DSL service, even though they have no technical reason for doing so. In addition to upgrading the amplifiers, the operator has to upgrade the headend, too, from a dumb amplifier to an intelligent digital computer system with a high-bandwidth fiber interface to an ISP. Often the name gets upgraded as well, from ‘‘headend’’ to CMTS (Cable Modem Termination System). In the following text, we will refrain from doing a name upgrade and stick with the tra- ditional ‘‘headend.’’ 2.8.4 Cable Modems Internet access requires a cable modem, a device that has two interfaces on it: one to the computer and one to the cable network. In the early years of cable In- ternet, each operator had a proprietary cable modem, which was installed by a cable company technician. However, it soon became apparent that an open stan- dard would create a competitive cable modem market and drive down prices, thus encouraging use of the service. Furthermore, having the customers buy cable modems in stores and install them themselves (as they do with wireless access points) would eliminate the dreaded truck rolls. Consequently, the larger cable operators teamed up with a company called CableLabs to produce a cable modem standard and to test products for compli- ance. This standard, called DOCSIS (Data Over Cable Service Interface Spe- cification), has mostly replaced proprietary modems. DOCSIS version 1.0 came out in 1997, and was soon followed by DOCSIS 2.0 in 2001. It increased up- stream rates to better support symmetric services such as IP telephony. The most recent version of the standard is DOCSIS 3.0, which came out in 2006. It uses more bandwidth to increase rates in both directions. The European version of these standards is called EuroDOCSIS. Not all cable operators like the idea of a standard, however, since many of them were making good money leasing their modems to their captive customers. An open standard with dozens of manufact- urers selling cable modems in stores ends this lucrative practice. The modem-to-computer interface is straightforward. It is normally Ethernet, or occasionally USB. The other end is more complicated as it uses all of FDM, TDM, and CDMA to share the bandwidth of the cable between subscribers. When a cable modem is plugged in and powered up, it scans the downstream channels looking for a special packet periodically put out by the headend to pro- vide system parameters to modems that have just come online. Upon finding this packet, the new modem announces its presence on one of the upstream channels. The headend responds by assigning the modem to its upstream and downstream channels. These assignments can be changed later if the headend deems it neces- sary to balance the load. The use of 6-MHz or 8-MHz channels is the FDM part. Each cable modem sends data on one upstream and one downstream channel, or multiple channels 184 THE PHYSICAL LAYER CHAP. 2 under DOCSIS 3.0. The usual scheme is to take each 6 (or 8) MHz downstream channel and modulate it with QAM-64 or, if the cable quality is exceptionally good, QAM-256. With a 6-MHz channel and QAM-64, we get about 36 Mbps. When the overhead is subtracted, the net payload is about 27 Mbps. With QAM- 256, the net payload is about 39 Mbps. The European values are 1/3 larger. For upstream, there is more RF noise because the system was not originally designed for data, and noise from multiple subscribers is funneled to the headend, so a more conservative scheme is used. This ranges from QPSK to QAM-128, where some of the symbols are used for error protection with Trellis Coded Mod- ulation. With fewer bits per symbol on the upstream, the asymmetry between upstream and downstream rates is much more than suggested by Fig. 2-52. TDM is then used to share bandwidth on the upstream across multiple sub- scribers. Otherwise their transmissions would collide at the headend. Time is di- vided into minislots and different subscribers send in different minislots. To make this work, the modem determines its distance from the headend by sending it a special packet and seeing how long it takes to get the response. This process is called ranging. It is important for the modem to know its distance to get the timing right. Each upstream packet must fit in one or more consecutive minislots at the headend when it is received. The headend announces the start of a new round of minislots periodically, but the starting gun is not heard at all modems si- multaneously due to the propagation time down the cable. By knowing how far it is from the headend, each modem can compute how long ago the first minislot really started. Minislot length is network dependent. A typical payload is 8 bytes. During initialization, the headend assigns each modem to a minislot to use for requesting upstream bandwidth. When a computer wants to send a packet, it transfers the packet to the modem, which then requests the necessary number of minislots for it. If the request is accepted, the headend puts an acknowledgement on the downstream channel telling the modem which minislots have been reserved for its packet. The packet is then sent, starting in the minislot allocated to it. Ad- ditional packets can be requested using a field in the header. As a rule, multiple modems will be assigned the same minislot, which leads to contention. Two different possibilities exist for dealing with it. The first is that CDMA is used to share the minislot between subscribers. This solves the con- tention problem because all subscribers with a CDMA code sequence can send at the same time, albeit at a reduced rate. The second option is that CDMA is not used, in which case there may be no acknowledgement to the request because of a collision. In this case, the modem just waits a random time and tries again. After each successive failure, the randomization time is doubled. (For readers already somewhat familiar with networking, this algorithm is just slotted ALOHA with bi- nary exponential backoff. Ethernet cannot be used on cable because stations can- not sense the medium. We will come back to these issues in Chap. 4.) The downstream channels are managed differently from the upstream chan- nels. For starters, there is only one sender (the headend), so there is no contention SEC. 2.8 CABLE TELEVISION 185 and no need for minislots, which is actually just statistical time division multi- plexing. For another, the amount of traffic downstream is usually much larger than upstream, so a fixed packet size of 204 bytes is used. Part of that is a Reed- Solomon error-correcting code and some other overhead, leaving a user payload of 184 bytes. These numbers were chosen for compatibility with digital television using MPEG-2, so the TV and downstream data channels are formatted the same way. Logically, the connections are as depicted in Fig. 2-53. Figure 2-53. Typical details of the upstream and downstream channels in North America. 2.8.5 ADSL Versus Cable Which is better, ADSL or cable? That is like asking which operating system is better. Or which language is better. Or which religion. Which answer you get depends on whom you ask. Let us compare ADSL and cable on a few points. Both use fiber in the backbone, but they differ on the edge. Cable uses coax; ADSL uses twisted pair. The theoretical carrying capacity of coax is hundreds of times more than twisted pair. However, the full capacity of the cable is not avail- able for data users because much of the cable’s bandwidth is wasted on useless stuff such as television programs. In practice, it is hard to generalize about effective capacity. ADSL providers give specific statements about the bandwidth (e.g., 1 Mbps downstream, 256 kbps upstream) and generally achieve about 80% of it consistently. Cable providers may artificially cap the bandwidth to each user to help them make performance predictions, but they cannot really give guarantees because the effective capacity depends on how many people are currently active on the user’s cable segment. Sometimes it may be better than ADSL and sometimes it may be worse. What can be annoying, though, is the unpredictability. Having great service one minute does not guarantee great service the next minute since the biggest bandwidth hog in town may have just turned on his computer. 186 THE PHYSICAL LAYER CHAP. 2 As an ADSL system acquires more users, their increasing numbers have little effect on existing users, since each user has a dedicated connection. With cable, as more subscribers sign up for Internet service, performance for existing users will drop. The only cure is for the cable operator to split busy cables and connect each one to a fiber node directly. Doing so costs time and money, so there are business pressures to avoid it. As an aside, we have already studied another system with a shared channel like cable: the mobile telephone system. Here, too, a group of users—we could call them cellmates—share a fixed amount of bandwidth. For voice traffic, which is fairly smooth, the bandwidth is rigidly divided in fixed chunks among the active users using FDM and TDM. But for data traffic, this rigid division is very ineffi- cient because data users are frequently idle, in which case their reserved band- width is wasted. As with cable, a more dynamic means is used to allocate the shared bandwidth. Availability is an issue on which ADSL and cable differ. Everyone has a tele- phone, but not all users are close enough to their end offices to get ADSL. On the other hand, not everyone has cable, but if you do have cable and the company pro- vides Internet access, you can get it. Distance to the fiber node or headend is not an issue. It is also worth noting that since cable started out as a television distrib- ution medium, few businesses have it. Being a point-to-point medium, ADSL is inherently more secure than cable. Any cable user can easily read all the packets going down the cable. For this rea- son, any decent cable provider will encrypt all traffic in both directions. Never- theless, having your neighbor get your encrypted messages is still less secure than having him not get anything at all. The telephone system is generally more reliable than cable. For example, it has backup power and continues to work normally even during a power outage. With cable, if the power to any amplifier along the chain fails, all downstream users are cut off instantly. Finally, most ADSL providers offer a choice of ISPs. Sometimes they are even required to do so by law. Such is not always the case with cable operators. The conclusion is that ADSL and cable are much more alike than they are dif- ferent. They offer comparable service and, as competition between them heats up, probably comparable prices. 2.9 SUMMARY The physical layer is the basis of all networks. Nature imposes two funda- mental limits on all channels, and these determine their bandwidth. These limits are the Nyquist limit, which deals with noiseless channels, and the Shannon limit, which deals with noisy channels. SEC. 2.9 SUMMARY 187 Transmission media can be guided or unguided. The principal guided media are twisted pair, coaxial cable, and fiber optics. Unguided media include terres- trial radio, microwaves, infrared, lasers through the air, and satellites. Digital modulation methods send bits over guided and unguided media as ana- log signals. Line codes operate at baseband, and signals can be placed in a passband by modulating the amplitude, frequency, and phase of a carrier. Chan- nels can be shared between users with time, frequency and code division multi- plexing. A key element in most wide area networks is the telephone system. Its main components are the local loops, trunks, and switches. ADSL offers speeds up to 40 Mbps over the local loop by dividing it into many subcarriers that run in paral- lel. This far exceeds the rates of telephone modems. PONs bring fiber to the home for even greater access rates than ADSL. Trunks carry digital information. They are multiplexed with WDM to provi- sion many high capacity links over individual fibers, as well as with TDM to share each high rate link between users. Both circuit switching and packet switching are important. For mobile applications, the fixed telephone system is not suitable. Mobile phones are currently in widespread use for voice, and increasingly for data. They have gone through three generations. The first generation, 1G, was analog and dominated by AMPS. 2G was digital, with GSM presently the most widely de- ployed mobile phone system in the world. 3G is digital and based on broadband CDMA, with WCDMA and also CDMA2000 now being deployed. An alternative system for network access is the cable television system. It has gradually evolved from coaxial cable to hybrid fiber coax, and from television to television and Internet. Potentially, it offers very high bandwidth, but the band- width in practice depends heavily on the other users because it is shared. PROBLEMS 1. Compute the Fourier coefficients for the function f(t) = t (0 ≤ t ≤ 1). 2. A noiseless 4-kHz channel is sampled every 1 msec. What is the maximum data rate? How does the maximum data rate change if the channel is noisy, with a signal-to-noise ratio of 30 dB? 3. Television channels are 6 MHz wide. How many bits/sec can be sent if four-level dig- ital signals are used? Assume a noiseless channel. 4. If a binary signal is sent over a 3-kHz channel whose signal-to-noise ratio is 20 dB, what is the maximum achievable data rate? 5. What signal-to-noise ratio is needed to put a T1 carrier on a 50-kHz line? 6. What are the advantages of fiber optics over copper as a transmission medium? Is there any downside of using fiber optics over copper? 188 THE PHYSICAL LAYER CHAP. 2 7. How much bandwidth is there in 0.1 microns of spectrum at a wavelength of 1 micron? 8. It is desired to send a sequence of computer screen images over an optical fiber. The screen is 2560 × 1600 pixels, each pixel being 24 bits. There are 60 screen images per second. How much bandwidth is needed, and how many microns of wavelength are needed for this band at 1.30 microns? 9. Is the Nyquist theorem true for high-quality single-mode optical fiber or only for copper wire? 10. Radio antennas often work best when the diameter of the antenna is equal to the wave- length of the radio wave. Reasonable antennas range from 1 cm to 5 meters in diame- ter. What frequency range does this cover? 11. A laser beam 1 mm wide is aimed at a detector 1 mm wide 100 m away on the roof of a building. How much of an angular diversion (in degrees) does the laser have to have before it misses the detector? 12. The 66 low-orbit satellites in the Iridium project are divided into six necklaces around the earth. At the altitude they are using, the period is 90 minutes. What is the average interval for handoffs for a stationary transmitter? 13. Calculate the end-to-end transit time for a packet for both GEO (altitude: 35,800 km), MEO (altitude: 18,000 km) and LEO (altitude: 750 km) satellites. 14. What is the latency of a call originating at the North Pole to reach the South Pole if the call is routed via Iridium satellites? Assume that the switching time at the satellites is 10 microseconds and earth’s radius is 6371 km. 15. What is the minimum bandwidth needed to achieve a data rate of B bits/sec if the sig- nal is transmitted using NRZ, MLT-3, and Manchester encoding? Explain your answer. 16. Prove that in 4B/5B encoding, a signal transition will occur at least every four bit times. 17. How many end office codes were there pre-1984, when each end office was named by its three-digit area code and the first three digits of the local number? Area codes started with a digit in the range 2–9, had a 0 or 1 as the second digit, and ended with any digit. The first two digits of a local number were always in the range 2–9. The third digit could be any digit. 18. A simple telephone system consists of two end offices and a single toll office to which each end office is connected by a 1-MHz full-duplex trunk. The average telephone is used to make four calls per 8-hour workday. The mean call duration is 6 min. Ten percent of the calls are long distance (i.e., pass through the toll office). What is the maximum number of telephones an end office can support? (Assume 4 kHz per cir- cuit.) Explain why a telephone company may decide to support a lesser number of telephones than this maximum number at the end office. 19. A regional telephone company has 10 million subscribers. Each of their telephones is connected to a central office by a copper twisted pair. The average length of these twisted pairs is 10 km. How much is the copper in the local loops worth? Assume CHAP. 2 PROBLEMS 189 that the cross section of each strand is a circle 1 mm in diameter, the density of copper is 9.0 grams/cm3, and that copper sells for $6 per kilogram. 20. Is an oil pipeline a simplex system, a half-duplex system, a full-duplex system, or none of the above? What about a river or a walkie-talkie-style communication? 21. The cost of a fast microprocessor has dropped to the point where it is now possible to put one in each modem. How does that affect the handling of telephone line errors? Does it negate the need for error checking/correction in layer 2? 22. A modem constellation diagram similar to Fig. 2-23 has data points at the following coordinates: (1, 1), (1, −1), (−1, 1), and (−1, −1). How many bps can a modem with these parameters achieve at 1200 symbols/second? 23. What is the maximum bit rate achievable in a V.32 standard modem if the baud rate is 1200 and no error correction is used? 24. How many frequencies does a full-duplex QAM-64 modem use? 25. Ten signals, each requiring 4000 Hz, are multiplexed onto a single channel using FDM. What is the minimum bandwidth required for the multiplexed channel? As- sume that the guard bands are 400 Hz wide. 26. Why has the PCM sampling time been set at 125 μsec? 27. What is the percent overhead on a T1 carrier? That is, what percent of the 1.544 Mbps are not delivered to the end user? How does it relate to the percent overhead in OC-1 or OC-768 lines? 28. Compare the maximum data rate of a noiseless 4-kHz channel using (a) Analog encoding (e.g., QPSK) with 2 bits per sample. (b) The T1 PCM system. 29. If a T1 carrier system slips and loses track of where it is, it tries to resynchronize using the first bit in each frame. How many frames will have to be inspected on average to resynchronize with a probability of 0.001 of being wrong? 30. What is the difference, if any, between the demodulator part of a modem and the coder part of a codec? (After all, both convert analog signals to digital ones.) 31. SONET clocks have a drift rate of about 1 part in 109. How long does it take for the drift to equal the width of 1 bit? Do you see any practical implications of this calcula- tion? If so, what? 32. How long will it take to transmit a 1-GB file from one VSAT to another using a hub as shown in Figure 2-17? Assume that the uplink is 1 Mbps, the downlink is 7 Mbps, and circuit switching is used with 1.2 sec circuit setup time. 33. Calculate the transmit time in the previous problem if packet switching is used instead. Assume that the packet size is 64 KB, the switching delay in the satellite and hub is 10 microseconds, and the packet header size is 32 bytes. 34. In Fig. 2-40, the user data rate for OC-3 is stated to be 148.608 Mbps. Show how this number can be derived from the SONET OC-3 parameters. What will be the gross, SPE, and user data rates of an OC-3072 line? 190 THE PHYSICAL LAYER CHAP. 2 35. To accommodate lower data rates than STS-1, SONET has a system of virtual tribu- taries (VTs). A VT is a partial payload that can be inserted into an STS-1 frame and combined with other partial payloads to fill the data frame. VT1.5 uses 3 columns, VT2 uses 4 columns, VT3 uses 6 columns, and VT6 uses 12 columns of an STS-1 frame. Which VT can accommodate (a) A DS-1 service (1.544 Mbps)? (b) European CEPT-1 service (2.048 Mbps)? (c) A DS-2 service (6.312 Mbps)? 36. What is the available user bandwidth in an OC-12c connection? 37. Three packet-switching networks each contain n nodes. The first network has a star topology with a central switch, the second is a (bidirectional) ring, and the third is fully interconnected, with a wire from every node to every other node. What are the best-, average-, and worst-case transmission paths in hops? 38. Compare the delay in sending an x-bit message over a k-hop path in a circuit-switched network and in a (lightly loaded) packet-switched network. The circuit setup time is s sec, the propagation delay is d sec per hop, the packet size is p bits, and the data rate is b bps. Under what conditions does the packet network have a lower delay? Also, ex- plain the conditions under which a packet-switched network is preferable to a circuit- switched network. 39. Suppose that x bits of user data are to be transmitted over a k-hop path in a packet- switched network as a series of packets, each containing p data bits and h header bits, with x >> p + h. The bit rate of the lines is b bps and the propagation delay is negligi-
ble. What value of p minimizes the total delay?
40. In a typical mobile phone system with hexagonal cells, it is forbidden to reuse a fre-
quency band in an adjacent cell. If 840 frequencies are available, how many can be
used in a given cell?
41. The actual layout of cells is seldom as regular that as shown in Fig. 2-45. Even the
shapes of individual cells are typically irregular. Give a possible reason why this
might be. How do these irregular shapes affect frequency assignment to each cell?
42. Make a rough estimate of the number of PCS microcells 100 m in diameter it would
take to cover San Francisco (120 square km).
43. Sometimes when a mobile user crosses the boundary from one cell to another, the cur-
rent call is abruptly terminated, even though all transmitters and receivers are func-
tioning perfectly. Why?
44. Suppose that A, B, and C are simultaneously transmitting 0 bits, using a CDMA sys-
tem with the chip sequences of Fig. 2-28(a). What is the resulting chip sequence?
45. Consider a different way of looking at the orthogonality property of CDMA chip se-
quences. Each bit in a pair of sequences can match or not match. Express the ortho-
gonality property in terms of matches and mismatches.
46. A CDMA receiver gets the following chips: (−1 +1 −3 +1 −1 −3 +1 +1). Assuming
the chip sequences defined in Fig. 2-28(a), which stations transmitted, and which bits
did each one send?

CHAP. 2 PROBLEMS 191
47. In Figure 2-28, there are four stations that can transmit. Suppose four more stations
are added. Provide the chip sequences of these stations.
48. At the low end, the telephone system is star shaped, with all the local loops in a neigh-
borhood converging on an end office. In contrast, cable television consists of a single
long cable snaking its way past all the houses in the same neighborhood. Suppose that
a future TV cable were 10-Gbps fiber instead of copper. Could it be used to simulate
the telephone model of everybody having their own private line to the end office? If
so, how many one-telephone houses could be hooked up to a single fiber?
49. A cable company decides to provide Internet access over cable in a neighborhood con-
sisting of 5000 houses. The company uses a coaxial cable and spectrum allocation al-
lowing 100 Mbps downstream bandwidth per cable. To attract customers, the com-
pany decides to guarantee at least 2 Mbps downstream bandwidth to each house at any
time. Describe what the cable company needs to do to provide this guarantee.
50. Using the spectral allocation shown in Fig. 2-52 and the information given in the text,
how many Mbps does a cable system allocate to upstream and how many to down-
stream?
51. How fast can a cable user receive data if the network is otherwise idle? Assume that
the user interface is
(a) 10-Mbps Ethernet
(b) 100-Mbps Ethernet
(c) 54-Mbps Wireless.
52. Multiplexing STS-1 multiple data streams, called tributaries, plays an important role
in SONET. A 3:1 multiplexer multiplexes three input STS-1 tributaries onto one out-
put STS-3 stream. This multiplexing is done byte for byte. That is, the first three out-
put bytes are the first bytes of tributaries 1, 2, and 3, respectively. the next three out-
put bytes are the second bytes of tributaries 1, 2, and 3, respectively, and so on. Write
a program that simulates this 3:1 multiplexer. Your program should consist of five
processes. The main process creates four processes, one each for the three STS-1 tri-
butaries and one for the multiplexer. Each tributary process reads in an STS-1 frame
from an input file as a sequence of 810 bytes. They send their frames (byte by byte) to
the multiplexer process. The multiplexer process receives these bytes and outputs an
STS-3 frame (byte by byte) by writing it to standard output. Use pipes for communi-
cation among processes.
53. Write a program to implement CDMA. Assume that the length of a chip sequence is
eight and the number of stations transmitting is four. Your program consists of three
sets of processes: four transmitter processes (t0, t1, t2, and t3), one joiner process, and
four receiver processes (r0, r1, r2, and r3). The main program, which also acts as the
joiner process first reads four chip sequences (bipolar notation) from the standard
input and a sequence of 4 bits (1 bit per transmitter process to be transmitted), and
forks off four pairs of transmitter and receiver processes. Each pair of transmitter/re-
ceiver processes (t0,r0; t1,r1; t2,r2; t3,r3) is assigned one chip sequence and each
transmitter process is assigned 1 bit (first bit to t0, second bit to t1, and so on). Next,
each transmitter process computes the signal to be transmitted (a sequence of 8 bits)
and sends it to the joiner process. After receiving signals from all four transmitter
processes, the joiner process combines the signals and sends the combined signal to

192 THE PHYSICAL LAYER CHAP. 2
the four receiver processes. Each receiver process then computes the bit it has re-
ceived and prints it to standard output. Use pipes for communication between proc-
esses.

3
THE DATA LINK LAYER
In this chapter we will study the design principles for the second layer in our
model, the data link layer. This study deals with algorithms for achieving re-
liable, efficient communication of whole units of information called frames (rath-
er than individual bits, as in the physical layer) between two adjacent machines.
By adjacent, we mean that the two machines are connected by a communication
channel that acts conceptually like a wire (e.g., a coaxial cable, telephone line, or
wireless channel). The essential property of a channel that makes it ‘‘wire-like’’
is that the bits are delivered in exactly the same order in which they are sent.
At first you might think this problem is so trivial that there is nothing to
study—machine A just puts the bits on the wire, and machine B just takes them
off. Unfortunately, communication channels make errors occasionally. Fur-
thermore, they have only a finite data rate, and there is a nonzero propagation
delay between the time a bit is sent and the time it is received. These limitations
have important implications for the efficiency of the data transfer. The protocols
used for communications must take all these factors into consideration. These
protocols are the subject of this chapter.
After an introduction to the key design issues present in the data link layer, we
will start our study of its protocols by looking at the nature of errors and how they
can be detected and corrected. Then we will study a series of increasingly com-
plex protocols, each one solving more and more of the problems present in this
layer. Finally, we will conclude with some examples of data link protocols.
193

194 THE DATA LINK LAYER CHAP. 3
3.1 DATA LINK LAYER DESIGN ISSUES
The data link layer uses the services of the physical layer to send and receive
bits over communication channels. It has a number of functions, including:
1. Providing a well-defined service interface to the network layer.
2. Dealing with transmission errors.
3. Regulating the flow of data so that slow receivers are not swamped
by fast senders.
To accomplish these goals, the data link layer takes the packets it gets from the
network layer and encapsulates them into frames for transmission. Each frame
contains a frame header, a payload field for holding the packet, and a frame
trailer, as illustrated in Fig. 3-1. Frame management forms the heart of what the
data link layer does. In the following sections we will examine all the above-
mentioned issues in detail.
TrailerHeader Payload field
Frame
Sending machine
PacketPacket
Receiving machine
TrailerHeader Payload field
Figure 3-1. Relationship between packets and frames.
Although this chapter is explicitly about the data link layer and its protocols,
many of the principles we will study here, such as error control and flow control,
are found in transport and other protocols as well. That is because reliability is an
overall goal, and it is achieved when all the layers work together. In fact, in many
networks, these functions are found mostly in the upper layers, with the data link
layer doing the minimal job that is ‘‘good enough.’’ However, no matter where
they are found, the principles are pretty much the same. They often show up in
their simplest and purest forms in the data link layer, making this a good place to
examine them in detail.
3.1.1 Services Provided to the Network Layer
The function of the data link layer is to provide services to the network layer.
The principal service is transferring data from the network layer on the source ma-
chine to the network layer on the destination machine. On the source machine is

SEC. 3.1 DATA LINK LAYER DESIGN ISSUES 195
an entity, call it a process, in the network layer that hands some bits to the data
link layer for transmission to the destination. The job of the data link layer is to
transmit the bits to the destination machine so they can be handed over to the net-
work layer there, as shown in Fig. 3-2(a). The actual transmission follows the
path of Fig. 3-2(b), but it is easier to think in terms of two data link layer proc-
esses communicating using a data link protocol. For this reason, we will impli-
citly use the model of Fig. 3-2(a) throughout this chapter.
4
3
2
1
4
3
2
1
4
3
2
1
4
3
2
1
Host 1 Host 2 Host 1 Host 2
Virtual
data path
Actual
data path
(a) (b)
Figure 3-2. (a) Virtual communication. (b) Actual communication.
The data link layer can be designed to offer various services. The actual ser-
vices that are offered vary from protocol to protocol. Three reasonable possibili-
ties that we will consider in turn are:
1. Unacknowledged connectionless service.
2. Acknowledged connectionless service.
3. Acknowledged connection-oriented service.
Unacknowledged connectionless service consists of having the source ma-
chine send independent frames to the destination machine without having the
destination machine acknowledge them. Ethernet is a good example of a data link
layer that provides this class of service. No logical connection is established be-
forehand or released afterward. If a frame is lost due to noise on the line, no

196 THE DATA LINK LAYER CHAP. 3
attempt is made to detect the loss or recover from it in the data link layer. This
class of service is appropriate when the error rate is very low, so recovery is left
to higher layers. It is also appropriate for real-time traffic, such as voice, in which
late data are worse than bad data.
The next step up in terms of reliability is acknowledged connectionless ser-
vice. When this service is offered, there are still no logical connections used, but
each frame sent is individually acknowledged. In this way, the sender knows
whether a frame has arrived correctly or been lost. If it has not arrived within a
specified time interval, it can be sent again. This service is useful over unreliable
channels, such as wireless systems. 802.11 (WiFi) is a good example of this class
of service.
It is perhaps worth emphasizing that providing acknowledgements in the data
link layer is just an optimization, never a requirement. The network layer can al-
ways send a packet and wait for it to be acknowledged by its peer on the remote
machine. If the acknowledgement is not forthcoming before the timer expires, the
sender can just send the entire message again. The trouble with this strategy is
that it can be inefficient. Links usually have a strict maximum frame length
imposed by the hardware, and known propagation delays. The network layer does
not know these parameters. It might send a large packet that is broken up into,
say, 10 frames, of which 2 are lost on average. It would then take a very long time
for the packet to get through. Instead, if individual frames are acknowledged and
retransmitted, then errors can be corrected more directly and more quickly. On
reliable channels, such as fiber, the overhead of a heavyweight data link protocol
may be unnecessary, but on (inherently unreliable) wireless channels it is well
worth the cost.
Getting back to our services, the most sophisticated service the data link layer
can provide to the network layer is connection-oriented service. With this service,
the source and destination machines establish a connection before any data are
transferred. Each frame sent over the connection is numbered, and the data link
layer guarantees that each frame sent is indeed received. Furthermore, it guaran-
tees that each frame is received exactly once and that all frames are received in
the right order. Connection-oriented service thus provides the network layer proc-
esses with the equivalent of a reliable bit stream. It is appropriate over long, unre-
liable links such as a satellite channel or a long-distance telephone circuit. If
acknowledged connectionless service were used, it is conceivable that lost ac-
knowledgements could cause a frame to be sent and received several times, wast-
ing bandwidth.
When connection-oriented service is used, transfers go through three distinct
phases. In the first phase, the connection is established by having both sides ini-
tialize variables and counters needed to keep track of which frames have been re-
ceived and which ones have not. In the second phase, one or more frames are ac-
tually transmitted. In the third and final phase, the connection is released, freeing
up the variables, buffers, and other resources used to maintain the connection.

SEC. 3.1 DATA LINK LAYER DESIGN ISSUES 197
3.1.2 Framing
To provide service to the network layer, the data link layer must use the ser-
vice provided to it by the physical layer. What the physical layer does is accept a
raw bit stream and attempt to deliver it to the destination. If the channel is noisy,
as it is for most wireless and some wired links, the physical layer will add some
redundancy to its signals to reduce the bit error rate to a tolerable level. However,
the bit stream received by the data link layer is not guaranteed to be error free.
Some bits may have different values and the number of bits received may be less
than, equal to, or more than the number of bits transmitted. It is up to the data
link layer to detect and, if necessary, correct errors.
The usual approach is for the data link layer to break up the bit stream into
discrete frames, compute a short token called a checksum for each frame, and in-
clude the checksum in the frame when it is transmitted. (Checksum algorithms
will be discussed later in this chapter.) When a frame arrives at the destination,
the checksum is recomputed. If the newly computed checksum is different from
the one contained in the frame, the data link layer knows that an error has oc-
curred and takes steps to deal with it (e.g., discarding the bad frame and possibly
also sending back an error report).
Breaking up the bit stream into frames is more difficult than it at first appears.
A good design must make it easy for a receiver to find the start of new frames
while using little of the channel bandwidth. We will look at four methods:
1. Byte count.
2. Flag bytes with byte stuffing.
3. Flag bits with bit stuffing.
4. Physical layer coding violations.
The first framing method uses a field in the header to specify the number of
bytes in the frame. When the data link layer at the destination sees the byte count,
it knows how many bytes follow and hence where the end of the frame is. This
technique is shown in Fig. 3-3(a) for four small example frames of sizes 5, 5, 8,
and 8 bytes, respectively.
The trouble with this algorithm is that the count can be garbled by a transmis-
sion error. For example, if the byte count of 5 in the second frame of Fig. 3-3(b)
becomes a 7 due to a single bit flip, the destination will get out of synchroniza-
tion. It will then be unable to locate the correct start of the next frame. Even if the
checksum is incorrect so the destination knows that the frame is bad, it still has no
way of telling where the next frame starts. Sending a frame back to the source
asking for a retransmission does not help either, since the destination does not
know how many bytes to skip over to get to the start of the retransmission. For
this reason, the byte count method is rarely used by itself.

198 THE DATA LINK LAYER CHAP. 3
(b)
(a)
5 1 2 3 4 5 6 7 8 9 8 0 1 2 3 4 5 6 8 7 8 9 0 1 2 3
5 1 2 3 4 7 6 7 8 9 8 0 1 2 3 4 5 6 8 7 8 9 0 1 2 3
Byte count One byte
Error
Frame 1
5 bytes
Frame 1
Frame 2
5 bytes
Frame 2
(Wrong)
Frame 3
8 bytes
Frame 4
8 bytes
Now a byte
count
Figure 3-3. A byte stream. (a) Without errors. (b) With one error.
The second framing method gets around the problem of resynchronization
after an error by having each frame start and end with special bytes. Often the
same byte, called a flag byte, is used as both the starting and ending delimiter.
This byte is shown in Fig. 3-4(a) as FLAG. Two consecutive flag bytes indicate
the end of one frame and the start of the next. Thus, if the receiver ever loses syn-
chronization it can just search for two flag bytes to find the end of the current
frame and the start of the next frame.
However, there is a still a problem we have to solve. It may happen that the
flag byte occurs in the data, especially when binary data such as photographs or
songs are being transmitted. This situation would interfere with the framing. One
way to solve this problem is to have the sender’s data link layer insert a special
escape byte (ESC) just before each ‘‘accidental’’ flag byte in the data. Thus, a
framing flag byte can be distinguished from one in the data by the absence or
presence of an escape byte before it. The data link layer on the receiving end re-
moves the escape bytes before giving the data to the network layer. This techni-
que is called byte stuffing.
Of course, the next question is: what happens if an escape byte occurs in the
middle of the data? The answer is that it, too, is stuffed with an escape byte. At
the receiver, the first escape byte is removed, leaving the data byte that follows it
(which might be another escape byte or the flag byte). Some examples are shown
in Fig. 3-4(b). In all cases, the byte sequence delivered after destuffing is exactly
the same as the original byte sequence. We can still search for a frame boundary
by looking for two flag bytes in a row, without bothering to undo escapes.
The byte-stuffing scheme depicted in Fig. 3-4 is a slight simplification of the
one used in PPP (Point-to-Point Protocol), which is used to carry packets over
communications links. We will discuss PPP near the end of this chapter.

SEC. 3.1 DATA LINK LAYER DESIGN ISSUES 199
A BESC FLAG
A BESC ESC
A ESC BESC ESC FLAG
A ESC BESC ESC ESC
BA FLAG
BA ESC
FLAGA ESC B
ESCA ESC B
FLAGTrailerFLAG Header Payload field
Original bytes After stuffing
(a)
(b)
Figure 3-4. (a) A frame delimited by flag bytes. (b) Four examples of byte se-
quences before and after byte stuffing.
The third method of delimiting the bit stream gets around a disadvantage of
byte stuffing, which is that it is tied to the use of 8-bit bytes. Framing can be also
be done at the bit level, so frames can contain an arbitrary number of bits made up
of units of any size. It was developed for the once very popular HDLC (High-
level Data Link Control) protocol. Each frame begins and ends with a special
bit pattern, 01111110 or 0x7E in hexadecimal. This pattern is a flag byte. When-
ever the sender’s data link layer encounters five consecutive 1s in the data, it
automatically stuffs a 0 bit into the outgoing bit stream. This bit stuffing is anal-
ogous to byte stuffing, in which an escape byte is stuffed into the outgoing charac-
ter stream before a flag byte in the data. It also ensures a minimum density of
transitions that help the physical layer maintain synchronization. USB (Universal
Serial Bus) uses bit stuffing for this reason.
When the receiver sees five consecutive incoming 1 bits, followed by a 0 bit,
it automatically destuffs (i.e., deletes) the 0 bit. Just as byte stuffing is completely
transparent to the network layer in both computers, so is bit stuffing. If the user
data contain the flag pattern, 01111110, this flag is transmitted as 011111010 but
stored in the receiver’s memory as 01111110. Figure 3-5 gives an example of bit
stuffing.
With bit stuffing, the boundary between two frames can be unambiguously
recognized by the flag pattern. Thus, if the receiver loses track of where it is, all
it has to do is scan the input for flag sequences, since they can only occur at frame
boundaries and never within the data.

200 THE DATA LINK LAYER CHAP. 3
0 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 1 0
0 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 1 0 0 1 0
Stuffed bits
(a)
(b)
(c) 0 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 1 0
Figure 3-5. Bit stuffing. (a) The original data. (b) The data as they appear on
the line. (c) The data as they are stored in the receiver’s memory after destuf-
fing.
With both bit and byte stuffing, a side effect is that the length of a frame now
depends on the contents of the data it carries. For instance, if there are no flag
bytes in the data, 100 bytes might be carried in a frame of roughly 100 bytes. If,
however, the data consists solely of flag bytes, each flag byte will be escaped and
the frame will become roughly 200 bytes long. With bit stuffing, the increase
would be roughly 12.5% as 1 bit is added to every byte.
The last method of framing is to use a shortcut from the physical layer. We
saw in Chap. 2 that the encoding of bits as signals often includes redundancy to
help the receiver. This redundancy means that some signals will not occur in reg-
ular data. For example, in the 4B/5B line code 4 data bits are mapped to 5 signal
bits to ensure sufficient bit transitions. This means that 16 out of the 32 signal
possibilities are not used. We can use some reserved signals to indicate the start
and end of frames. In effect, we are using ‘‘coding violations’’ to delimit frames.
The beauty of this scheme is that, because they are reserved signals, it is easy to
find the start and end of frames and there is no need to stuff the data.
Many data link protocols use a combination of these methods for safety. A
common pattern used for Ethernet and 802.11 is to have a frame begin with a
well-defined pattern called a preamble. This pattern might be quite long (72 bits
is typical for 802.11) to allow the receiver to prepare for an incoming packet. The
preamble is then followed by a length (i.e., count) field in the header that is used
to locate the end of the frame.
3.1.3 Error Control
Having solved the problem of marking the start and end of each frame, we
come to the next problem: how to make sure all frames are eventually delivered to
the network layer at the destination and in the proper order. Assume for the
moment that the receiver can tell whether a frame that it receives contains correct
or faulty information (we will look at the codes that are used to detect and correct
transmission errors in Sec. 3.2). For unacknowledged connectionless service it
might be fine if the sender just kept outputting frames without regard to whether

SEC. 3.1 DATA LINK LAYER DESIGN ISSUES 201
they were arriving properly. But for reliable, connection-oriented service it would
not be fine at all.
The usual way to ensure reliable delivery is to provide the sender with some
feedback about what is happening at the other end of the line. Typically, the pro-
tocol calls for the receiver to send back special control frames bearing positive or
negative acknowledgements about the incoming frames. If the sender receives a
positive acknowledgement about a frame, it knows the frame has arrived safely.
On the other hand, a negative acknowledgement means that something has gone
wrong and the frame must be transmitted again.
An additional complication comes from the possibility that hardware troubles
may cause a frame to vanish completely (e.g., in a noise burst). In this case, the
receiver will not react at all, since it has no reason to react. Similarly, if the ac-
knowledgement frame is lost, the sender will not know how to proceed. It should
be clear that a protocol in which the sender transmits a frame and then waits for
an acknowledgement, positive or negative, will hang forever if a frame is ever lost
due to, for example, malfunctioning hardware or a faulty communication channel.
This possibility is dealt with by introducing timers into the data link layer.
When the sender transmits a frame, it generally also starts a timer. The timer is
set to expire after an interval long enough for the frame to reach the destination,
be processed there, and have the acknowledgement propagate back to the sender.
Normally, the frame will be correctly received and the acknowledgement will get
back before the timer runs out, in which case the timer will be canceled.
However, if either the frame or the acknowledgement is lost, the timer will go
off, alerting the sender to a potential problem. The obvious solution is to just
transmit the frame again. However, when frames may be transmitted multiple
times there is a danger that the receiver will accept the same frame two or more
times and pass it to the network layer more than once. To prevent this from hap-
pening, it is generally necessary to assign sequence numbers to outgoing frames,
so that the receiver can distinguish retransmissions from originals.
The whole issue of managing the timers and sequence numbers so as to ensure
that each frame is ultimately passed to the network layer at the destination exactly
once, no more and no less, is an important part of the duties of the data link layer
(and higher layers). Later in this chapter, we will look at a series of increasingly
sophisticated examples to see how this management is done.
3.1.4 Flow Control
Another important design issue that occurs in the data link layer (and higher
layers as well) is what to do with a sender that systematically wants to transmit
frames faster than the receiver can accept them. This situation can occur when
the sender is running on a fast, powerful computer and the receiver is running on a
slow, low-end machine. A common situation is when a smart phone requests a
Web page from a far more powerful server, which then turns on the fire hose and

202 THE DATA LINK LAYER CHAP. 3
blasts the data at the poor helpless phone until it is completely swamped. Even if
the transmission is error free, the receiver may be unable to handle the frames as
fast as they arrive and will lose some.
Clearly, something has to be done to prevent this situation. Two approaches
are commonly used. In the first one, feedback-based flow control, the receiver
sends back information to the sender giving it permission to send more data, or at
least telling the sender how the receiver is doing. In the second one, rate-based
flow control, the protocol has a built-in mechanism that limits the rate at which
senders may transmit data, without using feedback from the receiver.
In this chapter we will study feedback-based flow control schemes, primarily
because rate-based schemes are only seen as part of the transport layer (Chap. 5).
Feedback-based schemes are seen at both the link layer and higher layers. The
latter is more common these days, in which case the link layer hardware is de-
signed to run fast enough that it does not cause loss. For example, hardware im-
plementations of the link layer as NICs (Network Interface Cards) are some-
times said to run at ‘‘wire speed,’’ meaning that they can handle frames as fast as
they can arrive on the link. Any overruns are then not a link problem, so they are
handled by higher layers.
Various feedback-based flow control schemes are known, but most of them
use the same basic principle. The protocol contains well-defined rules about
when a sender may transmit the next frame. These rules often prohibit frames
from being sent until the receiver has granted permission, either implicitly or ex-
plicitly. For example, when a connection is set up the receiver might say: ‘‘You
may send me n frames now, but after they have been sent, do not send any more
until I have told you to continue.’’ We will examine the details shortly.
3.2 ERROR DETECTION AND CORRECTION
We saw in Chap. 2 that communication channels have a range of charac-
teristics. Some channels, like optical fiber in telecommunications networks, have
tiny error rates so that transmission errors are a rare occurrence. But other chan-
nels, especially wireless links and aging local loops, have error rates that are ord-
ers of magnitude larger. For these links, transmission errors are the norm. They
cannot be avoided at a reasonable expense or cost in terms of performance. The
conclusion is that transmission errors are here to stay. We have to learn how to
deal with them.
Network designers have developed two basic strategies for dealing with er-
rors. Both add redundant information to the data that is sent. One strategy is to
include enough redundant information to enable the receiver to deduce what the
transmitted data must have been. The other is to include only enough redundancy
to allow the receiver to deduce that an error has occurred (but not which error)

SEC. 3.2 ERROR DETECTION AND CORRECTION 203
and have it request a retransmission. The former strategy uses error-correcting
codes and the latter uses error-detecting codes. The use of error-correcting
codes is often referred to as FEC (Forward Error Correction).
Each of these techniques occupies a different ecological niche. On channels
that are highly reliable, such as fiber, it is cheaper to use an error-detecting code
and just retransmit the occasional block found to be faulty. However, on channels
such as wireless links that make many errors, it is better to add redundancy to
each block so that the receiver is able to figure out what the originally transmitted
block was. FEC is used on noisy channels because retransmissions are just as
likely to be in error as the first transmission.
A key consideration for these codes is the type of errors that are likely to oc-
cur. Neither error-correcting codes nor error-detecting codes can handle all pos-
sible errors since the redundant bits that offer protection are as likely to be re-
ceived in error as the data bits (which can compromise their protection). It would
be nice if the channel treated redundant bits differently than data bits, but it does
not. They are all just bits to the channel. This means that to avoid undetected er-
rors the code must be strong enough to handle the expected errors.
One model is that errors are caused by extreme values of thermal noise that
overwhelm the signal briefly and occasionally, giving rise to isolated single-bit er-
rors. Another model is that errors tend to come in bursts rather than singly. This
model follows from the physical processes that generate them—such as a deep
fade on a wireless channel or transient electrical interference on a wired channel/
Both models matter in practice, and they have different trade-offs. Having the
errors come in bursts has both advantages and disadvantages over isolated single-
bit errors. On the advantage side, computer data are always sent in blocks of bits.
Suppose that the block size was 1000 bits and the error rate was 0.001 per bit. If
errors were independent, most blocks would contain an error. If the errors came
in bursts of 100, however, only one block in 100 would be affected, on average.
The disadvantage of burst errors is that when they do occur they are much harder
to correct than isolated errors.
Other types of errors also exist. Sometimes, the location of an error will be
known, perhaps because the physical layer received an analog signal that was far
from the expected value for a 0 or 1 and declared the bit to be lost. This situation
is called an erasure channel. It is easier to correct errors in erasure channels than
in channels that flip bits because even if the value of the bit has been lost, at least
we know which bit is in error. However, we often do not have the benefit of eras-
ures.
We will examine both error-correcting codes and error-detecting codes next.
Please keep two points in mind, though. First, we cover these codes in the link
layer because this is the first place that we have run up against the problem of reli-
ably transmitting groups of bits. However, the codes are widely used because
reliability is an overall concern. Error-correcting codes are also seen in the physi-
cal layer, particularly for noisy channels, and in higher layers, particularly for

204 THE DATA LINK LAYER CHAP. 3
real-time media and content distribution. Error-detecting codes are commonly
used in link, network, and transport layers.
The second point to bear in mind is that error codes are applied mathematics.
Unless you are particularly adept at Galois fields or the properties of sparse
matrices, you should get codes with good properties from a reliable source rather
than making up your own. In fact, this is what many protocol standards do, with
the same codes coming up again and again. In the material below, we will study a
simple code in detail and then briefly describe advanced codes. In this way, we
can understand the trade-offs from the simple code and talk about the codes that
are used in practice via the advanced codes.
3.2.1 Error-Correcting Codes
We will examine four different error-correcting codes:
1. Hamming codes.
2. Binary convolutional codes.
3. Reed-Solomon codes.
4. Low-Density Parity Check codes.
All of these codes add redundancy to the information that is sent. A frame con-
sists of m data (i.e., message) bits and r redundant (i.e. check) bits. In a block
code, the r check bits are computed solely as a function of the m data bits with
which they are associated, as though the m bits were looked up in a large table to
find their corresponding r check bits. In a systematic code, the m data bits are
sent directly, along with the check bits, rather than being encoded themselves be-
fore they are sent. In a linear code, the r check bits are computed as a linear
function of the m data bits. Exclusive OR (XOR) or modulo 2 addition is a popu-
lar choice. This means that encoding can be done with operations such as matrix
multiplications or simple logic circuits. The codes we will look at in this section
are linear, systematic block codes unless otherwise noted.
Let the total length of a block be n (i.e., n = m + r). We will describe this as
an (n,m) code. An n-bit unit containing data and check bits is referred to as an n-
bit codeword. The code rate, or simply rate, is the fraction of the codeword that
carries information that is not redundant, or m/n. The rates used in practice vary
widely. They might be 1/2 for a noisy channel, in which case half of the received
information is redundant, or close to 1 for a high-quality channel, with only a
small number of check bits added to a large message.
To understand how errors can be handled, it is necessary to first look closely
at what an error really is. Given any two codewords that may be transmitted or
received—say, 10001001 and 10110001—it is possible to determine how many

SEC. 3.2 ERROR DETECTION AND CORRECTION 205
corresponding bits differ. In this case, 3 bits differ. To determine how many bits
differ, just XOR the two codewords and count the number of 1 bits in the result.
For example:
10001001
10110001
00111000
The number of bit positions in which two codewords differ is called the Ham-
ming distance (Hamming, 1950). Its significance is that if two codewords are a
Hamming distance d apart, it will require d single-bit errors to convert one into
the other.
Given the algorithm for computing the check bits, it is possible to construct a
complete list of the legal codewords, and from this list to find the two codewords
with the smallest Hamming distance. This distance is the Hamming distance of
the complete code.
In most data transmission applications, all 2m possible data messages are
legal, but due to the way the check bits are computed, not all of the 2n possible
codewords are used. In fact, when there are r check bits, only the small fraction
of 2m /2n or 1 /2r of the possible messages will be legal codewords. It is the
sparseness with which the message is embedded in the space of codewords that al-
lows the receiver to detect and correct errors.
The error-detecting and error-correcting properties of a block code depend on
its Hamming distance. To reliably detect d errors, you need a distance d + 1 code
because with such a code there is no way that d single-bit errors can change a
valid codeword into another valid codeword. When the receiver sees an illegal
codeword, it can tell that a transmission error has occurred. Similarly, to correct d
errors, you need a distance 2d + 1 code because that way the legal codewords are
so far apart that even with d changes the original codeword is still closer than any
other codeword. This means the original codeword can be uniquely determined
based on the assumption that a larger number of errors are less likely.
As a simple example of an error-correcting code, consider a code with only
four valid codewords:
0000000000, 0000011111, 1111100000, and 1111111111
This code has a distance of 5, which means that it can correct double errors or
detect quadruple errors. If the codeword 0000000111 arrives and we expect only
single- or double-bit errors, the receiver will know that the original must have
been 0000011111. If, however, a triple error changes 0000000000 into
0000000111, the error will not be corrected properly. Alternatively, if we expect
all of these errors, we can detect them. None of the received codewords are legal
codewords so an error must have occurred. It should be apparent that in this ex-
ample we cannot both correct double errors and detect quadruple errors because
this would require us to interpret a received codeword in two different ways.

206 THE DATA LINK LAYER CHAP. 3
In our example, the task of decoding by finding the legal codeword that is
closest to the received codeword can be done by inspection. Unfortunately, in the
most general case where all codewords need to be evaluated as candidates, this
task can be a time-consuming search. Instead, practical codes are designed so that
they admit shortcuts to find what was likely the original codeword.
Imagine that we want to design a code with m message bits and r check bits
that will allow all single errors to be corrected. Each of the 2m legal messages has
n illegal codewords at a distance of 1 from it. These are formed by systematically
inverting each of the n bits in the n-bit codeword formed from it. Thus, each of
the 2m legal messages requires n + 1 bit patterns dedicated to it. Since the total
number of bit patterns is 2n , we must have (n + 1)2m ≤ 2n. Using n = m + r, this
requirement becomes
(m + r + 1) ≤ 2r (3-1)
Given m, this puts a lower limit on the number of check bits needed to correct sin-
gle errors.
This theoretical lower limit can, in fact, be achieved using a method due to
Hamming (1950). In Hamming codes the bits of the codeword are numbered
consecutively, starting with bit 1 at the left end, bit 2 to its immediate right, and so
on. The bits that are powers of 2 (1, 2, 4, 8, 16, etc.) are check bits. The rest (3,
5, 6, 7, 9, etc.) are filled up with the m data bits. This pattern is shown for an
(11,7) Hamming code with 7 data bits and 4 check bits in Fig. 3-6. Each check bit
forces the modulo 2 sum, or parity, of some collection of bits, including itself, to
be even (or odd). A bit may be included in several check bit computations. To
see which check bits the data bit in position k contributes to, rewrite k as a sum of
powers of 2. For example, 11 = 1 + 2 + 8 and 29 = 1 + 4 + 8 + 16. A bit is
checked by just those check bits occurring in its expansion (e.g., bit 11 is checked
by bits 1, 2, and 8). In the example, the check bits are computed for even parity
sums for a message that is the ASCII letter ‘‘A.’’
Sent
codeword
Received
codeword
0 0 1 0 0 0 0 1 0 0 1
p1 p2 m3 p4 m5 m6 m7 p8 m9 m10 m11
Check
bits
Channel
0 0 1 0 1 0 0 1 0 0 1
1 bit
error
Syndrome
0 1 0 1
Check
results
A
1000001
Flip
bit 5
A
1000001
Message Message
Figure 3-6. Example of an (11, 7) Hamming code correcting a single-bit error.
This construction gives a code with a Hamming distance of 3, which means
that it can correct single errors (or detect double errors). The reason for the very
careful numbering of message and check bits becomes apparent in the decoding

SEC. 3.2 ERROR DETECTION AND CORRECTION 207
process. When a codeword arrives, the receiver redoes the check bit computa-
tions including the values of the received check bits. We call these the check re-
sults. If the check bits are correct then, for even parity sums, each check result
should be zero. In this case the codeword is accepted as valid.
If the check results are not all zero, however, an error has been detected. The
set of check results forms the error syndrome that is used to pinpoint and correct
the error. In Fig. 3-6, a single-bit error occurred on the channel so the check re-
sults are 0, 1, 0, and 1 for k = 8, 4, 2, and 1, respectively. This gives a syndrome
of 0101 or 4 + 1=5. By the design of the scheme, this means that the fifth bit is in
error. Flipping the incorrect bit (which might be a check bit or a data bit) and dis-
carding the check bits gives the correct message of an ASCII ‘‘A.’’
Hamming distances are valuable for understanding block codes, and Ham-
ming codes are used in error-correcting memory. However, most networks use
stronger codes. The second code we will look at is a convolutional code. This
code is the only one we will cover that is not a block code. In a convolutional
code, an encoder processes a sequence of input bits and generates a sequence of
output bits. There is no natural message size or encoding boundary as in a block
code. The output depends on the current and previous input bits. That is, the
encoder has memory. The number of previous bits on which the output depends is
called the constraint length of the code. Convolutional codes are specified in
terms of their rate and constraint length.
Convolutional codes are widely used in deployed networks, for example, as
part of the GSM mobile phone system, in satellite communications, and in 802.11.
As an example, a popular convolutional code is shown in Fig. 3-7. This code is
known as the NASA convolutional code of r = 1/2 and k = 7, since it was first
used for the Voyager space missions starting in 1977. Since then it has been
liberally reused, for example, as part of 802.11.
Input
bit
Output
bit 1
S1 S2 S3 S4 S5 S6
Output
bit 2
Figure 3-7. The NASA binary convolutional code used in 802.11.
In Fig. 3-7, each input bit on the left-hand side produces two output bits on the
right-hand side that are XOR sums of the input and internal state. Since it deals
with bits and performs linear operations, this is a binary, linear convolutional
code. Since 1 input bit produces 2 output bits, the code rate is 1/2. It is not sys-
tematic since none of the output bits is simply the input bit.

208 THE DATA LINK LAYER CHAP. 3
The internal state is kept in six memory registers. Each time another bit is in-
put the values in the registers are shifted to the right. For example, if 111 is input
and the initial state is all zeros, the internal state, written left to right, will become
100000, 110000, and 111000 after the first, second, and third bits have been input.
The output bits will be 11, followed by 10, and then 01. It takes seven shifts to
flush an input completely so that it does not affect the output. The constraint
length of this code is thus k = 7.
A convolutional code is decoded by finding the sequence of input bits that is
most likely to have produced the observed sequence of output bits (which includes
any errors). For small values of k, this is done with a widely used algorithm de-
veloped by Viterbi (Forney, 1973). The algorithm walks the observed sequence,
keeping for each step and for each possible internal state the input sequence that
would have produced the observed sequence with the fewest errors. The input se-
quence requiring the fewest errors at the end is the most likely message.
Convolutional codes have been popular in practice because it is easy to factor
the uncertainty of a bit being a 0 or a 1 into the decoding. For example, suppose
−1V is the logical 0 level and +1V is the logical 1 level, we might receive 0.9V
and −0.1V for 2 bits. Instead of mapping these signals to 1 and 0 right away, we
would like to treat 0.9V as ‘‘very likely a 1’’ and −0.1V as ‘‘maybe a 0’’ and cor-
rect the sequence as a whole. Extensions of the Viterbi algorithm can work with
these uncertainties to provide stronger error correction. This approach of working
with the uncertainty of a bit is called soft-decision decoding. Conversely, decid-
ing whether each bit is a 0 or a 1 before subsequent error correction is called
hard-decision decoding.
The third kind of error-correcting code we will describe is the Reed-Solomon
code. Like Hamming codes, Reed-Solomon codes are linear block codes, and
they are often systematic too. Unlike Hamming codes, which operate on individ-
ual bits, Reed-Solomon codes operate on m bit symbols. Naturally, the mathemat-
ics are more involved, so we will describe their operation by analogy.
Reed-Solomon codes are based on the fact that every n degree polynomial is
uniquely determined by n + 1 points. For example, a line having the form ax + b
is determined by two points. Extra points on the same line are redundant, which is
helpful for error correction. Imagine that we have two data points that represent a
line and we send those two data points plus two check points chosen to lie on the
same line. If one of the points is received in error, we can still recover the data
points by fitting a line to the received points. Three of the points will lie on the
line, and one point, the one in error, will not. By finding the line we have cor-
rected the error.
Reed-Solomon codes are actually defined as polynomials that operate over
finite fields, but they work in a similar manner. For m bit symbols, the codewords
are 2m−1 symbols long. A popular choice is to make m = 8 so that symbols are
bytes. A codeword is then 255 bytes long. The (255, 233) code is widely used; it
adds 32 redundant symbols to 233 data symbols. Decoding with error correction

SEC. 3.2 ERROR DETECTION AND CORRECTION 209
is done with an algorithm developed by Berlekamp and Massey that can effi-
ciently perform the fitting task for moderate-length codes (Massey, 1969).
Reed-Solomon codes are widely used in practice because of their strong
error-correction properties, particularly for burst errors. They are used for DSL,
data over cable, satellite communications, and perhaps most ubiquitously on CDs,
DVDs, and Blu-ray discs. Because they are based on m bit symbols, a single-bit
error and an m-bit burst error are both treated simply as one symbol error. When
2t redundant symbols are added, a Reed-Solomon code is able to correct up to t
errors in any of the transmitted symbols. This means, for example, that the (255,
233) code, which has 32 redundant symbols, can correct up to 16 symbol errors.
Since the symbols may be consecutive and they are each 8 bits, an error burst of
up to 128 bits can be corrected. The situation is even better if the error model is
one of erasures (e.g., a scratch on a CD that obliterates some symbols). In this
case, up to 2t errors can be corrected.
Reed-Solomon codes are often used in combination with other codes such as a
convolutional code. The thinking is as follows. Convolutional codes are effective
at handling isolated bit errors, but they will fail, likely with a burst of errors, if
there are too many errors in the received bit stream. By adding a Reed-Solomon
code within the convolutional code, the Reed-Solomon decoding can mop up the
error bursts, a task at which it is very good. The overall code then provides good
protection against both single and burst errors.
The final error-correcting code we will cover is the LDPC (Low-Density
Parity Check) code. LDPC codes are linear block codes that were invented by
Robert Gallagher in his doctoral thesis (Gallagher, 1962). Like most theses, they
were promptly forgotten, only to be reinvented in 1995 when advances in comput-
ing power had made them practical.
In an LDPC code, each output bit is formed from only a fraction of the input
bits. This leads to a matrix representation of the code that has a low density of 1s,
hence the name for the code. The received codewords are decoded with an
approximation algorithm that iteratively improves on a best fit of the received
data to a legal codeword. This corrects errors.
LDPC codes are practical for large block sizes and have excellent error-cor-
rection abilities that outperform many other codes (including the ones we have
looked at) in practice. For this reason they are rapidly being included in new pro-
tocols. They are part of the standard for digital video broadcasting, 10 Gbps
Ethernet, power-line networks, and the latest version of 802.11. Expect to see
more of them in future networks.
3.2.2 Error-Detecting Codes
Error-correcting codes are widely used on wireless links, which are notori-
ously noisy and error prone when compared to optical fibers. Without error-cor-
recting codes, it would be hard to get anything through. However, over fiber or

210 THE DATA LINK LAYER CHAP. 3
high-quality copper, the error rate is much lower, so error detection and retrans-
mission is usually more efficient there for dealing with the occasional error.
We will examine three different error-detecting codes. They are all linear,
systematic block codes:
1. Parity.
2. Checksums.
3. Cyclic Redundancy Checks (CRCs).
To see how they can be more efficient than error-correcting codes, consider
the first error-detecting code, in which a single parity bit is appended to the data.
The parity bit is chosen so that the number of 1 bits in the codeword is even (or
odd). Doing this is equivalent to computing the (even) parity bit as the modulo 2
sum or XOR of the data bits. For example, when 1011010 is sent in even parity, a
bit is added to the end to make it 10110100. With odd parity 1011010 becomes
10110101. A code with a single parity bit has a distance of 2, since any single-bit
error produces a codeword with the wrong parity. This means that it can detect
single-bit errors.
Consider a channel on which errors are isolated and the error rate is 10−6 per
bit. This may seem a tiny error rate, but it is at best a fair rate for a long wired
cable that is challenging for error detection. Typical LAN links provide bit error
rates of 10−10. Let the block size be 1000 bits. To provide error correction for
1000-bit blocks, we know from Eq. (3-1) that 10 check bits are needed. Thus, a
megabit of data would require 10,000 check bits. To merely detect a block with a
single 1-bit error, one parity bit per block will suffice. Once every 1000 blocks, a
block will be found to be in error and an extra block (1001 bits) will have to be
transmitted to repair the error. The total overhead for the error detection and re-
transmission method is only 2001 bits per megabit of data, versus 10,000 bits for a
Hamming code.
One difficulty with this scheme is that a single parity bit can only reliably
detect a single-bit error in the block. If the block is badly garbled by a long burst
error, the probability that the error will be detected is only 0.5, which is hardly ac-
ceptable. The odds can be improved considerably if each block to be sent is
regarded as a rectangular matrix n bits wide and k bits high. Now, if we compute
and send one parity bit for each row, up to k bit errors will be reliably detected as
long as there is at most one error per row.
However, there is something else we can do that provides better protection
against burst errors: we can compute the parity bits over the data in a different
order than the order in which the data bits are transmitted. Doing so is called
interleaving. In this case, we will compute a parity bit for each of the n columns
and send all the data bits as k rows, sending the rows from top to bottom and the
bits in each row from left to right in the usual manner. At the last row, we send
the n parity bits. This transmission order is shown in Fig. 3-8 for n = 7 and k = 7.

SEC. 3.2 ERROR DETECTION AND CORRECTION 211
Burst
error
Channel
Transmit
order
Parity bits
1011110
N
c
l
w
o
r
k
Parity errors
1011110
N
e
t
w
o
r
k
1001110
1100101
1110100
1110111
1101111
1110010
1101011
1001110
1100011
1101100
1110111
1101111
1110010
1101011
Figure 3-8. Interleaving of parity bits to detect a burst error.
Interleaving is a general technique to convert a code that detects (or corrects)
isolated errors into a code that detects (or corrects) burst errors. In Fig. 3-8, when
a burst error of length n = 7 occurs, the bits that are in error are spread across dif-
ferent columns. (A burst error does not imply that all the bits are wrong; it just
implies that at least the first and last are wrong. In Fig. 3-8, 4 bits were flipped
over a range of 7 bits.) At most 1 bit in each of the n columns will be affected, so
the parity bits on those columns will detect the error. This method uses n parity
bits on blocks of kn data bits to detect a single burst error of length n or less.
A burst of length n + 1 will pass undetected, however, if the first bit is
inverted, the last bit is inverted, and all the other bits are correct. If the block is
badly garbled by a long burst or by multiple shorter bursts, the probability that any
of the n columns will have the correct parity by accident is 0.5, so the probability
of a bad block being accepted when it should not be is 2−n.
The second kind of error-detecting code, the checksum, is closely related to
groups of parity bits. The word ‘‘checksum’’ is often used to mean a group of
check bits associated with a message, regardless of how are calculated. A group
of parity bits is one example of a checksum. However, there are other, stronger
checksums based on a running sum of the data bits of the message. The checksum
is usually placed at the end of the message, as the complement of the sum func-
tion. This way, errors may be detected by summing the entire received codeword,
both data bits and checksum. If the result comes out to be zero, no error has been
detected.
One example of a checksum is the 16-bit Internet checksum used on all Inter-
net packets as part of the IP protocol (Braden et al., 1988). This checksum is a
sum of the message bits divided into 16-bit words. Because this method operates
on words rather than on bits, as in parity, errors that leave the parity unchanged
can still alter the sum and be detected. For example, if the lowest order bit in two
different words is flipped from a 0 to a 1, a parity check across these bits would
fail to detect an error. However, two 1s will be added to the 16-bit checksum to
produce a different result. The error can then be detected.

212 THE DATA LINK LAYER CHAP. 3
The Internet checksum is computed in one’s complement arithmetic instead of
as the modulo 216 sum. In one’s complement arithmetic, a negative number is the
bitwise complement of its positive counterpart. Modern computers run two’s
complement arithmetic, in which a negative number is the one’s complement plus
one. On a two’s complement computer, the one’s complement sum is equivalent
to taking the sum modulo 216 and adding any overflow of the high order bits back
into the low-order bits. This algorithm gives a more uniform coverage of the data
by the checksum bits. Otherwise, two high-order bits can be added, overflow, and
be lost without changing the sum. There is another benefit, too. One’s comple-
ment has two representations of zero, all 0s and all 1s. This allows one value (e.g.,
all 0s) to indicate that there is no checksum, without the need for another field.
For decades, it has always been assumed that frames to be checksummed con-
tain random bits. All analyses of checksum algorithms have been made under this
assumption. Inspection of real data by Partridge et al. (1995) has shown this as-
sumption to be quite wrong. As a consequence, undetected errors are in some
cases much more common than had been previously thought.
The Internet checksum in particular is efficient and simple but provides weak
protection in some cases precisely because it is a simple sum. It does not detect
the deletion or addition of zero data, nor swapping parts of the message, and it
provides weak protection against message splices in which parts of two packets
are put together. These errors may seem very unlikely to occur by random proc-
esses, but they are just the sort of errors that can occur with buggy hardware.
A better choice is Fletcher’s checksum (Fletcher, 1982). It includes a posi-
tional component, adding the product of the data and its position to the running
sum. This provides stronger detection of changes in the position of data.
Although the two preceding schemes may sometimes be adequate at higher
layers, in practice, a third and stronger kind of error-detecting code is in wide-
spread use at the link layer: the CRC (Cyclic Redundancy Check), also known
as a polynomial code. Polynomial codes are based upon treating bit strings as
representations of polynomials with coefficients of 0 and 1 only. A k-bit frame is
regarded as the coefficient list for a polynomial with k terms, ranging from x k − 1
to x 0 . Such a polynomial is said to be of degree k − 1. The high-order (leftmost)
bit is the coefficient of x k − 1, the next bit is the coefficient of x k − 2, and so on.
For example, 110001 has 6 bits and thus represents a six-term polynomial with
coefficients 1, 1, 0, 0, 0, and 1: 1x 5 + 1x 4 + 0x 3 + 0x 2 + 0x 1 + 1x 0 .
Polynomial arithmetic is done modulo 2, according to the rules of algebraic
field theory. It does not have carries for addition or borrows for subtraction. Both
addition and subtraction are identical to exclusive OR. For example:
10011011 00110011 11110000 01010101
+ 11001010 + 11001101 − 10100110 − 10101111
01010001 11111110 01010110 11111010
Long division is carried out in exactly the same way as it is in binary except that

SEC. 3.2 ERROR DETECTION AND CORRECTION 213
the subtraction is again done modulo 2. A divisor is said ‘‘to go into’’ a dividend
if the dividend has as many bits as the divisor.
When the polynomial code method is employed, the sender and receiver must
agree upon a generator polynomial, G(x), in advance. Both the high- and low-
order bits of the generator must be 1. To compute the CRC for some frame with
m bits corresponding to the polynomial M(x), the frame must be longer than the
generator polynomial. The idea is to append a CRC to the end of the frame in
such a way that the polynomial represented by the checksummed frame is divisi-
ble by G(x). When the receiver gets the checksummed frame, it tries dividing it
by G(x). If there is a remainder, there has been a transmission error.
The algorithm for computing the CRC is as follows:
1. Let r be the degree of G(x). Append r zero bits to the low-order end
of the frame so it now contains m + r bits and corresponds to the
polynomial x rM(x).
2. Divide the bit string corresponding to G(x) into the bit string corres-
ponding to x rM(x), using modulo 2 division.
3. Subtract the remainder (which is always r or fewer bits) from the bit
string corresponding to x rM(x) using modulo 2 subtraction. The re-
sult is the checksummed frame to be transmitted. Call its polynomial
T(x).
Figure 3-9 illustrates the calculation for a frame 1101011111 using the generator
G(x) = x 4 + x + 1.
It should be clear that T(x) is divisible (modulo 2) by G(x). In any division
problem, if you diminish the dividend by the remainder, what is left over is divisi-
ble by the divisor. For example, in base 10, if you divide 210,278 by 10,941, the
remainder is 2399. If you then subtract 2399 from 210,278, what is left over
(207,879) is divisible by 10,941.
Now let us analyze the power of this method. What kinds of errors will be de-
tected? Imagine that a transmission error occurs, so that instead of the bit string
for T(x) arriving, T(x) + E(x) arrives. Each 1 bit in E(x) corresponds to a bit that
has been inverted. If there are k 1 bits in E(x), k single-bit errors have occurred.
A single burst error is characterized by an initial 1, a mixture of 0s and 1s, and a
final 1, with all other bits being 0.
Upon receiving the checksummed frame, the receiver divides it by G(x); that
is, it computes [T(x) + E(x)] /G(x). T(x) /G(x) is 0, so the result of the computa-
tion is simply E(x)/G(x). Those errors that happen to correspond to polynomials
containing G(x) as a factor will slip by; all other errors will be caught.
If there has been a single-bit error, E(x) = x i , where i determines which bit is
in error. If G(x) contains two or more terms, it will never divide into E(x), so all
single-bit errors will be detected.

214 THE DATA LINK LAYER CHAP. 3
00011
01001
11001
1
01011
11001
1
01111
11001
1
00000
11110
111 0
11100
00000
1100 0
0000 0
0
100 00
000 00
101 10
101 10
01 0
0
0000 0
1000 0
1 0
1 1
11 0 0 1
Remainder
Quotient (thrown away)
Frame with four zeros appended
00000 111111111 Frame with four zeros appended
minus remainder
Transmitted frame:
11 1 0
1 0 0
0 1 1 111Frame:
1 1
1 1 0 0 0 0 1 1 1 0
Generator:
Figure 3-9. Example calculation of the CRC.
If there have been two isolated single-bit errors, E(x) = x i + x j , where i > j.
Alternatively, this can be written as E(x) = x j(x i − j + 1). If we assume that G(x)
is not divisible by x, a sufficient condition for all double errors to be detected is
that G(x) does not divide x k + 1 for any k up to the maximum value of i − j (i.e.,
up to the maximum frame length). Simple, low-degree polynomials that give pro-
tection to long frames are known. For example, x 15 + x 14 + 1 will not divide
x k + 1 for any value of k below 32,768.
If there are an odd number of bits in error, E(X) contains an odd number of
terms (e.g., x 5 + x 2 + 1, but not x 2 + 1). Interestingly, no polynomial with an odd
number of terms has x + 1 as a factor in the modulo 2 system. By making x + 1 a
factor of G(x), we can catch all errors with an odd number of inverted bits.
Finally, and importantly, a polynomial code with r check bits will detect all
burst errors of length ≤ r. A burst error of length k can be represented by
x i(x k − 1 + . . . + 1), where i determines how far from the right-hand end of the re-
ceived frame the burst is located. If G(x) contains an x 0 term, it will not have x i
as a factor, so if the degree of the parenthesized expression is less than the degree
of G(x), the remainder can never be zero.

SEC. 3.2 ERROR DETECTION AND CORRECTION 215
If the burst length is r + 1, the remainder of the division by G(x) will be zero
if and only if the burst is identical to G(x). By definition of a burst, the first and
last bits must be 1, so whether it matches depends on the r − 1 intermediate bits.
If all combinations are regarded as equally likely, the probability of such an incor-
rect frame being accepted as valid is ½r − 1 .
It can also be shown that when an error burst longer than r + 1 bits occurs or
when several shorter bursts occur, the probability of a bad frame getting through
unnoticed is ½r , assuming that all bit patterns are equally likely.
Certain polynomials have become international standards. The one used in
IEEE 802 followed the example of Ethernet and is
x 32 + x 26 + x 23 + x 22 + x 16 + x 12 + x 11 + x 10 + x 8 + x 7 + x 5 + x 4 + x 2 + x 1 + 1
Among other desirable properties, it has the property that it detects all bursts of
length 32 or less and all bursts affecting an odd number of bits. It has been used
widely since the 1980s. However, this does not mean it is the best choice. Using
an exhaustive computational search, Castagnoli et al. (1993) and Koopman (2002)
found the best CRCs. These CRCs have a Hamming distance of 6 for typical
message sizes, while the IEEE standard CRC-32 has a Hamming distance of only
4.
Although the calculation required to compute the CRC may seem complicat-
ed, it is easy to compute and verify CRCs in hardware with simple shift register
circuits (Peterson and Brown, 1961). In practice, this hardware is nearly always
used. Dozens of networking standards include various CRCs, including virtually
all LANs (e.g., Ethernet, 802.11) and point-to-point links (e.g., packets over
SONET).
3.3 ELEMENTARY DATA LINK PROTOCOLS
To introduce the subject of protocols, we will begin by looking at three proto-
cols of increasing complexity. For interested readers, a simulator for these and
subsequent protocols is available via the Web (see the preface). Before we look
at the protocols, it is useful to make explicit some of the assumptions underlying
the model of communication.
To start with, we assume that the physical layer, data link layer, and network
layer are independent processes that communicate by passing messages back and
forth. A common implementation is shown in Fig. 3-10. The physical layer proc-
ess and some of the data link layer process run on dedicate hardware called a NIC
(Network Interface Card). The rest of the link layer process and the network
layer process run on the main CPU as part of the operating system, with the soft-
ware for the link layer process often taking the form of a device driver. Howev-
er, other implementations are also possible (e.g., three processes offloaded to ded-
icated hardware called a network accelerator, or three processes running on the

216 THE DATA LINK LAYER CHAP. 3
main CPU on a software-defined ratio). Actually, the preferred implementation
changes from decade to decade with technology trade-offs. In any event, treating
the three layers as separate processes makes the discussion conceptually cleaner
and also serves to emphasize the independence of the layers.
Network
Cable (medium)
PHY
Link
Link
Application
Network Interface
Card (NIC)
Driver
Operating system
Computer
Figure 3-10. Implementation of the physical, data link, and network layers.
Another key assumption is that machine A wants to send a long stream of data
to machine B, using a reliable, connection-oriented service. Later, we will consid-
er the case where B also wants to send data to A simultaneously. A is assumed to
have an infinite supply of data ready to send and never has to wait for data to be
produced. Instead, when A’s data link layer asks for data, the network layer is al-
ways able to comply immediately. (This restriction, too, will be dropped later.)
We also assume that machines do not crash. That is, these protocols deal with
communication errors, but not the problems caused by computers crashing and
rebooting.
As far as the data link layer is concerned, the packet passed across the inter-
face to it from the network layer is pure data, whose every bit is to be delivered to
the destination’s network layer. The fact that the destination’s network layer may
interpret part of the packet as a header is of no concern to the data link layer.
When the data link layer accepts a packet, it encapsulates the packet in a
frame by adding a data link header and trailer to it (see Fig. 3-1). Thus, a frame
consists of an embedded packet, some control information (in the header), and a
checksum (in the trailer). The frame is then transmitted to the data link layer on
the other machine. We will assume that there exist suitable library procedures
to physical layer to send a frame and from physical layer to receive a frame.
These procedures compute and append or check the checksum (which is usually
done in hardware) so that we do not need to worry about it as part of the protocols
we develop in this section. They might use the CRC algorithm discussed in the
previous section, for example.
Initially, the receiver has nothing to do. It just sits around waiting for some-
thing to happen. In the example protocols throughout this chapter we will indicate
that the data link layer is waiting for something to happen by the procedure call

SEC. 3.3 ELEMENTARY DATA LINK PROTOCOLS 217
#define MAX PKT 1024 /* determines packet size in bytes */
typedef enum {false, true} boolean; /* boolean type */
typedef unsigned int seq nr; /* sequence or ack numbers */
typedef struct {unsigned char data[MAX PKT];} packet; /* packet definition */
typedef enum {data, ack, nak} frame kind; /* frame kind definition */
typedef struct { /* frames are transported in this layer */
frame kind kind; /* what kind of frame is it? */
seq nr seq; /* sequence number */
seq nr ack; /* acknowledgement number */
packet info; /* the network layer packet */
} frame;
/* Wait for an event to happen; return its type in event. */
void wait for event(event type *event);
/* Fetch a packet from the network layer for transmission on the channel. */
void from network layer(packet *p);
/* Deliver information from an inbound frame to the network layer. */
void to network layer(packet *p);
/* Go get an inbound frame from the physical layer and copy it to r. */
void from physical layer(frame *r);
/* Pass the frame to the physical layer for transmission. */
void to physical layer(frame *s);
/* Start the clock running and enable the timeout event. */
void start timer(seq nr k);
/* Stop the clock and disable the timeout event. */
void stop timer(seq nr k);
/* Start an auxiliary timer and enable the ack timeout event. */
void start ack timer(void);
/* Stop the auxiliary timer and disable the ack timeout event. */
void stop ack timer(void);
/* Allow the network layer to cause a network layer ready event. */
void enable network layer(void);
/* Forbid the network layer from causing a network layer ready event. */
void disable network layer(void);
/* Macro inc is expanded in-line: increment k circularly. */
#define inc(k) if (k < MAX SEQ) k = k + 1; else k = 0 Figure 3-11. Some definitions needed in the protocols to follow. These defini- tions are located in the file protocol.h. 218 THE DATA LINK LAYER CHAP. 3 wait for event(&event). This procedure only returns when something has hap- pened (e.g., a frame has arrived). Upon return, the variable event tells what hap- pened. The set of possible events differs for the various protocols to be described and will be defined separately for each protocol. Note that in a more realistic situation, the data link layer will not sit in a tight loop waiting for an event, as we have suggested, but will receive an interrupt, which will cause it to stop whatever it was doing and go handle the incoming frame. Nevertheless, for simplicity we will ignore all the details of parallel activity within the data link layer and assume that it is dedicated full time to handling just our one channel. When a frame arrives at the receiver, the checksum is recomputed. If the checksum in the frame is incorrect (i.e., there was a transmission error), the data link layer is so informed (event = cksum err). If the inbound frame arrived undamaged, the data link layer is also informed (event = frame arrival ) so that it can acquire the frame for inspection using from physical layer. As soon as the receiving data link layer has acquired an undamaged frame, it checks the control information in the header, and, if everything is all right, passes the packet portion to the network layer. Under no circumstances is a frame header ever given to a network layer. There is a good reason why the network layer must never be given any part of the frame header: to keep the network and data link protocols completely sepa- rate. As long as the network layer knows nothing at all about the data link proto- col or the frame format, these things can be changed without requiring changes to the network layer’s software. This happens whenever a new NIC is installed in a computer. Providing a rigid interface between the network and data link layers greatly simplifies the design task because communication protocols in different layers can evolve independently. Figure 3-11 shows some declarations (in C) common to many of the protocols to be discussed later. Five data structures are defined there: boolean, seq nr, packet, frame kind, and frame. A boolean is an enumerated type and can take on the values true and false. A seq nr is a small integer used to number the frames so that we can tell them apart. These sequence numbers run from 0 up to and in- cluding MAX SEQ, which is defined in each protocol needing it. A packet is the unit of information exchanged between the network layer and the data link layer on the same machine, or between network layer peers. In our model it always contains MAX PKT bytes, but more realistically it would be of variable length. A frame is composed of four fields: kind, seq, ack, and info, the first three of which contain control information and the last of which may contain actual data to be transferred. These control fields are collectively called the frame header. The kind field tells whether there are any data in the frame, because some of the protocols distinguish frames containing only control information from those containing data as well. The seq and ack fields are used for sequence numbers and acknowledgements, respectively; their use will be described in more detail later. The info field of a data frame contains a single packet; the info field of a SEC. 3.3 ELEMENTARY DATA LINK PROTOCOLS 219 control frame is not used. A more realistic implementation would use a variable- length info field, omitting it altogether for control frames. Again, it is important to understand the relationship between a packet and a frame. The network layer builds a packet by taking a message from the transport layer and adding the network layer header to it. This packet is passed to the data link layer for inclusion in the info field of an outgoing frame. When the frame ar- rives at the destination, the data link layer extracts the packet from the frame and passes the packet to the network layer. In this manner, the network layer can act as though machines can exchange packets directly. A number of procedures are also listed in Fig. 3-11. These are library rou- tines whose details are implementation dependent and whose inner workings will not concern us further in the following discussions. The procedure wait for event sits in a tight loop waiting for something to happen, as mentioned earlier. The procedures to network layer and from network layer are used by the data link layer to pass packets to the network layer and accept packets from the network layer, respectively. Note that from physical layer and to physical layer pass frames between the data link layer and the physical layer. In other words, to net- work layer and from network layer deal with the interface between layers 2 and 3, whereas from physical layer and to physical layer deal with the interface be- tween layers 1 and 2. In most of the protocols, we assume that the channel is unreliable and loses entire frames upon occasion. To be able to recover from such calamities, the sending data link layer must start an internal timer or clock whenever it sends a frame. If no reply has been received within a certain predetermined time interval, the clock times out and the data link layer receives an interrupt signal. In our protocols this is handled by allowing the procedure wait for event to return event = timeout. The procedures start timer and stop timer turn the timer on and off, respectively. Timeout events are possible only when the timer is run- ning and before stop timer is called. It is explicitly permitted to call start timer while the timer is running; such a call simply resets the clock to cause the next timeout after a full timer interval has elapsed (unless it is reset or turned off). The procedures start ack timer and stop ack timer control an auxiliary timer used to generate acknowledgements under certain conditions. The procedures enable network layer and disable network layer are used in the more sophisticated protocols, where we no longer assume that the network layer always has packets to send. When the data link layer enables the network layer, the network layer is then permitted to interrupt when it has a packet to be sent. We indicate this with event = network layer ready. When the network layer is disabled, it may not cause such events. By being careful about when it enables and disables its network layer, the data link layer can prevent the network layer from swamping it with packets for which it has no buffer space. Frame sequence numbers are always in the range 0 to MAX SEQ (inclusive), where MAX SEQ is different for the different protocols. It is frequently necessary 220 THE DATA LINK LAYER CHAP. 3 to advance a sequence number by 1 circularly (i.e., MAX SEQ is followed by 0). The macro inc performs this incrementing. It has been defined as a macro be- cause it is used in-line within the critical path. As we will see later, the factor limiting network performance is often protocol processing, so defining simple op- erations like this as macros does not affect the readability of the code but does im- prove performance. The declarations of Fig. 3-11 are part of each of the protocols we will discuss shortly. To save space and to provide a convenient reference, they have been extracted and listed together, but conceptually they should be merged with the protocols themselves. In C, this merging is done by putting the definitions in a special header file, in this case protocol.h, and using the #include facility of the C preprocessor to include them in the protocol files. 3.3.1 A Utopian Simplex Protocol As an initial example we will consider a protocol that is as simple as it can be because it does not worry about the possibility of anything going wrong. Data are transmitted in one direction only. Both the transmitting and receiving network layers are always ready. Processing time can be ignored. Infinite buffer space is available. And best of all, the communication channel between the data link lay- ers never damages or loses frames. This thoroughly unrealistic protocol, which we will nickname ‘‘Utopia,’’ is simply to show the basic structure on which we will build. It’s implementation is shown in Fig. 3-12. The protocol consists of two distinct procedures, a sender and a receiver. The sender runs in the data link layer of the source machine, and the receiver runs in the data link layer of the destination machine. No sequence numbers or acknowl- edgements are used here, so MAX SEQ is not needed. The only event type pos- sible is frame arrival (i.e., the arrival of an undamaged frame). The sender is in an infinite while loop just pumping data out onto the line as fast as it can. The body of the loop consists of three actions: go fetch a packet from the (always obliging) network layer, construct an outbound frame using the variable s, and send the frame on its way. Only the info field of the frame is used by this protocol, because the other fields have to do with error and flow control and there are no errors or flow control restrictions here. The receiver is equally simple. Initially, it waits for something to happen, the only possibility being the arrival of an undamaged frame. Eventually, the frame arrives and the procedure wait for event returns, with event set to frame arrival (which is ignored anyway). The call to from physical layer removes the newly arrived frame from the hardware buffer and puts it in the variable r, where the re- ceiver code can get at it. Finally, the data portion is passed on to the network layer, and the data link layer settles back to wait for the next frame, effectively suspending itself until the frame arrives. SEC. 3.3 ELEMENTARY DATA LINK PROTOCOLS 221 /* Protocol 1 (Utopia) provides for data transmission in one direction only, from sender to receiver. The communication channel is assumed to be error free and the receiver is assumed to be able to process all the input infinitely quickly. Consequently, the sender just sits in a loop pumping data out onto the line as fast as it can. */ typedef enum {frame arrival} event type; #include "protocol.h" void sender1(void) { frame s; /* buffer for an outbound frame */ packet buffer; /* buffer for an outbound packet */ while (true) { from network layer(&buffer); /* go get something to send */ s.info = buffer; /* copy it into s for transmission */ to physical layer(&s); /* send it on its way */ } /* Tomorrow, and tomorrow, and tomorrow, Creeps in this petty pace from day to day To the last syllable of recorded time. – Macbeth, V, v */ } void receiver1(void) { frame r; event type event; /* filled in by wait, but not used here */ while (true) { wait for event(&event); /* only possibility is frame arrival */ from physical layer(&r); /* go get the inbound frame */ to network layer(&r.info); /* pass the data to the network layer */ } } Figure 3-12. A utopian simplex protocol. The utopia protocol is unrealistic because it does not handle either flow con- trol or error correction. Its processing is close to that of an unacknowledged con- nectionless service that relies on higher layers to solve these problems, though even an unacknowledged connectionless service would do some error detection. 3.3.2 A Simplex Stop-and-Wait Protocol for an Error-Free Channel Now we will tackle the problem of preventing the sender from flooding the receiver with frames faster than the latter is able to process them. This situation can easily happen in practice so being able to prevent it is of great importance. 222 THE DATA LINK LAYER CHAP. 3 The communication channel is still assumed to be error free, however, and the data traffic is still simplex. One solution is to build the receiver to be powerful enough to process a con- tinuous stream of back-to-back frames (or, equivalently, define the link layer to be slow enough that the receiver can keep up). It must have sufficient buffering and processing abilities to run at the line rate and must be able to pass the frames that are received to the network layer quickly enough. However, this is a worst-case solution. It requires dedicated hardware and can be wasteful of resources if the utilization of the link is mostly low. Moreover, it just shifts the problem of deal- ing with a sender that is too fast elsewhere; in this case to the network layer. A more general solution to this problem is to have the receiver provide feed- back to the sender. After having passed a packet to its network layer, the receiver sends a little dummy frame back to the sender which, in effect, gives the sender permission to transmit the next frame. After having sent a frame, the sender is re- quired by the protocol to bide its time until the little dummy (i.e., acknowledge- ment) frame arrives. This delay is a simple example of a flow control protocol. Protocols in which the sender sends one frame and then waits for an acknowl- edgement before proceeding are called stop-and-wait. Figure 3-13 gives an ex- ample of a simplex stop-and-wait protocol. Although data traffic in this example is simplex, going only from the sender to the receiver, frames do travel in both directions. Consequently, the communica- tion channel between the two data link layers needs to be capable of bidirectional information transfer. However, this protocol entails a strict alternation of flow: first the sender sends a frame, then the receiver sends a frame, then the sender sends another frame, then the receiver sends another one, and so on. A half- duplex physical channel would suffice here. As in protocol 1, the sender starts out by fetching a packet from the network layer, using it to construct a frame, and sending it on its way. But now, unlike in protocol 1, the sender must wait until an acknowledgement frame arrives before looping back and fetching the next packet from the network layer. The sending data link layer need not even inspect the incoming frame as there is only one pos- sibility. The incoming frame is always an acknowledgement. The only difference between receiver1 and receiver2 is that after delivering a packet to the network layer, receiver2 sends an acknowledgement frame back to the sender before entering the wait loop again. Because only the arrival of the frame back at the sender is important, not its contents, the receiver need not put any particular information in it. 3.3.3 A Simplex Stop-and-Wait Protocol for a Noisy Channel Now let us consider the normal situation of a communication channel that makes errors. Frames may be either damaged or lost completely. However, we assume that if a frame is damaged in transit, the receiver hardware will detect this SEC. 3.3 ELEMENTARY DATA LINK PROTOCOLS 223 /* Protocol 2 (Stop-and-wait) also provides for a one-directional flow of data from sender to receiver. The communication channel is once again assumed to be error free, as in protocol 1. However, this time the receiver has only a finite buffer capacity and a finite processing speed, so the protocol must explicitly prevent the sender from flooding the receiver with data faster than it can be handled. */ typedef enum {frame arrival} event type; #include "protocol.h" void sender2(void) { frame s; /* buffer for an outbound frame */ packet buffer; /* buffer for an outbound packet */ event type event; /* frame arrival is the only possibility */ while (true) { from network layer(&buffer); /* go get something to send */ s.info = buffer; /* copy it into s for transmission */ to physical layer(&s); /* bye-bye little frame */ wait for event(&event); /* do not proceed until given the go ahead */ } } void receiver2(void) { frame r, s; /* buffers for frames */ event type event; /* frame arrival is the only possibility */ while (true) { wait for event(&event); /* only possibility is frame arrival */ from physical layer(&r); /* go get the inbound frame */ to network layer(&r.info); /* pass the data to the network layer */ to physical layer(&s); /* send a dummy frame to awaken sender */ } } Figure 3-13. A simplex stop-and-wait protocol. when it computes the checksum. If the frame is damaged in such a way that the checksum is nevertheless correct—an unlikely occurrence—this protocol (and all other protocols) can fail (i.e., deliver an incorrect packet to the network layer). At first glance it might seem that a variation of protocol 2 would work: adding a timer. The sender could send a frame, but the receiver would only send an ac- knowledgement frame if the data were correctly received. If a damaged frame ar- rived at the receiver, it would be discarded. After a while the sender would time out and send the frame again. This process would be repeated until the frame finally arrived intact. This scheme has a fatal flaw in it though. Think about the problem and try to discover what might go wrong before reading further. 224 THE DATA LINK LAYER CHAP. 3 To see what might go wrong, remember that the goal of the data link layer is to provide error-free, transparent communication between network layer proc- esses. The network layer on machine A gives a series of packets to its data link layer, which must ensure that an identical series of packets is delivered to the net- work layer on machine B by its data link layer. In particular, the network layer on B has no way of knowing that a packet has been lost or duplicated, so the data link layer must guarantee that no combination of transmission errors, however unlike- ly, can cause a duplicate packet to be delivered to a network layer. Consider the following scenario: 1. The network layer on A gives packet 1 to its data link layer. The packet is correctly received at B and passed to the network layer on B. B sends an acknowledgement frame back to A. 2. The acknowledgement frame gets lost completely. It just never ar- rives at all. Life would be a great deal simpler if the channel man- gled and lost only data frames and not control frames, but sad to say, the channel is not very discriminating. 3. The data link layer on A eventually times out. Not having received an acknowledgement, it (incorrectly) assumes that its data frame was lost or damaged and sends the frame containing packet 1 again. 4. The duplicate frame also arrives intact at the data link layer on B and is unwittingly passed to the network layer there. If A is sending a file to B, part of the file will be duplicated (i.e., the copy of the file made by B will be incorrect and the error will not have been detected). In other words, the protocol will fail. Clearly, what is needed is some way for the receiver to be able to distinguish a frame that it is seeing for the first time from a retransmission. The obvious way to achieve this is to have the sender put a sequence number in the header of each frame it sends. Then the receiver can check the sequence number of each arriving frame to see if it is a new frame or a duplicate to be discarded. Since the protocol must be correct and the sequence number field in the head- er is likely to be small to use the link efficiently, the question arises: what is the minimum number of bits needed for the sequence number? The header might pro- vide 1 bit, a few bits, 1 byte, or multiple bytes for a sequence number depending on the protocol. The important point is that it must carry sequence numbers that are large enough for the protocol to work correctly, or it is not much of a protocol. The only ambiguity in this protocol is between a frame, m, and its direct suc- cessor, m + 1. If frame m is lost or damaged, the receiver will not acknowledge it, so the sender will keep trying to send it. Once it has been correctly received, the receiver will send an acknowledgement to the sender. It is here that the potential SEC. 3.3 ELEMENTARY DATA LINK PROTOCOLS 225 trouble crops up. Depending upon whether the acknowledgement frame gets back to the sender correctly or not, the sender may try to send m or m + 1. At the sender, the event that triggers the transmission of frame m + 1 is the ar- rival of an acknowledgement for frame m. But this situation implies that m − 1 has been correctly received, and furthermore that its acknowledgement has also been correctly received by the sender. Otherwise, the sender would not have begun with m, let alone have been considering m + 1. As a consequence, the only ambiguity is between a frame and its immediate predecessor or successor, not be- tween the predecessor and successor themselves. A 1-bit sequence number (0 or 1) is therefore sufficient. At each instant of time, the receiver expects a particular sequence number next. When a frame con- taining the correct sequence number arrives, it is accepted and passed to the net- work layer, then acknowledged. Then the expected sequence number is incre- mented modulo 2 (i.e., 0 becomes 1 and 1 becomes 0). Any arriving frame con- taining the wrong sequence number is rejected as a duplicate. However, the last valid acknowledgement is repeated so that the sender can eventually discover that the frame has been received. An example of this kind of protocol is shown in Fig. 3-14. Protocols in which the sender waits for a positive acknowledgement before advancing to the next data item are often called ARQ (Automatic Repeat reQuest) or PAR (Positive Acknowledgement with Retransmission). Like protocol 2, this one also trans- mits data only in one direction. Protocol 3 differs from its predecessors in that both sender and receiver have a variable whose value is remembered while the data link layer is in the wait state. The sender remembers the sequence number of the next frame to send in next frame to send; the receiver remembers the sequence number of the next frame expected in frame expected. Each protocol has a short initialization phase before entering the infinite loop. After transmitting a frame, the sender starts the timer running. If it was al- ready running, it will be reset to allow another full timer interval. The interval should be chosen to allow enough time for the frame to get to the receiver, for the receiver to process it in the worst case, and for the acknowledgement frame to propagate back to the sender. Only when that interval has elapsed is it safe to as- sume that either the transmitted frame or its acknowledgement has been lost, and to send a duplicate. If the timeout interval is set too short, the sender will transmit unnecessary frames. While these extra frames will not affect the correctness of the protocol, they will hurt performance. After transmitting a frame and starting the timer, the sender waits for some- thing exciting to happen. Only three possibilities exist: an acknowledgement frame arrives undamaged, a damaged acknowledgement frame staggers in, or the timer expires. If a valid acknowledgement comes in, the sender fetches the next packet from its network layer and puts it in the buffer, overwriting the previous packet. It also advances the sequence number. If a damaged frame arrives or the 226 THE DATA LINK LAYER CHAP. 3 timer expires, neither the buffer nor the sequence number is changed so that a duplicate can be sent. In all cases, the contents of the buffer (either the next pack- et or a duplicate) are then sent. When a valid frame arrives at the receiver, its sequence number is checked to see if it is a duplicate. If not, it is accepted, passed to the network layer, and an acknowledgement is generated. Duplicates and damaged frames are not passed to the network layer, but they do cause the last correctly received frame to be acknowledged to signal the sender to advance to the next frame or retransmit a damaged frame. 3.4 SLIDING WINDOW PROTOCOLS In the previous protocols, data frames were transmitted in one direction only. In most practical situations, there is a need to transmit data in both directions. One way of achieving full-duplex data transmission is to run two instances of one of the previous protocols, each using a separate link for simplex data traffic (in different directions). Each link is then comprised of a ‘‘forward’’ channel (for data) and a ‘‘reverse’’ channel (for acknowledgements). In both cases the capaci- ty of the reverse channel is almost entirely wasted. A better idea is to use the same link for data in both directions. After all, in protocols 2 and 3 it was already being used to transmit frames both ways, and the reverse channel normally has the same capacity as the forward channel. In this model the data frames from A to B are intermixed with the acknowledgement frames from A to B. By looking at the kind field in the header of an incoming frame, the receiver can tell whether the frame is data or an acknowledgement. Although interleaving data and control frames on the same link is a big im- provement over having two separate physical links, yet another improvement is possible. When a data frame arrives, instead of immediately sending a separate control frame, the receiver restrains itself and waits until the network layer passes it the next packet. The acknowledgement is attached to the outgoing data frame (using the ack field in the frame header). In effect, the acknowledgement gets a free ride on the next outgoing data frame. The technique of temporarily delaying outgoing acknowledgements so that they can be hooked onto the next outgoing data frame is known as piggybacking. The principal advantage of using piggybacking over having distinct acknowl- edgement frames is a better use of the available channel bandwidth. The ack field in the frame header costs only a few bits, whereas a separate frame would need a header, the acknowledgement, and a checksum. In addition, fewer frames sent generally means a lighter processing load at the receiver. In the next protocol to be examined, the piggyback field costs only 1 bit in the frame header. It rarely costs more than a few bits. However, piggybacking introduces a complication not present with separate acknowledgements. How long should the data link layer wait for a packet onto SEC. 3.4 SLIDING WINDOW PROTOCOLS 227 /* Protocol 3 (PAR) allows unidirectional data flow over an unreliable channel. */ #define MAX SEQ 1 /* must be 1 for protocol 3 */ typedef enum {frame arrival, cksum err, timeout} event type; #include "protocol.h" void sender3(void) { seq nr next frame to send; /* seq number of next outgoing frame */ frame s; /* scratch variable */ packet buffer; /* buffer for an outbound packet */ event type event; next frame to send = 0; /* initialize outbound sequence numbers */ from network layer(&buffer); /* fetch first packet */ while (true) { s.info = buffer; /* construct a frame for transmission */ s.seq = next frame to send; /* insert sequence number in frame */ to physical layer(&s); /* send it on its way */ start timer(s.seq); /* if answer takes too long, time out */ wait for event(&event); /* frame arrival, cksum err, timeout */ if (event == frame arrival) { from physical layer(&s); /* get the acknowledgement */ if (s.ack == next frame to send) { stop timer(s.ack); /* turn the timer off */ from network layer(&buffer); /* get the next one to send */ inc(next frame to send); /* invert next frame to send */ } } } } void receiver3(void) { seq nr frame expected; frame r, s; event type event; frame expected = 0; while (true) { wait for event(&event); /* possibilities: frame arrival, cksum err */ if (event == frame arrival) { /* a valid frame has arrived */ from physical layer(&r); /* go get the newly arrived frame */ if (r.seq == frame expected) { /* this is what we have been waiting for */ to network layer(&r.info); /* pass the data to the network layer */ inc(frame expected); /* next time expect the other sequence nr */ } s.ack = 1 − frame expected; /* tell which frame is being acked */ to physical layer(&s); /* send acknowledgement */ } } } Figure 3-14. A positive acknowledgement with retransmission protocol. 228 THE DATA LINK LAYER CHAP. 3 which to piggyback the acknowledgement? If the data link layer waits longer than the sender’s timeout period, the frame will be retransmitted, defeating the whole purpose of having acknowledgements. If the data link layer were an oracle and could foretell the future, it would know when the next network layer packet was going to come in and could decide either to wait for it or send a separate ac- knowledgement immediately, depending on how long the projected wait was going to be. Of course, the data link layer cannot foretell the future, so it must resort to some ad hoc scheme, such as waiting a fixed number of milliseconds. If a new packet arrives quickly, the acknowledgement is piggybacked onto it. Otherwise, if no new packet has arrived by the end of this time period, the data link layer just sends a separate acknowledgement frame. The next three protocols are bidirectional protocols that belong to a class cal- led sliding window protocols. The three differ among themselves in terms of ef- ficiency, complexity, and buffer requirements, as discussed later. In these, as in all sliding window protocols, each outbound frame contains a sequence number, ranging from 0 up to some maximum. The maximum is usually 2n − 1 so the se- quence number fits exactly in an n-bit field. The stop-and-wait sliding window protocol uses n = 1, restricting the sequence numbers to 0 and 1, but more sophis- ticated versions can use an arbitrary n. The essence of all sliding window protocols is that at any instant of time, the sender maintains a set of sequence numbers corresponding to frames it is permit- ted to send. These frames are said to fall within the sending window. Similarly, the receiver also maintains a receiving window corresponding to the set of frames it is permitted to accept. The sender’s window and the receiver’s window need not have the same lower and upper limits or even have the same size. In some protocols they are fixed in size, but in others they can grow or shrink over the course of time as frames are sent and received. Although these protocols give the data link layer more freedom about the order in which it may send and receive frames, we have definitely not dropped the requirement that the protocol must deliver packets to the destination network layer in the same order they were passed to the data link layer on the sending machine. Nor have we changed the requirement that the physical communication channel is ‘‘wire-like,’’ that is, it must deliver all frames in the order sent. The sequence numbers within the sender’s window represent frames that have been sent or can be sent but are as yet not acknowledged. Whenever a new packet arrives from the network layer, it is given the next highest sequence number, and the upper edge of the window is advanced by one. When an acknowledgement comes in, the lower edge is advanced by one. In this way the window continu- ously maintains a list of unacknowledged frames. Figure 3-15 shows an example. Since frames currently within the sender’s window may ultimately be lost or damaged in transit, the sender must keep all of these frames in its memory for possible retransmission. Thus, if the maximum window size is n, the sender needs n buffers to hold the unacknowledged frames. If the window ever grows to its SEC. 3.4 SLIDING WINDOW PROTOCOLS 229 Sender Receiver 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 7 6 1 5 2 0 4 3 (a) (b) (c) (d) Figure 3-15. A sliding window of size 1, with a 3-bit sequence number. (a) Ini- tially. (b) After the first frame has been sent. (c) After the first frame has been received. (d) After the first acknowledgement has been received. maximum size, the sending data link layer must forcibly shut off the network layer until another buffer becomes free. The receiving data link layer’s window corresponds to the frames it may ac- cept. Any frame falling within the window is put in the receiver’s buffer. When a frame whose sequence number is equal to the lower edge of the window is re- ceived, it is passed to the network layer and the window is rotated by one. Any frame falling outside the window is discarded. In all of these cases, a subsequent acknowledgement is generated so that the sender may work out how to proceed. Note that a window size of 1 means that the data link layer only accepts frames in order, but for larger windows this is not so. The network layer, in contrast, is al- ways fed data in the proper order, regardless of the data link layer’s window size. Figure 3-15 shows an example with a maximum window size of 1. Initially, no frames are outstanding, so the lower and upper edges of the sender’s window are equal, but as time goes on, the situation progresses as shown. Unlike the send- er’s window, the receiver’s window always remains at its initial size, rotating as the next frame is accepted and delivered to the network layer. 3.4.1 A One-Bit Sliding Window Protocol Before tackling the general case, let us examine a sliding window protocol with a window size of 1. Such a protocol uses stop-and-wait since the sender transmits a frame and waits for its acknowledgement before sending the next one. 230 THE DATA LINK LAYER CHAP. 3 Figure 3-16 depicts such a protocol. Like the others, it starts out by defining some variables. Next frame to send tells which frame the sender is trying to send. Similarly, frame expected tells which frame the receiver is expecting. In both cases, 0 and 1 are the only possibilities. /* Protocol 4 (Sliding window) is bidirectional. */ #define MAX SEQ 1 /* must be 1 for protocol 4 */ typedef enum {frame arrival, cksum err, timeout} event type; #include "protocol.h" void protocol4 (void) { seq nr next frame to send; /* 0 or 1 only */ seq nr frame expected; /* 0 or 1 only */ frame r, s; /* scratch variables */ packet buffer; /* current packet being sent */ event type event; next frame to send = 0; /* next frame on the outbound stream */ frame expected = 0; /* frame expected next */ from network layer(&buffer); /* fetch a packet from the network layer */ s.info = buffer; /* prepare to send the initial frame */ s.seq = next frame to send; /* insert sequence number into frame */ s.ack = 1 − frame expected; /* piggybacked ack */ to physical layer(&s); /* transmit the frame */ start timer(s.seq); /* start the timer running */ while (true) { wait for event(&event); /* frame arrival, cksum err, or timeout */ if (event == frame arrival) { /* a frame has arrived undamaged */ from physical layer(&r); /* go get it */ if (r.seq == frame expected) { /* handle inbound frame stream */ to network layer(&r.info); /* pass packet to network layer */ inc(frame expected); /* invert seq number expected next */ } if (r.ack == next frame to send) { /* handle outbound frame stream */ stop timer(r.ack); /* turn the timer off */ from network layer(&buffer); /* fetch new pkt from network layer */ inc(next frame to send); /* invert sender’s sequence number */ } } s.info = buffer; /* construct outbound frame */ s.seq = next frame to send; /* insert sequence number into it */ s.ack = 1 − frame expected; /* seq number of last received frame */ to physical layer(&s); /* transmit a frame */ start timer(s.seq); /* start the timer running */ } } Figure 3-16. A 1-bit sliding window protocol. SEC. 3.4 SLIDING WINDOW PROTOCOLS 231 Under normal circumstances, one of the two data link layers goes first and transmits the first frame. In other words, only one of the data link layer programs should contain the to physical layer and start timer procedure calls outside the main loop. The starting machine fetches the first packet from its network layer, builds a frame from it, and sends it. When this (or any) frame arrives, the receiv- ing data link layer checks to see if it is a duplicate, just as in protocol 3. If the frame is the one expected, it is passed to the network layer and the receiver’s win- dow is slid up. The acknowledgement field contains the number of the last frame received without error. If this number agrees with the sequence number of the frame the sender is trying to send, the sender knows it is done with the frame stored in buff- er and can fetch the next packet from its network layer. If the sequence number disagrees, it must continue trying to send the same frame. Whenever a frame is received, a frame is also sent back. Now let us examine protocol 4 to see how resilient it is to pathological scen- arios. Assume that computer A is trying to send its frame 0 to computer B and that B is trying to send its frame 0 to A. Suppose that A sends a frame to B, but A’s timeout interval is a little too short. Consequently, A may time out repeatedly, sending a series of identical frames, all with seq = 0 and ack = 1. When the first valid frame arrives at computer B, it will be accepted and frame expected will be set to a value of 1. All the subsequent frames received will be rejected because B is now expecting frames with sequence number 1, not 0. Furthermore, since all the duplicates will have ack = 1 and B is still waiting for an acknowledgement of 0, B will not go and fetch a new packet from its network layer. After every rejected duplicate comes in, B will send A a frame containing seq = 0 and ack = 0. Eventually, one of these will arrive correctly at A, causing A to begin sending the next packet. No combination of lost frames or premature timeouts can cause the protocol to deliver duplicate packets to either network layer, to skip a packet, or to deadlock. The protocol is correct. However, to show how subtle protocol interactions can be, we note that a pe- culiar situation arises if both sides simultaneously send an initial packet. This synchronization difficulty is illustrated by Fig. 3-17. In part (a), the normal opera- tion of the protocol is shown. In (b) the peculiarity is illustrated. If B waits for A’s first frame before sending one of its own, the sequence is as shown in (a), and every frame is accepted. However, if A and B simultaneously initiate communication, their first frames cross, and the data link layers then get into situation (b). In (a) each frame arrival brings a new packet for the network layer; there are no duplicates. In (b) half of the frames contain duplicates, even though there are no transmission errors. Simi- lar situations can occur as a result of premature timeouts, even when one side clearly starts first. In fact, if multiple premature timeouts occur, frames may be sent three or more times, wasting valuable bandwidth. 232 THE DATA LINK LAYER CHAP. 3 A sends (0, 1, A0) A gets (0, 0, B0)* A sends (1, 0, A1) B gets (0, 1, A0)* B sends (0, 0, B0) B gets (1, 0, A1)* B sends (1, 1, B1) B gets (0, 1, A2)* B sends (0, 0, B2) B gets (1, 0, A3)* B sends (1, 1, B3) A gets (1, 1, B1)* A sends (0, 1, A2) A gets (0, 0, B2)* A sends (1, 0, A3) A sends (0, 1, A0) A gets (0, 1, B0)* A sends (0, 0, A0) B gets (0, 0, A0) B sends (1, 0, B1) B sends (0, 1, B0) B gets (0, 1, A0)* B sends (0, 0, B0) B gets (1, 0, A1)* B sends (1, 1, B1) B gets (1, 1, A1) B sends (0, 1, B2) A gets (0, 0, B0) A sends (1, 0, A1) A gets (1, 0, B1)* A sends (1, 1, A1) Time (a) (b) Figure 3-17. Two scenarios for protocol 4. (a) Normal case. (b) Abnormal case. The notation is (seq, ack, packet number). An asterisk indicates where a network layer accepts a packet. 3.4.2 A Protocol Using Go-Back-N Until now we have made the tacit assumption that the transmission time re- quired for a frame to arrive at the receiver plus the transmission time for the ac- knowledgement to come back is negligible. Sometimes this assumption is clearly false. In these situations the long round-trip time can have important implications for the efficiency of the bandwidth utilization. As an example, consider a 50-kbps satellite channel with a 500-msec round-trip propagation delay. Let us imagine trying to use protocol 4 to send 1000-bit frames via the satellite. At t = 0 the sender starts sending the first frame. At t = 20 msec the frame has been com- pletely sent. Not until t = 270 msec has the frame fully arrived at the receiver, and not until t = 520 msec has the acknowledgement arrived back at the sender, under the best of circumstances (of no waiting in the receiver and a short ac- knowledgement frame). This means that the sender was blocked 500/520 or 96% of the time. In other words, only 4% of the available bandwidth was used. Clear- ly, the combination of a long transit time, high bandwidth, and short frame length is disastrous in terms of efficiency. The problem described here can be viewed as a consequence of the rule re- quiring a sender to wait for an acknowledgement before sending another frame. If we relax that restriction, much better efficiency can be achieved. Basically, the solution lies in allowing the sender to transmit up to w frames before blocking, in- stead of just 1. With a large enough choice of w the sender will be able to con- tinuously transmit frames since the acknowledgements will arrive for previous frames before the window becomes full, preventing the sender from blocking. SEC. 3.4 SLIDING WINDOW PROTOCOLS 233 To find an appropriate value for w we need to know how many frames can fit inside the channel as they propagate from sender to receiver. This capacity is de- termined by the bandwidth in bits/sec multiplied by the one-way transit time, or the bandwidth-delay product of the link. We can divide this quantity by the number of bits in a frame to express it as a number of frames. Call this quantity BD. Then w should be set to 2BD + 1. Twice the bandwidth-delay is the number of frames that can be outstanding if the sender continuously sends frames when the round-trip time to receive an acknowledgement is considered. The ‘‘+1’’ is because an acknowledgement frame will not be sent until after a complete frame is received. For the example link with a bandwidth of 50 kbps and a one-way transit time of 250 msec, the bandwidth-delay product is 12.5 kbit or 12.5 frames of 1000 bits each. 2BD + 1 is then 26 frames. Assume the sender begins sending frame 0 as before and sends a new frame every 20 msec. By the time it has finished sending 26 frames, at t = 520 msec, the acknowledgement for frame 0 will have just arri- ved. Thereafter, acknowledgements will arrive every 20 msec, so the sender will always get permission to continue just when it needs it. From then onwards, 25 or 26 unacknowledged frames will always be outstanding. Put in other terms, the sender’s maximum window size is 26. For smaller window sizes, the utilization of the link will be less than 100% since the sender will be blocked sometimes. We can write the utilization as the fraction of time that the sender is not blocked: link utilization ≤ 1 + 2BD w This value is an upper bound because it does not allow for any frame processing time and treats the acknowledgement frame as having zero length, since it is usually short. The equation shows the need for having a large window w when- ever the bandwidth-delay product is large. If the delay is high, the sender will ra- pidly exhaust its window even for a moderate bandwidth, as in the satellite ex- ample. If the bandwidth is high, even for a moderate delay the sender will exhaust its window quickly unless it has a large window (e.g., a 1-Gbps link with 1-msec delay holds 1 megabit). With stop-and-wait for which w = 1, if there is even one frame’s worth of propagation delay the efficiency will be less than 50%. This technique of keeping multiple frames in flight is an example of pipelin- ing. Pipelining frames over an unreliable communication channel raises some serious issues. First, what happens if a frame in the middle of a long stream is damaged or lost? Large numbers of succeeding frames will arrive at the receiver before the sender even finds out that anything is wrong. When a damaged frame arrives at the receiver, it obviously should be discarded, but what should the re- ceiver do with all the correct frames following it? Remember that the receiving data link layer is obligated to hand packets to the network layer in sequence. 234 THE DATA LINK LAYER CHAP. 3 Two basic approaches are available for dealing with errors in the presence of pipelining, both of which are shown in Fig. 3-18. 0 1 0 1 2 3 4 5 6 7 8E D D D D D D 2 3 4 5 6 7 8 2 3 4 5 6 7 8 9 Timeout interval Error Frames discarded by data link layer Frames buffered by data link layer Ac k0 Ac k1 Time (a) (b) 0 1 0 1 9 10 11 12 13 14E 2 3 4 5 2 6 7 8 9 10 11 12 13 14 15 8 Error Ac k 0 Ac k 1 N ak 2 4 5 23 6 Ac k 5 Ac k 6 7 Ac k 7 Ac k 8 Ac k 9 Ac k 11 Ac k 12 Ac k 13 Ac k 10 Ac k 2 Ac k 3 Ac k 4 Ac k 5 Ac k 6 Ac k 7 Figure 3-18. Pipelining and error recovery. Effect of an error when (a) receiver’s window size is 1 and (b) receiver’s window size is large. One option, called go-back-n, is for the receiver simply to discard all subsequent frames, sending no acknowledgements for the discarded frames. This strategy corresponds to a receive window of size 1. In other words, the data link layer refuses to accept any frame except the next one it must give to the network layer. If the sender’s window fills up before the timer runs out, the pipeline will begin to empty. Eventually, the sender will time out and retransmit all unacknowledged frames in order, starting with the damaged or lost one. This approach can waste a lot of bandwidth if the error rate is high. In Fig. 3-18(b) we see go-back-n for the case in which the receiver’s window is large. Frames 0 and 1 are correctly received and acknowledged. Frame 2, however, is damaged or lost. The sender, unaware of this problem, continues to send frames until the timer for frame 2 expires. Then it backs up to frame 2 and starts over with it, sending 2, 3, 4, etc. all over again. The other general strategy for handling errors when frames are pipelined is called selective repeat. When it is used, a bad frame that is received is discarded, but any good frames received after it are accepted and buffered. When the sender times out, only the oldest unacknowledged frame is retransmitted. If that frame SEC. 3.4 SLIDING WINDOW PROTOCOLS 235 arrives correctly, the receiver can deliver to the network layer, in sequence, all the frames it has buffered. Selective repeat corresponds to a receiver window larger than 1. This approach can require large amounts of data link layer memory if the window is large. Selective repeat is often combined with having the receiver send a negative acknowledgement (NAK) when it detects an error, for example, when it receives a checksum error or a frame out of sequence. NAKs stimulate retransmission be- fore the corresponding timer expires and thus improve performance. In Fig. 3-18(b), frames 0 and 1 are again correctly received and acknowledged and frame 2 is lost. When frame 3 arrives at the receiver, the data link layer there notices that it has missed a frame, so it sends back a NAK for 2 but buffers 3. When frames 4 and 5 arrive, they, too, are buffered by the data link layer instead of being passed to the network layer. Eventually, the NAK 2 gets back to the sender, which immediately resends frame 2. When that arrives, the data link layer now has 2, 3, 4, and 5 and can pass all of them to the network layer in the correct order. It can also acknowledge all frames up to and including 5, as shown in the figure. If the NAK should get lost, eventually the sender will time out for frame 2 and send it (and only it) of its own accord, but that may be a quite a while later. These two alternative approaches are trade-offs between efficient use of band- width and data link layer buffer space. Depending on which resource is scarcer, one or the other can be used. Figure 3-19 shows a go-back-n protocol in which the receiving data link layer only accepts frames in order; frames following an error are discarded. In this protocol, for the first time we have dropped the as- sumption that the network layer always has an infinite supply of packets to send. When the network layer has a packet it wants to send, it can cause a net- work layer ready event to happen. However, to enforce the flow control limit on the sender window or the number of unacknowledged frames that may be out- standing at any time, the data link layer must be able to keep the network layer from bothering it with more work. The library procedures enable network layer and disable network layer do this job. The maximum number of frames that may be outstanding at any instant is not the same as the size of the sequence number space. For go-back-n, MAX SEQ frames may be outstanding at any instant, even though there are MAX SEQ + 1 distinct sequence numbers (which are 0, 1, . . . , MAX SEQ). We will see an even tighter restriction for the next protocol, selective repeat. To see why this res- triction is required, consider the following scenario with MAX SEQ = 7: 1. The sender sends frames 0 through 7. 2. A piggybacked acknowledgement for 7 comes back to the sender. 3. The sender sends another eight frames, again with sequence numbers 0 through 7. 4. Now another piggybacked acknowledgement for frame 7 comes in. 236 THE DATA LINK LAYER CHAP. 3 /* Protocol 5 (Go-back-n) allows multiple outstanding frames. The sender may transmit up to MAX SEQ frames without waiting for an ack. In addition, unlike in the previous protocols, the network layer is not assumed to have a new packet all the time. Instead, the network layer causes a network layer ready event when there is a packet to send. */ #define MAX SEQ 7 typedef enum {frame arrival, cksum err, timeout, network layer ready} event type; #include "protocol.h" static boolean between(seq nr a, seq nr b, seq nr c) { /* Return true if a <= b < c circularly; false otherwise. */ if (((a <= b) && (b < c)) || ((c < a) && (a <= b)) || ((b < c) && (c < a))) return(true); else return(false); } static void send data(seq nr frame nr, seq nr frame expected, packet buffer[ ]) { /* Construct and send a data frame. */ frame s; /* scratch variable */ s.info = buffer[frame nr]; /* insert packet into frame */ s.seq = frame nr; /* insert sequence number into frame */ s.ack = (frame expected + MAX SEQ) % (MAX SEQ + 1); /* piggyback ack */ to physical layer(&s); /* transmit the frame */ start timer(frame nr); /* start the timer running */ } void protocol5(void) { seq nr next frame to send; /* MAX SEQ > 1; used for outbound stream */
seq nr ack expected; /* oldest frame as yet unacknowledged */
seq nr frame expected; /* next frame expected on inbound stream */
frame r; /* scratch variable */
packet buffer[MAX SEQ + 1]; /* buffers for the outbound stream */
seq nr nbuffered; /* number of output buffers currently in use */
seq nr i; /* used to index into the buffer array */
event type event;
enable network layer(); /* allow network layer ready events */
ack expected = 0; /* next ack expected inbound */
next frame to send = 0; /* next frame going out */
frame expected = 0; /* number of frame expected inbound */
nbuffered = 0; /* initially no packets are buffered */
while (true) {
wait for event(&event); /* four possibilities: see event type above */

SEC. 3.4 SLIDING WINDOW PROTOCOLS 237
switch(event) {
case network layer ready: /* the network layer has a packet to send */
/* Accept, save, and transmit a new frame. */
from network layer(&buffer[next frame to send]); /* fetch new packet */
nbuffered = nbuffered + 1; /* expand the sender’s window */
send data(next frame to send, frame expected, buffer);/* transmit the frame */
inc(next frame to send); /* advance sender’s upper window edge */
break;
case frame arrival: /* a data or control frame has arrived */
from physical layer(&r); /* get incoming frame from physical layer */
if (r.seq == frame expected) {
/* Frames are accepted only in order. */
to network layer(&r.info); /* pass packet to network layer */
inc(frame expected); /* advance lower edge of receiver’s window */
}
/* Ack n implies n − 1, n − 2, etc. Check for this. */
while (between(ack expected, r.ack, next frame to send)) {
/* Handle piggybacked ack. */
nbuffered = nbuffered − 1; /* one frame fewer buffered */
stop timer(ack expected); /* frame arrived intact; stop timer */
inc(ack expected); /* contract sender’s window */
}
break;
case cksum err: break; /* just ignore bad frames */
case timeout: /* trouble; retransmit all outstanding frames */
next frame to send = ack expected; /* start retransmitting here */
for (i = 1; i <= nbuffered; i++) { send data(next frame to send, frame expected, buffer);/* resend frame */ inc(next frame to send); /* prepare to send the next one */ } } if (nbuffered < MAX SEQ) enable network layer(); else disable network layer(); } } Figure 3-19. A sliding window protocol using go-back-n. The question is this: did all eight frames belonging to the second batch arrive suc- cessfully, or did all eight get lost (counting discards following an error as lost)? In both cases the receiver would be sending frame 7 as the acknowledgement. 238 THE DATA LINK LAYER CHAP. 3 The sender has no way of telling. For this reason the maximum number of out- standing frames must be restricted to MAX SEQ. Although protocol 5 does not buffer the frames arriving after an error, it does not escape the problem of buffering altogether. Since a sender may have to retransmit all the unacknowledged frames at a future time, it must hang on to all transmitted frames until it knows for sure that they have been accepted by the re- ceiver. When an acknowledgement comes in for frame n, frames n − 1, n − 2, and so on are also automatically acknowledged. This type of acknowledgement is called a cumulative acknowledgement . This property is especially important when some of the previous acknowledgement-bearing frames were lost or gar- bled. Whenever any acknowledgement comes in, the data link layer checks to see if any buffers can now be released. If buffers can be released (i.e., there is some room available in the window), a previously blocked network layer can now be al- lowed to cause more network layer ready events. For this protocol, we assume that there is always reverse traffic on which to piggyback acknowledgements. Protocol 4 does not need this assumption since it sends back one frame every time it receives a frame, even if it has already sent that frame. In the next protocol we will solve the problem of one-way traffic in an elegant way. Because protocol 5 has multiple outstanding frames, it logically needs multi- ple timers, one per outstanding frame. Each frame times out independently of all the other ones. However, all of these timers can easily be simulated in software using a single hardware clock that causes interrupts periodically. The pending timeouts form a linked list, with each node of the list containing the number of clock ticks until the timer expires, the frame being timed, and a pointer to the next node. 10:00:00.000 10:00:00.005 5 1 8 2 6 3 6 38 2 Real time Pointer to next timeout Frame being timed Ticks to go (a) (b) Figure 3-20. Simulation of multiple timers in software. (a) The queued time- outs. (b) The situation after the first timeout has expired. As an illustration of how the timers could be implemented, consider the ex- ample of Fig. 3-20(a). Assume that the clock ticks once every 1 msec. Initially, SEC. 3.4 SLIDING WINDOW PROTOCOLS 239 the real time is 10:00:00.000; three timeouts are pending, at 10:00:00.005, 10:00:00.013, and 10:00:00.019. Every time the hardware clock ticks, the real time is updated and the tick counter at the head of the list is decremented. When the tick counter becomes zero, a timeout is caused and the node is removed from the list, as shown in Fig. 3-20(b). Although this organization requires the list to be scanned when start timer or stop timer is called, it does not require much work per tick. In protocol 5, both of these routines have been given a parameter indicating which frame is to be timed. 3.4.3 A Protocol Using Selective Repeat The go-back-n protocol works well if errors are rare, but if the line is poor it wastes a lot of bandwidth on retransmitted frames. An alternative strategy, the selective repeat protocol, is to allow the receiver to accept and buffer the frames following a damaged or lost one. In this protocol, both sender and receiver maintain a window of outstanding and acceptable sequence numbers, respectively. The sender’s window size starts out at 0 and grows to some predefined maximum. The receiver’s window, in con- trast, is always fixed in size and equal to the predetermined maximum. The re- ceiver has a buffer reserved for each sequence number within its fixed window. Associated with each buffer is a bit (arrived ) telling whether the buffer is full or empty. Whenever a frame arrives, its sequence number is checked by the function between to see if it falls within the window. If so and if it has not already been re- ceived, it is accepted and stored. This action is taken without regard to whether or not the frame contains the next packet expected by the network layer. Of course, it must be kept within the data link layer and not passed to the network layer until all the lower-numbered frames have already been delivered to the network layer in the correct order. A protocol using this algorithm is given in Fig. 3-21. Nonsequential receive introduces further constraints on frame sequence num- bers compared to protocols in which frames are only accepted in order. We can illustrate the trouble most easily with an example. Suppose that we have a 3-bit sequence number, so that the sender is permitted to transmit up to seven frames before being required to wait for an acknowledgement. Initially, the sender’s and receiver’s windows are as shown in Fig. 3-22(a). The sender now transmits frames 0 through 6. The receiver’s window allows it to accept any frame with a sequence number between 0 and 6 inclusive. All seven frames arrive correctly, so the receiver acknowledges them and advances its window to allow receipt of 7, 0, 1, 2, 3, 4, or 5, as shown in Fig. 3-22(b). All seven buffers are marked empty. It is at this point that disaster strikes in the form of a lightning bolt hitting the telephone pole and wiping out all the acknowledgements. The protocol should operate correctly despite this disaster. The sender eventually times out and re- transmits frame 0. When this frame arrives at the receiver, a check is made to see if it falls within the receiver’s window. Unfortunately, in Fig. 3-22(b) frame 0 is 240 THE DATA LINK LAYER CHAP. 3 /* Protocol 6 (Selective repeat) accepts frames out of order but passes packets to the network layer in order. Associated with each outstanding frame is a timer. When the timer expires, only that frame is retransmitted, not all the outstanding frames, as in protocol 5. */ #define MAX SEQ 7 /* should be 2ˆn − 1 */ #define NR BUFS ((MAX SEQ + 1)/2) typedef enum {frame arrival, cksum err, timeout, network layer ready, ack timeout} event type; #include "protocol.h" boolean no nak = true; /* no nak has been sent yet */ seq nr oldest frame = MAX SEQ + 1; /* initial value is only for the simulator */ static boolean between(seq nr a, seq nr b, seq nr c) { /* Same as between in protocol 5, but shorter and more obscure. */ return ((a <= b) && (b < c)) || ((c < a) && (a <= b)) || ((b < c) && (c < a)); } static void send frame(frame kind fk, seq nr frame nr, seq nr frame expected, packet buffer[ ]) { /* Construct and send a data, ack, or nak frame. */ frame s; /* scratch variable */ s.kind = fk; /* kind == data, ack, or nak */ if (fk == data) s.info = buffer[frame nr % NR BUFS]; s.seq = frame nr; /* only meaningful for data frames */ s.ack = (frame expected + MAX SEQ) % (MAX SEQ + 1); if (fk == nak) no nak = false; /* one nak per frame, please */ to physical layer(&s); /* transmit the frame */ if (fk == data) start timer(frame nr % NR BUFS); stop ack timer(); /* no need for separate ack frame */ } void protocol6(void) { seq nr ack expected; /* lower edge of sender’s window */ seq nr next frame to send; /* upper edge of sender’s window + 1 */ seq nr frame expected; /* lower edge of receiver’s window */ seq nr too far; /* upper edge of receiver’s window + 1 */ int i; /* index into buffer pool */ frame r; /* scratch variable */ packet out buf[NR BUFS]; /* buffers for the outbound stream */ packet in buf[NR BUFS]; /* buffers for the inbound stream */ boolean arrived[NR BUFS]; /* inbound bit map */ seq nr nbuffered; /* how many output buffers currently used */ event type event; enable network layer(); /* initialize */ ack expected = 0; /* next ack expected on the inbound stream */ next frame to send = 0; /* number of next outgoing frame */ frame expected = 0; too far = NR BUFS; nbuffered = 0; /* initially no packets are buffered */ for (i = 0; i < NR BUFS; i++) arrived[i] = false; SEC. 3.4 SLIDING WINDOW PROTOCOLS 241 while (true) { wait for event(&event); /* five possibilities: see event type above */ switch(event) { case network layer ready: /* accept, save, and transmit a new frame */ nbuffered = nbuffered + 1; /* expand the window */ from network layer(&out buf[next frame to send % NR BUFS]); /* fetch new packet */ send frame(data, next frame to send, frame expected, out buf);/* transmit the frame */ inc(next frame to send); /* advance upper window edge */ break; case frame arrival: /* a data or control frame has arrived */ from physical layer(&r); /* fetch incoming frame from physical layer */ if (r.kind == data) { /* An undamaged frame has arrived. */ if ((r.seq != frame expected) && no nak) send frame(nak, 0, frame expected, out buf); else start ack timer(); if (between(frame expected,r.seq,too far) && (arrived[r.seq%NR BUFS]==false)) { /* Frames may be accepted in any order. */ arrived[r.seq % NR BUFS] = true; /* mark buffer as full */ in buf[r.seq % NR BUFS] = r.info; /* insert data into buffer */ while (arrived[frame expected % NR BUFS]) { /* Pass frames and advance window. */ to network layer(&in buf[frame expected % NR BUFS]); no nak = true; arrived[frame expected % NR BUFS] = false; inc(frame expected); /* advance lower edge of receiver’s window */ inc(too far); /* advance upper edge of receiver’s window */ start ack timer(); /* to see if a separate ack is needed */ } } } if((r.kind==nak) && between(ack expected,(r.ack+1)%(MAX SEQ+1),next frame to send)) send frame(data, (r.ack+1) % (MAX SEQ + 1), frame expected, out buf); while (between(ack expected, r.ack, next frame to send)) { nbuffered = nbuffered − 1; /* handle piggybacked ack */ stop timer(ack expected % NR BUFS); /* frame arrived intact */ inc(ack expected); /* advance lower edge of sender’s window */ } break; case cksum err: if (no nak) send frame(nak, 0, frame expected, out buf); /* damaged frame */ break; case timeout: send frame(data, oldest frame, frame expected, out buf); /* we timed out */ break; case ack timeout: send frame(ack,0,frame expected, out buf); /* ack timer expired; send ack */ } if (nbuffered < NR BUFS) enable network layer(); else disable network layer(); } } Figure 3-21. A sliding window protocol using selective repeat. 242 THE DATA LINK LAYER CHAP. 3 within the new window, so it is accepted as a new frame. The receiver also sends a (piggybacked) acknowledgement for frame 6, since 0 through 6 have been re- ceived. The sender is happy to learn that all its transmitted frames did actually arrive correctly, so it advances its window and immediately sends frames 7, 0, 1, 2, 3, 4, and 5. Frame 7 will be accepted by the receiver and its packet will be passed di- rectly to the network layer. Immediately thereafter, the receiving data link layer checks to see if it has a valid frame 0 already, discovers that it does, and passes the old buffered packet to the network layer as if it were a new packet. Conse- quently, the network layer gets an incorrect packet, and the protocol fails. The essence of the problem is that after the receiver advanced its window, the new range of valid sequence numbers overlapped the old one. Consequently, the following batch of frames might be either duplicates (if all the acknowledgements were lost) or new ones (if all the acknowledgements were received). The poor re- ceiver has no way of distinguishing these two cases. The way out of this dilemma lies in making sure that after the receiver has ad- vanced its window there is no overlap with the original window. To ensure that there is no overlap, the maximum window size should be at most half the range of the sequence numbers. This situation is shown in Fig. 3-22(c) and Fig. 3-22(d). With 3 bits, the sequence numbers range from 0 to 7. Only four unacknowledged frames should be outstanding at any instant. That way, if the receiver has just ac- cepted frames 0 through 3 and advanced its window to permit acceptance of frames 4 through 7, it can unambiguously tell if subsequent frames are retransmis- sions (0 through 3) or new ones (4 through 7). In general, the window size for protocol 6 will be (MAX SEQ + 1)/2. An interesting question is: how many buffers must the receiver have? Under no conditions will it ever accept frames whose sequence numbers are below the lower edge of the window or frames whose sequence numbers are above the upper edge of the window. Consequently, the number of buffers needed is equal to the window size, not to the range of sequence numbers. In the preceding example of a 3-bit sequence number, four buffers, numbered 0 through 3, are needed. When frame i arrives, it is put in buffer i mod 4. Notice that although i and (i + 4) mod 4 are ‘‘competing’’ for the same buffer, they are never within the window at the same time, because that would imply a window size of at least 5. For the same reason, the number of timers needed is equal to the number of buffers, not to the size of the sequence space. Effectively, a timer is associated with each buffer. When the timer runs out, the contents of the buffer are retrans- mitted. Protocol 6 also relaxes the implicit assumption that the channel is heavily loaded. We made this assumption in protocol 5 when we relied on frames being sent in the reverse direction on which to piggyback acknowledgements. If the re- verse traffic is light, the acknowledgements may be held up for a long period of time, which can cause problems. In the extreme, if there is a lot of traffic in one SEC. 3.4 SLIDING WINDOW PROTOCOLS 243 Sender Receiver 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7 (a) (b) (c) (d) Figure 3-22. (a) Initial situation with a window of size7. (b) After 7 frames have been sent and received but not acknowledged. (c) Initial situation with a window size of 4. (d) After 4 frames have been sent and received but not acknowledged. direction and no traffic in the other direction, the protocol will block when the sender window reaches its maximum. To relax this assumption, an auxiliary timer is started by start ack timer after an in-sequence data frame arrives. If no reverse traffic has presented itself before this timer expires, a separate acknowledgement frame is sent. An interrupt due to the auxiliary timer is called an ack timeout event. With this arrangement, traffic flow in only one direction is possible because the lack of reverse data frames onto which acknowledgements can be piggybacked is no longer an obstacle. Only one auxiliary timer exists, and if start ack timer is called while the timer is running, it has no effect. The timer is not reset or extended since its purpose is to provide some minimum rate of acknowledgements. It is essential that the timeout associated with the auxiliary timer be appreci- ably shorter than the timeout used for timing out data frames. This condition is required to ensure that a correctly received frame is acknowledged early enough that the frame’s retransmission timer does not expire and retransmit the frame. Protocol 6 uses a more efficient strategy than protocol 5 for dealing with er- rors. Whenever the receiver has reason to suspect that an error has occurred, it sends a negative acknowledgement (NAK) frame back to the sender. Such a frame is a request for retransmission of the frame specified in the NAK. In two cases, the receiver should be suspicious: when a damaged frame arrives or a frame other than the expected one arrives (potential lost frame). To avoid making multi- ple requests for retransmission of the same lost frame, the receiver should keep track of whether a NAK has already been sent for a given frame. The variable no nak in protocol 6 is true if no NAK has been sent yet for frame expected. If the NAK gets mangled or lost, no real harm is done, since the sender will eventu- ally time out and retransmit the missing frame anyway. If the wrong frame ar- rives after a NAK has been sent and lost, no nak will be true and the auxiliary timer will be started. When it expires, an ACK will be sent to resynchronize the sender to the receiver’s current status. 244 THE DATA LINK LAYER CHAP. 3 In some situations, the time required for a frame to propagate to the destina- tion, be processed there, and have the acknowledgement come back is (nearly) constant. In these situations, the sender can adjust its timer to be ‘‘tight,’’ just slightly larger than the normal time interval expected between sending a frame and receiving its acknowledgement. NAKs are not useful in this case. However, in other situations the time can be highly variable. For example, if the reverse traffic is sporadic, the time before acknowledgement will be shorter when there is reverse traffic and longer when there is not. The sender is faced with the choice of either setting the interval to a small value (and risking unneces- sary retransmissions), or setting it to a large value (and going idle for a long period after an error). Both choices waste bandwidth. In general, if the standard deviation of the acknowledgement interval is large compared to the interval itself, the timer is set ‘‘loose’’ to be conservative. NAKs can then appreciably speed up retransmission of lost or damaged frames. Closely related to the matter of timeouts and NAKs is the question of deter- mining which frame caused a timeout. In protocol 5, it is always ack expected, because it is always the oldest. In protocol 6, there is no trivial way to determine who timed out. Suppose that frames 0 through 4 have been transmitted, meaning that the list of outstanding frames is 01234, in order from oldest to youngest. Now imagine that 0 times out, 5 (a new frame) is transmitted, 1 times out, 2 times out, and 6 (another new frame) is transmitted. At this point the list of outstanding frames is 3405126, from oldest to youngest. If all inbound traffic (i.e., acknowl- edgement-bearing frames) is lost for a while, the seven outstanding frames will time out in that order. To keep the example from getting even more complicated than it already is, we have not shown the timer administration. Instead, we just assume that the variable oldest frame is set upon timeout to indicate which frame timed out. 3.5 EXAMPLE DATA LINK PROTOCOLS Within a single building, LANs are widely used for interconnection, but most wide-area network infrastructure is built up from point-to-point lines. In Chap. 4, we will look at LANs. Here we will examine the data link protocols found on point-to-point lines in the Internet in two common situations. The first situation is when packets are sent over SONET optical fiber links in wide-area networks. These links are widely used, for example, to connect routers in the different loca- tions of an ISP’s network. The second situation is for ADSL links running on the local loop of the tele- phone network at the edge of the Internet. These links connect millions of individ- uals and businesses to the Internet. The Internet needs point-to-point links for these uses, as well as dial-up mo- dems, leased lines, and cable modems, and so on. A standard protocol called PPP SEC. 3.5 EXAMPLE DATA LINK PROTOCOLS 245 (Point-to-Point Protocol) is used to send packets over these links. PPP is de- fined in RFC 1661 and further elaborated in RFC 1662 and other RFCs (Simpson, 1994a, 1994b). SONET and ADSL links both apply PPP, but in different ways. 3.5.1 Packet over SONET SONET, which we covered in Sec. 2.6.4, is the physical layer protocol that is most commonly used over the wide-area optical fiber links that make up the back- bone of communications networks, including the telephone system. It provides a bitstream that runs at a well-defined rate, for example 2.4 Gbps for an OC-48 link. This bitstream is organized as fixed-size byte payloads that recur every 125 μsec, whether or not there is user data to send. To carry packets across these links, some framing mechanism is needed to distinguish occasional packets from the continuous bitstream in which they are transported. PPP runs on IP routers to provide this mechanism, as shown in Fig. 3-23. IP SONET PPP Optical fiber Router IP packet PPP frame SONET payload SONET payload (a) (b) IP SONET PPP Figure 3-23. Packet over SONET. (a) A protocol stack. (b) Frame relationships. PPP improves on an earlier, simpler protocol called SLIP (Serial Line Inter- net Protocol) and is used to handle error detection link configuration, support multiple protocols, permit authentication, and more. With a wide set of options, PPP provides three main features: 1. A framing method that unambiguously delineates the end of one frame and the start of the next one. The frame format also handles error detection. 2. A link control protocol for bringing lines up, testing them, negotiat- ing options, and bringing them down again gracefully when they are no longer needed. This protocol is called LCP (Link Control Pro- tocol). 3. A way to negotiate network-layer options in a way that is indepen- dent of the network layer protocol to be used. The method chosen is to have a different NCP (Network Control Protocol) for each net- work layer supported. 246 THE DATA LINK LAYER CHAP. 3 The PPP frame format was chosen to closely resemble the frame format of HDLC (High-level Data Link Control), a widely used instance of an earlier family of protocols, since there was no need to reinvent the wheel. The primary difference between PPP and HDLC is that PPP is byte oriented rather than bit oriented. In particular, PPP uses byte stuffing and all frames are an integral number of bytes. HDLC uses bit stuffing and allows frames of, say, 30.25 bytes. There is a second major difference in practice, however. HDLC provides re- liable transmission with a sliding window, acknowledgements, and timeouts in the manner we have studied. PPP can also provide reliable transmission in noisy en- vironments, such as wireless networks; the exact details are defined in RFC 1663. However, this is rarely done in practice. Instead, an ‘‘unnumbered mode’’ is near- ly always used in the Internet to provide connectionless unacknowledged service. The PPP frame format is shown in Fig. 3-24. All PPP frames begin with the standard HDLC flag byte of 0x7E (01111110). The flag byte is stuffed if it occurs within the Payload field using the escape byte 0x7D. The following byte is the escaped byte XORed with 0x20, which flips the 5th bit. For example, 0x7D 0x5E is the escape sequence for the flag byte 0x7E. This means the start and end of frames can be searched for simply by scanning for the byte 0x7E since it will not occur elsewhere. The destuffing rule when receiving a frame is to look for 0x7D, remove it, and XOR the following byte with 0x20. Also, only one flag byte is needed between frames. Multiple flag bytes can be used to fill the link when there are no frames to be sent. After the start-of-frame flag byte comes the Address field. This field is al- ways set to the binary value 11111111 to indicate that all stations are to accept the frame. Using this value avoids the issue of having to assign data link addresses. Flag 01111110 Flag 01111110 Address 11111111 ProtocolControl 00000011 Payload Checksum Bytes 1 1 1 or 21 Variable 2 or 4 1 Figure 3-24. The PPP full frame format for unnumbered mode operation. The Address field is followed by the Control field, the default value of which is 00000011. This value indicates an unnumbered frame. Since the Address and Control fields are always constant in the default con- figuration, LCP provides the necessary mechanism for the two parties to negotiate an option to omit them altogether and save 2 bytes per frame. The fourth PPP field is the Protocol field. Its job is to tell what kind of packet is in the Payload field. Codes starting with a 0 bit are defined for IP version 4, IP version 6, and other network layer protocols that might be used, such as IPX and SEC. 3.5 EXAMPLE DATA LINK PROTOCOLS 247 AppleTalk. Codes starting with a 1 bit are used for PPP configuration protocols, including LCP and a different NCP for each network layer protocol supported. The default size of the Protocol field is 2 bytes, but it can be negotiated down to 1 byte using LCP. The designers were perhaps overly cautious in thinking that someday there might be more than 256 protocols in use. The Payload field is variable length, up to some negotiated maximum. If the length is not negotiated using LCP during line setup, a default length of 1500 bytes is used. Padding may follow the payload if it is needed. After the Payload field comes the Checksum field, which is normally 2 bytes, but a 4-byte checksum can be negotiated. The 4-byte checksum is in fact the same 32-bit CRC whose generator polynomial is given at the end of Sec. 3.2.2. The 2- byte checksum is also an industry-standard CRC. PPP is a framing mechanism that can carry the packets of multiple protocols over many types of physical layers. To use PPP over SONET, the choices to make are spelled out in RFC 2615 (Malis and Simpson, 1999). A 4-byte checksum is used, since this is the primary means of detecting transmission errors over the physical, link, and network layers. It is recommended that the Address, Control, and Protocol fields not be compressed, since SONET links already run at relative- ly high rates. There is also one unusual feature. The PPP payload is scrambled (as described in Sec. 2.5.1) before it is inserted into the SONET payload. Scrambling XORs the payload with a long pseudorandom sequence before it is transmitted. The issue is that the SONET bitstream needs frequent bit transitions for synchronization. These transitions come naturally with the variation in voice signals, but in data communication the user chooses the information that is sent and might send a packet with a long run of 0s. With scrambling, the likelihood of a user being able to cause problems by sending a long run of 0s is made extremely low. Before PPP frames can be carried over SONET lines, the PPP link must be es- tablished and configured. The phases that the link goes through when it is brought up, used, and taken down again are shown in Fig. 3-25. The link starts in the DEAD state, which means that there is no connection at the physical layer. When a physical layer connection is established, the link moves to ESTABLISH. At this point, the PPP peers exchange a series of LCP packets, each carried in the Payload field of a PPP frame, to select the PPP op- tions for the link from the possibilities mentioned above. The initiating peer pro- poses options, and the responding peer either accepts or rejects them, in whole or part. The responder can also make alternative proposals. If LCP option negotiation is successful, the link reaches the AUTHENTICATE state. Now the two parties can check each other’s identities, if desired. If authentication is successful, the NETWORK state is entered and a series of NCP packets are sent to configure the network layer. It is difficult to generalize about the NCP protocols because each one is specific to some network layer protocol and allows configuration requests to be made that are specific to that protocol. 248 THE DATA LINK LAYER CHAP. 3 NETWORKDEAD TERMINATE OPEN ESTABLISH AUTHENTICATE Carrier detected Both sides agree on options Authentication successful NCP configuration Carrier dropped Failed Failed Done Figure 3-25. State diagram for bringing a PPP link up and down. For IP, for example, the assignment of IP addresses to both ends of the link is the most important possibility. Once OPEN is reached, data transport can take place. It is in this state that IP packets are carried in PPP frames across the SONET line. When data transport is finished, the link moves into the TERMINATE state, and from there it moves back to the DEAD state when the physical layer connection is dropped. 3.5.2 ADSL (Asymmetric Digital Subscriber Loop) ADSL connects millions of home subscribers to the Internet at megabit/sec rates over the same telephone local loop that is used for plain old telephone ser- vice. In Sec. 2.5.3, we described how a device called a DSL modem is added on the home side. It sends bits over the local loop to a device called a DSLAM (DSL Access Multiplexer), pronounced ‘‘dee-slam,’’ in the telephone company’s local office. Now we will explore in more detail how packets are carried over ADSL links. The overall picture for the protocols and devices used with ADSL is shown in Fig. 3-26. Different protocols are deployed in different networks, so we have cho- sen to show the most popular scenario. Inside the home, a computer such as a PC sends IP packets to the DSL modem using a link layer like Ethernet. The DSL modem then sends the IP packets over the local loop to the DSLAM using the protocols that we are about to study. At the DSLAM (or a router connected to it depending on the implementation) the IP packets are extracted and enter an ISP network so that they may reach any destination on the Internet. The protocols shown over the ADSL link in Fig. 3-26 start at the bottom with the ADSL physical layer. They are based on a digital modulation scheme called SEC. 3.5 EXAMPLE DATA LINK PROTOCOLS 249 AAL5 ADSL Local loop ATM PPP DSLAM (with router) AAL5 ADSL ATM PPP DSL modem PC Ethernet Internet Customer’s home ISP’s office Ethernet IP Link IP Figure 3-26. ADSL protocol stacks. orthogonal frequency division multiplexing (also known as discrete multitone), as we saw in Sec 2.5.3. Near the top of the stack, just below the IP network layer, is PPP. This protocol is the same PPP that we have just studied for packet over SONET transports. It works in the same way to establish and configure the link and carry IP packets. In between ADSL and PPP are ATM and AAL5. These are new protocols that we have not seen before. ATM (Asynchronous Transfer Mode) was designed in the early 1990s and launched with incredible hype. It promised a network tech- nology that would solve the world’s telecommunications problems by merging voice, data, cable television, telegraph, carrier pigeon, tin cans connected by strings, tom toms, and everything else into an integrated system that could do everything for everyone. This did not happen. In large part, the problems of ATM were similar to those we described concerning the OSI protocols, that is, bad tim- ing, technology, implementation, and politics. Nevertheless, ATM was much more successful than OSI. While it has not taken over the world, it remains wide- ly used in niches including broadband access lines such as DSL, and WAN links inside telephone networks. ATM is a link layer that is based on the transmission of fixed-length cells of information. The ‘‘Asynchronous’’ in its name means that the cells do not always need to be sent in the way that bits are continuously sent over synchronous lines, as in SONET. Cells only need to be sent when there is information to carry. ATM is a connection-oriented technology. Each cell carries a virtual circuit identifier in its header and devices use this identifier to forward cells along the paths of established connections. The cells are each 53 bytes long, consisting of a 48-byte payload plus a 5-byte header. By using small cells, ATM can flexibly divide the bandwidth of a physi- cal layer link among different users in fine slices. This ability is useful when, for example, sending both voice and data over one link without having long data packets that would cause large variations in the delay of the voice samples. The unusual choice for the cell length (e.g., compared to the more natural choice of a 250 THE DATA LINK LAYER CHAP. 3 power of 2) is an indication of just how political the design of ATM was. The 48-byte size for the payload was a compromise to resolve a deadlock between Europe, which wanted 32-byte cells, and the U.S., which wanted 64-byte cells. A brief overview of ATM is given by Siu and Jain (1995). To send data over an ATM network, it needs to be mapped into a sequence of cells. This mapping is done with an ATM adaptation layer in a process called seg- mentation and reassembly. Several adaptation layers have been defined for dif- ferent services, ranging from periodic voice samples to packet data. The main one used for packet data is AAL5 (ATM Adaptation Layer 5). An AAL5 frame is shown in Fig. 3-27. Instead of a header, it has a trailer that gives the length and has a 4-byte CRC for error detection. Naturally, the CRC is the same one used for PPP and IEEE 802 LANs like Ethernet. Wang and Crowcroft (1992) have shown that it is strong enough to detect nontraditional er- rors such as cell reordering. As well as a payload, the AAL5 frame has padding. This rounds out the overall length to be a multiple of 48 bytes so that the frame can be evenly divided into cells. No addresses are needed on the frame as the vir- tual circuit identifier carried in each cell will get it to the right destination. PPP protocol PPP payload Pad Unused Length CRC Bytes 1 or 2 0 to 47 2 2 4 AAL5 trailer Variable AAL5 payload Figure 3-27. AAL5 frame carrying PPP data. Now that we have described ATM, we have only to describe how PPP makes use of ATM in the case of ADSL. It is done with yet another standard called PPPoA (PPP over ATM). This standard is not really a protocol (so it does not appear in Fig. 3-26) but more a specification of how to work with both PPP and AAL5 frames. It is described in RFC 2364 (Gross et al., 1998). Only the PPP protocol and payload fields are placed in the AAL5 payload, as shown in Fig. 3-27. The protocol field indicates to the DSLAM at the far end whether the payload is an IP packet or a packet from another protocol such as LCP. The far end knows that the cells contain PPP information because an ATM virtual circuit is set up for this purpose. Within the AAL5 frame, PPP framing is not needed as it would serve no pur- pose; ATM and AAL5 already provide the framing. More framing would be worthless. The PPP CRC is also not needed because AAL5 already includes the very same CRC. This error detection mechanism supplements the ADSL physical layer coding of a Reed-Solomon code for error correction and a 1-byte CRC for the detection of any remaining errors not otherwise caught. This scheme has a much more sophisticated error-recovery mechanism than when packets are sent over a SONET line because ADSL is a much noisier channel. SEC. 3.6 SUMMARY 251 3.6 SUMMARY The task of the data link layer is to convert the raw bit stream offered by the physical layer into a stream of frames for use by the network layer. The link layer can present this stream with varying levels of reliability, ranging from con- nectionless, unacknowledged service to reliable, connection-oriented service. Various framing methods are used, including byte count, byte stuffing, and bit stuffing. Data link protocols can provide error control to detect or correct dam- aged frames and to retransmit lost frames. To prevent a fast sender from overrun- ning a slow receiver, the data link protocol can also provide flow control. The sli- ding window mechanism is widely used to integrate error control and flow control in a simple way. When the window size is 1 packet, the protocol is stop-and-wait. Codes for error correction and detection add redundant information to mes- sages by using a variety of mathematical techniques. Convolutional codes and Reed-Solomon codes are widely deployed for error correction, with low-density parity check codes increasing in popularity. The codes for error detection that are used in practice include cyclic redundancy checks and checksums. All these codes can be applied at the link layer, as well as at the physical layer and higher layers. We examined a series of protocols that provide a reliable link layer using ac- knowledgements and retransmissions, or ARQ (Automatic Repeat reQuest), under more realistic assumptions. Starting from an error-free environment in which the receiver can handle any frame sent to it, we introduced flow control, followed by error control with sequence numbers and the stop-and-wait algorithm. Then we used the sliding window algorithm to allow bidirectional communication and introduce the concept of piggybacking. The last two protocols pipeline the trans- mission of multiple frames to prevent the sender from blocking on a link with a long propagation delay. The receiver can either discard all frames other than the next one in sequence, or buffer out-of-order frames and send negative acknowl- edgements for greater bandwidth efficiency. The former strategy is a go-back-n protocol, and the latter strategy is a selective repeat protocol. The Internet uses PPP as the main data link protocol over point-to-point lines. It provides a connectionless unacknowledged service, using flag bytes to delimit frames and a CRC for error detection. It is used to carry packets across a range of links, including SONET links in wide-area networks and ADSL links for the home. PROBLEMS 1. An upper-layer packet is split into 10 frames, each of which has an 80% chance of ar- riving undamaged. If no error control is done by the data link protocol, how many times must the message be sent on average to get the entire thing through? 252 THE DATA LINK LAYER CHAP. 3 2. The following character encoding is used in a data link protocol: A: 01000111 B: 11100011 FLAG: 01111110 ESC: 11100000 Show the bit sequence transmitted (in binary) for the four-character frame A B ESC FLAG when each of the following framing methods is used: (a) Byte count. (b) Flag bytes with byte stuffing. (c) Starting and ending flag bytes with bit stuffing. 3. The following data fragment occurs in the middle of a data stream for which the byte- stuffing algorithm described in the text is used: A B ESC C ESC FLAG FLAG D. What is the output after stuffing? 4. What is the maximum overhead in byte-stuffing algorithm? 5. One of your classmates, Scrooge, has pointed out that it is wasteful to end each frame with a flag byte and then begin the next one with a second flag byte. One flag byte could do the job as well, and a byte saved is a byte earned. Do you agree? 6. A bit string, 0111101111101111110, needs to be transmitted at the data link layer. What is the string actually transmitted after bit stuffing? 7. Can you think of any circumstances under which an open-loop protocol (e.g., a Ham- ming code) might be preferable to the feedback-type protocols discussed throughout this chapter? 8. To provide more reliability than a single parity bit can give, an error-detecting coding scheme uses one parity bit for checking all the odd-numbered bits and a second parity bit for all the even-numbered bits. What is the Hamming distance of this code? 9. Sixteen-bit messages are transmitted using a Hamming code. How many check bits are needed to ensure that the receiver can detect and correct single-bit errors? Show the bit pattern transmitted for the message 1101001100110101. Assume that even par- ity is used in the Hamming code. 10. A 12-bit Hamming code whose hexadecimal value is 0xE4F arrives at a receiver. What was the original value in hexadecimal? Assume that not more than 1 bit is in error. 11. One way of detecting errors is to transmit data as a block of n rows of k bits per row and add parity bits to each row and each column. The bitin the lower-right corner is a parity bit that checks its row and its column. Will this scheme detect all single errors? Double errors? Triple errors? Show that this scheme cannot detect some four-bit er- rors. 12. Suppose that data are transmitted in blocks of sizes 1000 bits. What is the maximum error rate under which error detection and retransmission mechanism (1 parity bit per block) is better than using Hamming code? Assume that bit errors are independent of one another and no bit error occurs during retransmission. 13. A block of bits with n rows and k columns uses horizontal and vertical parity bits for error detection. Suppose that exactly 4 bits are inverted due to transmission errors. Derive an expression for the probability that the error will be undetected. CHAP. 3 PROBLEMS 253 14. Using the convolutional coder of Fig. 3-7, what is the output sequence when the input sequence is 10101010 (left to right) and the internal state is initially all zero? 15. Suppose that a message 1001 1100 1010 0011 is transmitted using Internet Checksum (4-bit word). What is the value of the checksum? 16. What is the remainder obtained by dividing x 7 + x 5 + 1 by the generator polynomial x 3 + 1? 17. A bit stream 10011101 is transmitted using the standard CRC method described in the text. The generator polynomial is x 3 + 1. Show the actual bit string transmitted. Sup- pose that the third bit from the left is inverted during transmission. Show that this error is detected at the receiver’s end. Give an example of bit errors in the bit string transmitted that will not be detected by the receiver. 18. A 1024-bit message is sent that contains 992 data bits and 32 CRC bits. CRC is com- puted using the IEEE 802 standardized, 32-degree CRC polynomial. For each of the following, explain whether the errors during message transmission will be detected by the receiver: (a) There was a single-bit error. (b) There were two isolated bit errors. (c) There were 18 isolated bit errors. (d) There were 47 isolated bit errors. (e) There was a 24-bit long burst error. (f) There was a 35-bit long burst error. 19. In the discussion of ARQ protocol in Section 3.3.3, a scenario was outlined that re- sulted in the receiver accepting two copies of the same frame due to a loss of acknowl- edgement frame. Is it possible that a receiver may accept multiple copies of the same frame when none of the frames (message or acknowledgement) are lost? 20. A channel has a bit rate of 4 kbps and a propagation delay of 20 msec. For what range of frame sizes does stop-and-wait give an efficiency of at least 50%? 21. In protocol 3, is it possible for the sender to start the timer when it is already running? If so, how might this occur? If not, why is it impossible? 22. A 3000-km-long T1 trunk is used to transmit 64-byte frames using protocol 5. If the propagation speed is 6 μsec /km, how many bits should the sequence numbers be? 23. Imagine a sliding window protocol using so many bits for sequence numbers that wraparound never occurs. What relations must hold among the four window edges and the window size, which is constant and the same for both the sender and the re- ceiver? 24. If the procedure between in protocol 5 checked for the condition a ≤ b ≤ c instead of the condition a ≤ b < c, would that have any effect on the protocol’s correctness or ef- ficiency? Explain your answer. 25. In protocol 6, when a data frame arrives, a check is made to see if the sequence num- ber differs from the one expected and no nak is true. If both conditions hold, a NAK is sent. Otherwise, the auxiliary timer is started. Suppose that the else clause were omitted. Would this change affect the protocol’s correctness? 254 THE DATA LINK LAYER CHAP. 3 26. Suppose that the three-statement while loop near the end of protocol 6 was removed from the code. Would this affect the correctness of the protocol or just the per- formance? Explain your answer. 27. The distance from earth to a distant planet is approximately 9 × 1010 m. What is the channel utilization if a stop-and-wait protocol is used for frame transmission on a 64 Mbps point-to-point link? Assume that the frame size is 32 KB and the speed of light is 3 × 108 m/s. 28. In the previous problem, suppose a sliding window protocol is used instead. For what send window size will the link utilization be 100%? You may ignore the protocol processing times at the sender and the receiver. 29. In protocol 6, the code for frame arrival has a section used for NAKs. This section is invoked if the incoming frame is a NAK and another condition is met. Give a scenario where the presence of this other condition is essential. 30. Consider the operation of protocol 6 over a 1-Mbps perfect (i.e., error-free) line. The maximum frame size is 1000 bits. New packets are generated 1 second apart. The timeout interval is 10 msec. If the special acknowledgement timer were eliminated, unnecessary timeouts would occur. How many times would the average message be transmitted? 31. In protocol 6, MAX SEQ = 2n − 1. While this condition is obviously desirable to make efficient use of header bits, we have not demonstrated that it is essential. Does the protocol work correctly for MAX SEQ = 4, for example? 32. Frames of 1000 bits are sent over a 1-Mbps channel using a geostationary satellite whose propagation time from the earth is 270 msec. Acknowledgements are always piggybacked onto data frames. The headers are very short. Three-bit sequence num- bers are used. What is the maximum achievable channel utilization for (a) Stop-and-wait? (b) Protocol 5? (c) Protocol 6? 33. Compute the fraction of the bandwidth that is wasted on overhead (headers and re- transmissions) for protocol 6 on a heavily loaded 50-kbps satellite channel with data frames consisting of 40 header and 3960 data bits. Assume that the signal propagation time from the earth to the satellite is 270 msec. ACK frames never occur. NAK frames are 40 bits. The error rate for data frames is 1%, and the error rate for NAK frames is negligible. The sequence numbers are 8 bits. 34. Consider an error-free 64-kbps satellite channel used to send 512-byte data frames in one direction, with very short acknowledgements coming back the other way. What is the maximum throughput for window sizes of 1, 7, 15, and 127? The earth-satellite propagation time is 270 msec. 35. A 100-km-long cable runs at the T1 data rate. The propagation speed in the cable is 2/3 the speed of light in vacuum. How many bits fit in the cable? 36. Give at least one reason why PPP uses byte stuffing instead of bit stuffing to prevent accidental flag bytes within the payload from causing confusion. CHAP. 3 PROBLEMS 255 37. What is the minimum overhead to send an IP packet using PPP? Count only the over- head introduced by PPP itself, not the IP header overhead. What is the maximum overhead? 38. A 100-byte IP packet is transmitted over a local loop using ADSL protocol stack. How many ATM cells will be transmitted? Briefly describe their contents. 39. The goal of this lab exercise is to implement an error-detection mechanism using the standard CRC algorithm described in the text. Write two programs, generator and verifier. The generator program reads from standard input a line of ASCII text con- taining an n-bit message consisting of a string of 0s and 1s. The second line is the k- bit polynomial, also in ASCII. It outputs to standard output a line of ASCII text with n + k 0s and 1s representing the message to be transmitted. Then it outputs the poly- nomial, just as it read it in. The verifier program reads in the output of the generator program and outputs a message indicating whether it is correct or not. Finally, write a program, alter, that inverts 1 bit on the first line depending on its argument (the bit number counting the leftmost bit as 1) but copies the rest of the two lines correctly. By typing generator 1, the user community is generating frames at a higher
rate than the channel can handle, and nearly every frame will suffer a collision.
For reasonable throughput, we would expect 0 < N < 1. In addition to the new frames, the stations also generate retransmissions of frames that previously suffered collisions. Let us further assume that the old and new frames combined are well modeled by a Poisson distribution, with mean of G frames per frame time. Clearly, G ≥ N. At low load (i.e., N ∼∼ 0), there will be few collisions, hence few retransmissions, so G ∼∼ N. At high load, there will be many collisions, so G > N. Under all loads, the throughput, S, is just the offered
load, G, times the probability, P 0, of a transmission succeeding—that is,
S = GP 0, where P 0 is the probability that a frame does not suffer a collision.
A frame will not suffer a collision if no other frames are sent within one
frame time of its start, as shown in Fig. 4-2. Under what conditions will the

264 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
shaded frame arrive undamaged? Let t be the time required to send one frame. If
any other user has generated a frame between time t 0 and t 0 + t, the end of that
frame will collide with the beginning of the shaded one. In fact, the shaded
frame’s fate was already sealed even before the first bit was sent, but since in pure
ALOHA a station does not listen to the channel before transmitting, it has no way
of knowing that another frame was already underway. Similarly, any other frame
started between t 0 + t and t 0 + 2t will bump into the end of the shaded frame.
Collides with
the start of
the shaded
frame
Collides with
the end of
the shaded
frame
t
t0 t0+ t t0+ 2t t0+ 3t Time
Vulnerable
Figure 4-2. Vulnerable period for the shaded frame.
The probability that k frames are generated during a given frame time, in
which G frames are expected, is given by the Poisson distribution
Pr[k ] =
k!
G k e −G
(4-2)
so the probability of zero frames is just e −G. In an interval two frame times long,
the mean number of frames generated is 2G. The probability of no frames being
initiated during the entire vulnerable period is thus given by P 0 = e −2G. Using
S = GP 0, we get
S = Ge −2G
The relation between the offered traffic and the throughput is shown in
Fig. 4-3. The maximum throughput occurs at G = 0.5, with S = 1 /2e, which is
about 0.184. In other words, the best we can hope for is a channel utilization of
18%. This result is not very encouraging, but with everyone transmitting at will,
we could hardly have expected a 100% success rate.
Slotted ALOHA
Soon after ALOHA came onto the scene, Roberts (1972) published a method
for doubling the capacity of an ALOHA system. His proposal was to divide time
into discrete intervals called slots, each interval corresponding to one frame. This

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 265
0.40
0.30
0.20
0.10
0 0.5 1.0 1.5
G (attempts per packet time)
2.0 3.0
S
(t
hr
ou
gh
pu
tp
er
fr
am
e
tim
e)
Slotted ALOHA: S = Ge–G
Pure ALOHA: S = Ge–2G
Figure 4-3. Throughput versus offered traffic for ALOHA systems.
approach requires the users to agree on slot boundaries. One way to achieve syn-
chronization would be to have one special station emit a pip at the start of each in-
terval, like a clock.
In Roberts’ method, which has come to be known as slotted ALOHA—in
contrast to Abramson’s pure ALOHA—a station is not permitted to send when-
ever the user types a line. Instead, it is required to wait for the beginning of the
next slot. Thus, the continuous time ALOHA is turned into a discrete time one.
This halves the vulnerable period. To see this, look at Fig. 4-3 and imagine the
collisions that are now possible. The probability of no other traffic during the
same slot as our test frame is then e −G , which leads to
S = Ge −G (4-3)
As you can see from Fig. 4-3, slotted ALOHA peaks at G = 1, with a throughput
of S = 1 /e or about 0.368, twice that of pure ALOHA. If the system is operating
at G = 1, the probability of an empty slot is 0.368 (from Eq. 4-2). The best we
can hope for using slotted ALOHA is 37% of the slots empty, 37% successes, and
26% collisions. Operating at higher values of G reduces the number of empties
but increases the number of collisions exponentially. To see how this rapid
growth of collisions with G comes about, consider the transmission of a test
frame. The probability that it will avoid a collision is e −G , which is the probabil-
ity that all the other stations are silent in that slot. The probability of a collision is
then just 1 − e −G. The probability of a transmission requiring exactly k attempts
(i.e., k − 1 collisions followed by one success) is
Pk = e −G(1 − e −G)k − 1
The expected number of transmissions, E, per line typed at a terminal is then
E =
k =1
Σ
∞
kPk =
k =1
Σ
∞
ke −G(1 − e −G)k − 1 = e G

266 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
As a result of the exponential dependence of E upon G, small increases in the
channel load can drastically reduce its performance.
Slotted ALOHA is notable for a reason that may not be initially obvious. It
was devised in the 1970s, used in a few early experimental systems, then almost
forgotten. When Internet access over the cable was invented, all of a sudden there
was a problem of how to allocate a shared channel among multiple competing
users. Slotted ALOHA was pulled out of the garbage can to save the day. Later,
having multiple RFID tags talk to the same RFID reader presented another varia-
tion on the same problem. Slotted ALOHA, with a dash of other ideas mixed in,
again came to the rescue. It has often happened that protocols that are perfectly
valid fall into disuse for political reasons (e.g., some big company wants everyone
to do things its way) or due to ever-changing technology trends. Then, years later
some clever person realizes that a long-discarded protocol solves his current prob-
lem. For this reason, in this chapter we will study a number of elegant protocols
that are not currently in widespread use but might easily be used in future applica-
tions, provided that enough network designers are aware of them. Of course, we
will also study many protocols that are in current use as well.
4.2.2 Carrier Sense Multiple Access Protocols
With slotted ALOHA, the best channel utilization that can be achieved is 1/e.
This low result is hardly surprising, since with stations transmitting at will, with-
out knowing what the other stations are doing there are bound to be many collis-
ions. In LANs, however, it is often possible for stations to detect what other sta-
tions are doing, and thus adapt their behavior accordingly. These networks can
achieve a much better utilization than 1/e. In this section, we will discuss some
protocols for improving performance.
Protocols in which stations listen for a carrier (i.e., a transmission) and act
accordingly are called carrier sense protocols. A number of them have been
proposed, and they were long ago analyzed in detail. For example, see Kleinrock
and Tobagi (1975). Below we will look at several versions of carrier sense proto-
cols.
Persistent and Nonpersistent CSMA
The first carrier sense protocol that we will study here is called 1-persistent
CSMA (Carrier Sense Multiple Access). That is a bit of a mouthful for the sim-
plest CSMA scheme. When a station has data to send, it first listens to the chan-
nel to see if anyone else is transmitting at that moment. If the channel is idle, the
stations sends its data. Otherwise, if the channel is busy, the station just waits
until it becomes idle. Then the station transmits a frame. If a collision occurs, the

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 267
station waits a random amount of time and starts all over again. The protocol is
called 1-persistent because the station transmits with a probability of 1 when it
finds the channel idle.
You might expect that this scheme avoids collisions except for the rare case
of simultaneous sends, but it in fact it does not. If two stations become ready in
the middle of a third station’s transmission, both will wait politely until the trans-
mission ends, and then both will begin transmitting exactly simultaneously, re-
sulting in a collision. If they were not so impatient, there would be fewer collis-
ions.
More subtly, the propagation delay has an important effect on collisions.
There is a chance that just after a station begins sending, another station will be-
come ready to send and sense the channel. If the first station’s signal has not yet
reached the second one, the latter will sense an idle channel and will also begin
sending, resulting in a collision. This chance depends on the number of frames
that fit on the channel, or the bandwidth-delay product of the channel. If only a
tiny fraction of a frame fits on the channel, which is the case in most LANs since
the propagation delay is small, the chance of a collision happening is small. The
larger the bandwidth-delay product, the more important this effect becomes, and
the worse the performance of the protocol.
Even so, this protocol has better performance than pure ALOHA because both
stations have the decency to desist from interfering with the third station’s frame.
Exactly the same holds for slotted ALOHA.
A second carrier sense protocol is nonpersistent CSMA. In this protocol, a
conscious attempt is made to be less greedy than in the previous one. As before, a
station senses the channel when it wants to send a frame, and if no one else is
sending, the station begins doing so itself. However, if the channel is already in
use, the station does not continually sense it for the purpose of seizing it im-
mediately upon detecting the end of the previous transmission. Instead, it waits a
random period of time and then repeats the algorithm. Consequently, this algo-
rithm leads to better channel utilization but longer delays than 1-persistent
CSMA.
The last protocol is p-persistent CSMA. It applies to slotted channels and
works as follows. When a station becomes ready to send, it senses the channel. If
it is idle, it transmits with a probability p. With a probability q = 1 − p, it defers
until the next slot. If that slot is also idle, it either transmits or defers again, with
probabilities p and q. This process is repeated until either the frame has been
transmitted or another station has begun transmitting. In the latter case, the
unlucky station acts as if there had been a collision (i.e., it waits a random time
and starts again). If the station initially senses that the channel is busy, it waits
until the next slot and applies the above algorithm. IEEE 802.11 uses a refinement
of p-persistent CSMA that we will discuss in Sec. 4.4.
Figure 4-4 shows the computed throughput versus offered traffic for all three
protocols, as well as for pure and slotted ALOHA.

268 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
1.0
0.9
0.8
0.5
0.4
0.3
0.2
0.1
0 1 2 3 4 5 6 7 8 90
0.6
0.7
S
(t
hr
ou
gh
pu
tp
er
pa
ck
et
tim
e)
G (attempts per packet time)
Pure
ALOHA
Slotted
ALOHA
1-persistent
CSMA
0.1-persistent CSMA
0.5-persistent
CSMA
Nonpersistent CSMA
0.01-persistent CSMA
Figure 4-4. Comparison of the channel utilization versus load for various ran-
dom access protocols.
CSMA with Collision Detection
Persistent and nonpersistent CSMA protocols are definitely an improvement
over ALOHA because they ensure that no station begins to transmit while the
channel is busy. However, if two stations sense the channel to be idle and begin
transmitting simultaneously, their signals will still collide. Another improvement
is for the stations to quickly detect the collision and abruptly stop transmitting,
(rather than finishing them) since they are irretrievably garbled anyway. This
strategy saves time and bandwidth.
This protocol, known as CSMA/CD (CSMA with Collision Detection), is
the basis of the classic Ethernet LAN, so it is worth devoting some time to looking
at it in detail. It is important to realize that collision detection is an analog proc-
ess. The station’s hardware must listen to the channel while it is transmitting. If
the signal it reads back is different from the signal it is putting out, it knows that a
collision is occurring. The implications are that a received signal must not be tiny
compared to the transmitted signal (which is difficult for wireless, as received sig-
nals may be 1,000,000 times weaker than transmitted signals) and that the modu-
lation must be chosen to allow collisions to be detected (e.g., a collision of two 0-
volt signals may well be impossible to detect).
CSMA/CD, as well as many other LAN protocols, uses the conceptual model
of Fig. 4-5. At the point marked t 0, a station has finished transmitting its frame.
Any other station having a frame to send may now attempt to do so. If two or
more stations decide to transmit simultaneously, there will be a collision. If a sta-
tion detects a collision, it aborts its transmission, waits a random period of time,
and then tries again (assuming that no other station has started transmitting in the

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 269
meantime). Therefore, our model for CSMA/CD will consist of alternating con-
tention and transmission periods, with idle periods occurring when all stations are
quiet (e.g., for lack of work).
Contention
slots
Contention
period
Transmission
period
Idle
period
to
Frame Frame Frame Frame
Time
Figure 4-5. CSMA/CD can be in contention, transmission, or idle state.
Now let us look at the details of the contention algorithm. Suppose that two
stations both begin transmitting at exactly time t 0 . How long will it take them to
realize that they have collided? The answer is vital to determining the length of
the contention period and hence what the delay and throughput will be.
The minimum time to detect the collision is just the time it takes the signal to
propagate from one station to the other. Based on this information, you might
think that a station that has not heard a collision for a time equal to the full cable
propagation time after starting its transmission can be sure it has seized the cable.
By ‘‘seized,’’ we mean that all other stations know it is transmitting and will not
interfere. This conclusion is wrong.
Consider the following worst-case scenario. Let the time for a signal to pro-
pagate between the two farthest stations be τ. At t 0, one station begins trans-
mitting. At t 0 + τ − ε, an instant before the signal arrives at the most distant sta-
tion, that station also begins transmitting. Of course, it detects the collision al-
most instantly and stops, but the little noise burst caused by the collision does not
get back to the original station until time 2τ − ε. In other words, in the worst case
a station cannot be sure that it has seized the channel until it has transmitted for 2τ
without hearing a collision.
With this understanding, we can think of CSMA/CD contention as a slotted
ALOHA system with a slot width of 2τ. On a 1-km long coaxial cable,
τ ∼∼ 5 μsec. The difference for CSMA/CD compared to slotted ALOHA is that
slots in which only one station transmits (i.e., in which the channel is seized) are
followed by the rest of a frame. This difference will greatly improve performance
if the frame time is much longer than the propagation time.
4.2.3 Collision-Free Protocols
Although collisions do not occur with CSMA/CD once a station has unambi-
guously captured the channel, they can still occur during the contention period.
These collisions adversely affect the system performance, especially when the

270 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
bandwidth-delay product is large, such as when the cable is long (i.e., large τ) and
the frames are short. Not only do collisions reduce bandwidth, but they make the
time to send a frame variable, which is not a good fit for real-time traffic such as
voice over IP. CSMA/CD is also not universally applicable.
In this section, we will examine some protocols that resolve the contention for
the channel without any collisions at all, not even during the contention period.
Most of these protocols are not currently used in major systems, but in a rapidly
changing field, having some protocols with excellent properties available for fu-
ture systems is often a good thing.
In the protocols to be described, we assume that there are exactly N stations,
each programmed with a unique address from 0 to N − 1. It does not matter that
some stations may be inactive part of the time. We also assume that propagation
delay is negligible. The basic question remains: which station gets the channel
after a successful transmission? We continue using the model of Fig. 4-5 with its
discrete contention slots.
A Bit-Map Protocol
In our first collision-free protocol, the basic bit-map method, each con-
tention period consists of exactly N slots. If station 0 has a frame to send, it trans-
mits a 1 bit during the slot 0. No other station is allowed to transmit during this
slot. Regardless of what station 0 does, station 1 gets the opportunity to transmit a
1 bit during slot 1, but only if it has a frame queued. In general, station j may
announce that it has a frame to send by inserting a 1 bit into slot j. After all N
slots have passed by, each station has complete knowledge of which stations wish
to transmit. At that point, they begin transmitting frames in numerical order (see
Fig. 4-6).
0 1
1 1 1 1 1 1 5 11 3 7
2 3 4 5 6 7 0 1 2 3 4 5 6 7 0 1 2 3 4 5 6 7
18 Contention slots
Frames
8 Contention slots
2
d
Figure 4-6. The basic bit-map protocol.
Since everyone agrees on who goes next, there will never be any collisions.
After the last ready station has transmitted its frame, an event all stations can easi-
ly monitor, another N-bit contention period is begun. If a station becomes ready
just after its bit slot has passed by, it is out of luck and must remain silent until
every station has had a chance and the bit map has come around again.

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 271
Protocols like this in which the desire to transmit is broadcast before the ac-
tual transmission are called reservation protocols because they reserve channel
ownership in advance and prevent collisions. Let us briefly analyze the perfor-
mance of this protocol. For convenience, we will measure time in units of the
contention bit slot, with data frames consisting of d time units.
Under conditions of low load, the bit map will simply be repeated over and
over, for lack of data frames. Consider the situation from the point of view of a
low-numbered station, such as 0 or 1. Typically, when it becomes ready to send,
the ‘‘current’’ slot will be somewhere in the middle of the bit map. On average,
the station will have to wait N /2 slots for the current scan to finish and another
full N slots for the following scan to run to completion before it may begin trans-
mitting.
The prospects for high-numbered stations are brighter. Generally, these will
only have to wait half a scan (N /2 bit slots) before starting to transmit. High-
numbered stations rarely have to wait for the next scan. Since low-numbered sta-
tions must wait on average 1.5N slots and high-numbered stations must wait on
average 0.5N slots, the mean for all stations is N slots.
The channel efficiency at low load is easy to compute. The overhead per
frame is N bits and the amount of data is d bits, for an efficiency of d /(d + N).
At high load, when all the stations have something to send all the time, the N-
bit contention period is prorated over N frames, yielding an overhead of only 1 bit
per frame, or an efficiency of d /(d + 1). The mean delay for a frame is equal to
the sum of the time it queues inside its station, plus an additional (N − 1)d + N
once it gets to the head of its internal queue. This interval is how long it takes to
wait for all other stations to have their turn sending a frame and another bitmap.
Token Passing
The essence of the bit-map protocol is that it lets every station transmit a
frame in turn in a predefined order. Another way to accomplish the same thing is
to pass a small message called a token from one station to the next in the same
predefined order. The token represents permission to send. If a station has a
frame queued for transmission when it receives the token, it can send that frame
before it passes the token to the next station. If it has no queued frame, it simply
passes the token.
In a token ring protocol, the topology of the network is used to define the
order in which stations send. The stations are connected one to the next in a single
ring. Passing the token to the next station then simply consists of receiving the
token in from one direction and transmitting it out in the other direction, as seen in
Fig. 4-7. Frames are also transmitted in the direction of the token. This way they
will circulate around the ring and reach whichever station is the destination. How-
ever, to stop the frame circulating indefinitely (like the token), some station needs

272 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
to remove it from the ring. This station may be either the one that originally sent
the frame, after it has gone through a complete cycle, or the station that was the
intended recipient of the frame.
Direction of
transmission
TokenStation
Figure 4-7. Token ring.
Note that we do not need a physical ring to implement token passing. The
channel connecting the stations might instead be a single long bus. Each station
then uses the bus to send the token to the next station in the predefined sequence.
Possession of the token allows a station to use the bus to send one frame, as be-
fore. This protocol is called token bus.
The performance of token passing is similar to that of the bit-map protocol,
though the contention slots and frames of one cycle are now intermingled. After
sending a frame, each station must wait for all N stations (including itself) to send
the token to their neighbors and the other N − 1 stations to send a frame, if they
have one. A subtle difference is that, since all positions in the cycle are equiva-
lent, there is no bias for low- or high-numbered stations. For token ring, each sta-
tion is also sending the token only as far as its neighboring station before the pro-
tocol takes the next step. Each token does not need to propagate to all stations be-
fore the protocol advances to the next step.
Token rings have cropped up as MAC protocols with some consistency. An
early token ring protocol (called ‘‘Token Ring’’ and standardized as IEEE 802.5)
was popular in the 1980s as an alternative to classic Ethernet. In the 1990s, a
much faster token ring called FDDI (Fiber Distributed Data Interface) was
beaten out by switched Ethernet. In the 2000s, a token ring called RPR (Resi-
lient Packet Ring) was defined as IEEE 802.17 to standardize the mix of metro-
politan area rings in use by ISPs. We wonder what the 2010s will have to offer.
Binary Countdown
A problem with the basic bit-map protocol, and by extension token passing, is
that the overhead is 1 bit per station, so it does not scale well to networks with
thousands of stations. We can do better than that by using binary station ad-
dresses with a channel that combines transmissions. A station wanting to use the

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 273
channel now broadcasts its address as a binary bit string, starting with the high-
order bit. All addresses are assumed to be the same length. The bits in each ad-
dress position from different stations are BOOLEAN ORed together by the chan-
nel when they are sent at the same time. We will call this protocol binary count-
down. It was used in Datakit (Fraser, 1987). It implicitly assumes that the trans-
mission delays are negligible so that all stations see asserted bits essentially in-
stantaneously.
To avoid conflicts, an arbitration rule must be applied: as soon as a station
sees that a high-order bit position that is 0 in its address has been overwritten with
a 1, it gives up. For example, if stations 0010, 0100, 1001, and 1010 are all trying
to get the channel, in the first bit time the stations transmit 0, 0, 1, and 1, re-
spectively. These are ORed together to form a 1. Stations 0010 and 0100 see the
1 and know that a higher-numbered station is competing for the channel, so they
give up for the current round. Stations 1001 and 1010 continue.
The next bit is 0, and both stations continue. The next bit is 1, so station 1001
gives up. The winner is station 1010 because it has the highest address. After
winning the bidding, it may now transmit a frame, after which another bidding
cycle starts. The protocol is illustrated in Fig. 4-8. It has the property that high-
er-numbered stations have a higher priority than lower-numbered stations, which
may be either good or bad, depending on the context.
0 0 1 0 0 – – –
0 1 2 3
Bit time
0 1 0 0 0 – – –
1 0 0 1 1 0 0 –
1 0 1 0 1 0 1 0
1 0 1 0Result
Stations 0010
and 0100 see this
1 and give up
Station 1001
sees this 1
and gives up
Figure 4-8. The binary countdown protocol. A dash indicates silence.
The channel efficiency of this method is d /(d + log2 N). If, however, the
frame format has been cleverly chosen so that the sender’s address is the first field
in the frame, even these log2 N bits are not wasted, and the efficiency is 100%.
Binary countdown is an example of a simple, elegant, and efficient protocol
that is waiting to be rediscovered. Hopefully, it will find a new home some day.

274 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
4.2.4 Limited-Contention Protocols
We have now considered two basic strategies for channel acquisition in a
broadcast network: contention, as in CSMA, and collision-free protocols. Each
strategy can be rated as to how well it does with respect to the two important per-
formance measures, delay at low load and channel efficiency at high load. Under
conditions of light load, contention (i.e., pure or slotted ALOHA) is preferable
due to its low delay (since collisions are rare). As the load increases, contention
becomes increasingly less attractive because the overhead associated with channel
arbitration becomes greater. Just the reverse is true for the collision-free proto-
cols. At low load, they have relatively high delay but as the load increases, the
channel efficiency improves (since the overheads are fixed).
Obviously, it would be nice if we could combine the best properties of the
contention and collision-free protocols, arriving at a new protocol that used con-
tention at low load to provide low delay, but used a collision-free technique at
high load to provide good channel efficiency. Such protocols, which we will call
limited-contention protocols, do in fact exist, and will conclude our study of car-
rier sense networks.
Up to now, the only contention protocols we have studied have been symmet-
ric. That is, each station attempts to acquire the channel with some probability, p,
with all stations using the same p. Interestingly enough, the overall system per-
formance can sometimes be improved by using a protocol that assigns different
probabilities to different stations.
Before looking at the asymmetric protocols, let us quickly review the per-
formance of the symmetric case. Suppose that k stations are contending for chan-
nel access. Each has a probability p of transmitting during each slot. The
probability that some station successfully acquires the channel during a given slot
is the probability that any one station transmits, with probability p, and all other
k − 1 stations defer, each with probability 1 − p. This value is kp(1 − p)k − 1 . To
find the optimal value of p, we differentiate with respect to p, set the result to
zero, and solve for p. Doing so, we find that the best value of p is 1/k. Substitut-
ing p = 1/k, we get
Pr[success with optimal p] =
⎧
⎪
⎩ k
k − 1 ⎫⎪
⎭
k − 1
(4-4)
This probability is plotted in Fig. 4-9. For small numbers of stations, the chances
of success are good, but as soon as the number of stations reaches even five, the
probability has dropped close to its asymptotic value of 1/e.
From Fig. 4-9, it is fairly obvious that the probability of some station acquir-
ing the channel can be increased only by decreasing the amount of competition.
The limited-contention protocols do precisely that. They first divide the stations
into (not necessarily disjoint) groups. Only the members of group 0 are permitted

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 275
1.0
0.8
0.6
0.4
0.2
0.0
5 10 15 20 250
P
ro
ba
bi
lit
y
of
su
cc
es
s
Number of ready stations
Figure 4-9. Acquisition probability for a symmetric contention channel.
to compete for slot 0. If one of them succeeds, it acquires the channel and trans-
mits its frame. If the slot lies fallow or if there is a collision, the members of
group 1 contend for slot 1, etc. By making an appropriate division of stations into
groups, the amount of contention for each slot can be reduced, thus operating each
slot near the left end of Fig. 4-9.
The trick is how to assign stations to slots. Before looking at the general case,
let us consider some special cases. At one extreme, each group has but one
member. Such an assignment guarantees that there will never be collisions be-
cause at most one station is contending for any given slot. We have seen such
protocols before (e.g., binary countdown). The next special case is to assign two
stations per group. The probability that both will try to transmit during a slot is
p 2, which for a small p is negligible. As more and more stations are assigned to
the same slot, the probability of a collision grows, but the length of the bit-map
scan needed to give everyone a chance shrinks. The limiting case is a single
group containing all stations (i.e., slotted ALOHA). What we need is a way to
assign stations to slots dynamically, with many stations per slot when the load is
low and few (or even just one) station per slot when the load is high.
The Adaptive Tree Walk Protocol
One particularly simple way of performing the necessary assignment is to use
the algorithm devised by the U.S. Army for testing soldiers for syphilis during
World War II (Dorfman, 1943). In short, the Army took a blood sample from N
soldiers. A portion of each sample was poured into a single test tube. This mixed
sample was then tested for antibodies. If none were found, all the soldiers in the
group were declared healthy. If antibodies were present, two new mixed samples

276 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
were prepared, one from soldiers 1 through N/2 and one from the rest. The proc-
ess was repeated recursively until the infected soldiers were determined.
For the computerized version of this algorithm (Capetanakis, 1979), it is con-
venient to think of the stations as the leaves of a binary tree, as illustrated in
Fig. 4-10. In the first contention slot following a successful frame transmission,
slot 0, all stations are permitted to try to acquire the channel. If one of them does
so, fine. If there is a collision, then during slot 1 only those stations falling under
node 2 in the tree may compete. If one of them acquires the channel, the slot fol-
lowing the frame is reserved for those stations under node 3. If, on the other
hand, two or more stations under node 2 want to transmit, there will be a collision
during slot 1, in which case it is node 4’s turn during slot 2.
1
2 3
4 5 6 7
A B C D E F G H
Stations
Figure 4-10. The tree for eight stations.
In essence, if a collision occurs during slot 0, the entire tree is searched, depth
first, to locate all ready stations. Each bit slot is associated with some particular
node in the tree. If a collision occurs, the search continues recursively with the
node’s left and right children. If a bit slot is idle or if only one station transmits in
it, the searching of its node can stop because all ready stations have been located.
(Were there more than one, there would have been a collision.)
When the load on the system is heavy, it is hardly worth the effort to dedicate
slot 0 to node 1 because that makes sense only in the unlikely event that precisely
one station has a frame to send. Similarly, one could argue that nodes 2 and 3
should be skipped as well for the same reason. Put in more general terms, at what
level in the tree should the search begin? Clearly, the heavier the load, the farther
down the tree the search should begin. We will assume that each station has a
good estimate of the number of ready stations, q, for example, from monitoring
recent traffic.
To proceed, let us number the levels of the tree from the top, with node 1 in
Fig. 4-10 at level 0, nodes 2 and 3 at level 1, etc. Notice that each node at level i

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 277
has a fraction 2−i of the stations below it. If the q ready stations are uniformly
distributed, the expected number of them below a specific node at level i is just
2−iq. Intuitively, we would expect the optimal level to begin searching the tree to
be the one at which the mean number of contending stations per slot is 1, that is,
the level at which 2−iq = 1. Solving this equation, we find that i = log2 q.
Numerous improvements to the basic algorithm have been discovered and are
discussed in some detail by Bertsekas and Gallager (1992). For example, consid-
er the case of stations G and H being the only ones wanting to transmit. At node 1
a collision will occur, so 2 will be tried and discovered idle. It is pointless to
probe node 3 since it is guaranteed to have a collision (we know that two or more
stations under 1 are ready and none of them are under 2, so they must all be under
3). The probe of 3 can be skipped and 6 tried next. When this probe also turns up
nothing, 7 can be skipped and node G tried next.
4.2.5 Wireless LAN Protocols
A system of laptop computers that communicate by radio can be regarded as a
wireless LAN, as we discussed in Sec. 1.5.3. Such a LAN is an example of a
broadcast channel. It also has somewhat different properties than a wired LAN,
which leads to different MAC protocols. In this section, we will examine some of
these protocols. In Sec. 4.4, we will look at 802.11 (WiFi) in detail.
A common configuration for a wireless LAN is an office building with access
points (APs) strategically placed around the building. The APs are wired together
using copper or fiber and provide connectivity to the stations that talk to them. If
the transmission power of the APs and laptops is adjusted to have a range of tens
of meters, nearby rooms become like a single cell and the entire building becomes
like the cellular telephony systems we studied in Chap. 2, except that each cell
only has one channel. This channel is shared by all the stations in the cell, includ-
ing the AP. It typically provides megabit/sec bandwidths, up to 600 Mbps.
We have already remarked that wireless systems cannot normally detect a col-
lision while it is occurring. The received signal at a station may be tiny, perhaps a
million times fainter than the signal that is being transmitted. Finding it is like
looking for a ripple on the ocean. Instead, acknowledgements are used to dis-
cover collisions and other errors after the fact.
There is an even more important difference between wireless LANs and wired
LANs. A station on a wireless LAN may not be able to transmit frames to or re-
ceive frames from all other stations because of the limited radio range of the sta-
tions. In wired LANs, when one station sends a frame, all other stations receive
it. The absence of this property in wireless LANs causes a variety of complica-
tions.
We will make the simplifying assumption that each radio transmitter has some
fixed range, represented by a circular coverage region within which another sta-
tion can sense and receive the station’s transmission. It is important to realize that

278 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
in practice coverage regions are not nearly so regular because the propagation of
radio signals depends on the environment. Walls and other obstacles that attenu-
ate and reflect signals may cause the range to differ markedly in different direc-
tions. But a simple circular model will do for our purposes.
A naive approach to using a wireless LAN might be to try CSMA: just listen
for other transmissions and only transmit if no one else is doing so. The trouble
is, this protocol is not really a good way to think about wireless because what mat-
ters for reception is interference at the receiver, not at the sender. To see the na-
ture of the problem, consider Fig. 4-11, where four wireless stations are illustrat-
ed. For our purposes, it does not matter which are APs and which are laptops.
The radio range is such that A and B are within each other’s range and can poten-
tially interfere with one another. C can also potentially interfere with both B and
D, but not with A.
Radio range
(a) (b)
Radio range
A B C D A B C D
Figure 4-11. A wireless LAN. (a) A and C are hidden terminals when trans-
mitting to B. (b) B and C are exposed terminals when transmitting to A and D.
First consider what happens when A and C transmit to B, as depicted in
Fig. 4-11(a). If A sends and then C immediately senses the medium, it will not
hear A because A is out of range. Thus C will falsely conclude that it can transmit
to B. If C does start transmitting, it will interfere at B, wiping out the frame from
A. (We assume here that no CDMA-type scheme is used to provide multiple
channels, so collisions garble the signal and destroy both frames.) We want a
MAC protocol that will prevent this kind of collision from happening because it
wastes bandwidth. The problem of a station not being able to detect a potential
competitor for the medium because the competitor is too far away is called the
hidden terminal problem.
Now let us look at a different situation: B transmitting to A at the same time
that C wants to transmit to D, as shown in Fig. 4-11(b). If C senses the medium, it
will hear a transmission and falsely conclude that it may not send to D (shown as
a dashed line). In fact, such a transmission would cause bad reception only in the
zone between B and C, where neither of the intended receivers is located. We
want a MAC protocol that prevents this kind of deferral from happening because
it wastes bandwidth. The problem is called the exposed terminal problem.
The difficulty is that, before starting a transmission, a station really wants to
know whether there is radio activity around the receiver. CSMA merely tells it

SEC. 4.2 MULTIPLE ACCESS PROTOCOLS 279
whether there is activity near the transmitter by sensing the carrier. With a wire,
all signals propagate to all stations, so this distinction does not exist. However,
only one transmission can then take place at once anywhere in the system. In a
system based on short-range radio waves, multiple transmissions can occur simul-
taneously if they all have different destinations and these destinations are out of
range of one another. We want this concurrency to happen as the cell gets larger
and larger, in the same way that people at a party should not wait for everyone in
the room to go silent before they talk; multiple conversations can take place at
once in a large room as long as they are not directed to the same location.
An early and influential protocol that tackles these problems for wireless
LANs is MACA (Multiple Access with Collision Avoidance) (Karn, 1990). The
basic idea behind it is for the sender to stimulate the receiver into outputting a
short frame, so stations nearby can detect this transmission and avoid transmitting
for the duration of the upcoming (large) data frame. This technique is used instead
of carrier sense.
MACA is illustrated in Fig. 4-12. Let us see how A sends a frame to B. A
starts by sending an RTS (Request To Send) frame to B, as shown in Fig. 4-12(a).
This short frame (30 bytes) contains the length of the data frame that will eventu-
ally follow. Then B replies with a CTS (Clear To Send) frame, as shown in
Fig. 4-12(b). The CTS frame contains the data length (copied from the RTS
frame). Upon receipt of the CTS frame, A begins transmission.
(a) (b)
Range of A’s transmitter
A RTS
E
B DC A CTS
E
B DC
Range of B’s transmitter
Figure 4-12. The MACA protocol. (a) A sending an RTS to B. (b) B responding
with a CTS to A.
Now let us see how stations overhearing either of these frames react. Any
station hearing the RTS is clearly close to A and must remain silent long enough
for the CTS to be transmitted back to A without conflict. Any station hearing the
CTS is clearly close to B and must remain silent during the upcoming data trans-
mission, whose length it can tell by examining the CTS frame.

280 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
In Fig. 4-12, C is within range of A but not within range of B. Therefore, it
hears the RTS from A but not the CTS from B. As long as it does not interfere with
the CTS, it is free to transmit while the data frame is being sent. In contrast, D is
within range of B but not A. It does not hear the RTS but does hear the CTS.
Hearing the CTS tips it off that it is close to a station that is about to receive a
frame, so it defers sending anything until that frame is expected to be finished.
Station E hears both control messages and, like D, must be silent until the data
frame is complete.
Despite these precautions, collisions can still occur. For example, B and C
could both send RTS frames to A at the same time. These will collide and be lost.
In the event of a collision, an unsuccessful transmitter (i.e., one that does not hear
a CTS within the expected time interval) waits a random amount of time and tries
again later.
4.3 ETHERNET
We have now finished our discussion of channel allocation protocols in the
abstract, so it is time to see how these principles apply to real systems. Many of
the designs for personal, local, and metropolitan area networks have been stan-
dardized under the name of IEEE 802. A few have survived but many have not,
as we saw in Fig. 1-38. Some people who believe in reincarnation think that
Charles Darwin came back as a member of the IEEE Standards Association to
weed out the unfit. The most important of the survivors are 802.3 (Ethernet) and
802.11 (wireless LAN). Bluetooth (wireless PAN) is widely deployed but has now
been standardized outside of 802.15. With 802.16 (wireless MAN), it is too early
to tell. Please consult the 6th edition of this book to find out.
We will begin our study of real systems with Ethernet, probably the most ubi-
quitous kind of computer network in the world. Two kinds of Ethernet exist: clas-
sic Ethernet, which solves the multiple access problem using the techniques we
have studied in this chapter; and switched Ethernet, in which devices called
switches are used to connect different computers. It is important to note that,
while they are both referred to as Ethernet, they are quite different. Classic Ether-
net is the original form and ran at rates from 3 to 10 Mbps. Switched Ethernet is
what Ethernet has become and runs at 100, 1000, and 10,000 Mbps, in forms call-
ed fast Ethernet, gigabit Ethernet, and 10 gigabit Ethernet. In practice, only
switched Ethernet is used nowadays.
We will discuss these historical forms of Ethernet in chronological order
showing how they developed. Since Ethernet and IEEE 802.3 are identical except
for a minor difference (which we will discuss shortly), many people use the terms
‘‘Ethernet’’ and ‘‘IEEE 802.3’’ interchangeably. We will do so, too. For more
information about Ethernet, see Spurgeon (2000).

SEC. 4.3 ETHERNET 281
4.3.1 Classic Ethernet Physical Layer
The story of Ethernet starts about the same time as that of ALOHA, when a
student named Bob Metcalfe got his bachelor’s degree at M.I.T. and then moved
up the river to get his Ph.D. at Harvard. During his studies, he was exposed to
Abramson’s work. He became so interested in it that after graduating from Har-
vard, he decided to spend the summer in Hawaii working with Abramson before
starting work at Xerox PARC (Palo Alto Research Center). When he got to
PARC, he saw that the researchers there had designed and built what would later
be called personal computers. But the machines were isolated. Using his knowl-
edge of Abramson’s work, he, together with his colleague David Boggs, designed
and implemented the first local area network (Metcalfe and Boggs, 1976). It used
a single long, thick coaxial cable and ran at 3 Mbps.
They called the system Ethernet after the luminiferous ether, through which
electromagnetic radiation was once thought to propagate. (When the 19th-century
British physicist James Clerk Maxwell discovered that electromagnetic radiation
could be described by a wave equation, scientists assumed that space must be
filled with some ethereal medium in which the radiation was propagating. Only
after the famous Michelson-Morley experiment in 1887 did physicists discover
that electromagnetic radiation could propagate in a vacuum.)
The Xerox Ethernet was so successful that DEC, Intel, and Xerox drew up a
standard in 1978 for a 10-Mbps Ethernet, called the DIX standard. With a minor
change, the DIX standard became the IEEE 802.3 standard in 1983. Unfor-
tunately for Xerox, it already had a history of making seminal inventions (such as
the personal computer) and then failing to commercialize on them, a story told in
Fumbling the Future (Smith and Alexander, 1988). When Xerox showed little
interest in doing anything with Ethernet other than helping standardize it,
Metcalfe formed his own company, 3Com, to sell Ethernet adapters for PCs. It
sold many millions of them.
Classic Ethernet snaked around the building as a single long cable to which all
the computers were attached. This architecture is shown in Fig. 4-13. The first
variety, popularly called thick Ethernet, resembled a yellow garden hose, with
markings every 2.5 meters to show where to attach computers. (The 802.3 stan-
dard did not actually require the cable to be yellow, but it did suggest it.) It was
succeeded by thin Ethernet, which bent more easily and made connections using
industry-standard BNC connectors. Thin Ethernet was much cheaper and easier
to install, but it could run for only 185 meters per segment (instead of 500 m with
thick Ethernet), each of which could handle only 30 machines (instead of 100).
Each version of Ethernet has a maximum cable length per segment (i.e.,
unamplified length) over which the signal will propagate. To allow larger net-
works, multiple cables can be connected by repeaters. A repeater is a physical
layer device that receives, amplifies (i.e., regenerates), and retransmits signals in
both directions. As far as the software is concerned, a series of cable segments

282 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Ether
Transceiver
Interface
cable
Figure 4-13. Architecture of classic Ethernet.
connected by repeaters is no different from a single cable (except for a small
amount of delay introduced by the repeaters).
Over each of these cables, information was sent using the Manchester encod-
ing we studied in Sec. 2.5. An Ethernet could contain multiple cable segments and
multiple repeaters, but no two transceivers could be more than 2.5 km apart and
no path between any two transceivers could traverse more than four repeaters.
The reason for this restriction was so that the MAC protocol, which we will look
at next, would work correctly.
4.3.2 Classic Ethernet MAC Sublayer Protocol
The format used to send frames is shown in Fig. 4-14. First comes a Pream-
ble of 8 bytes, each containing the bit pattern 10101010 (with the exception of the
last byte, in which the last 2 bits are set to 11). This last byte is called the Start of
Frame delimiter for 802.3. The Manchester encoding of this pattern produces a
10-MHz square wave for 6.4 μsec to allow the receiver’s clock to synchronize
with the sender’s. The last two 1 bits tell the receiver that the rest of the frame is
about to start.
Preamble(a)
Bytes
Type Data Pad
Check-
sum
Destination
address
Source
address
8 2 0-1500 0-46 46 6
Preamble(b) Length Data Pad
Check-
sum
Destination
address
Source
address
Figure 4-14. Frame formats. (a) Ethernet (DIX). (b) IEEE 802.3.
Next come two addresses, one for the destination and one for the source. They
are each 6 bytes long. The first transmitted bit of the destination address is a 0 for

SEC. 4.3 ETHERNET 283
ordinary addresses and a 1 for group addresses. Group addresses allow multiple
stations to listen to a single address. When a frame is sent to a group address, all
the stations in the group receive it. Sending to a group of stations is called multi-
casting. The special address consisting of all 1 bits is reserved for broadcasting.
A frame containing all 1s in the destination field is accepted by all stations on the
network. Multicasting is more selective, but it involves group management to
define which stations are in the group. Conversely, broadcasting does not dif-
ferentiate between stations at all, so it does not require any group management.
An interesting feature of station source addresses is that they are globally
unique, assigned centrally by IEEE to ensure that no two stations anywhere in the
world have the same address. The idea is that any station can uniquely address
any other station by just giving the right 48-bit number. To do this, the first 3
bytes of the address field are used for an OUI (Organizationally Unique Identif-
ier). Values for this field are assigned by IEEE and indicate a manufacturer.
Manufacturers are assigned blocks of 224 addresses. The manufacturer assigns the
last 3 bytes of the address and programs the complete address into the NIC before
it is sold.
Next comes the Type or Length field, depending on whether the frame is Eth-
ernet or IEEE 802.3. Ethernet uses a Type field to tell the receiver what to do
with the frame. Multiple network-layer protocols may be in use at the same time
on the same machine, so when an Ethernet frame arrives, the operating system has
to know which one to hand the frame to. The Type field specifies which process
to give the frame to. For example, a type code of 0x0800 means that the data con-
tains an IPv4 packet.
IEEE 802.3, in its wisdom, decided that this field would carry the length of
the frame, since the Ethernet length was determined by looking inside the data—a
layering violation if ever there was one. Of course, this meant there was no way
for the receiver to figure out what to do with an incoming frame. That problem
was handled by the addition of another header for the LLC (Logical Link Con-
trol) protocol within the data. It uses 8 bytes to convey the 2 bytes of protocol
type information.
Unfortunately, by the time 802.3 was published, so much hardware and
software for DIX Ethernet was already in use that few manufacturers and users
were enthusiastic about repackaging the Type and Length fields. In 1997, IEEE
threw in the towel and said that both ways were fine with it. Fortunately, all the
Type fields in use before 1997 had values greater than 1500, then well established
as the maximum data size. Now the rule is that any number there less than or
equal to 0x600 (1536) can be interpreted as Length, and any number greater than
0x600 can be interpreted as Type. Now IEEE can maintain that everyone is using
its standard and everybody else can keep on doing what they were already doing
(not bothering with LLC) without feeling guilty about it.
Next come the data, up to 1500 bytes. This limit was chosen somewhat arbi-
trarily at the time the Ethernet standard was cast in stone, mostly based on the fact

284 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
that a transceiver needs enough RAM to hold an entire frame and RAM was
expensive in 1978. A larger upper limit would have meant more RAM, and hence
a more expensive transceiver.
In addition to there being a maximum frame length, there is also a minimum
frame length. While a data field of 0 bytes is sometimes useful, it causes a prob-
lem. When a transceiver detects a collision, it truncates the current frame, which
means that stray bits and pieces of frames appear on the cable all the time. To
make it easier to distinguish valid frames from garbage, Ethernet requires that
valid frames must be at least 64 bytes long, from destination address to checksum,
including both. If the data portion of a frame is less than 46 bytes, the Pad field is
used to fill out the frame to the minimum size.
Another (and more important) reason for having a minimum length frame is to
prevent a station from completing the transmission of a short frame before the
first bit has even reached the far end of the cable, where it may collide with
another frame. This problem is illustrated in Fig. 4-15. At time 0, station A, at
one end of the network, sends off a frame. Let us call the propagation time for
this frame to reach the other end τ. Just before the frame gets to the other end
(i.e., at time τ − ε), the most distant station, B, starts transmitting. When B detects
that it is receiving more power than it is putting out, it knows that a collision has
occurred, so it aborts its transmission and generates a 48-bit noise burst to warn
all other stations. In other words, it jams the ether to make sure the sender does
not miss the collision. At about time 2τ, the sender sees the noise burst and aborts
its transmission, too. It then waits a random time before trying again.
Packet starts
at time 0A B A B
Packet almost
at B at
Collision at
time
A B
Noise burst gets
back to A at 2
A B
(a) (b)
(c) (d)
Figure 4-15. Collision detection can take as long as 2τ.
If a station tries to transmit a very short frame, it is conceivable that a colli-
sion will occur, but the transmission will have completed before the noise burst
gets back to the station at 2τ. The sender will then incorrectly conclude that the
frame was successfully sent. To prevent this situation from occurring, all frames
must take more than 2τ to send so that the transmission is still taking place when

SEC. 4.3 ETHERNET 285
the noise burst gets back to the sender. For a 10-Mbps LAN with a maximum
length of 2500 meters and four repeaters (from the 802.3 specification), the
round-trip time (including time to propagate through the four repeaters) has been
determined to be nearly 50 μsec in the worst case. Therefore, the shortest allowed
frame must take at least this long to transmit. At 10 Mbps, a bit takes 100 nsec, so
500 bits is the smallest frame that is guaranteed to work. To add some margin of
safety, this number was rounded up to 512 bits or 64 bytes.
The final field is the Checksum. It is a 32-bit CRC of the kind we studied in
Sec. 3.2. In fact, it is defined exactly by the generator polynomial we gave there,
which popped up for PPP, ADSL, and other links too. This CRC is an error-
detecting code that is used to determine if the bits of the frame have been received
correctly. It just does error detection, with the frame dropped if an error is
detected.
CSMA/CD with Binary Exponential Backoff
Classic Ethernet uses the 1-persistent CSMA/CD algorithm that we studied in
Sec. 4.2. This descriptor just means that stations sense the medium when they
have a frame to send and send the frame as soon as the medium becomes idle.
They monitor the channel for collisions as they send. If there is a collision, they
abort the transmission with a short jam signal and retransmit after a random inter-
val.
Let us now see how the random interval is determined when a collision
occurs, as it is a new method. The model is still that of Fig. 4-5. After a collision,
time is divided into discrete slots whose length is equal to the worst-case round-
trip propagation time on the ether (2τ). To accommodate the longest path allowed
by Ethernet, the slot time has been set to 512 bit times, or 51.2 μsec.
After the first collision, each station waits either 0 or 1 slot times at random
before trying again. If two stations collide and each one picks the same random
number, they will collide again. After the second collision, each one picks either
0, 1, 2, or 3 at random and waits that number of slot times. If a third collision
occurs (the probability of this happening is 0.25), the next time the number of
slots to wait is chosen at random from the interval 0 to 23 − 1.
In general, after i collisions, a random number between 0 and 2i − 1 is chosen,
and that number of slots is skipped. However, after 10 collisions have been
reached, the randomization interval is frozen at a maximum of 1023 slots. After
16 collisions, the controller throws in the towel and reports failure back to the
computer. Further recovery is up to higher layers.
This algorithm, called binary exponential backoff, was chosen to dynami-
cally adapt to the number of stations trying to send. If the randomization interval
for all collisions were 1023, the chance of two stations colliding for a second time
would be negligible, but the average wait after a collision would be hundreds of
slot times, introducing significant delay. On the other hand, if each station always

286 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
delayed for either 0 or 1 slots, then if 100 stations ever tried to send at once they
would collide over and over until 99 of them picked 1 and the remaining station
picked 0. This might take years. By having the randomization interval grow ex-
ponentially as more and more consecutive collisions occur, the algorithm ensures
a low delay when only a few stations collide but also ensures that the collisions
are resolved in a reasonable interval when many stations collide. Truncating the
backoff at 1023 keeps the bound from growing too large.
If there is no collision, the sender assumes that the frame was probably suc-
cessfully delivered. That is, neither CSMA/CD nor Ethernet provides acknowl-
edgements. This choice is appropriate for wired and optical fiber channels that
have low error rates. Any errors that do occur must then be detected by the CRC
and recovered by higher layers. For wireless channels that have more errors, we
will see that acknowledgements are used.
4.3.3 Ethernet Performance
Now let us briefly examine the performance of classic Ethernet under condi-
tions of heavy and constant load, that is, with k stations always ready to transmit.
A rigorous analysis of the binary exponential backoff algorithm is complicated.
Instead, we will follow Metcalfe and Boggs (1976) and assume a constant
retransmission probability in each slot. If each station transmits during a conten-
tion slot with probability p, the probability A that some station acquires the chan-
nel in that slot is
A = kp(1 − p)k − 1 (4-5)
A is maximized when p = 1 /k, with A → 1 /e as k → ∞. The probability that the
contention interval has exactly j slots in it is A(1 − A)j − 1, so the mean number of
slots per contention is given by
j =0
Σ
∞
jA(1 − A)j − 1 =
A
1
Since each slot has a duration 2τ, the mean contention interval, w, is 2τ /A.
Assuming optimal p, the mean number of contention slots is never more than e,
so w is at most 2τe ∼∼ 5.4τ.
If the mean frame takes P sec to transmit, when many stations have frames to
send,
Channel efficiency =
P + 2τ/A
P
(4-6)
Here we see where the maximum cable distance between any two stations enters
into the performance figures. The longer the cable, the longer the contention
interval, which is why the Ethernet standard specifies a maximum cable length.

SEC. 4.3 ETHERNET 287
It is instructive to formulate Eq. (4-6) in terms of the frame length, F, the net-
work bandwidth, B, the cable length, L, and the speed of signal propagation, c,
for the optimal case of e contention slots per frame. With P = F/B, Eq. (4-6)
becomes
Channel efficiency =
1 + 2BLe /cF
1
(4-7)
When the second term in the denominator is large, network efficiency will be low.
More specifically, increasing network bandwidth or distance (the BL product)
reduces efficiency for a given frame size. Unfortunately, much research on net-
work hardware is aimed precisely at increasing this product. People want high
bandwidth over long distances (fiber optic MANs, for example), yet classic Ether-
net implemented in this manner is not the best system for these applications. We
will see other ways of implementing Ethernet in the next section.
In Fig. 4-16, the channel efficiency is plotted versus the number of ready sta-
tions for 2τ = 51.2 μsec and a data rate of 10 Mbps, using Eq. (4-7). With a 64-
byte slot time, it is not surprising that 64-byte frames are not efficient. On the
other hand, with 1024-byte frames and an asymptotic value of e 64-byte slots per
contention interval, the contention period is 174 bytes long and the efficiency is
85%. This result is much better than the 37% efficiency of slotted ALOHA.
1.0
0.9
0.8
0.7
0.6
0.5
0.4
0.3
0.2
0.1
0 1 2 4 8 16
Number of stations trying to send
C
ha
nn
el
ef
fic
ie
nc
y
32 64 128 256
1024-byte frames
512-byte frames
256-byte frames
128-byte frames
64-byte frames
Figure 4-16. Efficiency of Ethernet at 10 Mbps with 512-bit slot times.
It is probably worth mentioning that there has been a large amount of theoreti-
cal performance analysis of Ethernet (and other networks). Most of the results
should be taken with a grain (or better yet, a metric ton) of salt, for two reasons.

288 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
First, virtually all of the theoretical work assumes Poisson traffic. As researchers
have begun looking at real data, it now appears that network traffic is rarely Pois-
son. Instead, it is self-similar or bursty over a range of time scales (Paxson and
Floyd, 1995; and Leland et al., 1994). What this means is that averaging over
long periods of time does not smooth out the traffic. As well as using question-
able models, many of the analyses focus on the ‘‘interesting’’ performance cases
of abnormally high load. Boggs et al. (1988) showed by experimentation that Eth-
ernet works well in reality, even at moderately high load.
4.3.4 Switched Ethernet
Ethernet soon began to evolve away from the single long cable architecture of
classic Ethernet. The problems associated with finding breaks or loose connec-
tions drove it toward a different kind of wiring pattern, in which each station has a
dedicated cable running to a central hub. A hub simply connects all the attached
wires electrically, as if they were soldered together. This configuration is shown
in Fig. 4-17(a).
Port
Line Hub Switch
(a) (b)
Port
Line
Figure 4-17. (a) Hub. (b) Switch.
The wires were telephone company twisted pairs, since most office buildings
were already wired this way and normally plenty of spares were available. This
reuse was a win, but it did reduce the maximum cable run from the hub to 100
meters (200 meters if high quality Category 5 twisted pairs were used). Adding or
removing a station is simpler in this configuration, and cable breaks can be de-
tected easily. With the advantages of being able to use existing wiring and ease of
maintenance, twisted-pair hubs quickly became the dominant form of Ethernet.
However, hubs do not increase capacity because they are logically equivalent
to the single long cable of classic Ethernet. As more and more stations are added,
each station gets a decreasing share of the fixed capacity. Eventually, the LAN
will saturate. One way out is to go to a higher speed, say, from 10 Mbps to 100
Mbps, 1 Gbps, or even higher speeds. But with the growth of multimedia and
powerful servers, even a 1-Gbps Ethernet can become saturated.

SEC. 4.3 ETHERNET 289
Fortunately, there is an another way to deal with increased load: switched
Ethernet. The heart of this system is a switch containing a high-speed backplane
that connects all of the ports, as shown in Fig. 4-17(b). From the outside, a switch
looks just like a hub. They are both boxes, typically with 4 to 48 ports, each with
a standard RJ-45 connector for a twisted-pair cable. Each cable connects the
switch or hub to a single computer, as shown in Fig. 4-18. A switch has the same
advantages as a hub, too. It is easy to add or remove a new station by plugging or
unplugging a wire, and it is easy to find most faults since a flaky cable or port will
usually affect just one station. There is still a shared component that can fail—the
switch itself—but if all stations lose connectivity the IT folks know what to do to
fix the problem: replace the whole switch.
Switch
Twisted pair
Switch ports
Hub
Figure 4-18. An Ethernet switch.
Inside the switch, however, something very different is happening. Switches
only output frames to the ports for which those frames are destined. When a
switch port receives an Ethernet frame from a station, the switch checks the Ether-
net addresses to see which port the frame is destined for. This step requires the
switch to be able to work out which ports correspond to which addresses, a pro-
cess that we will describe in Sec. 4.8 when we get to the general case of switches
connected to other switches. For now, just assume that the switch knows the
frame’s destination port. The switch then forwards the frame over its high-speed
backplane to the destination port. The backplane typically runs at many Gbps,
using a proprietary protocol that does not need to be standardized because it is
entirely hidden inside the switch. The destination port then transmits the frame on
the wire so that it reaches the intended station. None of the other ports even
knows the frame exists.
What happens if more than one of the stations or ports wants to send a frame
at the same time? Again, switches differ from hubs. In a hub, all stations are in
the same collision domain. They must use the CSMA/CD algorithm to schedule
their transmissions. In a switch, each port is its own independent collision
domain. In the common case that the cable is full duplex, both the station and the
port can send a frame on the cable at the same time, without worrying about other
ports and stations. Collisions are now impossible and CSMA/CD is not needed.
However, if the cable is half duplex, the station and the port must contend for
transmission with CSMA/CD in the usual way.

290 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
A switch improves performance over a hub in two ways. First, since there are
no collisions, the capacity is used more efficiently. Second, and more impor-
tantly, with a switch multiple frames can be sent simultaneously (by different sta-
tions). These frames will reach the switch ports and travel over the switch’s back-
plane to be output on the proper ports. However, since two frames might be sent
to the same output port at the same time, the switch must have buffering so that it
can temporarily queue an input frame until it can be transmitted to the output port.
Overall, these improvements give a large performance win that is not possible
with a hub. The total system throughput can often be increased by an order of
magnitude, depending on the number of ports and traffic patterns.
The change in the ports on which frames are output also has security benefits.
Most LAN interfaces have a promiscuous mode, in which all frames are given to
each computer, not just those addressed to it. With a hub, every computer that is
attached can see the traffic sent between all of the other computers. Spies and
busybodies love this feature. With a switch, traffic is forwarded only to the ports
where it is destined. This restriction provides better isolation so that traffic will
not easily escape and fall into the wrong hands. However, it is better to encrypt
traffic if security is really needed.
Because the switch just expects standard Ethernet frames on each input port,
it is possible to use some of the ports as concentrators. In Fig. 4-18, the port in
the upper-right corner is connected not to a single station, but to a 12-port hub
instead. As frames arrive at the hub, they contend for the ether in the usual way,
including collisions and binary backoff. Successful frames make it through the
hub to the switch and are treated there like any other incoming frames. The
switch does not know they had to fight their way in. Once in the switch, they are
sent to the correct output line over the high-speed backplane. It is also possible
that the correct destination was one on the lines attached to the hub, in which case
the frame has already been delivered so the switch just drops it. Hubs are simpler
and cheaper than switches, but due to falling switch prices they have become an
endangered species. Modern networks largely use switched Ethernet. Neverthe-
less, legacy hubs still exist.
4.3.5 Fast Ethernet
At the same time that switches were becoming popular, the speed of 10-Mbps
Ethernet was coming under pressure. At first, 10 Mbps seemed like heaven, just
as cable modems seemed like heaven to the users of telephone modems. But the
novelty wore off quickly. As a kind of corollary to Parkinson’s Law (‘‘Work
expands to fill the time available for its completion’’), it seemed that data
expanded to fill the bandwidth available for their transmission.
Many installations needed more bandwidth and thus had numerous 10-Mbps
LANs connected by a maze of repeaters, hubs, and switches, although to the net-
work managers it sometimes felt that they were being held together by bubble

SEC. 4.3 ETHERNET 291
gum and chicken wire. But even with Ethernet switches, the maximum bandwidth
of a single computer was limited by the cable that connected it to the switch port.
It was in this environment that IEEE reconvened the 802.3 committee in 1992
with instructions to come up with a faster LAN. One proposal was to keep 802.3
exactly as it was, but just make it go faster. Another proposal was to redo it total-
ly and give it lots of new features, such as real-time traffic and digitized voice, but
just keep the old name (for marketing reasons). After some wrangling, the com-
mittee decided to keep 802.3 the way it was, and just make it go faster. This stra-
tegy would get the job done before the technology changed and avoid unforeseen
problems with a brand new design. The new design would also be backward-
compatible with existing Ethernet LANs. The people behind the losing proposal
did what any self-respecting computer-industry people would have done under
these circumstances: they stomped off and formed their own committee and stand-
ardized their LAN anyway (eventually as 802.12). It flopped miserably.
The work was done quickly (by standards committees’ norms), and the result,
802.3u, was approved by IEEE in June 1995. Technically, 802.3u is not a new
standard, but an addendum to the existing 802.3 standard (to emphasize its back-
ward compatibility). This strategy is used a lot. Since practically everyone calls
it fast Ethernet, rather than 802.3u, we will do that, too.
The basic idea behind fast Ethernet was simple: keep all the old frame for-
mats, interfaces, and procedural rules, but reduce the bit time from 100 nsec to 10
nsec. Technically, it would have been possible to copy 10-Mbps classic Ethernet
and still detect collisions on time by just reducing the maximum cable length by a
factor of 10. However, the advantages of twisted-pair wiring were so overwhelm-
ing that fast Ethernet is based entirely on this design. Thus, all fast Ethernet sys-
tems use hubs and switches; multidrop cables with vampire taps or BNC connec-
tors are not permitted.
Nevertheless, some choices still had to be made, the most important being
which wire types to support. One contender was Category 3 twisted pair. The
argument for it was that practically every office in the Western world had at least
four Category 3 (or better) twisted pairs running from it to a telephone wiring
closet within 100 meters. Sometimes two such cables existed. Thus, using
Category 3 twisted pair would make it possible to wire up desktop computers
using fast Ethernet without having to rewire the building, an enormous advantage
for many organizations.
The main disadvantage of a Category 3 twisted pair is its inability to carry
100 Mbps over 100 meters, the maximum computer-to-hub distance specified for
10-Mbps hubs. In contrast, Category 5 twisted pair wiring can handle 100 m
easily, and fiber can go much farther. The compromise chosen was to allow all
three possibilities, as shown in Fig. 4-19, but to pep up the Category 3 solution to
give it the additional carrying capacity needed.
The Category 3 UTP scheme, called 100Base-T4, used a signaling speed of
25 MHz, only 25% faster than standard Ethernet’s 20 MHz. (Remember that

292 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Name Cable Max. segment Advantages
100Base-T4 Twisted pair 100 m Uses category 3 UTP
100Base-TX Twisted pair 100 m Full duplex at 100 Mbps (Cat 5 UTP)
100Base-FX Fiber optics 2000 m Full duplex at 100 Mbps; long runs
Figure 4-19. The original fast Ethernet cabling.
Manchester encoding, discussed in Sec. 2.5, requires two clock periods for each
of the 10 million bits sent each second.) However, to achieve the necessary bit
rate, 100Base-T4 requires four twisted pairs. Of the four pairs, one is always to
the hub, one is always from the hub, and the other two are switchable to the
current transmission direction. To get 100 Mbps out of the three twisted pairs in
the transmission direction, a fairly involved scheme is used on each twisted pair.
It involves sending ternary digits with three different voltage levels. This scheme
is not likely to win any prizes for elegance, and we will skip the details. How-
ever, since standard telephone wiring for decades has had four twisted pairs per
cable, most offices are able to use the existing wiring plant. Of course, it means
giving up your office telephone, but that is surely a small price to pay for faster
email.
100Base-T4 fell by the wayside as many office buildings were rewired with
Category 5 UTP for 100Base-TX Ethernet, which came to dominate the market.
This design is simpler because the wires can handle clock rates of 125 MHz.
Only two twisted pairs per station are used, one to the hub and one from it. Nei-
ther straight binary coding (i.e., NRZ) nor Manchester coding is used. Instead, the
4B/5B encoding we described in Sec 2.5 is used. 4 data bits are encoded as 5 sig-
nal bits and sent at 125 MHz to provide 100 Mbps. This scheme is simple but has
sufficient transitions for synchronization and uses the bandwidth of the wire rela-
tively well. The 100Base-TX system is full duplex; stations can transmit at 100
Mbps on one twisted pair and receive at 100 Mbps on another twisted pair at the
same time.
The last option, 100Base-FX, uses two strands of multimode fiber, one for
each direction, so it, too, can run full duplex with 100 Mbps in each direction. In
this setup, the distance between a station and the switch can be up to 2 km.
Fast Ethernet allows interconnection by either hubs or switches. To ensure
that the CSMA/CD algorithm continues to work, the relationship between the
minimum frame size and maximum cable length must be maintained as the net-
work speed goes up from 10 Mbps to 100 Mbps. So, either the minimum frame
size of 64 bytes must go up or the maximum cable length of 2500 m must come
down, proportionally. The easy choice was for the maximum distance between
any two stations to come down by a factor of 10, since a hub with 100-m cables
falls within this new maximum already. However, 2-km 100Base-FX cables are

SEC. 4.3 ETHERNET 293
too long to permit a 100-Mbps hub with the normal Ethernet collision algorithm.
These cables must instead be connected to a switch and operate in a full-duplex
mode so that there are no collisions.
Users quickly started to deploy fast Ethernet, but they were not about to throw
away 10-Mbps Ethernet cards on older computers. As a consequence, virtually all
fast Ethernet switches can handle a mix of 10-Mbps and 100-Mbps stations. To
make upgrading easy, the standard itself provides a mechanism called auto-
negotiation that lets two stations automatically negotiate the optimum speed (10
or 100 Mbps) and duplexity (half or full). It works well most of the time but is
known to lead to duplex mismatch problems when one end of the link autonego-
tiates but the other end does not and is set to full-duplex mode (Shalunov and
Carlson, 2005). Most Ethernet products use this feature to configure themselves.
4.3.6 Gigabit Ethernet
The ink was barely dry on the fast Ethernet standard when the 802 committee
began working on a yet faster Ethernet, quickly dubbed gigabit Ethernet. IEEE
ratified the most popular form as 802.3ab in 1999. Below we will discuss some of
the key features of gigabit Ethernet. More information is given by Spurgeon
(2000).
The committee’s goals for gigabit Ethernet were essentially the same as the
committee’s goals for fast Ethernet: increase performance tenfold while maintain-
ing compatibility with all existing Ethernet standards. In particular, gigabit Ether-
net had to offer unacknowledged datagram service with both unicast and broad-
cast, use the same 48-bit addressing scheme already in use, and maintain the same
frame format, including the minimum and maximum frame sizes. The final stan-
dard met all these goals.
Like fast Ethernet, all configurations of gigabit Ethernet use point-to-point
links. In the simplest configuration, illustrated in Fig. 4-20(a), two computers are
directly connected to each other. The more common case, however, uses a switch
or a hub connected to multiple computers and possibly additional switches or
hubs, as shown in Fig. 4-20(b). In both configurations, each individual Ethernet
cable has exactly two devices on it, no more and no fewer.
Also like fast Ethernet, gigabit Ethernet supports two different modes of
operation: full-duplex mode and half-duplex mode. The ‘‘normal’’ mode is full-
duplex mode, which allows traffic in both directions at the same time. This mode
is used when there is a central switch connected to computers (or other switches)
on the periphery. In this configuration, all lines are buffered so each computer
and switch is free to send frames whenever it wants to. The sender does not have
to sense the channel to see if anybody else is using it because contention is impos-
sible. On the line between a computer and a switch, the computer is the only pos-
sible sender to the switch, and the transmission will succeed even if the switch is
currently sending a frame to the computer (because the line is full duplex). Since

294 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Switch or hub
Ethernet
(b)(a)
Ethernet
Computer
Figure 4-20. (a) A two-station Ethernet. (b) A multistation Ethernet.
no contention is possible, the CSMA/CD protocol is not used, so the maximum
length of the cable is determined by signal strength issues rather than by how long
it takes for a noise burst to propagate back to the sender in the worst case.
Switch\%es are free to mix and match speeds. Autonegotiation is supported just
as in fast Ethernet, only now the choice is among 10, 100, and 1000 Mbps.
The other mode of operation, half-duplex, is used when the computers are
connected to a hub rather than a switch. A hub does not buffer incoming frames.
Instead, it electrically connects all the lines internally, simulating the multidrop
cable used in classic Ethernet. In this mode, collisions are possible, so the stan-
dard CSMA/CD protocol is required. Because a 64-byte frame (the shortest
allowed) can now be transmitted 100 times faster than in classic Ethernet, the
maximum cable length must be 100 times less, or 25 meters, to maintain the
essential property that the sender is still transmitting when the noise burst gets
back to it, even in the worst case. With a 2500-meter-long cable, the sender of a
64-byte frame at 1 Gbps would be long finished before the frame got even a tenth
of the way to the other end, let alone to the end and back.
This length restriction was painful enough that two features were added to the
standard to increase the maximum cable length to 200 meters, which is probably
enough for most offices. The first feature, called carrier extension, essentially
tells the hardware to add its own padding after the normal frame to extend the
frame to 512 bytes. Since this padding is added by the sending hardware and
removed by the receiving hardware, the software is unaware of it, meaning that no
changes are needed to existing software. The downside is that using 512 bytes
worth of bandwidth to transmit 46 bytes of user data (the payload of a 64-byte
frame) has a line efficiency of only 9%.
The second feature, called frame bursting, allows a sender to transmit a con-
catenated sequence of multiple frames in a single transmission. If the total burst
is less than 512 bytes, the hardware pads it again. If enough frames are waiting
for transmission, this scheme is very efficient and preferred over carrier extension.

SEC. 4.3 ETHERNET 295
In all fairness, it is hard to imagine an organization buying modern computers
with gigabit Ethernet cards and then connecting them with an old-fashioned hub
to simulate classic Ethernet with all its collisions. Gigabit Ethernet interfaces and
switches used to be expensive, but their prices fell rapidly as sales volumes picked
up. Still, backward compatibility is sacred in the computer industry, so the com-
mittee was required to put it in. Today, most computers ship with an Ethernet
interface that is capable of 10-, 100-, and 1000-Mbps operation and compatible
with all of them.
Gigabit Ethernet supports both copper and fiber cabling, as listed in Fig. 4-21.
Signaling at or near 1 Gbps requires encoding and sending a bit every
nanosecond. This trick was initially accomplished with short, shielded copper
cables (the 1000Base-CX version) and optical fibers. For the optical fibers, two
wavelengths are permitted and result in two different versions: 0.85 microns
(short, for 1000Base-SX) and 1.3 microns (long, for 1000Base-LX).
Name Cable Max. segment Advantages
1000Base-SX Fiber optics 550 m Multimode fiber (50, 62.5 microns)
1000Base-LX Fiber optics 5000 m Single (10 μ) or multimode (50, 62.5 μ)
1000Base-CX 2 Pairs of STP 25 m Shielded twisted pair
1000Base-T 4 Pairs of UTP 100 m Standard category 5 UTP
Figure 4-21. Gigabit Ethernet cabling.
Signaling at the short wavelength can be achieved with cheaper LEDs. It is
used with multimode fiber and is useful for connections within a building, as it
can run up to 500 m for 50-micron fiber. Signaling at the long wavelength
requires more expensive lasers. On the other hand, when combined with single-
mode (10-micron) fiber, the cable length can be up to 5 km. This limit allows long
distance connections between buildings, such as for a campus backbone, as a
dedicated point-to-point link. Later variations of the standard allowed even longer
links over single-mode fiber.
To send bits over these versions of gigabit Ethernet, the 8B/10B encoding we
described in Sec. 2.5 was borrowed from another networking technology called
Fibre Channel. That scheme encodes 8 bits of data into 10-bit codewords that are
sent over the wire or fiber, hence the name 8B/10B. The codewords were chosen
so that they could be balanced (i.e., have the same number of 0s and 1s) with suf-
ficient transitions for clock recovery. Sending the coded bits with NRZ requires a
signaling bandwidth of 25% more than that required for the uncoded bits, a big
improvement over the 100% expansion of Manchester coding.
However, all of these options required new copper or fiber cables to support
the faster signaling. None of them made use of the large amount of Category 5
UTP that had been installed along with fast Ethernet. Within a year, 1000Base-T

296 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
came along to fill this gap, and it has been the most popular form of gigabit Ether-
net ever since. People apparently dislike rewiring their buildings.
More complicated signaling is needed to make Ethernet run at 1000 Mbps
over Category 5 wires. To start, all four twisted pairs in the cable are used, and
each pair is used in both directions at the same time by using digital signal pro-
cessing to separate signals. Over each wire, five voltage levels that carry 2 bits
are used for signaling at 125 Msymbols/sec. The mapping to produce the symbols
from the bits is not straightforward. It involves scrambling, for transitions, fol-
lowed by an error correcting code in which four values are embedded into five
signal levels.
A speed of 1 Gbps is quite fast. For example, if a receiver is busy with some
other task for even 1 msec and does not empty the input buffer on some line, up to
1953 frames may have accumulated in that gap. Also, when a computer on a
gigabit Ethernet is shipping data down the line to a computer on a classic Ether-
net, buffer overruns are very likely. As a consequence of these two observations,
gigabit Ethernet supports flow control. The mechanism consists of one end send-
ing a special control frame to the other end telling it to pause for some period of
time. These PAUSE control frames are normal Ethernet frames containing a type
of 0x8808. Pauses are given in units of the minimum frame time. For gigabit
Ethernet, the time unit is 512 nsec, allowing for pauses as long as 33.6 msec.
There is one more extension that was introduced along with gigabit Ethernet.
Jumbo frames allow for frames to be longer than 1500 bytes, usually up to 9 KB.
This extension is proprietary. It is not recognized by the standard because if it is
used then Ethernet is no longer compatible with earlier versions, but most vendors
support it anyway. The rationale is that 1500 bytes is a short unit at gigabit
speeds. By manipulating larger blocks of information, the frame rate can be
decreased, along with the processing associated with it, such as interrupting the
processor to say that a frame has arrived, or splitting up and recombining mes-
sages that were too long to fit in one Ethernet frame.
4.3.7 10-Gigabit Ethernet
As soon as gigabit Ethernet was standardized, the 802 committee got bored
and wanted to get back to work. IEEE told them to start on 10-gigabit Ethernet.
This work followed much the same pattern as the previous Ethernet standards,
with standards for fiber and shielded copper cable appearing first in 2002 and
2004, followed by the standard for copper twisted pair in 2006.
10 Gbps is a truly prodigious speed, 1000x faster than the original Ethernet.
Where could it be needed? The answer is inside data centers and exchanges to
connect high-end routers, switches, and servers, as well as in long-distance, high
bandwidth trunks between offices that are enabling entire metropolitan area net-
works based on Ethernet and fiber. The long distance connections use optical
fiber, while the short connections may use copper or fiber.

SEC. 4.3 ETHERNET 297
All versions of 10-gigabit Ethernet support only full-duplex operation.
CSMA/CD is no longer part of the design, and the standards concentrate on the
details of physical layers that can run at very high speed. Compatibility still
matters, though, so 10-gigabit Ethernet interfaces autonegotiate and fall back to
the highest speed supported by both ends of the line.
The main kinds of 10-gigabit Ethernet are listed in Fig. 4-22. Multimode
fiber with the 0.85μ (short) wavelength is used for medium distances, and single-
mode fiber at 1.3μ (long) and 1.5μ (extended) is used for long distances.
10GBase-ER can run for distances of 40 km, making it suitable for wide area
applications. All of these versions send a serial stream of information that is pro-
duced by scrambling the data bits, then encoding them with a 64B/66B code. This
encoding has less overhead than an 8B/10B code.
Name Cable Max. segment Advantages
10GBase-SR Fiber optics Up to 300 m Multimode fiber (0.85μ)
10GBase-LR Fiber optics 10 km Single-mode fiber (1.3μ)
10GBase-ER Fiber optics 40 km Single-mode fiber (1.5μ)
10GBase-CX4 4 Pairs of twinax 15 m Twinaxial copper
10GBase-T 4 Pairs of UTP 100 m Category 6a UTP
Figure 4-22. 10-Gigabit Ethernet cabling.
The first copper version defined, 10GBase-CX4, uses a cable with four pairs
of twinaxial copper wiring. Each pair uses 8B/10B coding and runs at 3.125
Gsymbols/second to reach 10 Gbps. This version is cheaper than fiber and was
early to market, but it remains to be seen whether it will be beat out in the long
run by 10-gigabit Ethernet over more garden variety twisted pair wiring.
10GBase-T is the version that uses UTP cables. While it calls for Category 6a
wiring, for shorter runs, it can use lower categories (including Category 5) to
allow some reuse of installed cabling. Not surprisingly, the physical layer is quite
involved to reach 10 Gbps over twisted pair. We will only sketch some of the
high-level details. Each of the four twisted pairs is used to send 2500 Mbps in
both directions. This speed is reached using a signaling rate of 800 Msymbols/sec
with symbols that use 16 voltage levels. The symbols are produced by scrambling
the data, protecting it with a LDPC (Low Density Parity Check) code, and further
coding for error correction.
10-gigabit Ethernet is still shaking out in the market, but the 802.3 committee
has already moved on. At the end of 2007, IEEE created a group to standardize
Ethernet operating at 40 Gbps and 100 Gbps. This upgrade will let Ethernet com-
pete in very high-performance settings, including long-distance connections in
backbone networks and short connections over the equipment backplanes. The
standard is not yet complete, but proprietary products are already available.

298 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
4.3.8 Retrospective on Ethernet
Ethernet has been around for over 30 years and has no serious competitors in
sight, so it is likely to be around for many years to come. Few CPU architectures,
operating systems, or programming languages have been king of the mountain for
three decades going on strong. Clearly, Ethernet did something right. What?
Probably the main reason for its longevity is that Ethernet is simple and flexi-
ble. In practice, simple translates into reliable, cheap, and easy to maintain. Once
the hub and switch architecture was adopted, failures became extremely rare.
People hesitate to replace something that works perfectly all the time, especially
when they know that an awful lot of things in the computer industry work very
poorly, so that many so-called ‘‘upgrades’’ are worse than what they replaced.
Simple also translates into cheap. Twisted-pair wiring is relatively inexpen-
sive as are the hardware components. They may start out expensive when there is
a transition, for example, new gigabit Ethernet NICs or switches, but they are
merely additions to a well established network (not a replacement of it) and the
prices fall quickly as the sales volume picks up.
Ethernet is easy to maintain. There is no software to install (other than the
drivers) and not much in the way of configuration tables to manage (and get
wrong). Also, adding new hosts is as simple as just plugging them in.
Another point is that Ethernet interworks easily with TCP/IP, which has
become dominant. IP is a connectionless protocol, so it fits perfectly with Ether-
net, which is also connectionless. IP fits much less well with connection-oriented
alternatives such as ATM. This mismatch definitely hurt ATM’s chances.
Lastly, and perhaps most importantly, Ethernet has been able to evolve in cer-
tain crucial ways. Speeds have gone up by several orders of magnitude and hubs
and switches have been introduced, but these changes have not required changing
the software and have often allowed the existing cabling to be reused for a time.
When a network salesman shows up at a large installation and says ‘‘I have this
fantastic new network for you. All you have to do is throw out all your hardware
and rewrite all your software,’’ he has a problem.
Many alternative technologies that you have probably not even heard of were
faster than Ethernet when they were introduced. As well as ATM, this list
includes FDDI (Fiber Distributed Data Interface) and Fibre Channel,† two ring-
based optical LANs. Both were incompatible with Ethernet. Neither one made it.
They were too complicated, which led to complex chips and high prices. The les-
son that should have been learned here was KISS (Keep It Simple, Stupid). Even-
tually, Ethernet caught up with them in terms of speed, often by borrowing some
of their technology, for example, the 4B/5B coding from FDDI and the 8B/10B
coding from Fibre Channel. Then they had no advantages left and quietly died off
or fell into specialized roles.
† It is called ‘‘Fibre Channel’’ and not ‘‘Fiber Channel’’ because the document editor was British.

SEC. 4.3 ETHERNET 299
It looks like Ethernet will continue to expand in its applications for some
time. 10-gigabit Ethernet has freed it from the distance constraints of CSMA/CD.
Much effort is being put into carrier-grade Ethernet to let network providers
offer Ethernet-based services to their customers for metropolitan and wide area
networks (Fouli and Maler, 2009). This application carries Ethernet frames long
distances over fiber and calls for better management features to help operators
offer reliable, high-quality services. Very high speed networks are also finding
uses in backplanes connecting components in large routers or servers. Both of
these uses are in addition to that of sending frames between computers in offices.
4.4 WIRELESS LANS
Wireless LANs are increasingly popular, and homes, offices, cafes, libraries,
airports, zoos, and other public places are being outfitted with them to connect
computers, PDAs, and smart phones to the Internet. Wireless LANs can also be
used to let two or more nearby computers communicate without using the Inter-
net.
The main wireless LAN standard is 802.11. We gave some background infor-
mation on it in Sec. 1.5.3. Now it is time to take a closer look at the technology.
In the following sections, we will look at the protocol stack, physical-layer radio
transmission techniques, the MAC sublayer protocol, the frame structure, and the
services provided. For more information about 802.11, see Gast (2005). To get
the truth from the mouth of the horse, consult the published standard, IEEE
802.11-2007 itself.
4.4.1 The 802.11 Architecture and Protocol Stack
802.11 networks can be used in two modes. The most popular mode is to con-
nect clients, such as laptops and smart phones, to another network, such as a com-
pany intranet or the Internet. This mode is shown in Fig. 4-23(a). In infrastructure
mode, each client is associated with an AP (Access Point) that is in turn con-
nected to the other network. The client sends and receives its packets via the AP.
Several access points may be connected together, typically by a wired network
called a distribution system, to form an extended 802.11 network. In this case,
clients can send frames to other clients via their APs.
The other mode, shown in Fig. 4-23(b), is an ad hoc network. This mode is a
collection of computers that are associated so that they can directly send frames to
each other. There is no access point. Since Internet access is the killer application
for wireless, ad hoc networks are not very popular.
Now we will look at the protocols. All the 802 protocols, including 802.11
and Ethernet, have a certain commonality of structure. A partial view of the
802.11 protocol stack is given in Fig. 4-24. The stack is the same for clients and

300 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
(a) (b)
To networkAccess
point
Client
Figure 4-23. 802.11 architecture. (a) Infrastructure mode. (b) Ad-hoc mode.
APs. The physical layer corresponds fairly well to the OSI physical layer, but the
data link layer in all the 802 protocols is split into two or more sublayers. In
802.11, the MAC (Medium Access Control) sublayer determines how the channel
is allocated, that is, who gets to transmit next. Above it is the LLC (Logical Link
Control) sublayer, whose job it is to hide the differences between the different 802
variants and make them indistinguishable as far as the network layer is concerned.
This could have been a significant responsibility, but these days the LLC is a glue
layer that identifies the protocol (e.g., IP) that is carried within an 802.11 frame.
802.11 (legacy)
Frequency
hopping
and infrared
802.11a
OFDM
802.11b
Spread
spectrum
802.11g
OFDM
802.11n
MIMO
OFDM
Logical link layer
Release date: 1997–1999 1999 1999 2003 2009
Upper
layers
Data link
layer
Physical
layer
MAC
sublayer
Figure 4-24. Part of the 802.11 protocol stack.
Several transmission techniques have been added to the physical layer as
802.11 has evolved since it first appeared in 1997. Two of the initial techniques,
infrared in the manner of television remote controls and frequency hopping in the
2.4-GHz band, are now defunct. The third initial technique, direct sequence
spread spectrum at 1 or 2 Mbps in the 2.4-GHz band, was extended to run at rates
up to 11 Mbps and quickly became a hit. It is now known as 802.11b.

SEC. 4.4 WIRELESS LANS 301
To give wireless junkies a much-wanted speed boost, new transmission tech-
niques based on the OFDM (Orthogonal Frequency Division Multiplexing)
scheme we described in Sec. 2.5.3 were introduced in 1999 and 2003. The first is
called 802.11a and uses a different frequency band, 5 GHz. The second stuck with
2.4 GHz and compatibility. It is called 802.11g. Both give rates up to 54 Mbps.
Most recently, transmission techniques that simultaneously use multiple an-
tennas at the transmitter and receiver for a speed boost were finalized as 802.11n
in Oct. 2009. With four antennas and wider channels, the 802.11 standard now
defines rates up to a startling 600 Mbps.
We will now examine each of these transmission techniques briefly. We will
only cover those that are in use, however, skipping the legacy 802.11 transmission
methods. Technically, these belong to the physical layer and should have been
examined in Chap. 2, but since they are so closely tied to LANs in general and the
802.11 LAN in particular, we treat them here instead.
4.4.2 The 802.11 Physical Layer
Each of the transmission techniques makes it possible to send a MAC frame
over the air from one station to another. They differ, however, in the technology
used and speeds achievable. A detailed discussion of these technologies is far
beyond the scope of this book, but a few words on each one will relate the techni-
ques to the material we covered in Sec. 2.5 and will provide interested readers
with the key terms to search for elsewhere for more information.
All of the 802.11 techniques use short-range radios to transmit signals in ei-
ther the 2.4-GHz or the 5-GHz ISM frequency bands, both described in Sec. 2.3.3.
These bands have the advantage of being unlicensed and hence freely available to
any transmitter willing to meet some restrictions, such as radiated power of at
most 1 W (though 50 mW is more typical for wireless LAN radios). Unfortunate-
ly, this fact is also known to the manufacturers of garage door openers, cordless
phones, microwave ovens, and countless other devices, all of which compete with
laptops for the same spectrum. The 2.4-GHz band tends to be more crowded than
the 5-GHz band, so 5 GHz can be better for some applications even though it has
shorter range due to the higher frequency.
All of the transmission methods also define multiple rates. The idea is that
different rates can be used depending on the current conditions. If the wireless
signal is weak, a low rate can be used. If the signal is clear, the highest rate can be
used. This adjustment is called rate adaptation. Since the rates vary by a factor
of 10 or more, good rate adaptation is important for good performance. Of course,
since it is not needed for interoperability, the standards do not say how rate adap-
tation should be done.
The first transmission method we shall look at is 802.11b. It is a spread-spec-
trum method that supports rates of 1, 2, 5.5, and 11 Mbps, though in practice the
operating rate is nearly always 11 Mbps. It is similar to the CDMA system we

302 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
examined in Sec. 2.5, except that there is only one spreading code that is shared
by all users. Spreading is used to satisfy the FCC requirement that power be
spread over the ISM band. The spreading sequence used by 201.11b is a Barker
sequence. It has the property that its autocorrelation is low except when the se-
quences are aligned. This property allows a receiver to lock onto the start of a
transmission. To send at a rate of 1 Mbps, the Barker sequence is used with
BPSK modulation to send 1 bit per 11 chips. The chips are transmitted at a rate of
11 Mchips/sec. To send at 2 Mbps, it is used with QPSK modulation to send 2
bits per 11 chips. The higher rates are different. These rates use a technique call-
ed CCK (Complementary Code Keying) to construct codes instead of the
Barker sequence. The 5.5-Mbps rate sends 4 bits in every 8-chip code, and the
11-Mbps rate sends 8 bits in every 8-chip code.
Next we come to 802.11a, which supports rates up to 54 Mbps in the 5-GHz
ISM band. You might have expected that 802.11a to come before 802.11b, but
that was not the case. Although the 802.11a group was set up first, the 802.11b
standard was approved first and its product got to market well ahead of the
802.11a products, partly because of the difficulty of operating in the higher 5-GHz
band.
The 802.11a method is based on OFDM (Orthogonal Frequency Division
Multiplexing) because OFDM uses the spectrum efficiently and resists wireless
signal degradations such as multipath. Bits are sent over 52 subcarriers in paral-
lel, 48 carrying data and 4 used for synchronization. Each symbol lasts 4μs and
sends 1, 2, 4, or 6 bits. The bits are coded for error correction with a binary con-
volutional code first, so only 1/2, 2/3, or 3/4 of the bits are not redundant. With
different combinations, 802.11a can run at eight different rates, ranging from 6 to
54 Mbps. These rates are significantly faster than 802.11b rates, and there is less
interference in the 5-GHz band. However, 802.11b has a range that is about seven
times greater than that of 802.11a, which is more important in many situations.
Even with the greater range, the 802.11b people had no intention of letting
this upstart win the speed championship. Fortunately, in May 2002, the FCC
dropped its long-standing rule requiring all wireless communications equipment
operating in the ISM bands in the U.S. to use spread spectrum, so it got to work
on 802.11g, which was approved by IEEE in 2003. It copies the OFDM modula-
tion methods of 802.11a but operates in the narrow 2.4-GHz ISM band along with
802.11b. It offers the same rates as 802.11a (6 to 54 Mbps) plus of course compa-
tibility with any 802.11b devices that happen to be nearby. All of these different
choices can be confusing for customers, so it is common for products to support
802.11a/b/g in a single NIC.
Not content to stop there, the IEEE committee began work on a high-through-
put physical layer called 802.11n. It was ratified in 2009. The goal for 802.11n
was throughput of at least 100 Mbps after all the wireless overheads were re-
moved. This goal called for a raw speed increase of at least a factor of four. To
make it happen, the committee doubled the channels from 20 MHz to 40 MHz and

SEC. 4.4 WIRELESS LANS 303
reduced framing overheads by allowing a group of frames to be sent together.
More significantly, however, 802.11n uses up to four antennas to transmit up to
four streams of information at the same time. The signals of the streams interfere
at the receiver, but they can be separated using MIMO (Multiple Input Multiple
Output) communications techniques. The use of multiple antennas gives a large
speed boost, or better range and reliability instead. MIMO, like OFDM, is one of
those clever communications ideas that is changing wireless designs and which
we are all likely to hear a lot about in the future. For a brief introduction to multi-
ple antennas in 802.11 see Halperin et al. (2010).
4.4.3 The 802.11 MAC Sublayer Protocol
Let us now return from the land of electrical engineering to the land of com-
puter science. The 802.11 MAC sublayer protocol is quite different from that of
Ethernet, due to two factors that are fundamental to wireless communication.
First, radios are nearly always half duplex, meaning that they cannot transmit
and listen for noise bursts at the same time on a single frequency. The received
signal can easily be a million times weaker than the transmitted signal, so it can-
not be heard at the same time. With Ethernet, a station just waits until the ether
goes silent and then starts transmitting. If it does not receive a noise burst back
while transmitting the first 64 bytes, the frame has almost assuredly been deliv-
ered correctly. With wireless, this collision detection mechanism does not work.
Instead, 802.11 tries to avoid collisions with a protocol called CSMA/CA
(CSMA with Collision Avoidance). This protocol is conceptually similar to
Ethernet’s CSMA/CD, with channel sensing before sending and exponential back
off after collisions. However, a station that has a frame to send starts with a ran-
dom backoff (except in the case that it has not used the channel recently and the
channel is idle). It does not wait for a collision. The number of slots to backoff is
chosen in the range 0 to, say, 15 in the case of the OFDM physical layer. The sta-
tion waits until the channel is idle, by sensing that there is no signal for a short
period of time (called the DIFS, as we explain below), and counts down idle slots,
pausing when frames are sent. It sends its frame when the counter reaches 0. If
the frame gets through, the destination immediately sends a short acknowledge-
ment. Lack of an acknowledgement is inferred to indicate an error, whether a col-
lision or otherwise. In this case, the sender doubles the backoff period and tries
again, continuing with exponential backoff as in Ethernet until the frame has been
successfully transmitted or the maximum number of retransmissions has been
reached.
An example timeline is shown in Fig. 4-25. Station A is the first to send a
frame. While A is sending, stations B and C become ready to send. They see that
the channel is busy and wait for it to become idle. Shortly after A receives an ac-
knowledgement, the channel goes idle. However, rather than sending a frame
right away and colliding, B and C both perform a backoff. C picks a short backoff,

304 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
and thus sends first. B pauses its countdown while it senses that C is using the
channel, and resumes after C has received an acknowledgement. B soon com-
pletes its backoff and sends its frame.
Station
A
B
C
Time
Data
Wait for idle Backoff Rest of backoff
Ack
A sends to D
B ready to send
D acks A
C sends to D D acks C
B sends to D D acks B
Data
Ack
Data
Ack
Wait for idle
Wait for idle Backoff
C ready to send
Figure 4-25. Sending a frame with CSMA/CA.
Compared to Ethernet, there are two main differences. First, starting backoffs
early helps to avoid collisions. This avoidance is worthwhile because collisions
are expensive, as the entire frame is transmitted even if one occurs. Second, ac-
knowledgements are used to infer collisions because collisions cannot be detected.
This mode of operation is called DCF (Distributed Coordination Function)
because each station acts independently, without any kind of central control. The
standard also includes an optional mode of operation called PCF (Point Coordi-
nation Function) in which the access point controls all activity in its cell, just
like a cellular base station. However, PCF is not used in practice because there is
normally no way to prevent stations in another nearby network from transmitting
competing traffic.
The second problem is that the transmission ranges of different stations may
be different. With a wire, the system is engineered so that all stations can hear
each other. With the complexities of RF propagation this situation does not hold
for wireless stations. Consequently, situations such as the hidden terminal prob-
lem mentioned earlier and illustrated again in Fig. 4-26(a) can arise. Since not all
stations are within radio range of each other, transmissions going on in one part of
a cell may not be received elsewhere in the same cell. In this example, station C
is transmitting to station B. If A senses the channel, it will not hear anything and
will falsely conclude that it may now start transmitting to B. This decision leads
to a collision.
The inverse situation is the exposed terminal problem, illustrated in Fig. 4-
26(b). Here, B wants to send to C, so it listens to the channel. When it hears a

SEC. 4.4 WIRELESS LANS 305
Range
of C’s
radio
A CB
(a)
A C
Range
of A’s
radio
B
(b)
A wants to send to B
but cannot hear that
B is busy
B wants to send to C
but mistakenly thinks
the transmission will fail
C is
transmitting
A is
transmitting
Figure 4-26. (a) The hidden terminal problem. (b) The exposed terminal problem.
transmission, it falsely concludes that it may not send to C, even though A may in
fact be transmitting to D (not shown). This decision wastes a transmission oppor-
tunity.
To reduce ambiguities about which station is sending, 802.11 defines channel
sensing to consist of both physical sensing and virtual sensing. Physical sensing
simply checks the medium to see if there is a valid signal. With virtual sensing,
each station keeps a logical record of when the channel is in use by tracking the
NAV (Network Allocation Vector). Each frame carries a NAV field that says
how long the sequence of which this frame is part will take to complete. Stations
that overhear this frame know that the channel will be busy for the period indi-
cated by the NAV, regardless of whether they can sense a physical signal. For ex-
ample, the NAV of a data frame includes the time needed to send an acknowledge-
ment. All stations that hear the data frame will defer during the acknowledgement
period, whether or not they can hear the acknowledgement.
An optional RTS/CTS mechanism uses the NAV to prevent terminals from
sending frames at the same time as hidden terminals. It is shown in Fig. 4-27. In
this example, A wants to send to B. C is a station within range of A (and possibly
within range of B, but that does not matter). D is a station within range of B but
not within range of A.
The protocol starts when A decides it wants to send data to B. A begins by
sending an RTS frame to B to request permission to send it a frame. If B receives
this request, it answers with a CTS frame to indicate that the channel is clear to
send. Upon receipt of the CTS, A sends its frame and starts an ACK timer. Upon
correct receipt of the data frame, B responds with an ACK frame, completing the
exchange. If A’s ACK timer expires before the ACK gets back to it, it is treated as
a collision and the whole protocol is run again after a backoff.

306 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
RTS DataA
CTS ACKB
C
D
NAV
NAV
Time
Figure 4-27. Virtual channel sensing using CSMA/CA.
Now let us consider this exchange from the viewpoints of C and D. C is with-
in range of A, so it may receive the RTS frame. If it does, it realizes that someone
is going to send data soon. From the information provided in the RTS request, it
can estimate how long the sequence will take, including the final ACK. So, for the
good of all, it desists from transmitting anything until the exchange is completed.
It does so by updating its record of the NAV to indicate that the channel is busy, as
shown in Fig. 4-27. D does not hear the RTS, but it does hear the CTS, so it also
updates its NAV. Note that the NAV signals are not transmitted; they are just in-
ternal reminders to keep quiet for a certain period of time.
However, while RTS/CTS sounds good in theory, it is one of those designs that
has proved to be of little value in practice. Several reasons why it is seldom used
are known. It does not help for short frames (which are sent in place of the RTS)
or for the AP (which everyone can hear, by definition). For other situations, it
only slows down operation. RTS/CTS in 802.11 is a little different than in the
MACA protocol we saw in Sec 4.2 because everyone hearing the RTS or CTS
remains quiet for the duration to allow the ACK to get through without collision.
Because of this, it does not help with exposed terminals as MACA did, only with
hidden terminals. Most often there are few hidden terminals, and CSMA/CA al-
ready helps them by slowing down stations that transmit unsuccessfully, whatever
the cause, to make it more likely that transmissions will succeed.
CSMA/CA with physical and virtual sensing is the core of the 802.11 proto-
col. However, there are several other mechanisms that have been developed to go
with it. Each of these mechanisms was driven by the needs of real operation, so
we will look at them briefly.
The first need we will look at is reliability. In contrast to wired networks,
wireless networks are noisy and unreliable, in no small part due to interference
from other kinds of devices, such as microwave ovens, which also use the unli-
censed ISM bands. The use of acknowledgements and retransmissions is of little
help if the probability of getting a frame through is small in the first place.

SEC. 4.4 WIRELESS LANS 307
The main strategy that is used to increase successful transmissions is to lower
the transmission rate. Slower rates use more robust modulations that are more
likely to be received correctly for a given signal-to-noise ratio. If too many
frames are lost, a station can lower the rate. If frames are delivered with little
loss, a station can occasionally test a higher rate to see if it should be used.
Another strategy to improve the chance of the frame getting through undam-
aged is to send shorter frames. If the probability of any bit being in error is p, the
probability of an n-bit frame being received entirely correctly is (1 − p)n . For ex-
ample, for p = 10−4, the probability of receiving a full Ethernet frame (12,144
bits) correctly is less than 30%. Most frames will be lost. But if the frames are
only a third as long (4048 bits) two thirds of them will be received correctly. Now
most frames will get through and fewer retransmissions will be needed.
Shorter frames can be implemented by reducing the maximum size of the
message that is accepted from the network layer. Alternatively, 802.11 allows
frames to be split into smaller pieces, called fragments, each with its own check-
sum. The fragment size is not fixed by the standard, but is a parameter that can be
adjusted by the AP. The fragments are individually numbered and acknowledged
using a stop-and-wait protocol (i.e., the sender may not transmit fragment k + 1
until it has received the acknowledgement for fragment k). Once the channel has
been acquired, multiple fragments are sent as a burst. They go one after the other
with an acknowledgement (and possibly retransmissions) in between, until either
the whole frame has been successfully sent or the transmission time reaches the
maximum allowed. The NAV mechanism keeps other stations quiet only until the
next acknowledgement, but another mechanism (see below) is used to allow a
burst of fragments to be sent without other stations sending a frame in the middle.
The second need we will discuss is saving power. Battery life is always an
issue with mobile wireless devices. The 802.11 standard pays attention to the
issue of power management so that clients need not waste power when they have
neither information to send nor to receive.
The basic mechanism for saving power builds on beacon frames. Beacons
are periodic broadcasts by the AP (e.g., every 100 msec). The frames advertise
the presence of the AP to clients and carry system parameters, such as the identi-
fier of the AP, the time, how long until the next beacon, and security settings.
Clients can set a power-management bit in frames that they send to the AP to
tell it that they are entering power-save mode. In this mode, the client can doze
and the AP will buffer traffic intended for it. To check for incoming traffic, the
client wakes up for every beacon, and checks a traffic map that is sent as part of
the beacon. This map tells the client if there is buffered traffic. If so, the client
sends a poll message to the AP, which then sends the buffered traffic. The client
can then go back to sleep until the next beacon is sent.
Another power-saving mechanism, called APSD (Automatic Power Save
Delivery), was also added to 802.11 in 2005. With this new mechanism, the AP
buffers frames and sends them to a client just after the client sends frames to the

308 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
AP. The client can then go to sleep until it has more traffic to send (and receive).
This mechanism works well for applications such as VoIP that have frequent traf-
fic in both directions. For example, a VoIP wireless phone might use it to send
and receive frames every 20 msec, much more frequently than the beacon interval
of 100 msec, while dozing in between.
The third and last need we will examine is quality of service. When the VoIP
traffic in the preceding example competes with peer-to-peer traffic, the VoIP traf-
fic will suffer. It will be delayed due to contention with the high-bandwidth
peer-to-peer traffic, even though the VoIP bandwidth is low. These delays are
likely to degrade the voice calls. To prevent this degradation, we would like to let
the VoIP traffic go ahead of the peer-to-peer traffic, as it is of higher priority.
IEEE 802.11 has a clever mechanism to provide this kind of quality of service
that was introduced as set of extensions under the name 802.11e in 2005. It works
by extending CSMA/CA with carefully defined intervals between frames. After a
frame has been sent, a certain amount of idle time is required before any station
may send a frame to check that the channel is no longer in use. The trick is to
define different time intervals for different kinds of frames.
Five intervals are depicted in Fig. 4-28. The interval between regular data
frames is called the DIFS (DCF InterFrame Spacing). Any station may attempt
to acquire the channel to send a new frame after the medium has been idle for
DIFS. The usual contention rules apply, and binary exponential backoff may be
needed if a collision occurs. The shortest interval is SIFS (Short InterFrame
Spacing). It is used to allow the parties in a single dialog the chance to go first.
Examples include letting the receiver send an ACK, other control frame sequences
like RTS and CTS, or letting a sender transmit a burst of fragments. Sending the
next fragment after waiting only SIFS is what prevents another station from jump-
ing in with a frame in the middle of the exchange.
ACK
SIFS
AIFS1
DIFS
EIFS
AIFS4
Control frame or next fragment may be sent here
High-priority frame here
Regular DCF frame here
Low-priority frame here
Bad frame recovery done
Time
Figure 4-28. Interframe spacing in 802.11.
The two AIFS (Arbitration InterFrame Space) intervals show examples of
two different priority levels. The short interval, AIFS1, is smaller than DIFS but
longer than SIFS. It can be used by the AP to move voice or other high-priority

SEC. 4.4 WIRELESS LANS 309
traffic to the head of the line. The AP will wait for a shorter interval before it
sends the voice traffic, and thus send it before regular traffic. The long interval,
AIFS4, is larger than DIFS. It is used for background traffic that can be deferred
until after regular traffic. The AP will wait for a longer interval before it sends
this traffic, giving regular traffic the opportunity to transmit first. The complete
quality of service mechanism defines four different priority levels that have dif-
ferent backoff parameters as well as different idle parameters.
The last time interval, EIFS (Extended InterFrame Spacing), is used only
by a station that has just received a bad or unknown frame, to report the problem.
The idea is that since the receiver may have no idea of what is going on, it should
wait a while to avoid interfering with an ongoing dialog between two stations.
A further part of the quality of service extensions is the notion of a TXOP or
transmission opportunity. The original CSMA/CA mechanism let stations send
one frame at a time. This design was fine until the range of rates increased. With
802.11a/g, one station might be sending at 6 Mbps and another station be sending
at 54 Mbps. They each get to send one frame, but the 6-Mbps station takes nine
times as long (ignoring fixed overheads) as the 54-Mbps station to send its frame.
This disparity has the unfortunate side effect of slowing down a fast sender who is
competing with a slow sender to roughly the rate of the slow sender. For example,
again ignoring fixed overheads, when sending alone the 6-Mbps and 54-Mbps
senders will get their own rates, but when sending together they will both get 5.4
Mbps on average. It is a stiff penalty for the fast sender. This issue is known as
the rate anomaly (Heusse et al., 2003).
With transmission opportunities, each station gets an equal amount of airtime,
not an equal number of frames. Stations that send at a higher rate for their airtime
will get higher throughput. In our example, when sending together the 6-Mbps and
54-Mbps senders will now get 3 Mbps and 27 Mbps, respectively.
4.4.4 The 802.11 Frame Structure
The 802.11 standard defines three different classes of frames in the air: data,
control, and management. Each of these has a header with a variety of fields used
within the MAC sublayer. In addition, there are some headers used by the physi-
cal layer, but these mostly deal with the modulation techniques used, so we will
not discuss them here.
We will look at the format of the data frame as an example. It is shown in
Fig. 4-29. First comes the Frame control field, which is made up of 11 subfields.
The first of these is the Protocol version, set to 00. It is there to allow future ver-
sions of 802.11 to operate at the same time in the same cell. Then come the Type
(data, control, or management) and Subtype fields (e.g., RTS or CTS). For a regu-
lar data frame (without quality of service), they are set to 10 and 0000 in binary.
The To DS and From DS bits are set to indicate whether the frame is going to or
coming from the network connected to the APs, which is called the distribution

310 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
system. The More fragments bit means that more fragments will follow. The
Retry bit marks a retransmission of a frame sent earlier. The Power management
bit indicates that the sender is going into power-save mode. The More data bit in-
dicates that the sender has additional frames for the receiver. The Protected
Frame bit indicates that the frame body has been encrypted for security. We will
discuss security briefly in the next section. Finally, the Order bit tells the receiver
that the higher layer expects the sequence of frames to arrive strictly in order.
Bytes 2 2 2 0–2312
SequenceAddress 1(recipient)Duration Data
Frame
control
Check
sequence
46 6 6
Address 2
(transmitter) Address 3
2 2 1 1
Subtype
= 0000
Type
= 10
Version
= 00
4 1
To
DS
From
DS
More
frag. Retry
Pwr.
mgt.
More
data Protected Order
1 11 1 1Bits
Figure 4-29. Format of the 802.11 data frame.
The second field of the data frame, the Duration field, tells how long the
frame and its acknowledgement will occupy the channel, measured in microsec-
onds. It is present in all types of frames, including control frames, and is what
stations use to manage the NAV mechanism.
Next come addresses. Data frames sent to or from an AP have three ad-
dresses, all in standard IEEE 802 format. The first address is the receiver, and the
second address is the transmitter. They are obviously needed, but what is the third
address for? Remember that the AP is simply a relay point for frames as they
travel between a client and another point on the network, perhaps a distant client
or a portal to the Internet. The third address gives this distant endpoint.
The Sequence field numbers frames so that duplicates can be detected. Of the
16 bits available, 4 identify the fragment and 12 carry a number that is advanced
with each new transmission. The Data field contains the payload, up to 2312
bytes. The first bytes of this payload are in a format known as LLC (Logical
Link Control). This layer is the glue that identifies the higher-layer protocol
(e.g., IP) to which the payloads should be passed. Last comes the Frame check
sequence, which is the same 32-bit CRC we saw in Sec. 3.2.2 and elsewhere.
Management frames have the same format as data frames, plus a format for
the data portion that varies with the subtype (e.g., parameters in beacon frames).
Control frames are short. Like all frames, they have the Frame control, Duration,
and Frame check sequence fields. However, they may have only one address and
no data portion. Most of the key information is conveyed with the Subtype field
(e.g., ACK, RTS and CTS).

SEC. 4.4 WIRELESS LANS 311
4.4.5 Services
The 802.11 standard defines the services that the clients, the access points,
and the network connecting them must be a conformant wireless LAN. These ser-
vices cluster into several groups.
The association service is used by mobile stations to connect themselves to
APs. Typically, it is used just after a station moves within radio range of the AP.
Upon arrival, the station learns the identity and capabilities of the AP, either from
beacon frames or by directly asking the AP. The capabilities include the data rates
supported, security arrangements, power-saving capabilities, quality of service
support, and more. The station sends a request to associate with the AP. The AP
may accept or reject the request.
Reassociation lets a station change its preferred AP. This facility is useful
for mobile stations moving from one AP to another AP in the same extended
802.11 LAN, like a handover in the cellular network. If it is used correctly, no
data will be lost as a consequence of the handover. (But 802.11, like Ethernet, is
just a best-effort service.) Either the station or the AP may also disassociate,
breaking their relationship. A station should use this service before shutting down
or leaving the network. The AP may use it before going down for maintenance.
Stations must also authenticate before they can send frames via the AP, but
authentication is handled in different ways depending on the choice of security
scheme. If the 802.11 network is ‘‘open,’’ anyone is allowed to use it. Otherwise,
credentials are needed to authenticate. The recommended scheme, called WPA2
(WiFi Protected Access 2), implements security as defined in the 802.11i stan-
dard. (Plain WPA is an interim scheme that implements a subset of 802.11i. We
will skip it and go straight to the complete scheme.) With WPA2, the AP can talk
to an authentication server that has a username and password database to deter-
mine if the station is allowed to access the network. Alternatively a pre-shared
key, which is a fancy name for a network password, may be configured. Several
frames are exchanged between the station and the AP with a challenge and re-
sponse that lets the station prove it has the right credentials. This exchange hap-
pens after association.
The scheme that was used before WPA is called WEP (Wired Equivalent
Privacy). For this scheme, authentication with a preshared key happens before
association. However, its use is discouraged because of design flaws that make
WEP easy to compromise. The first practical demonstration that WEP was bro-
ken came when Adam Stubblefield was a summer intern at AT&T (Stubblefield et
al., 2002). He was able to code up and test an attack in one week, much of which
was spent getting permission from management to buy the WiFi cards needed for
experiments. Software to crack WEP passwords is now freely available.
Once frames reach the AP, the distribution service determines how to route
them. If the destination is local to the AP, the frames can be sent out directly over
the air. Otherwise, they will have to be forwarded over the wired network. The

312 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
integration service handles any translation that is needed for a frame to be sent
outside the 802.11 LAN, or to arrive from outside the 802.11 LAN. The common
case here is connecting the wireless LAN to the Internet.
Data transmission is what it is all about, so 802.11 naturally provides a data
delivery service. This service lets stations transmit and receive data using the
protocols we described earlier in this chapter. Since 802.11 is modeled on Ether-
net and transmission over Ethernet is not guaranteed to be 100% reliable, trans-
mission over 802.11 is not guaranteed to be reliable either. Higher layers must
deal with detecting and correcting errors.
Wireless is a broadcast signal. For information sent over a wireless LAN to
be kept confidential, it must be encrypted. This goal is accomplished with a pri-
vacy service that manages the details of encryption and decryption. The encryp-
tion algorithm for WPA2 is based on AES (Advanced Encryption Standard), a
U.S. government standard approved in 2002. The keys that are used for en-
cryption are determined during the authentication procedure.
To handle traffic with different priorities, there is a QOS traffic scheduling
service. It uses the protocols we described to give voice and video traffic pre-
ferential treatment compared to best-effort and background traffic. A companion
service also provides higher-layer timer synchronization. This lets stations coordi-
nate their actions, which may be useful for media processing.
Finally, there are two services that help stations manage their use of the spec-
trum. The transmit power control service gives stations the information they
need to meet regulatory limits on transmit power that vary from region to region.
The dynamic frequency selection service give stations the information they need
to avoid transmitting on frequencies in the 5-GHz band that are being used for
radar in the proximity.
With these services, 802.11 provides a rich set of functionality for connecting
nearby mobile clients to the Internet. It has been a huge success, and the standard
has repeatedly been amended to add more functionality. For a perspective on
where the standard has been and where it is heading, see Hiertz et al. (2010).
4.5 BROADBAND WIRELESS
We have been indoors too long. Let us go outdoors, where there is quite a bit
of interesting networking over the so-called ‘‘last mile.’’ With the deregulation of
the telephone systems in many countries, competitors to the entrenched telephone
companies are now often allowed to offer local voice and high-speed Internet ser-
vice. There is certainly plenty of demand. The problem is that running fiber or
coax to millions of homes and businesses is prohibitively expensive. What is a
competitor to do?
The answer is broadband wireless. Erecting a big antenna on a hill just out-
side of town is much easier and cheaper than digging many trenches and stringing

SEC. 4.5 BROADBAND WIRELESS 313
cables. Thus, companies have begun to experiment with providing multimegabit
wireless communication services for voice, Internet, movies on demand, etc.
To stimulate the market, IEEE formed a group to standardize a broadband
wireless metropolitan area network. The next number available in the 802 num-
bering space was 802.16, so the standard got this number. Informally the technol-
ogy is called WiMAX (Worldwide Interoperability for Microwave Access).
We will use the terms 802.16 and WiMAX interchangeably.
The first 802.16 standard was approved in December 2001. Early versions
provided a wireless local loop between fixed points with a line of sight to each
other. This design soon changed to make WiMAX a more competitive alternative
to cable and DSL for Internet access. By January 2003, 802.16 had been revised
to support non-line-of-sight links by using OFDM technology at frequencies be-
tween 2 GHz and 10 GHz. This change made deployment much easier, though
stations were still fixed locations. The rise of 3G cellular networks posed a threat
by promising high data rates and mobility. In response, 802.16 was enhanced
again to allow mobility at vehicular speeds by December 2005. Mobile broad-
band Internet access is the target of the current standard, IEEE 802.16-2009.
Like the other 802 standards, 802.16 was heavily influenced by the OSI
model, including the (sub)layers, terminology, service primitives, and more. Un-
fortunately, also like OSI, it is fairly complicated. In fact, the WiMAX Forum
was created to define interoperable subsets of the standard for commercial offer-
ings. In the following sections, we will give a brief description of some of the
highlights of the common forms of 802.16 air interface, but this treatment is far
from complete and leaves out many details. For additional information about
WiMAX and broadband wireless in general, see Andrews et al. (2007).
4.5.1 Comparison of 802.16 with 802.11 and 3G
At this point you may be thinking: why devise a new standard? Why not just
use 802.11 or 3G? In fact, WiMAX combines aspects of both 802.11 and 3G,
making it more like a 4G technology.
Like 802.11, WiMAX is all about wirelessly connecting devices to the Inter-
net at megabit/sec speeds, instead of using cable or DSL. The devices may be
mobile, or at least portable. WiMAX did not start by adding low-rate data on the
side of voice-like cellular networks; 802.16 was designed to carry IP packets over
the air and to connect to an IP-based wired network with a minimum of fuss. The
packets may carry peer-to-peer traffic, VoIP calls, or streaming media to support a
range of applications. Also like 802.11, it is based on OFDM technology to
ensure good performance in spite of wireless signal degradations such as mul-
tipath fading, and on MIMO technology to achieve high levels of throughput.
However, WiMAX is more like 3G (and thus unlike 802.11) in several key re-
spects. The key technical problem is to achieve high capacity by the efficient use
of spectrum, so that a large number of subscribers in a coverage area can all get

314 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
high throughput. The typical distances are at least 10 times larger than for an
802.11 network. Consequently, WiMAX base stations are more powerful than
802.11 Access Points (APs). To handle weaker signals over larger distances, the
base station uses more power and better antennas, and it performs more proc-
essing to handle errors. To maximize throughput, transmissions are carefully
scheduled by the base station for each particular subscriber; spectrum use is not
left to chance with CSMA/CA, which may waste capacity with collisions.
Licensed spectrum is the expected case for WiMAX, typically around 2.5
GHz in the U.S. The whole system is substantially more optimized than 802.11.
This complexity is worth it, considering the large amount of money involved for
licensed spectrum. Unlike 802.11, the result is a managed and reliable service
with good support for quality of service.
With all of these features, 802.16 most closely resembles the 4G cellular net-
works that are now being standardized under the name LTE (Long Term Evolu-
tion). While 3G cellular networks are based on CDMA and support voice and
data, 4G cellular networks will be based on OFDM with MIMO, and they will tar-
get data, with voice as just one application. It looks like WiMAX and 4G are on a
collision course in terms of technology and applications. Perhaps this conver-
gence is unsurprising, given that the Internet is the killer application and OFDM
and MIMO are the best-known technologies for efficiently using the spectrum.
4.5.2 The 802.16 Architecture and Protocol Stack
The 802.16 architecture is shown in Fig. 4-30. Base stations connect directly
to the provider’s backbone network, which is in turn connected to the Internet.
The base stations communicate with stations over the wireless air interface. Two
kinds of stations exist. Subscriber stations remain in a fixed location, for example,
broadband Internet access for homes. Mobile stations can receive service while
they are moving, for example, a car equipped with WiMAX.
The 802.16 protocol stack that is used across the air interface is shown in
Fig. 4-31. The general structure is similar to that of the other 802 networks, but
with more sublayers. The bottom layer deals with transmission, and here we have
shown only the popular offerings of 802.16, fixed and mobile WiMAX. There is
a different physical layer for each offering. Both layers operate in licensed spec-
trum below 11 GHz and use OFDM, but in different ways.
Above the physical layer, the data link layer consists of three sublayers. The
bottom one deals with privacy and security, which is far more crucial for public
outdoor networks than for private indoor networks. It manages encryption, de-
cryption, and key management.
Next comes the MAC common sublayer part. This part is where the main
protocols, such as channel management, are located. The model here is that the
base station completely controls the system. It can schedule the downlink (i.e.,
base to subscriber) channels very efficiently and plays a major role in managing

SEC. 4.5 BROADBAND WIRELESS 315
Base
station
Mobile
stations
Subscriber
stations
Backbone network
(to Internet)
Air interface
Figure 4-30. The 802.16 architecture.
“Fixed WiMAX”
OFDM (802.16a)
“Mobile WiMAX”
Scalable OFDMA (802.16e)
Service specific convergence sublayer
Release date: 2003 2005
Upper
layers
Data link
layer
Physical
layer
MAC common sublayer
Security sublayer
IP, for example
Figure 4-31. The 802.16 protocol stack.
the uplink (i.e., subscriber to base) channels as well. An unusual feature of this
MAC sublayer is that, unlike those of the other 802 protocols, it is completely
connection oriented, in order to provide quality of service guarantees for tele-
phony and multimedia communication.
The service-specific convergence sublayer takes the place of the logical link
sublayer in the other 802 protocols. Its function is to provide an interface to the
network layer. Different convergence layers are defined to integrate seamlessly
with different upper layers. The important choice is IP, though the standard
defines mappings for protocols such as Ethernet and ATM too. Since IP is con-
nectionless and the 802.16 MAC sublayer is connection-oriented, this layer must
map between addresses and connections.

316 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
4.5.3 The 802.16 Physical Layer
Most WiMAX deployments use licensed spectrum around either 3.5 GHz or
2.5 GHz. As with 3G, finding available spectrum is a key problem. To help, the
802.16 standard is designed for flexibility. It allows operation from 2 GHz to 11
GHz. Channels of different sizes are supported, for example, 3.5 MHz for fixed
WiMAX and from 1.25 MHz to 20 MHz for mobile WiMAX.
Transmissions are sent over these channels with OFDM, the technique we de-
scribed in Sec. 2.5.3. Compared to 802.11, the 802.16 OFDM design is optimized
to make the most out of licensed spectrum and wide area transmissions. The
channel is divided into more subcarriers with a longer symbol duration to tolerate
larger wireless signal degradations; WiMAX parameters are around 20 times larg-
er than comparable 802.11 parameters. For example, in mobile WiMAX there are
512 subcarriers for a 5-MHz channel and the time to send a symbol on each
subcarrier is roughly 100 μsec.
Symbols on each subcarrier are sent with QPSK, QAM-16, or QAM-64, mod-
ulation schemes we described in Sec. 2.5.3. When the mobile or subscriber sta-
tion is near the base station and the received signal has a high signal-to-noise ratio
(SNR), QAM-64 can be used to send 6 bits per symbol. To reach distant stations
with a low SNR, QPSK can be used to deliver 2 bits per symbol. The data is first
coded for error correction with the convolutional coding (or better schemes) that
we described in Sec. 3.2.1. This coding is common on noisy channels to tolerate
some bit errors without needing to send retransmissions. In fact, the modulation
and coding methods should sound familiar by now as they are used for many net-
works we have studied, including 802.11 cable, and DSL. The net result is that a
base station can support up to 12.6 Mbps of downlink traffic and 6.2 Mbps of
uplink traffic per 5-MHz channel and pair of antennas.
One thing the designers of 802.16 did not like was a certain aspect of the way
GSM and DAMPS work. Both of those systems use equal frequency bands for
upstream and downstream traffic. That is, they implicitly assume there is as much
upstream traffic as downstream traffic. For voice, traffic is symmetric for the
most part, but for Internet access (and certainly Web surfing) there is often more
downstream traffic than upstream traffic. The ratio is often 2:1, 3:1, or more:1.
So, the designers chose a flexible scheme for dividing the channel between
stations, called OFDMA (Orthogonal Frequency Division Multiple Access).
With OFDMA, different sets of subcarriers can be assigned to different stations,
so that more than one station can send or receive at once. If this were 802.11, all
subcarriers would be used by one station to send at any given moment. The added
flexibility in how bandwidth is assigned can increase performance because a
given subcarrier might be faded at one receiver due to multipath effects but clear
at another. Subcarriers can be assigned to the stations that can use them best.
As well as having asymmetric traffic, stations usually alternate between send-
ing and receiving. This method is called TDD (Time Division Duplex). The

SEC. 4.5 BROADBAND WIRELESS 317
alternative method, in which a station sends and receives at the same time (on dif-
ferent subcarrier frequencies), is called FDD (Frequency Division Duplex).
WiMAX allows both methods, but TDD is preferred because it is easier to imple-
ment and more flexible.
Guard
Ranging
Burst
Burst
Burst
Burst
Burst
Burst
Burst
Burst
D
ow
nl
in
k
m
ap
U
pl
in
k
m
apP
re
am
bl
e
Time
S
ub
ca
rr
ie
r
UplinkDownlink
N
ex
tf
ra
m
e
La
st
fr
am
e
Figure 4-32. Frame structure for OFDMA with time division duplexing.
Fig. 4-32 shows an example of the frame structure that is repeated over time.
It starts with a preamble to synchronize all stations, followed by downlink trans-
missions from the base station. First, the base station sends maps that tell all sta-
tions how the downlink and uplink subcarriers are assigned over the frame. The
base station controls the maps, so it can allocate different amounts of bandwidth
to stations from frame to frame depending on the needs of each station.
Next, the base station sends bursts of traffic to different subscriber and mobile
stations on the subcarriers at the times given in the map. The downlink transmis-
sions end with a guard time for stations to switch from receiving to transmitting.
Finally, the subscriber and mobile stations send their bursts of traffic to the base
station in the uplink positions that were reserved for them in the map. One of
these uplink bursts is reserved for ranging, which is the process by which new
stations adjust their timing and request initial bandwidth to connect to the base
station. Since no connection is set up at this stage, new stations just transmit and
hope there is no collision.
4.5.4 The 802.16 MAC Sublayer Protocol
The data link layer is divided into three sublayers, as we saw in Fig. 4-31.
Since we will not study cryptography until Chap. 8, it is difficult to explain now
how the security sublayer works. Suffice it to say that encryption is used to keep
secret all data transmitted. Only the frame payloads are encrypted; the headers

318 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
are not. This property means that a snooper can see who is talking to whom but
cannot tell what they are saying to each other.
If you already know something about cryptography, what follows is a one-
paragraph explanation of the security sublayer. If you know nothing about crypto-
graphy, you are not likely to find the next paragraph terribly enlightening (but you
might consider rereading it after finishing Chap. 8).
When a subscriber connects to a base station, they perform mutual authentica-
tion with RSA public-key cryptography using X.509 certificates. The payloads
themselves are encrypted using a symmetric-key system, either AES (Rijndael) or
DES with cipher block chaining. Integrity checking uses SHA-1. Now that was
not so bad, was it?
Let us now look at the MAC common sublayer part. The MAC sublayer is
connection-oriented and point-to-multipoint, which means that one base station
communicates with multiple subscriber stations. Much of this design is borrowed
from cable modems, in which one cable headend controls the transmissions of
multiple cable modems at the customer premises.
The downlink direction is fairly straightforward. The base station controls the
physical-layer bursts that are used to send information to the different subscriber
stations. The MAC sublayer simply packs its frames into this structure. To reduce
overhead, there are several different options. For example, MAC frames may be
sent individually, or packed back-to-back into a group.
The uplink channel is more complicated since there are competing subscribers
that need access to it. Its allocation is tied closely to the quality of service issue.
Four classes of service are defined, as follows:
1. Constant bit rate service.
2. Real-time variable bit rate service.
3. Non-real-time variable bit rate service.
4. Best-effort service.
All service in 802.16 is connection-oriented. Each connection gets one of these
service classes, determined when the connection is set up. This design is different
from that of 802.11 or Ethernet, which are connectionless in the MAC sublayer.
Constant bit rate service is intended for transmitting uncompressed voice.
This service needs to send a predetermined amount of data at predetermined time
intervals. It is accommodated by dedicating certain bursts to each connection of
this type. Once the bandwidth has been allocated, the bursts are available auto-
matically, without the need to ask for each one.
Real-time variable bit rate service is for compressed multimedia and other
soft real-time applications in which the amount of bandwidth needed at each in-
stant may vary. It is accommodated by the base station polling the subscriber at a
fixed interval to ask how much bandwidth is needed this time.

SEC. 4.5 BROADBAND WIRELESS 319
Non-real-time variable bit rate service is for heavy transmissions that are not
real time, such as large file transfers. For this service, the base station polls the
subscriber often, but not at rigidly prescribed time intervals. Connections with
this service can also use best-effort service, described next, to request bandwidth.
Best-effort service is for everything else. No polling is done and the sub-
scriber must contend for bandwidth with other best-effort subscribers. Requests
for bandwidth are sent in bursts marked in the uplink map as available for con-
tention. If a request is successful, its success will be noted in the next downlink
map. If it is not successful, the unsuccessful subscriber have to try again later. To
minimize collisions, the Ethernet binary exponential backoff algorithm is used.
4.5.5 The 802.16 Frame Structure
All MAC frames begin with a generic header. The header is followed by an
optional payload and an optional checksum (CRC), as illustrated in Fig. 4-33.
The payload is not needed in control frames, for example, those requesting chan-
nel slots. The checksum is (surprisingly) also optional, due to the error correction
in the physical layer and the fact that no attempt is ever made to retransmit real-
time frames. If no retransmissions will be attempted, why even bother with a
checksum? But if there is a checksum, it is the standard IEEE 802 CRC, and ac-
knowledgements and retransmissions are used for reliability.
Bits
(a)
(b)
Type Length0
1 0 Type Bytes needed
EKE
C
C
I
Connection ID Data CRCHeader
CRC
Connection ID Header
CRC
1 1 6 16 16 8
1 1 1 1 126 11 16 8 4
Bits
Figure 4-33. (a) A generic frame. (b) A bandwidth request frame.
A quick rundown of the header fields of Fig. 4-33(a) follows. The EC bit tells
whether the payload is encrypted. The Type field identifies the frame type,
mostly telling whether packing and fragmentation are present. The CI field indi-
cates the presence or absence of the final checksum. The EK field tells which of
the encryption keys is being used (if any). The Length field gives the complete
length of the frame, including the header. The Connection identifier tells which
connection this frame belongs to. Finally, the Header CRC field is a checksum
over the header only, using the polynomial x 8 + x 2 + x + 1.
The 802.16 protocol has many kinds of frames. An example of a different
type of frame, one that is used to request bandwidth, is shown in Fig. 4-33(b). It

320 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
starts with a 1 bit instead of a 0 bit and is otherwise similar to the generic header
except that the second and third bytes form a 16-bit number telling how much
bandwidth is needed to carry the specified number of bytes. Bandwidth request
frames do not carry a payload or full-frame CRC.
A great deal more could be said about 802.16, but this is not the place to say
it. For more information, please consult the IEEE 802.16-2009 standard itself.
4.6 BLUETOOTH
In 1994, the L. M. Ericsson company became interested in connecting its
mobile phones to other devices (e.g., laptops) without cables. Together with four
other companies (IBM, Intel, Nokia, and Toshiba), it formed a SIG (Special Inter-
est Group, i.e., consortium) in 1998 to develop a wireless standard for intercon-
necting computing and communication devices and accessories using short-range,
low-power, inexpensive wireless radios. The project was named Bluetooth, after
Harald Blaatand (Bluetooth) II (940–981), a Viking king who unified (i.e., con-
quered) Denmark and Norway, also without cables.
Bluetooth 1.0 was released in July 1999, and since then the SIG has never
looked back. All manner of consumer electronic devices now use Bluetooth, from
mobile phones and laptops to headsets, printers, keyboards, mice, gameboxes,
watches, music players, navigation units, and more. The Bluetooth protocols let
these devices find and connect to each other, an act called pairing, and securely
transfer data.
The protocols have evolved over the past decade, too. After the initial proto-
cols stabilized, higher data rates were added to Bluetooth 2.0 in 2004. With the
3.0 release in 2009, Bluetooth can be used for device pairing in combination with
802.11 for high-throughput data transfer. The 4.0 release in December 2009 spec-
ified low-power operation. That will be handy for people who do not want to
change the batteries regularly in all of those devices around the house. We will
cover the main aspects of Bluetooth below.
4.6.1 Bluetooth Architecture
Let us start our study of the Bluetooth system with a quick overview of what
it contains and what it is intended to do. The basic unit of a Bluetooth system is a
piconet, which consists of a master node and up to seven active slave nodes with-
in a distance of 10 meters. Multiple piconets can exist in the same (large) room
and can even be connected via a bridge node that takes part in multiple piconets,
as in Fig. 4-34. An interconnected collection of piconets is called a scatternet.
In addition to the seven active slave nodes in a piconet, there can be up to 255
parked nodes in the net. These are devices that the master has switched to a low-
power state to reduce the drain on their batteries. In parked state, a device cannot

SEC. 4.6 BLUETOOTH 321
S
S
S
S
S
S
S
S
S
S
S
MM
Bridge slave
Parked
slave
Piconet 2Piconet 1
Active
slave
Figure 4-34. Two piconets can be connected to form a scatternet.
do anything except respond to an activation or beacon signal from the master.
Two intermediate power states, hold and sniff, also exist, but these will not con-
cern us here.
The reason for the master/slave design is that the designers intended to facili-
tate the implementation of complete Bluetooth chips for under $5. The conse-
quence of this decision is that the slaves are fairly dumb, basically just doing
whatever the master tells them to do. At its heart, a piconet is a centralized TDM
system, with the master controlling the clock and determining which device gets
to communicate in which time slot. All communication is between the master and
a slave; direct slave-slave communication is not possible.
4.6.2 Bluetooth Applications
Most network protocols just provide channels between communicating enti-
ties and let application designers figure out what they want to use them for. For
example, 802.11 does not specify whether users should use their notebook com-
puters for reading email, surfing the Web, or something else. In contrast, the
Bluetooth SIG specifies particular applications to be supported and provides dif-
ferent protocol stacks for each one. At the time of writing, there are 25 applica-
tions, which are called profiles. Unfortunately, this approach leads to a very large
amount of complexity. We will omit the complexity here but will briefly look at
the profiles to see more clearly what the Bluetooth SIG is trying to accomplish.
Six of the profiles are for different uses of audio and video. For example, the
intercom profile allows two telephones to connect as walkie-talkies. The headset
and hands-free profiles both provide voice communication between a headset and
its base station, as might be used for hands-free telephony while driving a car.

322 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Other profiles are for streaming stereo-quality audio and video, say, from a port-
able music player to headphones, or from a digital camera to a TV.
The human interface device profile is for connecting keyboards and mice to
computers. Other profiles let a mobile phone or other computer receive images
from a camera or send images to a printer. Perhaps of more interest is a profile to
use a mobile phone as a remote control for a (Bluetooth-enabled) TV.
Still other profiles enable networking. The personal area network profile lets
Bluetooth devices form an ad hoc network or remotely access another network,
such as an 802.11 LAN, via an access point. The dial-up networking profile was
actually the original motivation for the whole project. It allows a notebook com-
puter to connect to a mobile phone containing a built-in modem without using
wires.
Profiles for higher-layer information exchange have also been defined. The
synchronization profile is intended for loading data into a mobile phone when it
leaves home and collecting data from it when it returns.
We will skip the rest of the profiles, except to mention that some profiles
serve as building blocks on which the above profiles are built. The generic access
profile, on which all of the other profiles are built, provides a way to establish and
maintain secure links (channels) between the master and the slaves. The other
generic profiles define the basics of object exchange and audio and video tran-
sport. Utility profiles are used widely for functions such as emulating a serial
line, which is especially useful for many legacy applications.
Was it really necessary to spell out all these applications in detail and provide
different protocol stacks for each one? Probably not, but there were a number of
different working groups that devised different parts of the standard, and each one
just focused on its specific problem and generated its own profile. Think of this
as Conway’s Law in action. (In the April 1968 issue of Datamation magazine,
Melvin Conway observed that if you assign n people to write a compiler, you will
get an n-pass compiler, or more generally, the software structure mirrors the struc-
ture of the group that produced it.) It would probably have been possible to get
away with two protocol stacks instead of 25, one for file transfer and one for
streaming real-time communication.
4.6.3 The Bluetooth Protocol Stack
The Bluetooth standard has many protocols grouped loosely into the layers
shown in Fig. 4-35. The first observation to make is that the structure does not
follow the OSI model, the TCP/IP model, the 802 model, or any other model.
The bottom layer is the physical radio layer, which corresponds fairly well to
the physical layer in the OSI and 802 models. It deals with radio transmission and
modulation. Many of the concerns here have to do with the goal of making the
system inexpensive so that it can become a mass-market item.

SEC. 4.6 BLUETOOTH 323
Host-controller
interface
Upper
layers
Datalink
layer
Physical
layerRadio
Link control
(Baseband)
Link manager
L2CAP
Service
discoveryRFcomm
Applications
. . .
P
ro
fil
e
P
ro
fil
e
P
ro
fil
e
Figure 4-35. The Bluetooth protocol architecture.
The link control (or baseband) layer is somewhat analogous to the MAC sub-
layer but also includes elements of the physical layer. It deals with how the mas-
ter controls time slots and how these slots are grouped into frames.
Next come two protocols that use the link control protocol. The link manager
handles the establishment of logical channels between devices, including power
management, pairing and encryption, and quality of service. It lies below the host
controller interface line. This interface is a convenience for implementation: typi-
cally, the protocols below the line will be implemented on a Bluetooth chip, and
the protocols above the line will be implemented on the Bluetooth device that
hosts the chip.
The link protocol above the line is L2CAP (Logical Link Control Adapta-
tion Protocol). It frames variable-length messages and provides reliability if
needed. Many protocols use L2CAP, such as the two utility protocols that are
shown. The service discovery protocol is used to locate services within the net-
work. The RFcomm (Radio Frequency communication) protocol emulates the
standard serial port found on PCs for connecting the keyboard, mouse, and
modem, among other devices.
The top layer is where the applications are located. The profiles are repres-
ented by vertical boxes because they each define a slice of the protocol stack for a
particular purpose. Specific profiles, such as the headset profile, usually contain
only those protocols needed by that application and no others. For example, pro-
files may include L2CAP if they have packets to send but skip L2CAP if they
have only a steady flow of audio samples.
In the following sections, we will examine the Bluetooth radio layer and vari-
ous link protocols, since these roughly correspond to the physical and MAC
sublayers in the other procotol stacks we have studied.

324 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
4.6.4 The Bluetooth Radio Layer
The radio layer moves the bits from master to slave, or vice versa. It is a
low-power system with a range of 10 meters operating in the same 2.4-GHz ISM
band as 802.11. The band is divided into 79 channels of 1 MHz each. To coexist
with other networks using the ISM band, frequency hopping spread spectrum is
used. There can be up to 1600 hops/sec over slots with a dwell time of 625 μsec.
All the nodes in a piconet hop frequencies simultaneously, following the slot tim-
ing and pseudorandom hop sequence dictated by the master.
Unfortunately, it turned out that early versions of Bluetooth and 802.11 inter-
fered enough to ruin each other’s transmissions. Some companies responded by
banning Bluetooth altogether, but eventually a technical solution was devised.
The solution is for Bluetooth to adapt its hop sequence to exclude channels on
which there are other RF signals. This process reduces the harmful interference.
It is called adaptive frequency hopping.
Three forms of modulation are used to send bits on a channel. The basic
scheme is to use frequency shift keying to send a 1-bit symbol every microsecond,
giving a gross data rate of 1 Mbps. Enhanced rates were introduced with the 2.0
version of Bluetooth. These rates use phase shift keying to send either 2 or 3 bits
per symbol, for gross data rates of 2 or 3 Mbps. The enhanced rates are only used
in the data portion of frames.
4.6.5 The Bluetooth Link Layers
The link control (or baseband) layer is the closest thing Bluetooth has to a
MAC sublayer. It turns the raw bit stream into frames and defines some key for-
mats. In the simplest form, the master in each piconet defines a series of 625-
μsec time slots, with the master’s transmissions starting in the even slots and the
slaves’ transmissions starting in the odd ones. This scheme is traditional time di-
vision multiplexing, with the master getting half the slots and the slaves sharing
the other half. Frames can be 1, 3, or 5 slots long. Each frame has an overhead of
126 bits for an access code and header, plus a settling time of 250–260 μsec per
hop to allow the inexpensive radio circuits to become stable. The payload of the
frame can be encrypted for confidentiality with a key that is chosen when the
master and slave connect. Hops only happen between frames, not during a frame.
The result is that a 5-slot frame is much more efficient than a 1-slot frame because
the overhead is constant but more data is sent.
The link manager protocol sets up logical channels, called links, to carry
frames between the master and a slave device that have discovered each other. A
pairing procedure is followed to make sure that the two devices are allowed to
communicate before the link is used. The old pairing method is that both devices
must be configured with the same four-digit PIN (Personal Identification Num-
ber). The matching PIN is how each device would know that it was connecting to

SEC. 4.6 BLUETOOTH 325
the right remote device. However, unimaginative users and devices default to
PINs such as ‘‘0000’’ and ‘‘1234’’ meant that this method provided very little se-
curity in practice.
The new secure simple pairing method enables users to confirm that both de-
vices are displaying the same passkey, or to observe the passkey on one device
and enter it into the second device. This method is more secure because users do
not have to choose or set a PIN. They merely confirm a longer, device-generated
passkey. Of course, it cannot be used on some devices with limited input/output,
such as a hands-free headset.
Once pairing is complete, the link manager protocol sets up the links. Two
main kinds of links exist to carry user data. The first is the SCO (Synchronous
Connection Oriented) link. It is used for real-time data, such as telephone con-
nections. This type of link is allocated a fixed slot in each direction. A slave may
have up to three SCO links with its master. Each SCO link can transmit one
64,000-bps PCM audio channel. Due to the time-critical nature of SCO links,
frames sent over them are never retransmitted. Instead, forward error correction
can be used to increase reliability.
The other kind is the ACL (Asynchronous ConnectionLess) link. This type
of link is used for packet-switched data that is available at irregular intervals.
ACL traffic is delivered on a best-effort basis. No guarantees are given. Frames
can be lost and may have to be retransmitted. A slave may have only one ACL
link to its master.
The data sent over ACL links come from the L2CAP layer. This layer has
four major functions. First, it accepts packets of up to 64 KB from the upper lay-
ers and breaks them into frames for transmission. At the far end, the frames are
reassembled into packets. Second, it handles the multiplexing and demultiplexing
of multiple packet sources. When a packet has been reassembled, the L2CAP
layer determines which upper-layer protocol to hand it to, for example, RFcomm
or service discovery. Third, L2CAP handles error control and retransmission. It
detects errors and resends packets that were not acknowledged. Finally, L2CAP
enforces quality of service requirements between multiple links.
4.6.6 The Bluetooth Frame Structure
Bluetooth defines several frame formats, the most important of which is
shown in two forms in Fig. 4-36. It begins with an access code that usually identi-
fies the master so that slaves within radio range of two masters can tell which traf-
fic is for them. Next comes a 54-bit header containing typical MAC sublayer
fields. If the frame is sent at the basic rate, the data field comes next. It has up to
2744 bits for a five-slot transmission. For a single time slot, the format is the
same except that the data field is 240 bits.
If the frame is sent at the enhanced rate, the data portion may have up to two
or three times as many bits because each symbol carries 2 or 3 bits instead of 1

326 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Repeated 3 times
Bits 72 0–2744
Data (at 1X rate)Access code
54
Header
(a) Basic rate data frame, top
Data (at 2X or 3X rate)Access code Header Guard/Sync Trailer
Bits 72 54 16 0–8184 2
(b) Enhanced rate data frame, bottom
5 x 675 microsec slots
Addr Type F A S CRC
3 4 1 1 1 8
Figure 4-36. Typical Bluetooth data frame at (a) basic and (b) enhanced, data rates.
bit. These data are preceded by a guard field and a synchronization pattern that is
used to switch to the faster data rate. That is, the access code and header are car-
ried at the basic rate and only the data portion is carried at the faster rate.
Enhanced-rate frames end with a short trailer.
Let us take a quick look at the common header. The Address field identifies
which of the eight active devices the frame is intended for. The Type field identi-
fies the frame type (ACL, SCO, poll, or null), the type of error correction used in
the data field, and how many slots long the frame is. The Flow bit is asserted by a
slave when its buffer is full and cannot receive any more data. This bit enables a
primitive form of flow control. The Acknowledgement bit is used to piggyback an
ACK onto a frame. The Sequence bit is used to number the frames to detect re-
transmissions. The protocol is stop-and-wait, so 1 bit is enough. Then comes the
8-bit header Checksum. The entire 18-bit header is repeated three times to form
the 54-bit header shown in Fig. 4-36. On the receiving side, a simple circuit ex-
amines all three copies of each bit. If all three are the same, the bit is accepted. If
not, the majority opinion wins. Thus, 54 bits of transmission capacity are used to
send 10 bits of header. The reason is that to reliably send data in a noisy environ-
ment using cheap, low-powered (2.5 mW) devices with little computing capacity,
a great deal of redundancy is needed.
Various formats are used for the data field for ACL and SCO frames. The
basic-rate SCO frames are a simple example to study: the data field is always 240
bits. Three variants are defined, permitting 80, 160, or 240 bits of actual payload,
with the rest being used for error correction. In the most reliable version (80-bit
payload), the contents are just repeated three times, the same as the header.
We can work out the capacity with this frame as follows. Since the slave may
use only the odd slots, it gets 800 slots/sec, just as the master does. With an 80-bit

SEC. 4.6 BLUETOOTH 327
payload, the channel capacity from the slave is 64,000 bps as is the channel ca-
pacity from the master. This capacity is exactly enough for a single full-duplex
PCM voice channel (which is why a hop rate of 1600 hops/sec was chosen). That
is, despite a raw bandwidth of 1 Mbps, a single full-duplex uncompressed voice
channel can completely saturate the piconet. The efficiency of 13% is the result
of spending 41% of the capacity on settling time, 20% on headers, and 26% on
repetition coding. This shortcoming highlights the value of the enhanced rates
and frames of more than a single slot.
There is much more to be said about Bluetooth, but no more space to say it
here. For the curious, the Bluetooth 4.0 specification contains all the details.
4.7 RFID
We have looked at MAC designs from LANs up to MANs and down to PANs.
As a last example, we will study a category of low-end wireless devices that peo-
ple may not recognize as forming a computer network: the RFID (Radio Fre-
quency IDentification) tags and readers that we described in Sec. 1.5.4.
RFID technology takes many forms, used in smartcards, implants for pets,
passports, library books, and more. The form that we will look at was developed
in the quest for an EPC (Electronic Product Code) that started with the Auto-ID
Center at the Massachusetts Institute of Technology in 1999. An EPC is a re-
placement for a barcode that can carry a larger amount of information and is elec-
tronically readable over distances up to 10 m, even when it is not visible. It is dif-
ferent technology than, for example, the RFID used in passports,which must be
placed quite close to a reader to perform a transaction. The ability to communi-
cate over a distance makes EPCs more relevant to our studies.
EPCglobal was formed in 2003 to commercialize the RFID technology devel-
oped by the Auto-ID Center. The effort got a boost in 2005 when Walmart re-
quired its top 100 suppliers to label all shipments with RFID tags. Widespread
deployment has been hampered by the difficulty of competing with cheap printed
barcodes, but new uses, such as in drivers licenses, are now growing. We will de-
scribe the second generation of this technology, which is informally called EPC
Gen 2 (EPCglobal, 2008).
4.7.1 EPC Gen 2 Architecture
The architecture of an EPC Gen 2 RFID network is shown in Fig. 4-37. It has
two key components: tags and readers. RFID tags are small, inexpensive devices
that have a unique 96-bit EPC identifier and a small amount of memory that can
be read and written by the RFID reader. The memory might be used to record the
location history of an item, for example, as it moves through the supply chain.

328 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Often, the tags look like stickers that can be placed on, for example, pairs of
jeans on the shelves in a store. Most of the sticker is taken up by an antenna that is
printed onto it. A tiny dot in the middle is the RFID integrated circuit. Alterna-
tively, the RFID tags can be integrated into an object, such as a driver’s license. In
both cases, the tags have no battery and they must gather power from the radio
transmissions of a nearby RFID reader to run. This kind of tag is called a ‘‘Class
1’’ tag to distinguish it from more capable tags that have batteries.
RFID
reader
RFID
tag
Backscatter
signal
Reader
signal
Figure 4-37. RFID architecture.
The readers are the intelligence in the system, analogous to base stations and
access points in cellular and WiFi networks. Readers are much more powerful
than tags. They have their own power sources, often have multiple antennas, and
are in charge of when tags send and receive messages. As there will commonly
be multiple tags within the reading range, the readers must solve the multiple ac-
cess problem. There may be multiple readers that can contend with each other in
the same area, too.
The main job of the reader is to inventory the tags in the neighborhood, that
is, to discover the identifiers of the nearby tags. The inventory is accomplished
with the physical layer protocol and the tag-identification protocol that are out-
lined in the following sections.
4.7.2 EPC Gen 2 Physical Layer
The physical layer defines how bits are sent between the RFID reader and
tags. Much of it uses methods for sending wireless signals that we have seen pre-
viously. In the U.S., transmissions are sent in the unlicensed 902–928 MHz ISM
band. This band falls in the UHF (Ultra High Frequency) range, so the tags are
referred to as UHF RFID tags. The reader performs frequency hopping at least
every 400 msec to spread its signal across the channel, to limit interference and
satisfy regulatory requirements. The reader and tags use forms of ASK (Ampli-
tude Shift Keying) modulation that we described in Sec. 2.5.2 to encode bits.
They take turns to send bits, so the link is half duplex.

SEC. 4.7 RFID 329
There are two main differences from other physical layers that we have stud-
ied. The first is that the reader is always transmitting a signal, regardless of
whether it is the reader or tag that is communicating. Naturally, the reader trans-
mits a signal to send bits to tags. For the tags to send bits to the reader, the reader
transmits a fixed carrier signal that carries no bits. The tags harvest this signal to
get the power they need to run; otherwise, a tag would not be able to transmit in
the first place. To send data, a tag changes whether it is reflecting the signal from
the reader, like a radar signal bouncing off a target, or absorbing it.
This method is called backscatter. It differs from all the other wireless situa-
tions we have seen so far, in which the sender and receiver never both transmit at
the same time. Backscatter is a low-energy way for the tag to create a weak sig-
nal of its own that shows up at the reader. For the reader to decode the incoming
signal, it must filter out the outgoing signal that it is transmitting. Because the tag
signal is weak, tags can only send bits to the reader at a low rate, and tags cannot
receive or even sense transmissions from other tags.
The second difference is that very simple forms of modulation are used so that
they can be implemented on a tag that runs on very little power and costs only a
few cents to make. To send data to the tags, the reader uses two amplitude levels.
Bits are determined to be either a 0 or a 1, depending on how long the reader
waits before a low-power period. The tag measures the time between low-power
periods and compares this time to a reference measured during a preamble. As
shown in Fig. 4-38, 1s are longer than 0s.
Tag responses consist of the tag alternating its backscatter state at fixed inter-
vals to create a series of pulses in the signal. Anywhere from one to eight pulse
periods can be used to encode each 0 or 1, depending on the need for reliability.
1s have fewer transitions than 0s, as is shown with an example of two-pulse
period coding in Fig. 4-38.
Time
Power
Reader
“0”
Reader
“1”
Tag
“0”
Tag
“1”
Backscatter
Figure 4-38. Reader and tag backscatter signals.
4.7.3 EPC Gen 2 Tag Identification Layer
To inventory the nearby tags, the reader needs to receive a message from each
tag that gives the identifier for the tag. This situation is a multiple access problem
for which the number of tags is unknown in the general case. The reader might

330 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
broadcast a query to ask all tags to send their identifiers. However, tags that re-
plied right away would then collide in much the same way as stations on a classic
Ethernet.
We have seen many ways of tackling the multiple access problem in this
chapter. The closest protocol for the current situation, in which the tags cannot
hear each others’ transmissions, is slotted ALOHA, one of the earliest protocols
we studied. This protocol is adapted for use in Gen 2 RFID.
The sequence of messages used to identify a tag is shown in Fig. 4-39. In the
first slot (slot 0), the reader sends a Query message to start the process. Each
QRepeat message advances to the next slot. The reader also tells the tags the
range of slots over which to randomize transmissions. Using a range is necessary
because the reader synchronizes tags when it starts the process; unlike stations on
an Ethernet, tags do not wake up with a message at a time of their choosing.
Time
RFID tag
Query (slot 0)
RN16 (slot 2)
EPC identifier
…
QRepeat (slot1)
Ack
QRepeat (slot 2)
QRepeat (slot N)
QRepeat (slot 3)
RFID reader
Figure 4-39. Example message exchange to identify a tag.
Tags pick a random slot in which to reply. In Fig. 4-39, the tag replies in slot
2. However, tags do not send their identifiers when they first reply. Instead, a tag
sends a short 16-bit random number in an RN16 message. If there is no collision,
the reader receives this message and sends an ACK message of its own. At this
stage, the tag has acquired the slot and sends its EPC identifier.
The reason for this exchange is that EPC identifiers are long, so collisions on
these messages would be expensive. Instead, a short exchange is used to test
whether the tag can safely use the slot to send its identifier. Once its identifier has
been successfully transmitted, the tag temporarily stops responding to new Query
messages so that all the remaining tags can be identified.

SEC. 4.7 RFID 331
A key problem is for the reader to adjust the number of slots to avoid collis-
ions, but without using so many slots that performance suffers. This adjustment is
analogous to binary exponential backoff in Ethernet. If the reader sees too many
slots with no responses or too many slots with collisions, it can send a QAdjust
message to decrease or increase the range of slots over which the tags are re-
sponding.
The RFID reader can perform other operations on the tags. For example, it
can select a subset of tags before running an inventory, allowing it to collect re-
sponses from, say, tagged jeans but not tagged shirts. The reader can also write
data to tags as they are identified. This feature could be used to record the point of
sale or other relevant information.
4.7.4 Tag Identification Message Formats
The format of the Query message is shown in Fig. 4-40 as an example of a
reader-to-tag message. The message is compact because the downlink rates are
limited, from 27 kbps up to 128 kbps. The Command field carries the code 1000
to identify the message as a Query.
Physical parameters
2 4 524 1 1Bits
Command
1000 DR M TR
2 1
Session TargetSel Q CRC
Tag selection
Figure 4-40. Format of the Query message.
The next flags, DR, M, and TR, determine the physical layer parameters for
reader transmissions and tag responses. For example, the response rate may be set
to between 5 kbps and 640 kbps. We will skip over the details of these flags.
Then come three fields, Sel, Session, and Target, that select the tags to re-
spond. As well as the readers being able to select a subset of identifiers, the tags
keep track of up to four concurrent sessions and whether they have been identified
in those sessions. In this way, multiple readers can operate in overlapping cover-
age areas by using different sessions.
Next is the most important parameter for this command, Q. This field defines
the range of slots over which tags will respond, from 0 to 2Q−1. Finally, there is a
CRC to protect the message fields. At 5 bits, it is shorter than most CRCs we have
seen, but the Query message is much shorter than most packets too.
Tag-to-reader messages are simpler. Since the reader is in control, it knows
what message to expect in response to each of its transmissions. The tag re-
sponses simply carry data, such as the EPC identifier.

332 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
Originally the tags were just for identification purposes. However, they have
grown over time to resemble very small computers. Some research tags have sen-
sors and are able to run small programs to gather and process data (Sample et al.,
2008). One vision for this technology is the ‘‘Internet of things’’ that connects ob-
jects in the physical world to the Internet (Welbourne et al., 2009; and Gershen-
feld et al., 2004).
4.8 DATA LINK LAYER SWITCHING
Many organizations have multiple LANs and wish to connect them. Would it
not be convenient if we could just join the LANs together to make a larger LAN?
In fact, we can do this when the connections are made with devices called
bridges. The Ethernet switches we described in Sec. 4.3.4 are a modern name for
bridges; they provide functionality that goes beyond classic Ethernet and Ethernet
hubs to make it easy to join multiple LANs into a larger and faster network. We
shall use the terms ‘‘bridge’’ and ‘‘switch’’ interchangeably.
Bridges operate in the data link layer, so they examine the data link layer ad-
dresses to forward frames. Since they are not supposed to examine the payload
field of the frames they forward, they can handle IP packets as well as other kinds
of packets, such as AppleTalk packets. In contrast, routers examine the addresses
in packets and route based on them, so they only work with the protocols that they
were designed to handle.
In this section, we will look at how bridges work and are used to join multiple
physical LANs into a single logical LAN. We will also look at how to do the re-
verse and treat one physical LAN as multiple logical LANs, called VLANs (Vir-
tual LANs). Both technologies provide useful flexibility for managing networks.
For a comprehensive treatment of bridges, switches, and related topics, see Seifert
and Edwards (2008) and Perlman (2000).
4.8.1 Uses of Bridges
Before getting into the technology of bridges, let us take a look at some com-
mon situations in which bridges are used. We will mention three reasons why a
single organization may end up with multiple LANs.
First, many university and corporate departments have their own LANs to
connect their own personal computers, servers, and devices such as printers.
Since the goals of the various departments differ, different departments may set
up different LANs, without regard to what other departments are doing. Sooner
or later, though, there is a need for interaction, so bridges are needed. In this ex-
ample, multiple LANs come into existence due to the autonomy of their owners.

SEC. 4.8 DATA LINK LAYER SWITCHING 333
Second, the organization may be geographically spread over several buildings
separated by considerable distances. It may be cheaper to have separate LANs in
each building and connect them with bridges and a few long-distance fiber optic
links than to run all the cables to a single central switch. Even if laying the cables
is easy to do, there are limits on their lengths (e.g., 200 m for twisted-pair gigabit
Ethernet). The network would not work for longer cables due to the excessive
signal attenuation or round-trip delay. The only solution is to partition the LAN
and install bridges to join the pieces to increase the total physical distance that can
be covered.
Third, it may be necessary to split what is logically a single LAN into sepa-
rate LANs (connected by bridges) to accommodate the load. At many large uni-
versities, for example, thousands of workstations are available for student and
faculty computing. Companies may also have thousands of employees. The scale
of this system precludes putting all the workstations on a single LAN—there are
more computers than ports on any Ethernet hub and more stations than allowed on
a single classic Ethernet.
Even if it were possible to wire all the workstations together, putting more
stations on an Ethernet hub or classic Ethernet would not add capacity. All of the
stations share the same, fixed amount of bandwidth. The more stations there are,
the less average bandwidth per station.
However, two separate LANs have twice the capacity of a single LAN.
Bridges let the LANs be joined together while keeping this capacity. The key is
not to send traffic onto ports where it is not needed, so that each LAN can run at
full speed. This behavior also increases reliability, since on a single LAN a defec-
tive node that keeps outputting a continuous stream of garbage can clog up the en-
tire LAN. By deciding what to forward and what not to forward, bridges act like
fire doors in a building, preventing a single node that has gone berserk from bring-
ing down the entire system.
To make these benefits easily available, ideally bridges should be completely
transparent. It should be possible to go out and buy bridges, plug the LAN cables
into the bridges, and have everything work perfectly, instantly. There should be
no hardware changes required, no software changes required, no setting of address
switches, no downloading of routing tables or parameters, nothing at all. Just plug
in the cables and walk away. Furthermore, the operation of the existing LANs
should not be affected by the bridges at all. As far as the stations are concerned,
there should be no observable difference whether or not they are part of a bridged
LAN. It should be as easy to move stations around the bridged LAN as it is to
move them around a single LAN.
Surprisingly enough, it is actually possible to create bridges that are transpar-
ent. Two algorithms are used: a backward learning algorithm to stop traffic being
sent where it is not needed; and a spanning tree algorithm to break loops that may
be formed when switches are cabled together willy-nilly. Let us now take a look
at these algorithms in turn to learn how this magic is accomplished.

334 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
4.8.2 Learning Bridges
The topology of two LANs bridged together is shown in Fig. 4-41 for two
cases. On the left-hand side, two multidrop LANs, such as classic Ethernets, are
joined by a special station—the bridge—that sits on both LANs. On the right-hand
side, LANs with point-to-point cables, including one hub, are joined together. The
bridges are the devices to which the stations and hub are attached. If the LAN
technology is Ethernet, the bridges are better known as Ethernet switches.
(a) (b)
A D
Bridge
B1
1 2
Port
B
C
E
G
F
C
Bridge
B1 B2
A
B
G
D
H1
Port
1
2
1
3 4
2
34 F
E
Hub
Figure 4-41. (a) Bridge connecting two multidrop LANs. (b) Bridges (and a
hub) connecting seven point-to-point stations.
Bridges were developed when classic Ethernets were in use, so they are often
shown in topologies with multidrop cables, as in Fig. 4-41(a). However, all the
topologies that are encountered today are comprised of point-to-point cables and
switches. The bridges work the same way in both settings. All of the stations at-
tached to the same port on a bridge belong to the same collision domain, and this
is different than the collision domain for other ports. If there is more than one sta-
tion, as in a classic Ethernet, a hub, or a half-duplex link, the CSMA/CD protocol
is used to send frames.
There is a difference, however, in how the bridged LANs are built. To bridge
multidrop LANs, a bridge is added as a new station on each of the multidrop
LANs, as in Fig. 4-41(a). To bridge point-to-point LANs, the hubs are either con-
nected to a bridge or, preferably, replaced with a bridge to increase performance.
In Fig. 4-41(b), bridges have replaced all but one hub.
Different kinds of cables can also be attached to one bridge. For example, the
cable connecting bridge B1 to bridge B2 in Fig. 4-41(b) might be a long-distance
fiber optic link, while the cable connecting the bridges to stations might be a
short-haul twisted-pair line. This arrangement is useful for bridging LANs in dif-
ferent buildings.
Now let us consider what happens inside the bridges. Each bridge operates in
promiscuous mode, that is, it accepts every frame transmitted by the stations

SEC. 4.8 DATA LINK LAYER SWITCHING 335
attached to each of its ports. The bridge must decide whether to forward or dis-
card each frame, and, if the former, on which port to output the frame. This decis-
ion is made by using the destination address. As an example, consider the topo-
logy of Fig. 4-41(a). If station A sends a frame to station B, bridge B1 will receive
the frame on port 1. This frame can be immediately discarded without further ado
because it is already on the correct port. However, in the topology of Fig. 4-41(b)
suppose that A sends a frame to D. Bridge B1 will receive the frame on port 1 and
output it on port 4. Bridge B2 will then receive the frame on its port 4 and output
it on its port 1.
A simple way to implement this scheme is to have a big (hash) table inside the
bridge. The table can list each possible destination and which output port it be-
longs on. For example, in Fig. 4-41(b), the table at B1 would list D as belonging
to port 4, since all B1 has to know is which port to put frames on to reach D.
That, in fact, more forwarding will happen later when the frame hits B2 is not of
interest to B1.
When the bridges are first plugged in, all the hash tables are empty. None of
the bridges know where any of the destinations are, so they use a flooding algo-
rithm: every incoming frame for an unknown destination is output on all the ports
to which the bridge is connected except the one it arrived on. As time goes on,
the bridges learn where destinations are. Once a destination is known, frames
destined for it are put only on the proper port; they are not flooded.
The algorithm used by the bridges is backward learning. As mentioned
above, the bridges operate in promiscuous mode, so they see every frame sent on
any of their ports. By looking at the source addresses, they can tell which ma-
chines are accessible on which ports. For example, if bridge B1 in Fig. 4-41(b)
sees a frame on port 3 coming from C, it knows that C must be reachable via port
3, so it makes an entry in its hash table. Any subsequent frame addressed to C
coming in to B1 on any other port will be forwarded to port 3.
The topology can change as machines and bridges are powered up and down
and moved around. To handle dynamic topologies, whenever a hash table entry is
made, the arrival time of the frame is noted in the entry. Whenever a frame
whose source is already in the table arrives, its entry is updated with the current
time. Thus, the time associated with every entry tells the last time a frame from
that machine was seen.
Periodically, a process in the bridge scans the hash table and purges all entries
more than a few minutes old. In this way, if a computer is unplugged from its
LAN, moved around the building, and plugged in again somewhere else, within a
few minutes it will be back in normal operation, without any manual intervention.
This algorithm also means that if a machine is quiet for a few minutes, any traffic
sent to it will have to be flooded until it next sends a frame itself.
The routing procedure for an incoming frame depends on the port it arrives on
(the source port) and the address to which it is destined (the destination address).
The procedure is as follows.

336 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
1. If the port for the destination address is the same as the source port,
discard the frame.
2. If the port for the destination address and the source port are dif-
ferent, forward the frame on to the destination port.
3. If the destination port is unknown, use flooding and send the frame
on all ports except the source port.
You might wonder whether the first case can occur with point-to-point links. The
answer is that it can occur if hubs are used to connect a group of computers to a
bridge. An example is shown in Fig. 4-41(b) where stations E and F are connected
to hub H 1, which is in turn connected to bridge B2. If E sends a frame to F, the
hub will relay it to B2 as well as to F. That is what hubs do—they wire all ports
together so that a frame input on one port is simply output on all other ports. The
frame will arrive at B2 on port 4, which is already the right output port to reach
the destination. Bridge B2 need only discard the frame.
As each frame arrives, this algorithm must be applied, so it is usually imple-
mented with special-purpose VLSI chips. The chips do the lookup and update the
table entry, all in a few microseconds. Because bridges only look at the MAC ad-
dresses to decide how to forward frames, it is possible to start forwarding as soon
as the destination header field has come in, before the rest of the frame has arrived
(provided the output line is available, of course). This design reduces the latency
of passing through the bridge, as well as the number of frames that the bridge
must be able to buffer. It is referred to as cut-through switching or wormhole
routing and is usually handled in hardware.
We can look at the operation of a bridge in terms of protocol stacks to under-
stand what it means to be a link layer device. Consider a frame sent from station A
to station D in the configuration of Fig. 4-41(a), in which the LANs are Ethernet.
The frame will pass through one bridge. The protocol stack view of processing is
shown in Fig. 4-42.
The packet comes from a higher layer and descends into the Ethernet MAC
layer. It acquires an Ethernet header (and also a trailer, not shown in the figure).
This unit is passed to the physical layer, goes out over the cable, and is picked up
by the bridge.
In the bridge, the frame is passed up from the physical layer to the Ethernet
MAC layer. This layer has extended processing compared to the Ethernet MAC
layer at a station. It passes the frame to a relay, still within the MAC layer. The
bridge relay function uses only the Ethernet MAC header to determine how to
handle the frame. In this case, it passes the frame to the Ethernet MAC layer of
the port used to reach station D, and the frame continues on its way.
In the general case, relays at a given layer can rewrite the headers for that
layer. VLANs will provide an example shortly. In no case should the bridge look
inside the frame and learn that it is carrying an IP packet; that is irrelevant to the

SEC. 4.8 DATA LINK LAYER SWITCHING 337
Eth
Eth
Packet
Packet
Packet
Relay
Network
Ethernet
MAC
Physical
Bridge
Station DStation A
Wire Wire
Eth
Eth
Packet
Packet
Packet
Eth Packet
Eth Packet Eth Packet
Eth Packet
Figure 4-42. Protocol processing at a bridge.
bridge processing and would violate protocol layering. Also note that a bridge
with k ports will have k instances of MAC and physical layers. The value of k is 2
for our simple example.
4.8.3 Spanning Tree Bridges
To increase reliability, redundant links can be used between bridges. In the
example of Fig. 4-43, there are two links in parallel between a pair of bridges.
This design ensures that if one link is cut, the network will not be partitioned into
two sets of computers that cannot talk to each other.
Frame F0
Bridge
B1
A
B2
Redundant links
F1
F2
F3
F4
Figure 4-43. Bridges with two parallel links.
However, this redundancy introduces some additional problems because it
creates loops in the topology. An example of these problems can be seen by look-
ing at how a frame sent by A to a previously unobserved destination is handled in
Fig. 4-43. Each bridge follows the normal rule for handling unknown destina-
tions, which is to flood the frame. Call the frame from A that reaches bridge B1
frame F 0. The bridge sends copies of this frame out all of its other ports. We

338 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
will only consider the bridge ports that connect B1 to B2 (though the frame will be
sent out the other ports, too). Since there are two links from B1 to B2, two copies
of the frame will reach B2. They are shown in Fig. 4-43 as F 1 and F 2.
Shortly thereafter, bridge B2 receives these frames. However, it does not (and
cannot) know that they are copies of the same frame, rather than two different
frames sent one after the other. So bridge B2 takes F 1 and sends copies of it out
all the other ports, and it also takes F 2 and sends copies of it out all the other
ports. This produces frames F 3 and F 4 that are sent along the two links back to
B1. Bridge B1 then sees two new frames with unknown destinations and copies
them again. This cycle goes on forever.
The solution to this difficulty is for the bridges to communicate with each
other and overlay the actual topology with a spanning tree that reaches every
bridge. In effect, some potential connections between bridges are ignored in the
interest of constructing a fictitious loop-free topology that is a subset of the actual
topology.
For example, in Fig. 4-44 we see five bridges that are interconnected and also
have stations connected to them. Each station connects to only one bridge. There
are some redundant connections between the bridges so that frames will be for-
warded in loops if all of the links are used. This topology can be thought of as a
graph in which the bridges are the nodes and the point-to-point links are the
edges. The graph can be reduced to a spanning tree, which has no cycles by defi-
nition, by dropping the links shown as dashed lines in Fig. 4-44. Using this span-
ning tree, there is exactly one path from every station to every other station. Once
the bridges have agreed on the spanning tree, all forwarding between stations fol-
lows the spanning tree. Since there is a unique path from each source to each
destination, loops are impossible.
Bridge
Station
B1
B2
B3
B4
B5
Link that is not part
of the spanning tree
Root
bridge
Figure 4-44. A spanning tree connecting five bridges. The dashed lines are
links that are not part of the spanning tree.
To build the spanning tree, the bridges run a distributed algorithm. Each
bridge periodically broadcasts a configuration message out all of its ports to its

SEC. 4.8 DATA LINK LAYER SWITCHING 339
neighbors and processes the messages it receives from other bridges, as described
next. These messages are not forwarded, since their purpose is to build the tree,
which can then be used for forwarding.
The bridges must first choose one bridge to be the root of the spanning tree.
To make this choice, they each include an identifier based on their MAC address
in the configuration message, as well as the identifier of the bridge they believe to
be the root. MAC addresses are installed by the manufacturer and guaranteed to
be unique worldwide, which makes these identifiers convenient and unique. The
bridges choose the bridge with the lowest identifier to be the root. After enough
messages have been exchanged to spread the news, all bridges will agree on
which bridge is the root. In Fig. 4-44, bridge B1 has the lowest identifier and be-
comes the root.
Next, a tree of shortest paths from the root to every bridge is constructed. In
Fig. 4-44, bridges B2 and B3 can each be reached from bridge B1 directly, in one
hop that is a shortest path. Bridge B4 can be reached in two hops, via either B2 or
B3. To break this tie, the path via the bridge with the lowest identifier is chosen,
so B4 is reached via B2. Bridge B5 can be reached in two hops via B3.
To find these shortest paths, bridges include the distance from the root in their
configuration messages. Each bridge remembers the shortest path it finds to the
root. The bridges then turn off ports that are not part of the shortest path.
Although the tree spans all the bridges, not all the links (or even bridges) are
necessarily present in the tree. This happens because turning off the ports prunes
some links from the network to prevent loops. Even after the spanning tree has
been established, the algorithm continues to run during normal operation to auto-
matically detect topology changes and update the tree.
The algorithm for constructing the spanning tree was invented by Radia Perl-
man. Her job was to solve the problem of joining LANs without loops. She was
given a week to do it, but she came up with the idea for the spanning tree algo-
rithm in a day. Fortunately, this left her enough time to write it as a poem (Perl-
man, 1985):
I think that I shall never see
A graph more lovely than a tree.
A tree whose crucial property
Is loop-free connectivity.
A tree which must be sure to span.
So packets can reach every LAN.
First the Root must be selected
By ID it is elected.
Least cost paths from Root are traced
In the tree these paths are placed.
A mesh is made by folks like me
Then bridges find a spanning tree.

340 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
The spanning tree algorithm was then standardized as IEEE 802.1D and used for
many years. In 2001, it was revised to more rapidly find a new spanning tree after
a topology change. For a detailed treatment of bridges, see Perlman (2000).
4.8.4 Repeaters, Hubs, Bridges, Switches, Routers, and Gateways
So far in this book, we have looked at a variety of ways to get frames and
packets from one computer to another. We have mentioned repeaters, hubs,
bridges, switches, routers, and gateways. All of these devices are in common use,
but they all differ in subtle and not-so-subtle ways. Since there are so many of
them, it is probably worth taking a look at them together to see what the simi-
larities and differences are.
The key to understanding these devices is to realize that they operate in dif-
ferent layers, as illustrated in Fig. 4-45(a). The layer matters because different
devices use different pieces of information to decide how to switch. In a typical
scenario, the user generates some data to be sent to a remote machine. Those data
are passed to the transport layer, which then adds a header (for example, a TCP
header) and passes the resulting unit down to the network layer. The network
layer adds its own header to form a network layer packet (e.g., an IP packet). In
Fig. 4-45(b), we see the IP packet shaded in gray. Then the packet goes to the
data link layer, which adds its own header and checksum (CRC) and gives the re-
sulting frame to the physical layer for transmission, for example, over a LAN.
Application layer Application gateway
Transport layer Transport gateway
Network layer Router
Frame
header
Packet
header
TCP
header
Packet (supplied by network layer)
Frame (built by data link layer)
(b)(a)
User
data
CRC
Data link layer Bridge, switch
Physical layer Repeater, hub
Figure 4-45. (a) Which device is in which layer. (b) Frames, packets, and
headers.
Now let us look at the switching devices and see how they relate to the pack-
ets and frames. At the bottom, in the physical layer, we find the repeaters. These
are analog devices that work with signals on the cables to which they are con-
nected. A signal appearing on one cable is cleaned up, amplified, and put out on
another cable. Repeaters do not understand frames, packets, or headers. They un-
derstand the symbols that encode bits as volts. Classic Ethernet, for example, was

SEC. 4.8 DATA LINK LAYER SWITCHING 341
designed to allow four repeaters that would boost the signal to extend the maxi-
mum cable length from 500 meters to 2500 meters.
Next we come to the hubs. A hub has a number of input lines that it joins
electrically. Frames arriving on any of the lines are sent out on all the others. If
two frames arrive at the same time, they will collide, just as on a coaxial cable.
All the lines coming into a hub must operate at the same speed. Hubs differ from
repeaters in that they do not (usually) amplify the incoming signals and are de-
signed for multiple input lines, but the differences are slight. Like repeaters, hubs
are physical layer devices that do not examine the link layer addresses or use them
in any way.
Now let us move up to the data link layer, where we find bridges and switch-
es. We just studied bridges at some length. A bridge connects two or more
LANs. Like a hub, a modern bridge has multiple ports, usually enough for 4 to 48
input lines of a certain type. Unlike in a hub, each port is isolated to be its own
collision domain; if the port has a full-duplex point-to-point line, the CSMA/CD
algorithm is not needed. When a frame arrives, the bridge extracts the destination
address from the frame header and looks it up in a table to see where to send the
frame. For Ethernet, this address is the 48-bit destination address shown in
Fig. 4-14. The bridge only outputs the frame on the port where it is needed and
can forward multiple frames at the same time.
Bridges offer much better performance than hubs, and the isolation between
bridge ports also means that the input lines may run at different speeds, possibly
even with different network types. A common example is a bridge with ports that
connect to 10-, 100-, and 1000-Mbps Ethernet. Buffering within the bridge is
needed to accept a frame on one port and transmit the frame out on a different
port. If frames come in faster than they can be retransmitted, the bridge may run
out of buffer space and have to start discarding frames. For example, if a gigabit
Ethernet is pouring bits into a 10-Mbps Ethernet at top speed, the bridge will have
to buffer them, hoping not to run out of memory. This problem still exists even if
all the ports run at the same speed because more than one port may be sending
frames to a given destination port.
Bridges were originally intended to be able to join different kinds of LANs,
for example, an Ethernet and a Token Ring LAN. However, this never worked
well because of differences between the LANs. Different frame formats require
copying and reformatting, which takes CPU time, requires a new checksum calcu-
lation, and introduces the possibility of undetected errors due to bad bits in the
bridge’s memory. Different maximum frame lengths are also a serious problem
with no good solution. Basically, frames that are too large to be forwarded must
be discarded. So much for transparency.
Two other areas where LANs can differ are security and quality of service.
Some LANs have link-layer encryption, for example 802.11, and some do not, for
example Ethernet. Some LANs have quality of service features such as priorities,
for example 802.11, and some do not, for example Ethernet. Consequently, when

342 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
a frame must travel between these LANs, the security or quality of service expect-
ed by the sender may not be able to be provided. For all of these reasons, modern
bridges usually work for one network type, and routers, which we will come to
soon, are used instead to join networks of different types.
Switches are modern bridges by another name. The differences are more to
do with marketing than technical issues, but there are a few points worth knowing.
Bridges were developed when classic Ethernet was in use, so they tend to join rel-
atively few LANs and thus have relatively few ports. The term ‘‘switch’’ is more
popular nowadays. Also, modern installations all use point-to-point links, such as
twisted-pair cables, so individual computers plug directly into a switch and thus
the switch will tend to have many ports. Finally, ‘‘switch’’ is also used as a gen-
eral term. With a bridge, the functionality is clear. On the other hand, a switch
may refer to an Ethernet switch or a completely different kind of device that
makes forwarding decisions, such as a telephone switch.
So far, we have seen repeaters and hubs, which are actually quite similar, as
well as bridges and switches, which are even more similar to each other. Now we
move up to routers, which are different from all of the above. When a packet
comes into a router, the frame header and trailer are stripped off and the packet lo-
cated in the frame’s payload field (shaded in Fig. 4-45) is passed to the routing
software. This software uses the packet header to choose an output line. For an
IP packet, the packet header will contain a 32-bit (IPv4) or 128-bit (IPv6) address,
but not a 48-bit IEEE 802 address. The routing software does not see the frame
addresses and does not even know whether the packet came in on a LAN or a
point-to-point line. We will study routers and routing in Chap. 5.
Up another layer, we find transport gateways. These connect two computers
that use different connection-oriented transport protocols. For example, suppose a
computer using the connection-oriented TCP/IP protocol needs to talk to a com-
puter using a different connection-oriented transport protocol called SCTP. The
transport gateway can copy the packets from one connection to the other, refor-
matting them as need be.
Finally, application gateways understand the format and contents of the data
and can translate messages from one format to another. An email gateway could
translate Internet messages into SMS messages for mobile phones, for example.
Like ‘‘switch,’’ ‘‘gateway’’ is somewhat of a general term. It refers to a for-
warding process that runs at a high layer.
4.8.5 Virtual LANs
In the early days of local area networking, thick yellow cables snaked through
the cable ducts of many office buildings. Every computer they passed was
plugged in. No thought was given to which computer belonged on which LAN.
All the people in adjacent offices were put on the same LAN, whether they be-
longed together or not. Geography trumped corporate organization charts.

SEC. 4.8 DATA LINK LAYER SWITCHING 343
With the advent of twisted pair and hubs in the 1990s, all that changed.
Buildings were rewired (at considerable expense) to rip out all the yellow garden
hoses and install twisted pairs from every office to central wiring closets at the
end of each corridor or in a central machine room, as illustrated in Fig. 4-46. If
the Vice President in Charge of Wiring was a visionary, Category 5 twisted pairs
were installed; if he was a bean counter, the existing (Category 3) telephone wir-
ing was used (only to be replaced a few years later, when fast Ethernet emerged).
Twisted pair
to a hub
Office
Switch
Hub
Hub
Corr idor
Cable
duct
Figure 4-46. A building with centralized wiring using hubs and a switch.
Today, the cables have changed and hubs have become switches, but the wir-
ing pattern is still the same. This pattern makes it possible to configure LANs
logically rather than physically. For example, if a company wants k LANs, it
could buy k switches. By carefully choosing which connectors to plug into which
switches, the occupants of a LAN can be chosen in a way that makes organiza-
tional sense, without too much regard to geography.
Does it matter who is on which LAN? After all, in nearly all organizations,
all the LANs are interconnected. In short, yes, it often matters. Network adminis-
trators like to group users on LANs to reflect the organizational structure rather
than the physical layout of the building, for a variety of reasons. One issue is se-
curity. One LAN might host Web servers and other computers intended for public
use. Another LAN might host computers containing the records of the Human Re-
sources department that are not to be passed outside of the department. In such a
situation, putting all the computers on a single LAN and not letting any of the ser-
vers be accessed from off the LAN makes sense. Management tends to frown
when hearing that such an arrangement is impossible.

344 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
A second issue is load. Some LANs are more heavily used than others and it
may be desirable to separate them. For example, if the folks in research are run-
ning all kinds of nifty experiments that sometimes get out of hand and saturate
their LAN, the folks in management may not be enthusiastic about donating some
of the capacity they were using for videoconferencing to help out. Then again,
this might impress on management the need to install a faster network.
A third issue is broadcast traffic. Bridges broadcast traffic when the location
of the destination is unknown, and upper-layer protocols use broadcasting as well.
For example, when a user wants to send a packet to an IP address x, how does it
know which MAC address to put in the frame? We will study this question in
Chap. 5, but briefly summarized, the answer is that it broadcasts a frame con-
taining the question ‘‘who owns IP address x?’’ Then it waits for an answer. As
the number of computers in a LAN grows, so does the number of broadcasts. Each
broadcast consumes more of the LAN capacity than a regular frame because it is
delivered to every computer on the LAN. By keeping LANs no larger than they
need to be, the impact of broadcast traffic is reduced.
Related to broadcasts is the problem that once in a while a network interface
will break down or be misconfigured and begin generating an endless stream of
broadcast frames. If the network is really unlucky, some of these frames will elicit
responses that lead to ever more traffic. The result of this broadcast storm is that
(1) the entire LAN capacity is occupied by these frames, and (2) all the machines
on all the interconnected LANs are crippled just processing and discarding all the
frames being broadcast.
At first it might appear that broadcast storms could be limited in scope by
separating the LANs with bridges or switches, but if the goal is to achieve tran-
sparency (i.e., a machine can be moved to a different LAN across the bridge with-
out anyone noticing it), then bridges have to forward broadcast frames.
Having seen why companies might want multiple LANs with restricted
scopes, let us get back to the problem of decoupling the logical topology from the
physical topology. Building a physical topology to reflect the organizational
structure can add work and cost, even with centralized wiring and switches. For
example, if two people in the same department work in different buildings, it may
be easier to wire them to different switches that are part of different LANs. Even
if this is not the case, a user might be shifted within the company from one depart-
ment to another without changing offices, or might change offices without chang-
ing departments. This might result in the user being on the wrong LAN until an
administrator changes the user’s connector from one switch to another. Fur-
thermore, the number of computers that belong to different departments may not
be a good match for the number of ports on switches; some departments may be
too small and others so big that they require multiple switches. This results in
wasted switch ports that are not used.
In many companies, organizational changes occur all the time, meaning that
system administrators spend a lot of time pulling out plugs and pushing them back

SEC. 4.8 DATA LINK LAYER SWITCHING 345
in somewhere else. Also, in some cases, the change cannot be made at all be-
cause the twisted pair from the user’s machine is too far from the correct switch
(e.g., in the wrong building), or the available switch ports are on the wrong LAN.
In response to customer requests for more flexibility, network vendors began
working on a way to rewire buildings entirely in software. The resulting concept
is called a VLAN (Virtual LAN). It has been standardized by the IEEE 802
committee and is now widely deployed in many organizations. Let us now take a
look at it. For additional information about VLANs, see Seifert and Edwards
(2008).
VLANs are based on VLAN-aware switches. To set up a VLAN-based net-
work, the network administrator decides how many VLANs there will be, which
computers will be on which VLAN, and what the VLANs will be called. Often
the VLANs are (informally) named by colors, since it is then possible to print
color diagrams showing the physical layout of the machines, with the members of
the red LAN in red, members of the green LAN in green, and so on. In this way,
both the physical and logical layouts are visible in a single view.
As an example, consider the bridged LAN of Fig. 4-47, in which nine of the
machines belong to the G (gray) VLAN and five belong to the W (white) VLAN.
Machines from the gray VLAN are spread across two switches, including two ma-
chines that connect to a switch via a hub.
Gray station
B1 B2
Hub
G W GWW
G
G G
GW
GG G WG W
White station
Gray port
White port
Gray and
White port
Bridge
Figure 4-47. Two VLANs, gray and white, on a bridged LAN.
To make the VLANs function correctly, configuration tables have to be set up
in the bridges. These tables tell which VLANs are accessible via which ports.
When a frame comes in from, say, the gray VLAN, it must be forwarded on all
the ports marked with a G. This holds for ordinary (i.e., unicast) traffic for which
the bridges have not learned the location of the destination, as well as for multi-
cast and broadcast traffic. Note that a port may be labeled with multiple VLAN
colors.
As an example, suppose that one of the gray stations plugged into bridge B1 in
Fig. 4-47 sends a frame to a destination that has not been observed beforehand.
Bridge B1 will receive the frame and see that it came from a machine on the gray

346 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
VLAN, so it will flood the frame on all ports labeled G (except the incoming
port). The frame will be sent to the five other gray stations attached to B1 as well
as over the link from B1 to bridge B2. At bridge B2, the frame is similarly for-
warded on all ports labeled G. This sends the frame to one further station and the
hub (which will transmit the frame to all of its stations). The hub has both labels
because it connects to machines from both VLANs. The frame is not sent on
other ports without G in the label because the bridge knows that there are no ma-
chines on the gray VLAN that can be reached via these ports.
In our example, the frame is only sent from bridge B1 to bridge B2 because
there are machines on the gray VLAN that are connected to B2. Looking at the
white VLAN, we can see that the bridge B2 port that connects to bridge B1 is not
labeled W. This means that a frame on the white VLAN will not be forwarded
from bridge B2 to bridge B1. This behavior is correct because no stations on the
white VLAN are connected to B1.
The IEEE 802.1Q Standard
To implement this scheme, bridges need to know to which VLAN an incom-
ing frame belongs. Without this information, for example, when bridge B2 gets a
frame from bridge B1 in Fig. 4-47, it cannot know whether to forward the frame
on the gray or white VLAN. If we were designing a new type of LAN, it would
be easy enough to just add a VLAN field in the header. But what to do about
Ethernet, which is the dominant LAN, and did not have any spare fields lying
around for the VLAN identifier?
The IEEE 802 committee had this problem thrown into its lap in 1995. After
much discussion, it did the unthinkable and changed the Ethernet header. The
new format was published in IEEE standard 802.1Q, issued in 1998. The new
format contains a VLAN tag; we will examine it shortly. Not surprisingly, chang-
ing something as well established as the Ethernet header was not entirely trivial.
A few questions that come to mind are:
1. Need we throw out several hundred million existing Ethernet cards?
2. If not, who generates the new fields?
3. What happens to frames that are already the maximum size?
Of course, the 802 committee was (only too painfully) aware of these problems
and had to come up with solutions, which it did.
The key to the solution is to realize that the VLAN fields are only actually
used by the bridges and switches and not by the user machines. Thus, in Fig. 4-
47, it is not really essential that they are present on the lines going out to the end
stations as long as they are on the line between the bridges. Also, to use VLANs,
the bridges have to be VLAN aware. This fact makes the design feasible.

SEC. 4.8 DATA LINK LAYER SWITCHING 347
As to throwing out all existing Ethernet cards, the answer is no. Remember
that the 802.3 committee could not even get people to change the Type field into a
Length field. You can imagine the reaction to an announcement that all existing
Ethernet cards had to be thrown out. However, new Ethernet cards are 802.1Q
compliant and can correctly fill in the VLAN fields.
Because there can be computers (and switches) that are not VLAN aware, the
first VLAN-aware bridge to touch a frame adds VLAN fields and the last one
down the road removes them. An example of a mixed topology is shown in
Fig. 4-48. In this figure, VLAN-aware computers generate tagged (i.e., 802.1Q)
frames directly, and further switching uses these tags. The shaded symbols are
VLAN-aware and the empty ones are not.
Legacy
bridge
and host
B1 B2 B5Tagged
frame
B4
B3
B6
VLAN-aware
host and bridge
Legacy
frame
Figure 4-48. Bridged LAN that is only partly VLAN aware. The shaded symb-
ols are VLAN aware. The empty ones are not.
With 802.1Q, frames are colored depending on the port on which they are re-
ceived. For this method to work, all machines on a port must belong to the same
VLAN, which reduces flexibility. For example, in Fig. 4-48, this property holds
for all ports where an individual computer connects to a bridge, but not for the
port where the hub connects to bridge B2.
Additionally, the bridge can use the higher-layer protocol to select the color.
In this way, frames arriving on a port might be placed in different VLANs de-
pending on whether they carry IP packets or PPP frames.
Other methods are possible, but they are not supported by 802.1Q. As one ex-
ample, the MAC address can be used to select the VLAN color. This might be
useful for frames coming in from a nearby 802.11 LAN in which laptops send
frames via different ports as they move. One MAC address would then be mapped
to a fixed VLAN regardless of which port it entered the LAN on.
As to the problem of frames longer than 1518 bytes, 802.1Q just raised the
limit to 1522 bytes. Luckily, only VLAN-aware computers and switches must
support these longer frames.
Now let us take a look at the 802.1Q frame format. It is shown in Fig. 4-49.
The only change is the addition of a pair of 2-byte fields. The first one is the

348 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
VLAN protocol ID. It always has the value 0x8100. Since this number is greater
than 1500, all Ethernet cards interpret it as a type rather than a length. What a
legacy card does with such a frame is moot since such frames are not supposed to
be sent to legacy cards.
802.3 Length Data Pad
Check-
sum
Destination
address
Source
address
802.1Q Length Data PadTag
VLAN IdentifierVLAN protocol
ID (0x8100)
Pri
C
F
I
Check-
sum
Destination
address
Source
address
Figure 4-49. The 802.3 (legacy) and 802.1Q Ethernet frame formats.
The second 2-byte field contains three subfields. The main one is the VLAN
identifier, occupying the low-order 12 bits. This is what the whole thing is
about—the color of the VLAN to which the frame belongs. The 3-bit Priority
field has nothing to do with VLANs at all, but since changing the Ethernet header
is a once-in-a-decade event taking three years and featuring a hundred people,
why not put in some other good things while you are at it? This field makes it
possible to distinguish hard real-time traffic from soft real-time traffic from time-
insensitive traffic in order to provide better quality of service over Ethernet. It is
needed for voice over Ethernet (although in all fairness, IP has had a similar field
for a quarter of a century and nobody ever used it).
The last field, CFI (Canonical format indicator), should have been called the
CEI (Corporate ego indicator). It was originally intended to indicate the order of
the bits in the MAC addresses (little-endian versus big-endian), but that use got
lost in other controversies. Its presence now indicates that the payload contains a
freeze-dried 802.5 frame that is hoping to find another 802.5 LAN at the destina-
tion while being carried by Ethernet in between. This whole arrangement, of
course, has nothing whatsoever to do with VLANs. But standards’ committee
politics are not unlike regular politics: if you vote for my bit, I will vote for your
bit.
As we mentioned above, when a tagged frame arrives at a VLAN-aware
switch, the switch uses the VLAN identifier as an index into a table to find out
which ports to send it on. But where does the table come from? If it is manually
constructed, we are back to square zero: manual configuration of bridges. The
beauty of the transparent bridge is that it is plug-and-play and does not require any
manual configuration. It would be a terrible shame to lose that property. For-
tunately, VLAN-aware bridges can also autoconfigure themselves based on
observing the tags that come by. If a frame tagged as VLAN 4 comes in on port

SEC. 4.8 DATA LINK LAYER SWITCHING 349
3, apparently some machine on port 3 is on VLAN 4. The 802.1Q standard ex-
plains how to build the tables dynamically, mostly by referencing appropriate por-
tions of the 802.1D standard.
Before leaving the subject of VLAN routing, it is worth making one last
observation. Many people in the Internet and Ethernet worlds are fanatically in
favor of connectionless networking and violently opposed to anything smacking
of connections in the data link or network layers. Yet VLANs introduce some-
thing that is surprisingly similar to a connection. To use VLANs properly, each
frame carries a new special identifier that is used as an index into a table inside
the switch to look up where the frame is supposed to be sent. That is precisely
what happens in connection-oriented networks. In connectionless networks, it is
the destination address that is used for routing, not some kind of connection iden-
tifier. We will see more of this creeping connectionism in Chap. 5.
4.9 SUMMARY
Some networks have a single channel that is used for all communication. In
these networks, the key design issue is the allocation of this channel among the
competing stations wishing to use it. FDM and TDM are simple, efficient alloca-
tion schemes when the number of stations is small and fixed and the traffic is con-
tinuous. Both are widely used under these circumstances, for example, for divid-
ing up the bandwidth on telephone trunks. However, when the number of stations
is large and variable or the traffic is fairly bursty—the common case in computer
networks—FDM and TDM are poor choices.
Numerous dynamic channel allocation algorithms have been devised. The
ALOHA protocol, with and without slotting, is used in many derivatives in real
systems, for example, cable modems and RFID. As an improvement when the
state of the channel can be sensed, stations can avoid starting a transmission while
another station is transmitting. This technique, carrier sensing, has led to a variety
of CSMA protocols for LANs and MANs. It is the basis for classic Ethernet and
802.11 networks.
A class of protocols that eliminates contention altogether, or at least reduces it
considerably, is well known. The bitmap protocol, topologies such as rings, and
the binary countdown protocol completely eliminate contention. The tree walk
protocol reduces it by dynamically dividing the stations into two disjoint groups of
different sizes and allowing contention only within one group; ideally that group
is chosen so that only one station is ready to send when it is permitted to do so.
Wireless LANs have the added problems that it is difficult to sense colliding
transmissions, and that the coverage regions of stations may differ. In the dom-
inant wireless LAN, IEEE 802.11, stations use CSMA/CA to mitigate the first
problem by leaving small gaps to avoid collisions. The stations can also use the
RTS/CTS protocol to combat hidden terminals that arise because of the second

350 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
problem. IEEE 802.11 is commonly used to connect laptops and other devices to
wireless access points, but it can also be used between devices. Any of several
physical layers can be used, including multichannel FDM with and without multi-
ple antennas, and spread spectrum.
Like 802.11, RFID readers and tags use a random access protocol to commun-
icate identifiers. Other wireless PANs and MANs have different designs. The
Bluetooth system connects headsets and many kinds of peripherals to computers
without wires. IEEE 802.16 provides a wide area wireless Internet data service
for stationary and mobile computers. Both of these networks use a centralized,
connection-oriented design in which the Bluetooth master and the WiMAX base
station decide when each station may send or receive data. For 802.16, this design
supports different quality of service for real-time traffic like telephone calls and
interactive traffic like Web browsing. For Bluetooth, placing the complexity in
the master leads to inexpensive slave devices.
Ethernet is the dominant form of wired LAN. Classic Ethernet used
CSMA/CD for channel allocation on a yellow cable the size of a garden hose that
snaked from machine to machine. The architecture has changed as speeds have
risen from 10 Mbps to 10 Gbps and continue to climb. Now, point-to-point links
such as twisted pair are attached to hubs and switches. With modern switches and
full-duplex links, there is no contention on the links and the switch can forward
frames between different ports in parallel.
With buildings full of LANs, a way is needed to interconnect them all. Plug-
and-play bridges are used for this purpose. The bridges are built with a backward
learning algorithm and a spanning tree algorithm. Since this functionality is built
into modern switches, the terms ‘‘bridge’’ and ‘‘switch’’ are used interchangeably.
To help with the management of bridged LANs, VLANs let the physical topology
be divided into different logical topologies. The VLAN standard, IEEE 802.1Q,
introduces a new format for Ethernet frames.
PROBLEMS
1. For this problem, use a formula from this chapter, but first state the formula. Frames
arrive randomly at a 100-Mbps channel for transmission. If the channel is busy when
a frame arrives, it waits its turn in a queue. Frame length is exponentially distributed
with a mean of 10,000 bits/frame. For each of the following frame arrival rates, give
the delay experienced by the average frame, including both queueing time and trans-
mission time.
(a) 90 frames/sec.
(b) 900 frames/sec.
(c) 9000 frames/sec.

CHAP. 4 PROBLEMS 351
2. A group of N stations share a 56-kbps pure ALOHA channel. Each station outputs a
1000-bit frame on average once every 100 sec, even if the previous one has not yet
been sent (e.g., the stations can buffer outgoing frames). What is the maximum value
of N?
3. Consider the delay of pure ALOHA versus slotted ALOHA at low load. Which one is
less? Explain your answer.
4. A large population of ALOHA users manages to generate 50 requests/sec, including
both originals and retransmissions. Time is slotted in units of 40 msec.
(a) What is the chance of success on the first attempt?
(b) What is the probability of exactly k collisions and then a success?
(c) What is the expected number of transmission attempts needed?
5. In an infinite-population slotted ALOHA system, the mean number of slots a station
waits between a collision and a retransmission is 4. Plot the delay versus throughput
curve for this system.
6. What is the length of a contention slot in CSMA/CD for (a) a 2-km twin-lead cable
(signal propagation speed is 82% of the signal propagation speed in vacuum)?, and (b)
a 40-km multimode fiber optic cable (signal propagation speed is 65% of the signal
propagation speed in vacuum)?
7. How long does a station, s, have to wait in the worst case before it can start trans-
mitting its frame over a LAN that uses the basic bit-map protocol?
8. In the binary countdown protocol, explain how a lower-numbered station may be
starved from sending a packet.
9. Sixteen stations, numbered 1 through 16, are contending for the use of a shared chan-
nel by using the adaptive tree walk protocol. If all the stations whose addresses are
prime numbers suddenly become ready at once, how many bit slots are needed to
resolve the contention?
10. Consider five wireless stations, A, B, C, D, and E. Station A can communicate with all
other stations. B can communicate with A, C and E. C can communicate with A, B and
D. D can communicate with A, C and E. E can communicate A, D and B.
(a) When A is sending to B, what other communications are possible?
(b) When B is sending to A, what other communications are possible?
(c) When B is sending to C, what other communications are possible?
11. Six stations, A through F, communicate using the MACA protocol. Is it possible for
two transmissions to take place simultaneously? Explain your answer.
12. A seven-story office building has 15 adjacent offices per floor. Each office contains a
wall socket for a terminal in the front wall, so the sockets form a rectangular grid in
the vertical plane, with a separation of 4 m between sockets, both horizontally and
vertically. Assuming that it is feasible to run a straight cable between any pair of
sockets, horizontally, vertically, or diagonally, how many meters of cable are needed
to connect all sockets using
(a) A star configuration with a single router in the middle?
(b) A classic 802.3 LAN?

352 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
13. What is the baud rate of classic 10-Mbps Ethernet?
14. Sketch the Manchester encoding on a classic Ethernet for the bit stream 0001110101.
15. A 1-km-long, 10-Mbps CSMA/CD LAN (not 802.3) has a propagation speed of
200 m /μsec. Repeaters are not allowed in this system. Data frames are 256 bits long,
including 32 bits of header, checksum, and other overhead. The first bit slot after a
successful transmission is reserved for the receiver to capture the channel in order to
send a 32-bit acknowledgement frame. What is the effective data rate, excluding
overhead, assuming that there are no collisions?
16. Two CSMA/CD stations are each trying to transmit long (multiframe) files. After
each frame is sent, they contend for the channel, using the binary exponential backoff
algorithm. What is the probability that the contention ends on round k, and what is the
mean number of rounds per contention period?
17. An IP packet to be transmitted by Ethernet is 60 bytes long, including all its headers.
If LLC is not in use, is padding needed in the Ethernet frame, and if so, how many
bytes?
18. Ethernet frames must be at least 64 bytes long to ensure that the transmitter is still
going in the event of a collision at the far end of the cable. Fast Ethernet has the same
64-byte minimum frame size but can get the bits out ten times faster. How is it pos-
sible to maintain the same minimum frame size?
19. Some books quote the maximum size of an Ethernet frame as 1522 bytes instead of
1500 bytes. Are they wrong? Explain your answer.
20. How many frames per second can gigabit Ethernet handle? Think carefully and take
into account all the relevant cases. Hint: the fact that it is gigabit Ethernet matters.
21. Name two networks that allow frames to be packed back-to-back. Why is this feature
worth having?
22. In Fig. 4-27, four stations, A, B, C, and D, are shown. Which of the last two stations
do you think is closest to A and why?
23. Give an example to show that the RTS/CTS in the 802.11 protocol is a little different
than in the MACA protocol.
24. A wireless LAN with one AP has 10 client stations. Four stations have data rates of 6
Mbps, four stations have data rates of 18 Mbps, and the last two stations have data
rates of 54 Mbps. What is the data rate experienced by each station when all ten sta-
tions are sending data together, and
(a) TXOP is not used?
(b) TXOP is used?
25. Suppose that an 11-Mbps 802.11b LAN is transmitting 64-byte frames back-to-back
over a radio channel with a bit error rate of 10−7. How many frames per second will
be damaged on average?
26. An 802.16 network has a channel width of 20 MHz. How many bits/sec can be sent to
a subscriber station?

CHAP. 4 PROBLEMS 353
27. Give two reasons why networks might use an error-correcting code instead of error
detection and retransmission.
28. List two ways in which WiMAX is similar to 802.11, and two ways in which it is dif-
ferent from 802.11.
29. From Fig. 4-34, we see that a Bluetooth device can be in two piconets at the same
time. Is there any reason why one device cannot be the master in both of them at the
same time?
30. What is the maximum size of the data field for a 3-slot Bluetooth frame at basic rate?
Explain your answer.
31. Figure 4-24 shows several physical layer protocols. Which of these is closest to the
Bluetooth physical layer protocol? What is the biggest difference between the two?
32. It is mentioned in Section 4.6.6 that the efficiency of a 1-slot frame with repetition en-
coding is about 13% at basic data rate. What will the efficiency be if a 5-slot frame
with repetition encoding is used at basic data rate instead?
33. Beacon frames in the frequency hopping spread spectrum variant of 802.11 contain
the dwell time. Do you think the analogous beacon frames in Bluetooth also contain
the dwell time? Discuss your answer.
34. Suppose that there are 10 RFID tags around an RFID reader. What is the best value of
Q? How likely is it that one tag responds with no collision in a given slot?
35. List some of the security concerns of an RFID system.
36. A switch designed for use with fast Ethernet has a backplane that can move 10 Gbps.
How many frames/sec can it handle in the worst case?
37. Briefly describe the difference between store-and-forward and cut-through switches.
38. Consider the extended LAN connected using bridges B1 and B2 in Fig. 4-41(b). Sup-
pose the hash tables in the two bridges are empty. List all ports on which a packet will
be forwarded for the following sequence of data transmissions:
(a) A sends a packet to C.
(b) E sends a packet to F.
(c) F sends a packet to E.
(d) G sends a packet to E.
(e) D sends a packet to A.
(f) B sends a packet to F.
39. Store-and-forward switches have an advantage over cut-through switches with respect
to damaged frames. Explain what it is.
40. It is mentioned in Section 4.8.3 that some bridges may not even be present in the span-
ning tree. Outline a scenario where a bridge may not be present in the spanning tree.
41. To make VLANs work, configuration tables are needed in the bridges. What if the
VLANs of Fig. 4-47 used hubs rather than switches? Do the hubs need configuration
tables, too? Why or why not?

354 THE MEDIUM ACCESS CONTROL SUBLAYER CHAP. 4
42. In Fig. 4-48, the switch in the legacy end domain on the right is a VLAN-aware
switch. Would it be possible to use a legacy switch there? If so, how would that
work? If not, why not?
43. Write a program to simulate the behavior of the CSMA/CD protocol over Ethernet
when there are N stations ready to transmit while a frame is being transmitted. Your
program should report the times when each station successfully starts sending its
frame. Assume that a clock tick occurs once every slot time (51.2 μsec) and a collis-
ion detection and sending of a jamming sequence takes one slot time. All frames are
the maximum length allowed.

5
THE NETWORK LAYER
The network layer is concerned with getting packets from the source all the
way to the destination. Getting to the destination may require making many hops
at intermediate routers along the way. This function clearly contrasts with that of
the data link layer, which has the more modest goal of just moving frames from
one end of a wire to the other. Thus, the network layer is the lowest layer that
deals with end-to-end transmission.
To achieve its goals, the network layer must know about the topology of the
network (i.e., the set of all routers and links) and choose appropriate paths through
it, even for large networks. It must also take care when choosing routes to avoid
overloading some of the communication lines and routers while leaving others
idle. Finally, when the source and destination are in different networks, new
problems occur. It is up to the network layer to deal with them. In this chapter
we will study all these issues and illustrate them, primarily using the Internet and
its network layer protocol, IP.
5.1 NETWORK LAYER DESIGN ISSUES
In the following sections, we will give an introduction to some of the issues
that the designers of the network layer must grapple with. These issues include
the service provided to the transport layer and the internal design of the network.
355

356 THE NETWORK LAYER CHAP. 5
5.1.1 Store-and-Forward Packet Switching
Before starting to explain the details of the network layer, it is worth restating
the context in which the network layer protocols operate. This context can be
seen in Fig. 5-1. The major components of the network are the ISP’s equipment
(routers connected by transmission lines), shown inside the shaded oval, and the
customers’ equipment, shown outside the oval. Host H1 is directly connected to
one of the ISP’s routers, A, perhaps as a home computer that is plugged into a
DSL modem. In contrast, H2 is on a LAN, which might be an office Ethernet,
with a router, F, owned and operated by the customer. This router has a leased
line to the ISP’s equipment. We have shown F as being outside the oval because
it does not belong to the ISP. For the purposes of this chapter, however, routers
on customer premises are considered part of the ISP network because they run the
same algorithms as the ISP’s routers (and our main concern here is algorithms).
D
C
B
A E F
Packet
Process P1
Host H1
Router ISP’s equipment
H2LAN
P2
Figure 5-1. The environment of the network layer protocols.
This equipment is used as follows. A host with a packet to send transmits it to
the nearest router, either on its own LAN or over a point-to-point link to the ISP.
The packet is stored there until it has fully arrived and the link has finished its
processing by verifying the checksum. Then it is forwarded to the next router
along the path until it reaches the destination host, where it is delivered. This
mechanism is store-and-forward packet switching, as we have seen in previous
chapters.
5.1.2 Services Provided to the Transport Layer
The network layer provides services to the transport layer at the network
layer/transport layer interface. An important question is precisely what kind of
services the network layer provides to the transport layer. The services need to be
carefully designed with the following goals in mind:

SEC. 5.1 NETWORK LAYER DESIGN ISSUES 357
1. The services should be independent of the router technology.
2. The transport layer should be shielded from the number, type, and
topology of the routers present.
3. The network addresses made available to the transport layer should
use a uniform numbering plan, even across LANs and WANs.
Given these goals, the designers of the network layer have a lot of freedom in
writing detailed specifications of the services to be offered to the transport layer.
This freedom often degenerates into a raging battle between two warring factions.
The discussion centers on whether the network layer should provide connection-
oriented service or connectionless service.
One camp (represented by the Internet community) argues that the routers’
job is moving packets around and nothing else. In this view (based on 40 years of
experience with a real computer network), the network is inherently unreliable, no
matter how it is designed. Therefore, the hosts should accept this fact and do
error control (i.e., error detection and correction) and flow control themselves.
This viewpoint leads to the conclusion that the network service should be con-
nectionless, with primitives SEND PACKET and RECEIVE PACKET and little else.
In particular, no packet ordering and flow control should be done, because the
hosts are going to do that anyway and there is usually little to be gained by doing
it twice. This reasoning is an example of the end-to-end argument, a design
principle that has been very influential in shaping the Internet (Saltzer et al.,
1984). Furthermore, each packet must carry the full destination address, because
each packet sent is carried independently of its predecessors, if any.
The other camp (represented by the telephone companies) argues that the net-
work should provide a reliable, connection-oriented service. They claim that 100
years of successful experience with the worldwide telephone system is an excel-
lent guide. In this view, quality of service is the dominant factor, and without
connections in the network, quality of service is very difficult to achieve, espe-
cially for real-time traffic such as voice and video.
Even after several decades, this controversy is still very much alive. Early,
widely used data networks, such as X.25 in the 1970s and its successor Frame
Relay in the 1980s, were connection-oriented. However, since the days of the
ARPANET and the early Internet, connectionless network layers have grown
tremendously in popularity. The IP protocol is now an ever-present symbol of suc-
cess. It was undeterred by a connection-oriented technology called ATM that was
developed to overthrow it in the 1980s; instead, it is ATM that is now found in
niche uses and IP that is taking over telephone networks. Under the covers, how-
ever, the Internet is evolving connection-oriented features as quality of service be-
comes more important. Two examples of connection-oriented technologies are
MPLS (MultiProtocol Label Switching), which we will describe in this chapter,
and VLANs, which we saw in Chap. 4. Both technologies are widely used.

358 THE NETWORK LAYER CHAP. 5
5.1.3 Implementation of Connectionless Service
Having looked at the two classes of service the network layer can provide to
its users, it is time to see how this layer works inside. Two different organizations
are possible, depending on the type of service offered. If connectionless service is
offered, packets are injected into the network individually and routed indepen-
dently of each other. No advance setup is needed. In this context, the packets are
frequently called datagrams (in analogy with telegrams) and the network is call-
ed a datagram network. If connection-oriented service is used, a path from the
source router all the way to the destination router must be established before any
data packets can be sent. This connection is called a VC (virtual circuit), in an-
alogy with the physical circuits set up by the telephone system, and the network is
called a virtual-circuit network. In this section, we will examine datagram net-
works; in the next one, we will examine virtual-circuit networks.
Let us now see how a datagram network works. Suppose that the process P1
in Fig. 5-2 has a long message for P2. It hands the message to the transport layer,
with instructions to deliver it to process P2 on host H2. The transport layer code
runs on H1, typically within the operating system. It prepends a transport header
to the front of the message and hands the result to the network layer, probably just
another procedure within the operating system.
E’s tableC’s tableA’s table (initially) A’s table (later)
Dest. Line
D
C
B
A E F
Packet
Process P1
Host H1
Router ISP’s equipment
H2LAN
P2
4
23
1
A
B B
–
C C
D B
E C
F C
A
B B
–
C C
D B
E B
F B
A
B A
A
C –
D E
E E
F E
A
B D
C
C C
D D
E –
F F
Figure 5-2. Routing within a datagram network.
Let us assume for this example that the message is four times longer than the
maximum packet size, so the network layer has to break it into four packets, 1, 2,

SEC. 5.1 NETWORK LAYER DESIGN ISSUES 359
3, and 4, and send each of them in turn to router A using some point-to-point pro-
tocol, for example, PPP. At this point the ISP takes over. Every router has an in-
ternal table telling it where to send packets for each of the possible destinations.
Each table entry is a pair consisting of a destination and the outgoing line to use
for that destination. Only directly connected lines can be used. For example, in
Fig. 5-2, A has only two outgoing lines—to B and to C—so every incoming packet
must be sent to one of these routers, even if the ultimate destination is to some
other router. A’s initial routing table is shown in the figure under the label ‘‘ini-
tially.’’
At A, packets 1, 2, and 3 are stored briefly, having arrived on the incoming
link and had their checksums verified. Then each packet is forwarded according
to A’s table, onto the outgoing link to C within a new frame. Packet 1 is then for-
warded to E and then to F. When it gets to F, it is sent within a frame over the
LAN to H2. Packets 2 and 3 follow the same route.
However, something different happens to packet 4. When it gets to A it is
sent to router B, even though it is also destined for F. For some reason, A decided
to send packet 4 via a different route than that of the first three packets. Perhaps it
has learned of a traffic jam somewhere along the ACE path and updated its rout-
ing table, as shown under the label ‘‘later.’’ The algorithm that manages the tables
and makes the routing decisions is called the routing algorithm. Routing algo-
rithms are one of the main topics we will study in this chapter. There are several
different kinds of them, as we will see.
IP (Internet Protocol), which is the basis for the entire Internet, is the dom-
inant example of a connectionless network service. Each packet carries a destina-
tion IP address that routers use to individually forward each packet. The addresses
are 32 bits in IPv4 packets and 128 bits in IPv6 packets. We will describe IP in
much detail later in this chapter.
5.1.4 Implementation of Connection-Oriented Service
For connection-oriented service, we need a virtual-circuit network. Let us see
how that works. The idea behind virtual circuits is to avoid having to choose a
new route for every packet sent, as in Fig. 5-2. Instead, when a connection is es-
tablished, a route from the source machine to the destination machine is chosen as
part of the connection setup and stored in tables inside the routers. That route is
used for all traffic flowing over the connection, exactly the same way that the
telephone system works. When the connection is released, the virtual circuit is
also terminated. With connection-oriented service, each packet carries an identi-
fier telling which virtual circuit it belongs to.
As an example, consider the situation shown in Fig. 5-3. Here, host H1 has
established connection 1 with host H2. This connection is remembered as the first
entry in each of the routing tables. The first line of A’s table says that if a packet

360 THE NETWORK LAYER CHAP. 5
bearing connection identifier 1 comes in from H1, it is to be sent to router C and
given connection identifier 1. Similarly, the first entry at C routes the packet to E,
also with connection identifier 1.
A’s table
In Out
D
C
B
E F
Packet
Router ISP’s equipment
H2LAN
P2
2
4
3
1
H1
H3 1
1
AProcess P1
Host H1
P3
H3
C
C 2
1
C’s table
A
A 2
1 E
E 2
1
E’s table
C
C 2
1 F
F 2
1
Figure 5-3. Routing within a virtual-circuit network.
Now let us consider what happens if H3 also wants to establish a connection
to H2. It chooses connection identifier 1 (because it is initiating the connection
and this is its only connection) and tells the network to establish the virtual circuit.
This leads to the second row in the tables. Note that we have a conflict here be-
cause although A can easily distinguish connection 1 packets from H1 from con-
nection 1 packets from H3, C cannot do this. For this reason, A assigns a different
connection identifier to the outgoing traffic for the second connection. Avoiding
conflicts of this kind is why routers need the ability to replace connection identi-
fiers in outgoing packets.
In some contexts, this process is called label switching. An example of a
connection-oriented network service is MPLS (MultiProtocol Label Switching).
It is used within ISP networks in the Internet, with IP packets wrapped in an
MPLS header having a 20-bit connection identifier or label. MPLS is often hid-
den from customers, with the ISP establishing long-term connections for large
amounts of traffic, but it is increasingly being used to help when quality of service
is important but also with other ISP traffic management tasks. We will have more
to say about MPLS later in this chapter.

SEC. 5.1 NETWORK LAYER DESIGN ISSUES 361
5.1.5 Comparison of Virtual-Circuit and Datagram Networks
Both virtual circuits and datagrams have their supporters and their detractors.
We will now attempt to summarize both sets of arguments. The major issues are
listed in Fig. 5-4, although purists could probably find a counterexample for
everything in the figure.
Issue Datagram network Virtual-circuit network
Circuit setup Not needed Required
Addressing Each packet contains the full
source and destination address
Each packet contains a
short VC number
State information Routers do not hold state
information about connections
Each VC requires router
table space per connection
Routing Each packet is routed
independently
Route chosen when VC is
set up; all packets follow it
Effect of router failures None, except for packets
lost during the crash
All VCs that passed
through the failed
router are terminated
Quality of service Difficult Easy if enough resources
can be allocated in
advance for each VC
Congestion control Difficult Easy if enough resources
can be allocated in
advance for each VC
Figure 5-4. Comparison of datagram and virtual-circuit networks.
Inside the network, several trade-offs exist between virtual circuits and data-
grams. One trade-off is setup time versus address parsing time. Using virtual cir-
cuits requires a setup phase, which takes time and consumes resources. However,
once this price is paid, figuring out what to do with a data packet in a virtual-cir-
cuit network is easy: the router just uses the circuit number to index into a table to
find out where the packet goes. In a datagram network, no setup is needed but a
more complicated lookup procedure is required to locate the entry for the destina-
tion.
A related issue is that the destination addresses used in datagram networks are
longer than circuit numbers used in virtual-circuit networks because they have a
global meaning. If the packets tend to be fairly short, including a full destination
address in every packet may represent a significant amount of overhead, and
hence a waste of bandwidth.
Yet another issue is the amount of table space required in router memory. A
datagram network needs to have an entry for every possible destination, whereas a
virtual-circuit network just needs an entry for each virtual circuit. However, this

362 THE NETWORK LAYER CHAP. 5
advantage is somewhat illusory since connection setup packets have to be routed
too, and they use destination addresses, the same as datagrams do.
Virtual circuits have some advantages in guaranteeing quality of service and
avoiding congestion within the network because resources (e.g., buffers, band-
width, and CPU cycles) can be reserved in advance, when the connection is estab-
lished. Once the packets start arriving, the necessary bandwidth and router capac-
ity will be there. With a datagram network, congestion avoidance is more diffi-
cult.
For transaction processing systems (e.g., stores calling up to verify credit card
purchases), the overhead required to set up and clear a virtual circuit may easily
dwarf the use of the circuit. If the majority of the traffic is expected to be of this
kind, the use of virtual circuits inside the network makes little sense. On the other
hand, for long-running uses such as VPN traffic between two corporate offices,
permanent virtual circuits (that are set up manually and last for months or years)
may be useful.
Virtual circuits also have a vulnerability problem. If a router crashes and
loses its memory, even if it comes back up a second later, all the virtual circuits
passing through it will have to be aborted. In contrast, if a datagram router goes
down, only those users whose packets were queued in the router at the time need
suffer (and probably not even then since the sender is likely to retransmit them
shortly). The loss of a communication line is fatal to virtual circuits using it, but
can easily be compensated for if datagrams are used. Datagrams also allow the
routers to balance the traffic throughout the network, since routes can be changed
partway through a long sequence of packet transmissions.
5.2 ROUTING ALGORITHMS
The main function of the network layer is routing packets from the source ma-
chine to the destination machine. In most networks, packets will require multiple
hops to make the journey. The only notable exception is for broadcast networks,
but even here routing is an issue if the source and destination are not on the same
network segment. The algorithms that choose the routes and the data structures
that they use are a major area of network layer design.
The routing algorithm is that part of the network layer software responsible
for deciding which output line an incoming packet should be transmitted on. If
the network uses datagrams internally, this decision must be made anew for every
arriving data packet since the best route may have changed since last time. If the
network uses virtual circuits internally, routing decisions are made only when a
new virtual circuit is being set up. Thereafter, data packets just follow the already
established route. The latter case is sometimes called session routing because a
route remains in force for an entire session (e.g., while logged in over a VPN).

SEC. 5.2 ROUTING ALGORITHMS 363
It is sometimes useful to make a distinction between routing, which is making
the decision which routes to use, and forwarding, which is what happens when a
packet arrives. One can think of a router as having two processes inside it. One
of them handles each packet as it arrives, looking up the outgoing line to use for it
in the routing tables. This process is forwarding. The other process is responsi-
ble for filling in and updating the routing tables. That is where the routing algo-
rithm comes into play.
Regardless of whether routes are chosen independently for each packet sent or
only when new connections are established, certain properties are desirable in a
routing algorithm: correctness, simplicity, robustness, stability, fairness, and effi-
ciency. Correctness and simplicity hardly require comment, but the need for
robustness may be less obvious at first. Once a major network comes on the air, it
may be expected to run continuously for years without system-wide failures. Dur-
ing that period there will be hardware and software failures of all kinds. Hosts,
routers, and lines will fail repeatedly, and the topology will change many times.
The routing algorithm should be able to cope with changes in the topology and
traffic without requiring all jobs in all hosts to be aborted. Imagine the havoc if
the network needed to be rebooted every time some router crashed!
Stability is also an important goal for the routing algorithm. There exist rout-
ing algorithms that never converge to a fixed set of paths, no matter how long they
run. A stable algorithm reaches equilibrium and stays there. It should converge
quickly too, since communication may be disrupted until the routing algorithm
has reached equilibrium.
Fairness and efficiency may sound obvious—surely no reasonable person
would oppose them—but as it turns out, they are often contradictory goals. As a
simple example of this conflict, look at Fig. 5-5. Suppose that there is enough
traffic between A and A ′, between B and B ′, and between C and C ′ to saturate the
horizontal links. To maximize the total flow, the X to X ′ traffic should be shut off
altogether. Unfortunately, X and X ′ may not see it that way. Evidently, some
compromise between global efficiency and fairness to individual connections is
needed.
Before we can even attempt to find trade-offs between fairness and efficiency,
we must decide what it is we seek to optimize. Minimizing the mean packet delay
is an obvious candidate to send traffic through the network effectively, but so is
maximizing total network throughput. Furthermore, these two goals are also in
conflict, since operating any queueing system near capacity implies a long queue-
ing delay. As a compromise, many networks attempt to minimize the distance a
packet must travel, or simply reduce the number of hops a packet must make. Ei-
ther choice tends to improve the delay and also reduce the amount of bandwidth
consumed per packet, which tends to improve the overall network throughput as
well.
Routing algorithms can be grouped into two major classes: nonadaptive and
adaptive. Nonadaptive algorithms do not base their routing decisions on any

364 THE NETWORK LAYER CHAP. 5
X X′
A B C
A’ B’ C’
Figure 5-5. Network with a conflict between fairness and efficiency.
measurements or estimates of the current topology and traffic. Instead, the choice
of the route to use to get from I to J (for all I and J) is computed in advance, off-
line, and downloaded to the routers when the network is booted. This procedure
is sometimes called static routing. Because it does not respond to failures, static
routing is mostly useful for situations in which the routing choice is clear. For ex-
ample, router F in Fig. 5-3 should send packets headed into the network to router
E regardless of the ultimate destination.
Adaptive algorithms, in contrast, change their routing decisions to reflect
changes in the topology, and sometimes changes in the traffic as well. These
dynamic routing algorithms differ in where they get their information (e.g.,
locally, from adjacent routers, or from all routers), when they change the routes
(e.g., when the topology changes, or every ΔT seconds as the load changes), and
what metric is used for optimization (e.g., distance, number of hops, or estimated
transit time).
In the following sections, we will discuss a variety of routing algorithms. The
algorithms cover delivery models besides sending a packet from a source to a
destination. Sometimes the goal is to send the packet to multiple, all, or one of a
set of destinations. All of the routing algorithms we describe here make decisions
based on the topology; we defer the possibility of decisions based on the traffic
levels to Sec 5.3.
5.2.1 The Optimality Principle
Before we get into specific algorithms, it may be helpful to note that one can
make a general statement about optimal routes without regard to network topo-
logy or traffic. This statement is known as the optimality principle (Bellman,
1957). It states that if router J is on the optimal path from router I to router K,

SEC. 5.2 ROUTING ALGORITHMS 365
then the optimal path from J to K also falls along the same route. To see this, call
the part of the route from I to J r 1 and the rest of the route r 2 . If a route better
than r 2 existed from J to K, it could be concatenated with r 1 to improve the route
from I to K, contradicting our statement that r 1r 2 is optimal.
As a direct consequence of the optimality principle, we can see that the set of
optimal routes from all sources to a given destination form a tree rooted at the
destination. Such a tree is called a sink tree and is illustrated in Fig. 5-6(b),
where the distance metric is the number of hops. The goal of all routing algo-
rithms is to discover and use the sink trees for all routers.
B
A
F
D E
C
J
N
O
I
H
G
L
M
K
(a)
B
A
F
D E
C
J
N
O
I
H
G
L
M
K
(b)
Figure 5-6. (a) A network. (b) A sink tree for router B.
Note that a sink tree is not necessarily unique; other trees with the same path
lengths may exist. If we allow all of the possible paths to be chosen, the tree be-
comes a more general structure called a DAG (Directed Acyclic Graph). DAGs
have no loops. We will use sink trees as a convenient shorthand for both cases.
Both cases also depend on the technical assumption that the paths do not interfere
with each other so, for example, a traffic jam on one path will not cause another
path to divert.
Since a sink tree is indeed a tree, it does not contain any loops, so each packet
will be delivered within a finite and bounded number of hops. In practice, life is
not quite this easy. Links and routers can go down and come back up during oper-
ation, so different routers may have different ideas about the current topology.
Also, we have quietly finessed the issue of whether each router has to individually
acquire the information on which to base its sink tree computation or whether this
information is collected by some other means. We will come back to these issues
shortly. Nevertheless, the optimality principle and the sink tree provide a bench-
mark against which other routing algorithms can be measured.

366 THE NETWORK LAYER CHAP. 5
5.2.2 Shortest Path Algorithm
Let us begin our study of routing algorithms with a simple technique for com-
puting optimal paths given a complete picture of the network. These paths are the
ones that we want a distributed routing algorithm to find, even though not all rout-
ers may know all of the details of the network.
The idea is to build a graph of the network, with each node of the graph
representing a router and each edge of the graph representing a communication
line, or link. To choose a route between a given pair of routers, the algorithm just
finds the shortest path between them on the graph.
The concept of a shortest path deserves some explanation. One way of
measuring path length is the number of hops. Using this metric, the paths ABC
and ABE in Fig. 5-7 are equally long. Another metric is the geographic distance
in kilometers, in which case ABC is clearly much longer than ABE (assuming the
figure is drawn to scale).
A D1
2
6
G
4
(a)
F (∞, −) D (∞,−)
A
B 7 C
2
H
3
3
2
2 FE
1
22
6
G
4
A
(c)
A
B (2, A) C (9, B)
H (∞, −)
E (4, B)
G (6, A)
F (6, E) D (∞,−)A
(e)
A
B (2, A) C (9, B)
H (9, G)
E (4, B)
G (5, E)
F (6,E) D (∞,−)A
(f)
A
B (2, A) C (9, B)
H (8, F)
E (4, B)
G (5, E)
F (6, E) D (∞,1)A
(d)
A
B (2, A) C (9, B)
H (∞, −)
E (4, B)
G (5, E)
F (∞, −) D (∞, −)A
H
E
G
(b)
B (2, A) C (∞, −)
H (∞, −)
E (∞, −)
G (6, A)
Figure 5-7. The first six steps used in computing the shortest path from A to D.
The arrows indicate the working node.

SEC. 5.2 ROUTING ALGORITHMS 367
However, many other metrics besides hops and physical distance are also pos-
sible. For example, each edge could be labeled with the mean delay of a standard
test packet, as measured by hourly runs. With this graph labeling, the shortest
path is the fastest path rather than the path with the fewest edges or kilometers.
In the general case, the labels on the edges could be computed as a function of
the distance, bandwidth, average traffic, communication cost, measured delay,
and other factors. By changing the weighting function, the algorithm would then
compute the ‘‘shortest’’ path measured according to any one of a number of cri-
teria or to a combination of criteria.
Several algorithms for computing the shortest path between two nodes of a
graph are known. This one is due to Dijkstra (1959) and finds the shortest paths
between a source and all destinations in the network. Each node is labeled (in
parentheses) with its distance from the source node along the best known path.
The distances must be non-negative, as they will be if they are based on real quan-
tities like bandwidth and delay. Initially, no paths are known, so all nodes are
labeled with infinity. As the algorithm proceeds and paths are found, the labels
may change, reflecting better paths. A label may be either tentative or permanent.
Initially, all labels are tentative. When it is discovered that a label represents the
shortest possible path from the source to that node, it is made permanent and
never changed thereafter.
To illustrate how the labeling algorithm works, look at the weighted,
undirected graph of Fig. 5-7(a), where the weights represent, for example, dis-
tance. We want to find the shortest path from A to D. We start out by marking
node A as permanent, indicated by a filled-in circle. Then we examine, in turn,
each of the nodes adjacent to A (the working node), relabeling each one with the
distance to A. Whenever a node is relabeled, we also label it with the node from
which the probe was made so that we can reconstruct the final path later. If the
network had more than one shortest path from A to D and we wanted to find all of
them, we would need to remember all of the probe nodes that could reach a node
with the same distance.
Having examined each of the nodes adjacent to A, we examine all the tenta-
tively labeled nodes in the whole graph and make the one with the smallest label
permanent, as shown in Fig. 5-7(b). This one becomes the new working node.
We now start at B and examine all nodes adjacent to it. If the sum of the label
on B and the distance from B to the node being considered is less than the label on
that node, we have a shorter path, so the node is relabeled.
After all the nodes adjacent to the working node have been inspected and the
tentative labels changed if possible, the entire graph is searched for the tentatively
labeled node with the smallest value. This node is made permanent and becomes
the working node for the next round. Figure 5-7 shows the first six steps of the al-
gorithm.
To see why the algorithm works, look at Fig. 5-7(c). At this point we have
just made E permanent. Suppose that there were a shorter path than ABE, say

368 THE NETWORK LAYER CHAP. 5
AXYZE (for some X and Y). There are two possibilities: either node Z has already
been made permanent, or it has not been. If it has, then E has already been probed
(on the round following the one when Z was made permanent), so the AXYZE path
has not escaped our attention and thus cannot be a shorter path.
Now consider the case where Z is still tentatively labeled. If the label at Z is
greater than or equal to that at E, then AXYZE cannot be a shorter path than ABE.
If the label is less than that of E, then Z and not E will become permanent first, al-
lowing E to be probed from Z.
This algorithm is given in Fig. 5-8. The global variables n and dist describe
the graph and are initialized before shortest path is called. The only difference
between the program and the algorithm described above is that in Fig. 5-8, we
compute the shortest path starting at the terminal node, t, rather than at the source
node, s.
Since the shortest paths from t to s in an undirected graph are the same as the
shortest paths from s to t, it does not matter at which end we begin. The reason
for searching backward is that each node is labeled with its predecessor rather
than its successor. When the final path is copied into the output variable, path,
the path is thus reversed. The two reversal effects cancel, and the answer is pro-
duced in the correct order.
5.2.3 Flooding
When a routing algorithm is implemented, each router must make decisions
based on local knowledge, not the complete picture of the network. A simple
local technique is flooding, in which every incoming packet is sent out on every
outgoing line except the one it arrived on.
Flooding obviously generates vast numbers of duplicate packets, in fact, an
infinite number unless some measures are taken to damp the process. One such
measure is to have a hop counter contained in the header of each packet that is
decremented at each hop, with the packet being discarded when the counter
reaches zero. Ideally, the hop counter should be initialized to the length of the
path from source to destination. If the sender does not know how long the path is,
it can initialize the counter to the worst case, namely, the full diameter of the net-
work.
Flooding with a hop count can produce an exponential number of duplicate
packets as the hop count grows and routers duplicate packets they have seen be-
fore. A better technique for damming the flood is to have routers keep track of
which packets have been flooded, to avoid sending them out a second time. One
way to achieve this goal is to have the source router put a sequence number in
each packet it receives from its hosts. Each router then needs a list per source
router telling which sequence numbers originating at that source have already
been seen. If an incoming packet is on the list, it is not flooded.

SEC. 5.2 ROUTING ALGORITHMS 369
#define MAX NODES 1024 /* maximum number of nodes */
#define INFINITY 1000000000 /* a number larger than every maximum path */
int n, dist[MAX NODES][MAX NODES]; /* dist[i][j] is the distance from i to j */
void shortest path(int s, int t, int path[])
{ struct state { /* the path being worked on */
int predecessor; /* previous node */
int length; /* length from source to this node */
enum {permanent, tentative} label; /* label state */
} state[MAX NODES];
int i, k, min;
struct state *p;
for (p = &state[0]; p < &state[n]; p++) { /* initialize state */ p->predecessor = −1;
p->length = INFINITY;
p->label = tentative;
}
state[t].length = 0; state[t].label = permanent;
k = t; /* k is the initial working node */
do { /* Is there a better path from k? */
for (i = 0; i < n; i++) /* this graph has n nodes */ if (dist[k][i] != 0 && state[i].label == tentative) { if (state[k].length + dist[k][i] < state[i].length) { state[i].predecessor = k; state[i].length = state[k].length + dist[k][i]; } } /* Find the tentatively labeled node with the smallest label. */ k = 0; min = INFINITY; for (i = 0; i < n; i++) if (state[i].label == tentative && state[i].length < min) { min = state[i].length; k = i; } state[k].label = permanent; } while (k != s); /* Copy the path into the output array. */ i = 0; k = s; do {path[i++] = k; k = state[k].predecessor; } while (k >= 0);
}
Figure 5-8. Dijkstra’s algorithm to compute the shortest path through a graph.
To prevent the list from growing without bound, each list should be aug-
mented by a counter, k, meaning that all sequence numbers through k have been
seen. When a packet comes in, it is easy to check if the packet has already been

370 THE NETWORK LAYER CHAP. 5
flooded (by comparing its sequence number to k; if so, it is discarded. Further-
more, the full list below k is not needed, since k effectively summarizes it.
Flooding is not practical for sending most packets, but it does have some im-
portant uses. First, it ensures that a packet is delivered to every node in the net-
work. This may be wasteful if there is a single destination that needs the packet,
but it is effective for broadcasting information. In wireless networks, all mes-
sages transmitted by a station can be received by all other stations within its radio
range, which is, in fact, flooding, and some algorithms utilize this property.
Second, flooding is tremendously robust. Even if large numbers of routers are
blown to bits (e.g., in a military network located in a war zone), flooding will find
a path if one exists, to get a packet to its destination. Flooding also requires little
in the way of setup. The routers only need to know their neighbors. This means
that flooding can be used as a building block for other routing algorithms that are
more efficient but need more in the way of setup. Flooding can also be used as a
metric against which other routing algorithms can be compared. Flooding always
chooses the shortest path because it chooses every possible path in parallel. Con-
sequently, no other algorithm can produce a shorter delay (if we ignore the over-
head generated by the flooding process itself).
5.2.4 Distance Vector Routing
Computer networks generally use dynamic routing algorithms that are more
complex than flooding, but more efficient because they find shortest paths for the
current topology. Two dynamic algorithms in particular, distance vector routing
and link state routing, are the most popular. In this section, we will look at the
former algorithm. In the following section, we will study the latter algorithm.
A distance vector routing algorithm operates by having each router maintain
a table (i.e., a vector) giving the best known distance to each destination and
which link to use to get there. These tables are updated by exchanging infor-
mation with the neighbors. Eventually, every router knows the best link to reach
each destination.
The distance vector routing algorithm is sometimes called by other names,
most commonly the distributed Bellman-Ford routing algorithm, after the re-
searchers who developed it (Bellman, 1957; and Ford and Fulkerson, 1962). It
was the original ARPANET routing algorithm and was also used in the Internet
under the name RIP.
In distance vector routing, each router maintains a routing table indexed by,
and containing one entry for each router in the network. This entry has two parts:
the preferred outgoing line to use for that destination and an estimate of the dis-
tance to that destination. The distance might be measured as the number of hops
or using another metric, as we discussed for computing shortest paths.
The router is assumed to know the ‘‘distance’’ to each of its neighbors. If the
metric is hops, the distance is just one hop. If the metric is propagation delay, the

SEC. 5.2 ROUTING ALGORITHMS 371
router can measure it directly with special ECHO packets that the receiver just
timestamps and sends back as fast as it can.
As an example, assume that delay is used as a metric and that the router
knows the delay to each of its neighbors. Once every T msec, each router sends to
each neighbor a list of its estimated delays to each destination. It also receives a
similar list from each neighbor. Imagine that one of these tables has just come in
from neighbor X, with Xi being X’s estimate of how long it takes to get to router i.
If the router knows that the delay to X is m msec, it also knows that it can reach
router i via X in Xi + m msec. By performing this calculation for each neighbor, a
router can find out which estimate seems the best and use that estimate and the
corresponding link in its new routing table. Note that the old routing table is not
used in the calculation.
This updating process is illustrated in Fig. 5-9. Part (a) shows a network. The
first four columns of part (b) show the delay vectors received from the neighbors
of router J. A claims to have a 12-msec delay to B, a 25-msec delay to C, a 40-
msec delay to D, etc. Suppose that J has measured or estimated its delay to its
neighbors, A, I, H, and K, as 8, 10, 12, and 6 msec, respectively.
(a)
A B C D
E
I J K L
F G
H
Router
0
12
25
40
14
23
18
17
21
9
24
29
24
36
18
27
7
20
31
20
0
11
22
33
20
31
19
8
30
19
6
0
14
7
22
9
21
28
36
24
22
40
31
19
22
10
0
9
8
20
28
20
17
30
18
12
10
0
6
15
A
A
I
H
I
I
H
H
I
−
K
K
To A I H K Line
New estimated
delay from J
A
B
C
D
E
F
G
H
I
J
K
L
JA JI JH JK
delay delaydelaydelay
is is is is
8 10 12 6
New
routing
table
for J
Vectors received from
J’s four neighbors
(b)
Figure 5-9. (a) A network. (b) Input from A, I, H, K, and the new routing table for J.
Consider how J computes its new route to router G. It knows that it can get to
A in 8 msec, and furthermore A claims to be able to get to G in 18 msec, so J
knows it can count on a delay of 26 msec to G if it forwards packets bound for G

372 THE NETWORK LAYER CHAP. 5
to A. Similarly, it computes the delay to G via I, H, and K as 41 (31 + 10), 18
(6 + 12), and 37 (31 + 6) msec, respectively. The best of these values is 18, so it
makes an entry in its routing table that the delay to G is 18 msec and that the route
to use is via H. The same calculation is performed for all the other destinations,
with the new routing table shown in the last column of the figure.
The Count-to-Infinity Problem
The settling of routes to best paths across the network is called convergence .
Distance vector routing is useful as a simple technique by which routers can col-
lectively compute shortest paths, but it has a serious drawback in practice: al-
though it converges to the correct answer, it may do so slowly. In particular, it
reacts rapidly to good news, but leisurely to bad news. Consider a router whose
best route to destination X is long. If, on the next exchange, neighbor A suddenly
reports a short delay to X, the router just switches over to using the line to A to
send traffic to X. In one vector exchange, the good news is processed.
To see how fast good news propagates, consider the five-node (linear) net-
work of Fig. 5-10, where the delay metric is the number of hops. Suppose A is
down initially and all the other routers know this. In other words, they have all
recorded the delay to A as infinity.
A B C D E
• • • •
• • •
• •
•
4
1
1
1
1
2
2
2
3
3
Initially
After 1 exchange
After 2 exchanges
After 3 exchanges
After 4 exchanges
A B C D E
1 2 3 4
• • • •
2 3 4
3 4
4
6
3
3
5
5
4
4
6
5
5
67 6 7
87 8 7
Initially
After 1 exchange
After 2 exchanges
After 3 exchanges
After 4 exchanges
After 5 exchanges
After 6 exchanges
…
(a) (b)
Figure 5-10. The count-to-infinity problem.
When A comes up, the other routers learn about it via the vector exchanges.
For simplicity, we will assume that there is a gigantic gong somewhere that is
struck periodically to initiate a vector exchange at all routers simultaneously. At
the time of the first exchange, B learns that its left-hand neighbor has zero delay
to A. B now makes an entry in its routing table indicating that A is one hop away
to the left. All the other routers still think that A is down. At this point, the rout-
ing table entries for A are as shown in the second row of Fig. 5-10(a). On the next

SEC. 5.2 ROUTING ALGORITHMS 373
exchange, C learns that B has a path of length 1 to A, so it updates its routing table
to indicate a path of length 2, but D and E do not hear the good news until later.
Clearly, the good news is spreading at the rate of one hop per exchange. In a net-
work whose longest path is of length N hops, within N exchanges everyone will
know about newly revived links and routers.
Now let us consider the situation of Fig. 5-10(b), in which all the links and
routers are initially up. Routers B, C, D, and E have distances to A of 1, 2, 3, and
4 hops, respectively. Suddenly, either A goes down or the link between A and B is
cut (which is effectively the same thing from B’s point of view).
At the first packet exchange, B does not hear anything from A. Fortunately, C
says ‘‘Do not worry; I have a path to A of length 2.’’ Little does B suspect that C’s
path runs through B itself. For all B knows, C might have ten links all with sepa-
rate paths to A of length 2. As a result, B thinks it can reach A via C, with a path
length of 3. D and E do not update their entries for A on the first exchange.
On the second exchange, C notices that each of its neighbors claims to have a
path to A of length 3. It picks one of them at random and makes its new distance
to A 4, as shown in the third row of Fig. 5-10(b). Subsequent exchanges produce
the history shown in the rest of Fig. 5-10(b).
From this figure, it should be clear why bad news travels slowly: no router
ever has a value more than one higher than the minimum of all its neighbors.
Gradually, all routers work their way up to infinity, but the number of exchanges
required depends on the numerical value used for infinity. For this reason, it is
wise to set infinity to the longest path plus 1.
Not entirely surprisingly, this problem is known as the count-to-infinity prob-
lem. There have been many attempts to solve it, for example, preventing routers
from advertising their best paths back to the neighbors from which they heard
them with the split horizon with poisoned reverse rule discussed in RFC 1058.
However, none of these heuristics work well in practice despite the colorful
names. The core of the problem is that when X tells Y that it has a path some-
where, Y has no way of knowing whether it itself is on the path.
5.2.5 Link State Routing
Distance vector routing was used in the ARPANET until 1979, when it was
replaced by link state routing. The primary problem that caused its demise was
that the algorithm often took too long to converge after the network topology
changed (due to the count-to-infinity problem). Consequently, it was replaced by
an entirely new algorithm, now called link state routing. Variants of link state
routing called IS-IS and OSPF are the routing algorithms that are most widely
used inside large networks and the Internet today.
The idea behind link state routing is fairly simple and can be stated as five
parts. Each router must do the following things to make it work:

374 THE NETWORK LAYER CHAP. 5
1. Discover its neighbors and learn their network addresses.
2. Set the distance or cost metric to each of its neighbors.
3. Construct a packet telling all it has just learned.
4. Send this packet to and receive packets from all other routers.
5. Compute the shortest path to every other router.
In effect, the complete topology is distributed to every router. Then Dijkstra’s al-
gorithm can be run at each router to find the shortest path to every other router.
Below we will consider each of these five steps in more detail.
Learning about the Neighbors
When a router is booted, its first task is to learn who its neighbors are. It
accomplishes this goal by sending a special HELLO packet on each point-to-point
line. The router on the other end is expected to send back a reply giving its name.
These names must be globally unique because when a distant router later hears
that three routers are all connected to F, it is essential that it can determine wheth-
er all three mean the same F.
When two or more routers are connected by a broadcast link (e.g., a switch,
ring, or classic Ethernet), the situation is slightly more complicated. Fig. 5-11(a)
illustrates a broadcast LAN to which three routers, A, C, and F, are directly con-
nected. Each of these routers is connected to one or more additional routers, as
shown.
Router
A
B
C
D E
C
D E
H
I
F
G G H
IF
N
A
B
LAN
(a) (b)
Figure 5-11. (a) Nine routers and a broadcast LAN. (b) A graph model of (a).
The broadcast LAN provides connectivity between each pair of attached rout-
ers. However, modeling the LAN as many point-to-point links increases the size

SEC. 5.2 ROUTING ALGORITHMS 375
of the topology and leads to wasteful messages. A better way to model the LAN
is to consider it as a node itself, as shown in Fig. 5-11(b). Here, we have intro-
duced a new, artificial node, N, to which A, C, and F are connected. One desig-
nated router on the LAN is selected to play the role of N in the routing protocol.
The fact that it is possible to go from A to C on the LAN is represented by the
path ANC here.
Setting Link Costs
The link state routing algorithm requires each link to have a distance or cost
metric for finding shortest paths. The cost to reach neighbors can be set automat-
ically, or configured by the network operator. A common choice is to make the
cost inversely proportional to the bandwidth of the link. For example, 1-Gbps
Ethernet may have a cost of 1 and 100-Mbps Ethernet a cost of 10. This makes
higher-capacity paths better choices.
If the network is geographically spread out, the delay of the links may be fac-
tored into the cost so that paths over shorter links are better choices. The most
direct way to determine this delay is to send over the line a special ECHO packet
that the other side is required to send back immediately. By measuring the
round-trip time and dividing it by two, the sending router can get a reasonable
estimate of the delay.
Building Link State Packets
Once the information needed for the exchange has been collected, the next
step is for each router to build a packet containing all the data. The packet starts
with the identity of the sender, followed by a sequence number and age (to be de-
scribed later) and a list of neighbors. The cost to each neighbor is also given. An
example network is presented in Fig. 5-12(a) with costs shown as labels on the
lines. The corresponding link state packets for all six routers are shown in Fig. 5-
12(b).
B C
E F
A D
61
2
8
5 7
4 3
(a)
A
Seq.
Age
B C D E F
B 4
E 5
Seq.
Age
A 4
C 2
Seq.
Age
B 2
D 3
Seq.
Age
C 3
F 7
Seq.
Age
A 5
C 1
Seq.
Age
B 6
D 7
F 6 E 1 F 8 E 8
Link State Packets
(b)
Figure 5-12. (a) A network. (b) The link state packets for this network.

376 THE NETWORK LAYER CHAP. 5
Building the link state packets is easy. The hard part is determining when to
build them. One possibility is to build them periodically, that is, at regular inter-
vals. Another possibility is to build them when some significant event occurs,
such as a line or neighbor going down or coming back up again or changing its
properties appreciably.
Distributing the Link State Packets
The trickiest part of the algorithm is distributing the link state packets. All of
the routers must get all of the link state packets quickly and reliably. If different
routers are using different versions of the topology, the routes they compute can
have inconsistencies such as loops, unreachable machines, and other problems.
First, we will describe the basic distribution algorithm. After that we will
give some refinements. The fundamental idea is to use flooding to distribute the
link state packets to all routers. To keep the flood in check, each packet contains
a sequence number that is incremented for each new packet sent. Routers keep
track of all the (source router, sequence) pairs they see. When a new link state
packet comes in, it is checked against the list of packets already seen. If it is new,
it is forwarded on all lines except the one it arrived on. If it is a duplicate, it is
discarded. If a packet with a sequence number lower than the highest one seen so
far ever arrives, it is rejected as being obsolete as the router has more recent data.
This algorithm has a few problems, but they are manageable. First, if the se-
quence numbers wrap around, confusion will reign. The solution here is to use a
32-bit sequence number. With one link state packet per second, it would take 137
years to wrap around, so this possibility can be ignored.
Second, if a router ever crashes, it will lose track of its sequence number. If it
starts again at 0, the next packet it sends will be rejected as a duplicate.
Third, if a sequence number is ever corrupted and 65,540 is received instead
of 4 (a 1-bit error), packets 5 through 65,540 will be rejected as obsolete, since the
current sequence number will be thought to be 65,540.
The solution to all these problems is to include the age of each packet after
the sequence number and decrement it once per second. When the age hits zero,
the information from that router is discarded. Normally, a new packet comes in,
say, every 10 sec, so router information only times out when a router is down (or
six consecutive packets have been lost, an unlikely event). The Age field is also
decremented by each router during the initial flooding process, to make sure no
packet can get lost and live for an indefinite period of time (a packet whose age is
zero is discarded).
Some refinements to this algorithm make it more robust. When a link state
packet comes in to a router for flooding, it is not queued for transmission im-
mediately. Instead, it is put in a holding area to wait a short while in case more
links are coming up or going down. If another link state packet from the same
source comes in before the first packet is transmitted, their sequence numbers are

SEC. 5.2 ROUTING ALGORITHMS 377
compared. If they are equal, the duplicate is discarded. If they are different, the
older one is thrown out. To guard against errors on the links, all link state packets
are acknowledged.
The data structure used by router B for the network shown in Fig. 5-12(a) is
depicted in Fig. 5-13. Each row here corresponds to a recently arrived, but as yet
not fully processed, link state packet. The table records where the packet ori-
ginated, its sequence number and age, and the data. In addition, there are send
and acknowledgement flags for each of B’s three links (to A, C, and F, re-
spectively). The send flags mean that the packet must be sent on the indicated
link. The acknowledgement flags mean that it must be acknowledged there.
D 21 59 1 0 0 0 1 1
C 20 60 1 0 1 0 1 0
E 21 59 0 1 0 1 0 1
F 21 60 1 1 0 0 0 1
A 21 60 0 1 1 1 0 0
Source Seq. Age A C F A C F Data
Send flags ACK flags
Figure 5-13. The packet buffer for router B in Fig. 5-12(a).
In Fig. 5-13, the link state packet from A arrives directly, so it must be sent to
C and F and acknowledged to A, as indicated by the flag bits. Similarly, the pack-
et from F has to be forwarded to A and C and acknowledged to F.
However, the situation with the third packet, from E, is different. It arrives
twice, once via EAB and once via EFB. Consequently, it has to be sent only to C
but must be acknowledged to both A and F, as indicated by the bits.
If a duplicate arrives while the original is still in the buffer, bits have to be
changed. For example, if a copy of C’s state arrives from F before the fourth
entry in the table has been forwarded, the six bits will be changed to 100011 to in-
dicate that the packet must be acknowledged to F but not sent there.
Computing the New Routes
Once a router has accumulated a full set of link state packets, it can construct
the entire network graph because every link is represented. Every link is, in fact,
represented twice, once for each direction. The different directions may even
have different costs. The shortest-path computations may then find different paths
from router A to B than from router B to A.
Now Dijkstra’s algorithm can be run locally to construct the shortest paths to
all possible destinations. The results of this algorithm tell the router which link to

378 THE NETWORK LAYER CHAP. 5
use to reach each destination. This information is installed in the routing tables,
and normal operation is resumed.
Compared to distance vector routing, link state routing requires more memory
and computation. For a network with n routers, each of which has k neighbors,
the memory required to store the input data is proportional to kn, which is at least
as large as a routing table listing all the destinations. Also, the computation time
grows faster than kn, even with the most efficient data structures, an issue in large
networks. Nevertheless, in many practical situations, link state routing works
well because it does not suffer from slow convergence problems.
Link state routing is widely used in actual networks, so a few words about
some example protocols are in order. Many ISPs use the IS-IS (Intermediate
System-Intermediate System) link state protocol (Oran, 1990). It was designed
for an early network called DECnet, later adopted by ISO for use with the OSI
protocols and then modified to handle other protocols as well, most notably, IP.
OSPF (Open Shortest Path First) is the other main link state protocol. It was
designed by IETF several years after IS-IS and adopted many of the innovations
designed for IS-IS. These innovations include a self-stabilizing method of flood-
ing link state updates, the concept of a designated router on a LAN, and the meth-
od of computing and supporting path splitting and multiple metrics. As a conse-
quence, there is very little difference between IS-IS and OSPF. The most impor-
tant difference is that IS-IS can carry information about multiple network layer
protocols at the same time (e.g., IP, IPX, and AppleTalk). OSPF does not have
this feature, and it is an advantage in large multiprotocol environments. We will
go over OSPF in Sec. 5.6.6.
A general comment on routing algorithms is also in order. Link state, dis-
tance vector, and other algorithms rely on processing at all the routers to compute
routes. Problems with the hardware or software at even a small number of routers
can wreak havoc across the network. For example, if a router claims to have a
link it does not have or forgets a link it does have, the network graph will be
incorrect. If a router fails to forward packets or corrupts them while forwarding
them, the route will not work as expected. Finally, if it runs out of memory or
does the routing calculation wrong, bad things will happen. As the network grows
into the range of tens or hundreds of thousands of nodes, the probability of some
router failing occasionally becomes nonnegligible. The trick is to try to arrange to
limit the damage when the inevitable happens. Perlman (1988) discusses these
problems and their possible solutions in detail.
5.2.6 Hierarchical Routing
As networks grow in size, the router routing tables grow proportionally. Not
only is router memory consumed by ever-increasing tables, but more CPU time is
needed to scan them and more bandwidth is needed to send status reports about
them. At a certain point, the network may grow to the point where it is no longer

SEC. 5.2 ROUTING ALGORITHMS 379
feasible for every router to have an entry for every other router, so the routing will
have to be done hierarchically, as it is in the telephone network.
When hierarchical routing is used, the routers are divided into what we will
call regions. Each router knows all the details about how to route packets to dest-
inations within its own region but knows nothing about the internal structure of
other regions. When different networks are interconnected, it is natural to regard
each one as a separate region to free the routers in one network from having to
know the topological structure of the other ones.
For huge networks, a two-level hierarchy may be insufficient; it may be nec-
essary to group the regions into clusters, the clusters into zones, the zones into
groups, and so on, until we run out of names for aggregations. As an example of a
multilevel hierarchy, consider how a packet might be routed from Berkeley, Cali-
fornia, to Malindi, Kenya. The Berkeley router would know the detailed topology
within California but would send all out-of-state traffic to the Los Angeles router.
The Los Angeles router would be able to route traffic directly to other domestic
routers but would send all foreign traffic to New York. The New York router
would be programmed to direct all traffic to the router in the destination country
responsible for handling foreign traffic, say, in Nairobi. Finally, the packet would
work its way down the tree in Kenya until it got to Malindi.
Figure 5-14 gives a quantitative example of routing in a two-level hierarchy
with five regions. The full routing table for router 1A has 17 entries, as shown in
Fig. 5-14(b). When routing is done hierarchically, as in Fig. 5-14(c), there are en-
tries for all the local routers, as before, but all other regions are condensed into a
single router, so all traffic for region 2 goes via the 1B-2A line, but the rest of the
remote traffic goes via the 1C-3B line. Hierarchical routing has reduced the table
from 17 to 7 entries. As the ratio of the number of regions to the number of rout-
ers per region grows, the savings in table space increase.
Unfortunately, these gains in space are not free. There is a penalty to be paid:
increased path length. For example, the best route from 1A to 5C is via region 2,
but with hierarchical routing all traffic to region 5 goes via region 3, because that
is better for most destinations in region 5.
When a single network becomes very large, an interesting question is ‘‘how
many levels should the hierarchy have?’’ For example, consider a network with
720 routers. If there is no hierarchy, each router needs 720 routing table entries.
If the network is partitioned into 24 regions of 30 routers each, each router needs
30 local entries plus 23 remote entries for a total of 53 entries. If a three-level
hierarchy is chosen, with 8 clusters each containing 9 regions of 10 routers, each
router needs 10 entries for local routers, 8 entries for routing to other regions
within its own cluster, and 7 entries for distant clusters, for a total of 25 entries.
Kamoun and Kleinrock (1979) discovered that the optimal number of levels for an
N router network is ln N, requiring a total of e ln N entries per router. They have
also shown that the increase in effective mean path length caused by hierarchical
routing is sufficiently small that it is usually acceptable.

380 THE NETWORK LAYER CHAP. 5
Region 1 Region 2
Region 3 Region 5Region 4
1B
1A
1C
2A 2B
2C
5B 5C
5A
5E
5D
2D
4A
4B 4C
3A
3B
1B 1
1C 1
1B 2
1B 3
1B 3
1B 4
1C 3
1C 2
1C 3
1C 4
1C 4
1C 4
1C 5
1B 5
1C 6
1C 5
– –1A
1C
2A
2B
2C
2D
3A
3B
4A
4B
4C
5A
5B
5C
5D
5E
1B
Line HopsDest.
Full table for 1A
1A
1C
2
3
4
5
1B
Line HopsDest.
Hierarchical table for 1A
1B 1
1C 1
1B 2
1C 2
1C 3
1C 4
– –
(a) (b) (c)
Figure 5-14. Hierarchical routing.
5.2.7 Broadcast Routing
In some applications, hosts need to send messages to many or all other hosts.
For example, a service distributing weather reports, stock market updates, or live
radio programs might work best by sending to all machines and letting those that
are interested read the data. Sending a packet to all destinations simultaneously is
called broadcasting. Various methods have been proposed for doing it.
One broadcasting method that requires no special features from the network is
for the source to simply send a distinct packet to each destination. Not only is the
method wasteful of bandwidth and slow, but it also requires the source to have a
complete list of all destinations. This method is not desirable in practice, even
though it is widely applicable.
An improvement is multidestination routing, in which each packet contains
either a list of destinations or a bit map indicating the desired destinations. When
a packet arrives at a router, the router checks all the destinations to determine the
set of output lines that will be needed. (An output line is needed if it is the best
route to at least one of the destinations.) The router generates a new copy of the
packet for each output line to be used and includes in each packet only those dest-
inations that are to use the line. In effect, the destination set is partitioned among

SEC. 5.2 ROUTING ALGORITHMS 381
the output lines. After a sufficient number of hops, each packet will carry only
one destination like a normal packet. Multidestination routing is like using sepa-
rately addressed packets, except that when several packets must follow the same
route, one of them pays full fare and the rest ride free. The network bandwidth is
therefore used more efficiently. However, this scheme still requires the source to
know all the destinations, plus it is as much work for a router to determine where
to send one multidestination packet as it is for multiple distinct packets.
We have already seen a better broadcast routing technique: flooding. When
implemented with a sequence number per source, flooding uses links efficiently
with a decision rule at routers that is relatively simple. Although flooding is ill-
suited for ordinary point-to-point communication, it rates serious consideration for
broadcasting. However, it turns out that we can do better still once the shortest
path routes for regular packets have been computed.
The idea for reverse path forwarding is elegant and remarkably simple once
it has been pointed out (Dalal and Metcalfe, 1978). When a broadcast packet ar-
rives at a router, the router checks to see if the packet arrived on the link that is
normally used for sending packets toward the source of the broadcast. If so, there
is an excellent chance that the broadcast packet itself followed the best route from
the router and is therefore the first copy to arrive at the router. This being the
case, the router forwards copies of it onto all links except the one it arrived on. If,
however, the broadcast packet arrived on a link other than the preferred one for
reaching the source, the packet is discarded as a likely duplicate.
I
F H J N
A D GKE O M O
GC D N
BH L
L B
A
E
H
B C
D
F
J
G
O
M
K
L
N
I
(a)
A
B C
D
G
J
O
F
I
E
H
K
L
M
N
(b) (c)
KE
H
Figure 5-15. Reverse path forwarding. (a) A network. (b) A sink tree. (c) The
tree built by reverse path forwarding.
An example of reverse path forwarding is shown in Fig. 5-15. Part (a) shows
a network, part (b) shows a sink tree for router I of that network, and part (c)
shows how the reverse path algorithm works. On the first hop, I sends packets to
F, H, J, and N, as indicated by the second row of the tree. Each of these packets
arrives on the preferred path to I (assuming that the preferred path falls along the
sink tree) and is so indicated by a circle around the letter. On the second hop,

382 THE NETWORK LAYER CHAP. 5
eight packets are generated, two by each of the routers that received a packet on
the first hop. As it turns out, all eight of these arrive at previously unvisited rout-
ers, and five of these arrive along the preferred line. Of the six packets generated
on the third hop, only three arrive on the preferred path (at C, E, and K); the oth-
ers are duplicates. After five hops and 24 packets, the broadcasting terminates,
compared with four hops and 14 packets had the sink tree been followed exactly.
The principal advantage of reverse path forwarding is that it is efficient while
being easy to implement. It sends the broadcast packet over each link only once
in each direction, just as in flooding, yet it requires only that routers know how to
reach all destinations, without needing to remember sequence numbers (or use
other mechanisms to stop the flood) or list all destinations in the packet.
Our last broadcast algorithm improves on the behavior of reverse path for-
warding. It makes explicit use of the sink tree—or any other convenient spanning
tree—for the router initiating the broadcast. A spanning tree is a subset of the
network that includes all the routers but contains no loops. Sink trees are spanning
trees. If each router knows which of its lines belong to the spanning tree, it can
copy an incoming broadcast packet onto all the spanning tree lines except the one
it arrived on. This method makes excellent use of bandwidth, generating the
absolute minimum number of packets necessary to do the job. In Fig. 5-15, for
example, when the sink tree of part (b) is used as the spanning tree, the broadcast
packet is sent with the minimum 14 packets. The only problem is that each router
must have knowledge of some spanning tree for the method to be applicable.
Sometimes this information is available (e.g., with link state routing, all routers
know the complete topology, so they can compute a spanning tree) but sometimes
it is not (e.g., with distance vector routing).
5.2.8 Multicast Routing
Some applications, such as a multiplayer game or live video of a sports event
streamed to many viewing locations, send packets to multiple receivers. Unless
the group is very small, sending a distinct packet to each receiver is expensive.
On the other hand, broadcasting a packet is wasteful if the group consists of, say,
1000 machines on a million-node network, so that most receivers are not inter-
ested in the message (or worse yet, they are definitely interested but are not sup-
posed to see it). Thus, we need a way to send messages to well-defined groups
that are numerically large in size but small compared to the network as a whole.
Sending a message to such a group is called multicasting, and the routing al-
gorithm used is called multicast routing. All multicasting schemes require some
way to create and destroy groups and to identify which routers are members of a
group. How these tasks are accomplished is not of concern to the routing algo-
rithm. For now, we will assume that each group is identified by a multicast ad-
dress and that routers know the groups to which they belong. We will revisit
group membership when we describe the network layer of the Internet in Sec. 5.6.

SEC. 5.2 ROUTING ALGORITHMS 383
Multicast routing schemes build on the broadcast routing schemes we have al-
ready studied, sending packets along spanning trees to deliver the packets to the
members of the group while making efficient use of bandwidth. However, the
best spanning tree to use depends on whether the group is dense, with receivers
scattered over most of the network, or sparse, with much of the network not be-
longing to the group. In this section we will consider both cases.
If the group is dense, broadcast is a good start because it efficiently gets the
packet to all parts of the network. But broadcast will reach some routers that are
not members of the group, which is wasteful. The solution explored by Deering
and Cheriton (1990) is to prune the broadcast spanning tree by removing links that
do not lead to members. The result is an efficient multicast spanning tree.
As an example, consider the two groups, 1 and 2, in the network shown in
Fig. 5-16(a). Some routers are attached to hosts that belong to one or both of
these groups, as indicated in the figure. A spanning tree for the leftmost router is
shown in Fig. 5-16(b). This tree can be used for broadcast but is overkill for mu-
lticast, as can be seen from the two pruned versions that are shown next. In
Fig. 5-16(c), all the links that do not lead to hosts that are members of group 1
have been removed. The result is the multicast spanning tree for the leftmost
router to send to group 1. Packets are forwarded only along this spanning tree,
which is more efficient than the broadcast tree because there are 7 links instead of
10. Fig. 5-16(d) shows the multicast spanning tree after pruning for group 2. It is
efficient too, with only five links this time. It also shows that different multicast
groups have different spanning trees.
Various ways of pruning the spanning tree are possible. The simplest one can
be used if link state routing is used and each router is aware of the complete topo-
logy, including which hosts belong to which groups. Each router can then con-
struct its own pruned spanning tree for each sender to the group in question by
constructing a sink tree for the sender as usual and then removing all links that do
not connect group members to the sink node. MOSPF (Multicast OSPF) is an
example of a link state protocol that works in this way (Moy, 1994).
With distance vector routing, a different pruning strategy can be followed.
The basic algorithm is reverse path forwarding. However, whenever a router with
no hosts interested in a particular group and no connections to other routers re-
ceives a multicast message for that group, it responds with a PRUNE message, tel-
ling the neighbor that sent the message not to send it any more multicasts from the
sender for that group. When a router with no group members among its own hosts
has received such messages on all the lines to which it sends the multicast, it, too,
can respond with a PRUNE message. In this way, the spanning tree is recursively
pruned. DVMRP (Distance Vector Multicast Routing Protocol) is an example
of a multicast routing protocol that works this way (Waitzman et al., 1988).
Pruning results in efficient spanning trees that use only the links that are actu-
ally needed to reach members of the group. One potential disadvantage is that it
is lots of work for routers, especially for large networks. Suppose that a network

384 THE NETWORK LAYER CHAP. 5
1, 2
1
1, 2
2 1 12
2
1
2
1, 2
1, 2
2 2
1
1
1
1
1
1
1
2
2
2
2 2
(a) (b)
(c) (d)
Figure 5-16. (a) A network. (b) A spanning tree for the leftmost router. (c) A
multicast tree for group 1. (d) A multicast tree for group 2.
has n groups, each with an average of m nodes. At each router and for each
group, m pruned spanning trees must be stored, for a total of mn trees. For exam-
ple, Fig. 5-16(c) gives the spanning tree for the leftmost router to send to group 1.
The spanning tree for the rightmost router to send to group 1 (not shown) will
look quite different, as packets will head directly for group members rather than
via the left side of the graph. This in turn means that routers must forward pack-
ets destined to group 1 in different directions depending on which node is sending
to the group. When many large groups with many senders exist, considerable
storage is needed to store all the trees.
An alternative design uses core-based trees to compute a single spanning tree
for the group (Ballardie et al., 1993). All of the routers agree on a root (called the
core or rendezvous point) and build the tree by sending a packet from each
member to the root. The tree is the union of the paths traced by these packets.
Fig. 5-17(a) shows a core-based tree for group 1. To send to this group, a sender
sends a packet to the core. When the packet reaches the core, it is forwarded down
the tree. This is shown in Fig. 5-17(b) for the sender on the righthand side of the
network. As a performance optimization, packets destined for the group do not
need to reach the core before they are multicast. As soon as a packet reaches the

SEC. 5.2 ROUTING ALGORITHMS 385
tree, it can be forwarded up toward the root, as well as down all the other
branches. This is the case for the sender at the top of Fig. 5-17(b).
1
1
1
1
1
1
1
1
1
1
Core
Core
Sender
Sender
(a) (b)
Figure 5-17. (a) Core-based tree for group 1. (b) Sending to group 1.
Having a shared tree is not optimal for all sources. For example, in Fig. 5-
17(b), the packet from the sender on the righthand side reaches the top-right group
member via the core in three hops, instead of directly. The inefficiency depends
on where the core and senders are located, but often it is reasonable when the core
is in the middle of the senders. When there is only a single sender, as in a video
that is streamed to a group, using the sender as the core is optimal.
Also of note is that shared trees can be a major savings in storage costs, mes-
sages sent, and computation. Each router has to keep only one tree per group, in-
stead of m trees. Further, routers that are not part of the tree do no work at all to
support the group. For this reason, shared tree approaches like core-based trees
are used for multicasting to sparse groups in the Internet as part of popular proto-
cols such as PIM (Protocol Independent Multicast) (Fenner et al., 2006).
5.2.9 Anycast Routing
So far, we have covered delivery models in which a source sends to a single
destination (called unicast), to all destinations (called broadcast), and to a group
of destinations (called multicast). Another delivery model, called anycast is
sometimes also useful. In anycast, a packet is delivered to the nearest member of
a group (Partridge et al., 1993). Schemes that find these paths are called anycast
routing.
Why would we want anycast? Sometimes nodes provide a service, such as
time of day or content distribution for which it is getting the right information all
that matters, not the node that is contacted; any node will do. For example, any-
cast is used in the Internet as part of DNS, as we will see in Chap. 7.
Luckily, we will not have to devise new routing schemes for anycast because
regular distance vector and link state routing can produce anycast routes. Suppose

386 THE NETWORK LAYER CHAP. 5
we want to anycast to the members of group 1. They will all be given the address
‘‘1,’’ instead of different addresses. Distance vector routing will distribute vectors
as usual, and nodes will choose the shortest path to destination 1. This will result
in nodes sending to the nearest instance of destination 1. The routes are shown in
Fig. 5-18(a). This procedure works because the routing protocol does not realize
that there are multiple instances of destination 1. That is, it believes that all the
instances of node 1 are the same node, as in the topology shown in Fig. 5-18(b).
1
1
1
1
1
1
(a) (b)
Figure 5-18. (a) Anycast routes to group 1. (b) Topology seen by the routing protocol.
This procedure works for link state routing as well, although there is the
added consideration that the routing protocol must not find seemingly short paths
that pass through node 1. This would result in jumps through hyperspace, since
the instances of node 1 are really nodes located in different parts of the network.
However, link state protocols already make this distinction between routers and
hosts. We glossed over this fact earlier because it was not needed for our dis-
cussion.
5.2.10 Routing for Mobile Hosts
Millions of people use computers while on the go, from truly mobile situa-
tions with wireless devices in moving cars, to nomadic situations in which laptop
computers are used in a series of different locations. We will use the term mobile
hosts to mean either category, as distinct from stationary hosts that never move.
Increasingly, people want to stay connected wherever in the world they may be, as
easily as if they were at home. These mobile hosts introduce a new complication:
to route a packet to a mobile host, the network first has to find it.
The model of the world that we will consider is one in which all hosts are as-
sumed to have a permanent home location that never changes. Each hosts also
has a permanent home address that can be used to determine its home location,
analogous to the way the telephone number 1-212-5551212 indicates the United
States (country code 1) and Manhattan (212). The routing goal in systems with

SEC. 5.2 ROUTING ALGORITHMS 387
mobile hosts is to make it possible to send packets to mobile hosts using their
fixed home addresses and have the packets efficiently reach them wherever they
may be. The trick, of course, is to find them.
Some discussion of this model is in order. A different model would be to
recompute routes as the mobile host moves and the topology changes. We could
then simply use the routing schemes described earlier in this section. However,
with a growing number of mobile hosts, this model would soon lead to the entire
network endlessly computing new routes. Using the home addresses greatly re-
duces this burden.
Another alternative would be to provide mobility above the network layer,
which is what typically happens with laptops today. When they are moved to new
Internet locations, laptops acquire new network addresses. There is no association
between the old and new addresses; the network does not know that they belonged
to the same laptop. In this model, a laptop can be used to browse the Web, but
other hosts cannot send packets to it (for example, for an incoming call), without
building a higher layer location service, for example, signing into Skype again
after moving. Moreover, connections cannot be maintained while the host is mov-
ing; new connections must be started up instead. Network-layer mobility is useful
to fix these problems.
The basic idea used for mobile routing in the Internet and cellular networks is
for the mobile host to tell a host at the home location where it is now. This host,
which acts on behalf of the mobile host, is called the home agent. Once it knows
where the mobile host is currently located, it can forward packets so that they are
delivered.
Fig. 5-19 shows mobile routing in action. A sender in the northwest city of
Seattle wants to send a packet to a host normally located across the United States
in New York. The case of interest to us is when the mobile host is not at home.
Instead, it is temporarily in San Diego.
The mobile host in San Diego must acquire a local network address before it
can use the network. This happens in the normal way that hosts obtain network
addresses; we will cover how this works for the Internet later in this chapter. The
local address is called a care of address. Once the mobile host has this address,
it can tell its home agent where it is now. It does this by sending a registration
message to the home agent (step 1) with the care of address. The message is
shown with a dashed line in Fig. 5-19 to indicate that it is a control message, not a
data message.
Next, the sender sends a data packet to the mobile host using its permanent
address (step 2). This packet is routed by the network to the host’s home location
because that is where the home address belongs. In New York, the home agent
intercepts this packet because the mobile host is away from home. It then wraps
or encapsulates the packet with a new header and sends this bundle to the care of
address (step 3). This mechanism is called tunneling. It is very important in the
Internet so we will look at it in more detail later.

388 THE NETWORK LAYER CHAP. 5
Mobile host at
care of address
3: Tunn
el to ca
re of ad
dress
1: Regi
ster car
e of add
ress
2: Send to home address
Home agent at
home address
Sender
4: Reply
to sender5: Tunnel
to care of
address
Figure 5-19. Packet routing for mobile hosts.
When the encapsulated packet arrives at the care of address, the mobile host
unwraps it and retrieves the packet from the sender. The mobile host then sends
its reply packet directly to the sender (step 4). The overall route is called triangle
routing because it may be circuitous if the remote location is far from the home
location. As part of step 4, the sender may learn the current care of address. Sub-
sequent packets can be routed directly to the mobile host by tunneling them to the
care of address (step 5), bypassing the home location entirely. If connectivity is
lost for any reason as the mobile moves, the home address can always be used to
reach the mobile.
An important aspect that we have omitted from this description is security. In
general, when a host or router gets a message of the form ‘‘Starting right now,
please send all of Stephany’s mail to me,’’ it might have a couple of questions
about whom it is talking to and whether this is a good idea. Security information
is included in the messages so that their validity can be checked with crypto-
graphic protocols that we will study in Chap. 8.
There are many variations on mobile routing. The scheme above is modeled
on IPv6 mobility, the form of mobility used in the Internet (Johnson et al., 2004)
and as part of IP-based cellular networks such as UMTS. We showed the sender
to be a stationary node for simplicity, but the designs let both nodes be mobile
hosts. Alternatively, the host may be part of a mobile network, for example a
computer in a plane. Extensions of the basic scheme support mobile networks
with no work on the part of the hosts (Devarapalli et al., 2005).
Some schemes make use of a foreign (i.e., remote) agent, similar to the home
agent but at the foreign location, or analogous to the VLR (Visitor Location Reg-
ister) in cellular networks. However, in more recent schemes, the foreign agent is
not needed; mobile hosts act as their own foreign agents. In either case, know-
ledge of the temporary location of the mobile host is limited to a small number of

SEC. 5.2 ROUTING ALGORITHMS 389
hosts (e.g., the mobile, home agent, and senders) so that the many routers in a
large network do not need to recompute routes.
For more information about mobile routing, see also Perkins (1998, 2002) and
Snoeren and Balakrishnan (2000).
5.2.11 Routing in Ad Hoc Networks
We have now seen how to do routing when the hosts are mobile but the rout-
ers are fixed. An even more extreme case is one in which the routers themselves
are mobile. Among the possibilities are emergency workers at an earthquake site,
military vehicles on a battlefield, a fleet of ships at sea, or a gathering of people
with laptop computers in an area lacking 802.11.
In all these cases, and others, each node communicates wirelessly and acts as
both a host and a router. Networks of nodes that just happen to be near each other
are called ad hoc networks or MANETs (Mobile Ad hoc NETworks). Let us
now examine them briefly. More information can be found in Perkins (2001).
What makes ad hoc networks different from wired networks is that the topo-
logy is suddenly tossed out the window. Nodes can come and go or appear in new
places at the drop of a bit. With a wired network, if a router has a valid path to
some destination, that path continues to be valid barring failures, which are hope-
fully rare. With an ad hoc network, the topology may be changing all the time, so
the desirability and even the validity of paths can change spontaneously without
warning. Needless to say, these circumstances make routing in ad hoc networks
more challenging than routing in their fixed counterparts.
Many, many routing algorithms for ad hoc networks have been proposed.
However, since ad hoc networks have been little used in practice compared to
mobile networks, it is unclear which of these protocols are most useful. As an ex-
ample, we will look at one of the most popular routing algorithms, AODV (Ad
hoc On-demand Distance Vector) (Perkins and Royer, 1999). It is a relative of
the distance vector algorithm that has been adapted to work in a mobile environ-
ment, in which nodes often have limited bandwidth and battery lifetimes. Let us
now see how it discovers and maintains routes.
Route Discovery
In AODV, routes to a destination are discovered on demand, that is, only
when a somebody wants to send a packet to that destination. This saves much
work that would otherwise be wasted when the topology changes before the route
is used. At any instant, the topology of an ad hoc network can be described by a
graph of connected nodes. Two nodes are connected (i.e., have an arc between
them in the graph) if they can communicate directly using their radios. A basic
but adequate model that is sufficient for our purposes is that each node can com-
municate with all other nodes that lie within its coverage circle. Real networks are

390 THE NETWORK LAYER CHAP. 5
more complicated, with buildings, hills, and other obstacles that block communi-
cation, and nodes for which A is connected to B but B is not connected to A be-
cause A has a more powerful transmitter than B. However, for simplicity, we will
assume all connections are symmetric.
To describe the algorithm, consider the newly formed ad hoc network of
Fig. 5-20. Suppose that a process at node A wants to send a packet to node I. The
AODV algorithm maintains a distance vector table at each node, keyed by desti-
nation, giving information about that destination, including the neighbor to which
to send packets to reach the destination. First, A looks in its table and does not
find an entry for I. It now has to discover a route to I. This property of discover-
ing routes only when they are needed is what makes this algorithm ‘‘on demand.’’
A B C
Range of
A’s broadcast
A
D
B
C
E
F F
H I H I
G G
E E
D D
C CB B
A A
G
IH
F
D
E
G
IH
(a) (b) (c) (d)
F
Figure 5-20. (a) Range of A’s broadcast. (b) After B and D receive it. (c) After
C, F, and G receive it. (d) After E, H, and I receive it. The shaded nodes are
new recipients. The dashed lines show possible reverse routes. The solid lines
show the discovered route.
To locate I, A constructs a ROUTE REQUEST packet and broadcasts it using
flooding, as described in Sec. 5.2.3. The transmission from A reaches B and D, as
illustrated in Fig. 5-20(a). Each node rebroadcasts the request, which continues to
reach nodes F, G, and C in Fig. 5-20(c) and nodes H, E, and I in Fig. 5-20(d). A
sequence number set at the source is used to weed out duplicates during the flood.
For example, D discards the transmission from B in Fig. 5-20(c) because it has al-
ready forwarded the request.
Eventually, the request reaches node I, which constructs a ROUTE REPLY
packet. This packet is unicast to the sender along the reverse of the path followed
by the request. For this to work, each intermediate node must remember the node
that sent it the request. The arrows in Fig. 5-20(b)–(d) show the reverse route
information that is stored. Each intermediate node also increments a hop count as
it forwards the reply. This tells the nodes how far they are from the destination.
The replies tell each intermediate node which neighbor to use to reach the destina-
tion: it is the node that sent them the reply. Intermediate nodes G and D put the

SEC. 5.2 ROUTING ALGORITHMS 391
best route they hear into their routing tables as they process the reply. When the
reply reaches A, a new route, ADGI, has been created.
In a large network, the algorithm generates many broadcasts, even for destina-
tions that are close by. To reduce overhead, the scope of the broadcasts is limited
using the IP packet’s Time to live field. This field is initialized by the sender and
decremented on each hop. If it hits 0, the packet is discarded instead of being
broadcast. The route discovery process is then modified as follows. To locate a
destination, the sender broadcasts a ROUTE REQUEST packet with Time to live set
to 1. If no response comes back within a reasonable time, another one is sent, this
time with Time to live set to 2. Subsequent attempts use 3, 4, 5, etc. In this way,
the search is first attempted locally, then in increasingly wider rings.
Route Maintenance
Because nodes can move or be switched off, the topology can change spon-
taneously. For example, in Fig. 5-20, if G is switched off, A will not realize that
the route it was using to I (ADGI) is no longer valid. The algorithm needs to be
able to deal with this. Periodically, each node broadcasts a Hello message. Each
of its neighbors is expected to respond to it. If no response is forthcoming, the
broadcaster knows that that neighbor has moved out of range or failed and is no
longer connected to it. Similarly, if it tries to send a packet to a neighbor that
does not respond, it learns that the neighbor is no longer available.
This information is used to purge routes that no longer work. For each pos-
sible destination, each node, N, keeps track of its active neighbors that have fed it
a packet for that destination during the last ΔT seconds. When any of N’s neigh-
bors becomes unreachable, it checks its routing table to see which destinations
have routes using the now-gone neighbor. For each of these routes, the active
neighbors are informed that their route via N is now invalid and must be purged
from their routing tables. In our example, D purges its entries for G and I from its
routing table and notifies A, which purges its entry for I. In the general case, the
active neighbors tell their active neighbors, and so on, recursively, until all routes
depending on the now-gone node are purged from all routing tables.
At this stage, the invalid routes have been purged from the network, and send-
ers can find new, valid routes by using the discovery mechanism that we de-
scribed. However, there is a complication. Recall that distance vector protocols
can suffer from slow convergence or count-to-infinity problems after a topology
change in which they confuse old, invalid routes with new, valid routes.
To ensure rapid convergence, routes include a sequence number that is con-
trolled by the destination. The destination sequence number is like a logical
clock. The destination increments it every time that it sends a fresh ROUTE
REPLY. Senders ask for a fresh route by including in the ROUTE REQUEST the
destination sequence number of the last route they used, which will either be the
sequence number of the route that was just purged, or 0 as an initial value. The

392 THE NETWORK LAYER CHAP. 5
request will be broadcast until a route with a higher sequence number is found.
Intermediate nodes store the routes that have a higher sequence number, or the
fewest hops for the current sequence number.
In the spirit of an on demand protocol, intermediate nodes only store the
routes that are in use. Other route information learned during broadcasts is timed
out after a short delay. Discovering and storing only the routes that are used helps
to save bandwidth and battery life compared to a standard distance vector protocol
that periodically broadcasts updates.
So far, we have considered only a single route, from A to I. To further save
resources, route discovery and maintenance are shared when routes overlap. For
instance, if B also wants to send packets to I, it will perform route discovery.
However, in this case the request will first reach D, which already has a route to I.
Node D can then generate a reply to tell B the route without any additional work
being required.
There are many other ad hoc routing schemes. Another well-known on de-
mand scheme is DSR (Dynamic Source Routing) (Johnson et al., 2001). A dif-
ferent strategy based on geography is explored by GPSR (Greedy Perimeter State-
less Routing) (Karp and Kung, 2000). If all nodes know their geographic posi-
tions, forwarding to a destination can proceed without route computation by sim-
ply heading in the right direction and circling back to escape any dead ends.
Which protocols win out will depend on the kinds of ad hoc networks that prove
useful in practice.
5.3 CONGESTION CONTROL ALGORITHMS
Too many packets present in (a part of) the network causes packet delay and
loss that degrades performance. This situation is called congestion. The network
and transport layers share the responsibility for handling congestion. Since con-
gestion occurs within the network, it is the network layer that directly experiences
it and must ultimately determine what to do with the excess packets. However,
the most effective way to control congestion is to reduce the load that the tran-
sport layer is placing on the network. This requires the network and transport lay-
ers to work together. In this chapter we will look at the network aspects of con-
gestion. In Chap. 6, we will complete the topic by covering the transport aspects
of congestion.
Figure 5-21 depicts the onset of congestion. When the number of packets
hosts send into the network is well within its carrying capacity, the number deliv-
ered is proportional to the number sent. If twice as many are sent, twice as many
are delivered. However, as the offered load approaches the carrying capacity,
bursts of traffic occasionally fill up the buffers inside routers and some packets
are lost. These lost packets consume some of the capacity, so the number of de-
livered packets falls below the ideal curve. The network is now congested.

SEC. 5.3 CONGESTION CONTROL ALGORITHMS 393
Ideal
G
oo
dp
ut
(p
ac
ke
ts
/s
ec
)
Desirable
response
Capacity of
the network
Congestion
collapse
Offered load (packet/sec)
Onset of
congestion
Figure 5-21. With too much traffic, performance drops sharply.
Unless the network is well designed, it may experience a congestion collapse,
in which performance plummets as the offered load increases beyond the capaci-
ty. This can happen because packets can be sufficiently delayed inside the net-
work that they are no longer useful when they leave the network. For example, in
the early Internet, the time a packet spent waiting for a backlog of packets ahead
of it to be sent over a slow 56-kbps link could reach the maximum time it was al-
lowed to remain in the network. It then had to be thrown away. A different failure
mode occurs when senders retransmit packets that are greatly delayed, thinking
that they have been lost. In this case, copies of the same packet will be delivered
by the network, again wasting its capacity. To capture these factors, the y-axis of
Fig. 5-21 is given as goodput, which is the rate at which useful packets are deliv-
ered by the network.
We would like to design networks that avoid congestion where possible and
do not suffer from congestion collapse if they do become congested. Unfortunate-
ly, congestion cannot wholly be avoided. If all of a sudden, streams of packets
begin arriving on three or four input lines and all need the same output line, a
queue will build up. If there is insufficient memory to hold all of them, packets
will be lost. Adding more memory may help up to a point, but Nagle (1987) real-
ized that if routers have an infinite amount of memory, congestion gets worse, not
better. This is because by the time packets get to the front of the queue, they have
already timed out (repeatedly) and duplicates have been sent. This makes matters
worse, not better—it leads to congestion collapse.
Low-bandwidth links or routers that process packets more slowly than the line
rate can also become congested. In this case, the situation can be improved by
directing some of the traffic away from the bottleneck to other parts of the net-
work. Eventually, however, all regions of the network will be congested. In this
situation, there is no alternative but to shed load or build a faster network.
It is worth pointing out the difference between congestion control and flow
control, as the relationship is a very subtle one. Congestion control has to do with

394 THE NETWORK LAYER CHAP. 5
making sure the network is able to carry the offered traffic. It is a global issue, in-
volving the behavior of all the hosts and routers. Flow control, in contrast, relates
to the traffic between a particular sender and a particular receiver. Its job is to
make sure that a fast sender cannot continually transmit data faster than the re-
ceiver is able to absorb it.
To see the difference between these two concepts, consider a network made
up of 100-Gbps fiber optic links on which a supercomputer is trying to force feed
a large file to a personal computer that is capable of handling only 1 Gbps. Al-
though there is no congestion (the network itself is not in trouble), flow control is
needed to force the supercomputer to stop frequently to give the personal com-
puter a chance to breathe.
At the other extreme, consider a network with 1-Mbps lines and 1000 large
computers, half of which are trying to transfer files at 100 kbps to the other half.
Here, the problem is not that of fast senders overpowering slow receivers, but that
the total offered traffic exceeds what the network can handle.
The reason congestion control and flow control are often confused is that the
best way to handle both problems is to get the host to slow down. Thus, a host
can get a ‘‘slow down’’ message either because the receiver cannot handle the
load or because the network cannot handle it. We will come back to this point in
Chap. 6.
We will start our study of congestion control by looking at the approaches that
can be used at different time scales. Then we will look at approaches to pre-
venting congestion from occurring in the first place, followed by approaches for
coping with it once it has set in.
5.3.1 Approaches to Congestion Control
The presence of congestion means that the load is (temporarily) greater than
the resources (in a part of the network) can handle. Two solutions come to mind:
increase the resources or decrease the load. As shown in Fig. 5-22, these solu-
tions are usually applied on different time scales to either prevent congestion or
react to it once it has occurred.
Traffic-aware
routing
Network
provisioning
Traffic
throttling
Admission
control
Load
shedding
Slower
(Preventative)
Faster
(Reactive)
Figure 5-22. Timescales of approaches to congestion control.
The most basic way to avoid congestion is to build a network that is well
matched to the traffic that it carries. If there is a low-bandwidth link on the path
along which most traffic is directed, congestion is likely. Sometimes resources

SEC. 5.3 CONGESTION CONTROL ALGORITHMS 395
can be added dynamically when there is serious congestion, for example, turning
on spare routers or enabling lines that are normally used only as backups (to make
the system fault tolerant) or purchasing bandwidth on the open market. More
often, links and routers that are regularly heavily utilized are upgraded at the earli-
est opportunity. This is called provisioning and happens on a time scale of
months, driven by long-term traffic trends.
To make the most of the existing network capacity, routes can be tailored to
traffic patterns that change during the day as network users wake and sleep in dif-
ferent time zones. For example, routes may be changed to shift traffic away from
heavily used paths by changing the shortest path weights. Some local radio sta-
tions have helicopters flying around their cities to report on road congestion to
make it possible for their mobile listeners to route their packets (cars) around
hotspots. This is called traffic-aware routing. Splitting traffic across multiple
paths is also helpful.
However, sometimes it is not possible to increase capacity. The only way
then to beat back the congestion is to decrease the load. In a virtual-circuit net-
work, new connections can be refused if they would cause the network to become
congested. This is called admission control.
At a finer granularity, when congestion is imminent the network can deliver
feedback to the sources whose traffic flows are responsible for the problem. The
network can request these sources to throttle their traffic, or it can slow down the
traffic itself.
Two difficulties with this approach are how to identify the onset of conges-
tion, and how to inform the source that needs to slow down. To tackle the first
issue, routers can monitor the average load, queueing delay, or packet loss. In all
cases, rising numbers indicate growing congestion.
To tackle the second issue, routers must participate in a feedback loop with
the sources. For a scheme to work correctly, the time scale must be adjusted care-
fully. If every time two packets arrive in a row, a router yells STOP and every
time a router is idle for 20 μsec, it yells GO, the system will oscillate wildly and
never converge. On the other hand, if it waits 30 minutes to make sure before
saying anything, the congestion-control mechanism will react too sluggishly to be
of any use. Delivering timely feedback is a nontrivial matter. An added concern
is having routers send more messages when the network is already congested.
Finally, when all else fails, the network is forced to discard packets that it
cannot deliver. The general name for this is load shedding. A good policy for
choosing which packets to discard can help to prevent congestion collapse.
5.3.2 Traffic-Aware Routing
The first approach we will examine is traffic-aware routing. The routing
schemes we looked at in Sec 5.2 used fixed link weights. These schemes adapted
to changes in topology, but not to changes in load. The goal in taking load into

396 THE NETWORK LAYER CHAP. 5
account when computing routes is to shift traffic away from hotspots that will be
the first places in the network to experience congestion.
The most direct way to do this is to set the link weight to be a function of the
(fixed) link bandwidth and propagation delay plus the (variable) measured load or
average queuing delay. Least-weight paths will then favor paths that are more
lightly loaded, all else being equal.
Traffic-aware routing was used in the early Internet according to this model
(Khanna and Zinky, 1989). However, there is a peril. Consider the network of
Fig. 5-23, which is divided into two parts, East and West, connected by two links,
CF and EI. Suppose that most of the traffic between East and West is using link
CF, and, as a result, this link is heavily loaded with long delays. Including queue-
ing delay in the weight used for the shortest path calculation will make EI more
attractive. After the new routing tables have been installed, most of the East-West
traffic will now go over EI, loading this link. Consequently, in the next update,
CF will appear to be the shortest path. As a result, the routing tables may oscil-
late wildly, leading to erratic routing and many potential problems.
West East
B
A
D
E
C F
G
H
J
I
Figure 5-23. A network in which the East and West parts are connected by two links.
If load is ignored and only bandwidth and propagation delay are considered,
this problem does not occur. Attempts to include load but change weights within
a narrow range only slow down routing oscillations. Two techniques can contri-
bute to a successful solution. The first is multipath routing, in which there can be
multiple paths from a source to a destination. In our example this means that the
traffic can be spread across both of the East to West links. The second one is for
the routing scheme to shift traffic across routes slowly enough that it is able to
converge, as in the scheme of Gallagher (1977).
Given these difficulties, in the Internet routing protocols do not generally ad-
just their routes depending on the load. Instead, adjustments are made outside the
routing protocol by slowly changing its inputs. This is called traffic engineering.

SEC. 5.3 CONGESTION CONTROL ALGORITHMS 397
5.3.3 Admission Control
One technique that is widely used in virtual-circuit networks to keep conges-
tion at bay is admission control. The idea is simple: do not set up a new virtual
circuit unless the network can carry the added traffic without becoming congest-
ed. Thus, attempts to set up a virtual circuit may fail. This is better than the alter-
native, as letting more people in when the network is busy just makes matters
worse. By analogy, in the telephone system, when a switch gets overloaded it
practices admission control by not giving dial tones.
The trick with this approach is working out when a new virtual circuit will
lead to congestion. The task is straightforward in the telephone network because
of the fixed bandwidth of calls (64 kbps for uncompressed audio). However, vir-
tual circuits in computer networks come in all shapes and sizes. Thus, the circuit
must come with some characterization of its traffic if we are to apply admission
control.
Traffic is often described in terms of its rate and shape. The problem of how
to describe it in a simple yet meaningful way is difficult because traffic is typi-
cally bursty—the average rate is only half the story. For example, traffic that
varies while browsing the Web is more difficult to handle than a streaming movie
with the same long-term throughput because the bursts of Web traffic are more
likely to congest routers in the network. A commonly used descriptor that cap-
tures this effect is the leaky bucket or token bucket. A leaky bucket has two pa-
rameters that bound the average rate and the instantaneous burst size of traffic.
Since leaky buckets are widely used for quality of service, we will go over them
in detail in Sec. 5.4.
Armed with traffic descriptions, the network can decide whether to admit the
new virtual circuit. One possibility is for the network to reserve enough capacity
along the paths of each of its virtual circuits that congestion will not occur. In this
case, the traffic description is a service agreement for what the network will guar-
antee its users. We have prevented congestion but veered into the related topic of
quality of service a little too early; we will return to it in the next section.
Even without making guarantees, the network can use traffic descriptions for
admission control. The task is then to estimate how many circuits will fit within
the carrying capacity of the network without congestion. Suppose that virtual cir-
cuits that may blast traffic at rates up to 10 Mbps all pass through the same 100-
Mbps physical link. How many circuits should be admitted? Clearly, 10 circuits
can be admitted without risking congestion, but this is wasteful in the normal case
since it may rarely happen that all 10 are transmitting full blast at the same time.
In real networks, measurements of past behavior that capture the statistics of
transmissions can be used to estimate the number of circuits to admit, to trade bet-
ter performance for acceptable risk.
Admission control can also be combined with traffic-aware routing by consid-
ering routes around traffic hotspots as part of the setup procedure. For example,

398 THE NETWORK LAYER CHAP. 5
consider the network illustrated in Fig. 5-24(a), in which two routers are congest-
ed, as indicated.
A
Congestion
Virtual
circuit
Congestion
B
A
B
(a) (b)
Figure 5-24. (a) A congested network. (b) The portion of the network that is not
congested. A virtual circuit from A to B is also shown.
Suppose that a host attached to router A wants to set up a connection to a host
attached to router B. Normally, this connection would pass through one of the
congested routers. To avoid this situation, we can redraw the network as shown in
Fig. 5-24(b), omitting the congested routers and all of their lines. The dashed line
shows a possible route for the virtual circuit that avoids the congested routers.
Shaikh et al. (1999) give a design for this kind of load-sensitive routing.
5.3.4 Traffic Throttling
In the Internet and many other computer networks, senders adjust their trans-
missions to send as much traffic as the network can readily deliver. In this setting,
the network aims to operate just before the onset of congestion. When congestion
is imminent, it must tell the senders to throttle back their transmissions and slow
down. This feedback is business as usual rather than an exceptional situation. The
term congestion avoidance is sometimes used to contrast this operating point
with the one in which the network has become (overly) congested.
Let us now look at some approaches to throttling traffic that can be used in
both datagram networks and virtual-circuit networks. Each approach must solve
two problems. First, routers must determine when congestion is approaching,
ideally before it has arrived. To do so, each router can continuously monitor the
resources it is using. Three possibilities are the utilization of the output links, the
buffering of queued packets inside the router, and the number of packets that are
lost due to insufficient buffering. Of these possibilities, the second one is the
most useful. Averages of utilization do not directly account for the burstiness of

SEC. 5.3 CONGESTION CONTROL ALGORITHMS 399
most traffic—a utilization of 50% may be low for smooth traffic and too high for
highly variable traffic. Counts of packet losses come too late. Congestion has al-
ready set in by the time that packets are lost.
The queueing delay inside routers directly captures any congestion experi-
enced by packets. It should be low most of time, but will jump when there is a
burst of traffic that generates a backlog. To maintain a good estimate of the
queueing delay, d, a sample of the instantaneous queue length, s, can be made per-
iodically and d updated according to
d new = αd old + (1 − α)s
where the constant α determines how fast the router forgets recent history. This is
called an EWMA (Exponentially Weighted Moving Average). It smoothes out
fluctuations and is equivalent to a low-pass filter. Whenever d moves above the
threshold, the router notes the onset of congestion.
The second problem is that routers must deliver timely feedback to the send-
ers that are causing the congestion. Congestion is experienced in the network, but
relieving congestion requires action on behalf of the senders that are using the net-
work. To deliver feedback, the router must identify the appropriate senders. It
must then warn them carefully, without sending many more packets into the al-
ready congested network. Different schemes use different feedback mechanisms,
as we will now describe.
Choke Packets
The most direct way to notify a sender of congestion is to tell it directly. In
this approach, the router selects a congested packet and sends a choke packet
back to the source host, giving it the destination found in the packet. The original
packet may be tagged (a header bit is turned on) so that it will not generate any
more choke packets farther along the path and then forwarded in the usual way.
To avoid increasing load on the network during a time of congestion, the router
may only send choke packets at a low rate.
When the source host gets the choke packet, it is required to reduce the traffic
sent to the specified destination, for example, by 50%. In a datagram network,
simply picking packets at random when there is congestion is likely to cause
choke packets to be sent to fast senders, because they will have the most packets
in the queue. The feedback implicit in this protocol can help prevent congestion
yet not throttle any sender unless it causes trouble. For the same reason, it is like-
ly that multiple choke packets will be sent to a given host and destination. The
host should ignore these additional chokes for the fixed time interval until its
reduction in traffic takes effect. After that period, further choke packets indicate
that the network is still congested.
An example of a choke packet used in the early Internet is the SOURCE-
QUENCH message (Postel, 1981). It never caught on, though, partly because the

400 THE NETWORK LAYER CHAP. 5
circumstances in which it was generated and the effect it had were not clearly
specified. The modern Internet uses an alternative notification design that we will
describe next.
Explicit Congestion Notification
Instead of generating additional packets to warn of congestion, a router can
tag any packet it forwards (by setting a bit in the packet’s header) to signal that it
is experiencing congestion. When the network delivers the packet, the destination
can note that there is congestion and inform the sender when it sends a reply pack-
et. The sender can then throttle its transmissions as before.
This design is called ECN (Explicit Congestion Notification) and is used in
the Internet (Ramakrishnan et al., 2001). It is a refinement of early congestion
signaling protocols, notably the binary feedback scheme of Ramakrishnan and
Jain (1988) that was used in the DECNET architecture. Two bits in the IP packet
header are used to record whether the packet has experienced congestion. Packets
are unmarked when they are sent, as illustrated in Fig. 5-25. If any of the routers
they pass through is congested, that router will then mark the packet as having
experienced congestion as it is forwarded. The destination will then echo any
marks back to the sender as an explicit congestion signal in its next reply packet.
This is shown with a dashed line in the figure to indicate that it happens above the
IP level (e.g., in TCP). The sender must then throttle its transmissions, as in the
case of choke packets.
Congestion signal
Host
Marked
packet
Host
Packet Congested
router
Figure 5-25. Explicit congestion notification
Hop-by-Hop Backpressure
At high speeds or over long distances, many new packets may be transmitted
after congestion has been signaled because of the delay before the signal takes ef-
fect. Consider, for example, a host in San Francisco (router A in Fig. 5-26) that is
sending traffic to a host in New York (router D in Fig. 5-26) at the OC-3 speed of
155 Mbps. If the New York host begins to run out of buffers, it will take about 40
msec for a choke packet to get back to San Francisco to tell it to slow down. An
ECN indication will take even longer because it is delivered via the destination.
Choke packet propagation is illustrated as the second, third, and fourth steps in

SEC. 5.3 CONGESTION CONTROL ALGORITHMS 401
Fig. 5-26(a). In those 40 msec, another 6.2 megabits will have been sent. Even if
the host in San Francisco completely shuts down immediately, the 6.2 megabits in
the pipe will continue to pour in and have to be dealt with. Only in the seventh
diagram in Fig. 5-26(a) will the New York router notice a slower flow.
An alternative approach is to have the choke packet take effect at every hop it
passes through, as shown in the sequence of Fig. 5-26(b). Here, as soon as the
choke packet reaches F, F is required to reduce the flow to D. Doing so will re-
quire F to devote more buffers to the connection, since the source is still sending
away at full blast, but it gives D immediate relief, like a headache remedy in a
television commercial. In the next step, the choke packet reaches E, which tells E
to reduce the flow to F. This action puts a greater demand on E’s buffers but
gives F immediate relief. Finally, the choke packet reaches A and the flow
genuinely slows down.
The net effect of this hop-by-hop scheme is to provide quick relief at the point
of congestion, at the price of using up more buffers upstream. In this way, con-
gestion can be nipped in the bud without losing any packets. The idea is dis-
cussed in detail by Mishra et al. (1996).
5.3.5 Load Shedding
When none of the above methods make the congestion disappear, routers can
bring out the heavy artillery: load shedding. Load shedding is a fancy way of
saying that when routers are being inundated by packets that they cannot handle,
they just throw them away. The term comes from the world of electrical power
generation, where it refers to the practice of utilities intentionally blacking out
certain areas to save the entire grid from collapsing on hot summer days when the
demand for electricity greatly exceeds the supply.
The key question for a router drowning in packets is which packets to drop.
The preferred choice may depend on the type of applications that use the network.
For a file transfer, an old packet is worth more than a new one. This is because
dropping packet 6 and keeping packets 7 through 10, for example, will only force
the receiver to do more work to buffer data that it cannot yet use. In contrast, for
real-time media, a new packet is worth more than an old one. This is because
packets become useless if they are delayed and miss the time at which they must
be played out to the user.
The former policy (old is better than new) is often called wine and the latter
(new is better than old) is often called milk because most people would rather
drink new milk and old wine than the alternative.
More intelligent load shedding requires cooperation from the senders. An ex-
ample is packets that carry routing information. These packets are more important
than regular data packets because they establish routes; if they are lost, the net-
work may lose connectivity. Another example is that algorithms for compressing
video, like MPEG, periodically transmit an entire frame and then send subsequent

402 THE NETWORK LAYER CHAP. 5
(a) (b)
Ch
ok
e
Choke
B C
A D
E F
Choke
Reduced
flow
Flow is still
at maximum rate
Flow is
reduced
B C
A D
E F
Heavy flow
Ch
ok
e
Choke
Choke
Reduced
flow
Figure 5-26. (a) A choke packet that affects only the source. (b) A choke pack-
et that affects each hop it passes through.

SEC. 5.3 CONGESTION CONTROL ALGORITHMS 403
frames as differences from the last full frame. In this case, dropping a packet that
is part of a difference is preferable to dropping one that is part of a full frame be-
cause future packets depend on the full frame.
To implement an intelligent discard policy, applications must mark their pack-
ets to indicate to the network how important they are. Then, when packets have to
be discarded, routers can first drop packets from the least important class, then the
next most important class, and so on.
Of course, unless there is some significant incentive to avoid marking every
packet as VERY IMPORTANT—NEVER, EVER DISCARD, nobody will do it.
Often accounting and money are used to discourage frivolous marking. For ex-
ample, the network might let senders send faster than the service they purchased
allows if they mark excess packets as low priority. Such a strategy is actually not
a bad idea because it makes more efficient use of idle resources, allowing hosts to
use them as long as nobody else is interested, but without establishing a right to
them when times get tough.
Random Early Detection
Dealing with congestion when it first starts is more effective than letting it
gum up the works and then trying to deal with it. This observation leads to an in-
teresting twist on load shedding, which is to discard packets before all the buffer
space is really exhausted.
The motivation for this idea is that most Internet hosts do not yet get conges-
tion signals from routers in the form of ECN. Instead, the only reliable indication
of congestion that hosts get from the network is packet loss. After all, it is diffi-
cult to build a router that does not drop packets when it is overloaded. Transport
protocols such as TCP are thus hardwired to react to loss as congestion, slowing
down the source in response. The reasoning behind this logic is that TCP was de-
signed for wired networks and wired networks are very reliable, so lost packets
are mostly due to buffer overruns rather than transmission errors. Wireless links
must recover transmission errors at the link layer (so they are not seen at the net-
work layer) to work well with TCP.
This situation can be exploited to help reduce congestion. By having routers
drop packets early, before the situation has become hopeless, there is time for the
source to take action before it is too late. A popular algorithm for doing this is
called RED (Random Early Detection) (Floyd and Jacobson, 1993). To deter-
mine when to start discarding, routers maintain a running average of their queue
lengths. When the average queue length on some link exceeds a threshold, the
link is said to be congested and a small fraction of the packets are dropped at ran-
dom. Picking packets at random makes it more likely that the fastest senders will
see a packet drop; this is the best option since the router cannot tell which source
is causing the most trouble in a datagram network. The affected sender will
notice the loss when there is no acknowledgement, and then the transport protocol

404 THE NETWORK LAYER CHAP. 5
will slow down. The lost packet is thus delivering the same message as a choke
packet, but implicitly, without the router sending any explicit signal.
RED routers improve performance compared to routers that drop packets only
when their buffers are full, though they may require tuning to work well. For ex-
ample, the ideal number of packets to drop depends on how many senders need to
be notified of congestion. However, ECN is the preferred option if it is available.
It works in exactly the same manner, but delivers a congestion signal explicitly
rather than as a loss; RED is used when hosts cannot receive explicit signals.
5.4 QUALITY OF SERVICE
The techniques we looked at in the previous sections are designed to reduce
congestion and improve network performance. However, there are applications
(and customers) that demand stronger performance guarantees from the network
than ‘‘the best that could be done under the circumstances.’’ Multimedia applica-
tions in particular, often need a minimum throughput and maximum latency to
work. In this section, we will continue our study of network performance, but
now with a sharper focus on ways to provide quality of service that is matched to
application needs. This is an area in which the Internet is undergoing a long-term
upgrade.
An easy solution to provide good quality of service is to build a network with
enough capacity for whatever traffic will be thrown at it. The name for this solu-
tion is overprovisioning. The resulting network will carry application traffic
without significant loss and, assuming a decent routing scheme, will deliver pack-
ets with low latency. Performance doesn’t get any better than this. To some
extent, the telephone system is overprovisioned because it is rare to pick up a tele-
phone and not get a dial tone instantly. There is simply so much capacity avail-
able that demand can almost always be met.
The trouble with this solution is that it is expensive. It is basically solving a
problem by throwing money at it. Quality of service mechanisms let a network
with less capacity meet application requirements just as well at a lower cost.
Moreover, overprovisioning is based on expected traffic. All bets are off if the
traffic pattern changes too much. With quality of service mechanisms, the net-
work can honor the performance guarantees that it makes even when traffic
spikes, at the cost of turning down some requests.
Four issues must be addressed to ensure quality of service:
1. What applications need from the network.
2. How to regulate the traffic that enters the network.
3. How to reserve resources at routers to guarantee performance.
4. Whether the network can safely accept more traffic.

SEC. 5.4 QUALITY OF SERVICE 405
No single technique deals efficiently with all these issues. Instead, a variety of
techniques have been developed for use at the network (and transport) layer.
Practical quality-of-service solutions combine multiple techniques. To this end,
we will describe two versions of quality of service for the Internet called
Integrated Services and Differentiated Services.
5.4.1 Application Requirements
A stream of packets from a source to a destination is called a flow (Clark,
1988). A flow might be all the packets of a connection in a connection-oriented
network, or all the packets sent from one process to another process in a con-
nectionless network. The needs of each flow can be characterized by four pri-
mary parameters: bandwidth, delay, jitter, and loss. Together, these determine the
QoS (Quality of Service) the flow requires.
Several common applications and the stringency of their network re-
quirements are listed in Fig. 5-27. Note that network requirements are less de-
manding than application requirements in those cases that the application can im-
prove on the service provided by the network. In particular, networks do not need
to be lossless for reliable file transfer, and they do not need to deliver packets with
identical delays for audio and video playout. Some amount of loss can be repaired
with retransmissions, and some amount of jitter can be smoothed by buffering
packets at the receiver. However, there is nothing applications can do to remedy
the situation if the network provides too little bandwidth or too much delay.
Application Bandwidth Delay Jitter Loss
Email Low Low Low Medium
File sharing High Low Low Medium
Web access Medium Medium Low Medium
Remote login Low Medium Medium Medium
Audio on demand Low Low High Low
Video on demand High Low High Low
Telephony Low High High Low
Videoconferencing High High High Low
Figure 5-27. Stringency of applications’ quality-of-service requirements.
The applications differ in their bandwidth needs, with email, audio in all
forms, and remote login not needing much, but file sharing and video in all forms
needing a great deal.
More interesting are the delay requirements. File transfer applications, in-
cluding email and video, are not delay sensitive. If all packets are delayed uni-
formly by a few seconds, no harm is done. Interactive applications, such as Web

406 THE NETWORK LAYER CHAP. 5
surfing and remote login, are more delay sensitive. Real-time applications, such
as telephony and videoconferencing, have strict delay requirements. If all the
words in a telephone call are each delayed by too long, the users will find the con-
nection unacceptable. On the other hand, playing audio or video files from a ser-
ver does not require low delay.
The variation (i.e., standard deviation) in the delay or packet arrival times is
called jitter. The first three applications in Fig. 5-27 are not sensitive to the pack-
ets arriving with irregular time intervals between them. Remote login is some-
what sensitive to that, since updates on the screen will appear in little bursts if the
connection suffers much jitter. Video and especially audio are extremely sensi-
tive to jitter. If a user is watching a video over the network and the frames are all
delayed by exactly 2.000 seconds, no harm is done. But if the transmission time
varies randomly between 1 and 2 seconds, the result will be terrible unless the ap-
plication hides the jitter. For audio, a jitter of even a few milliseconds is clearly
audible.
The first four applications have more stringent requirements on loss than aud-
io and video because all bits must be delivered correctly. This goal is usually a-
chieved with retransmissions of packets that are lost in the network by the tran-
sport layer. This is wasted work; it would be better if the network refused packets
it was likely to lose in the first place. Audio and video applications can tolerate
some lost packets without retransmission because people do not notice short
pauses or occasional skipped frames.
To accommodate a variety of applications, networks may support different
categories of QoS. An influential example comes from ATM networks, which
were once part of a grand vision for networking but have since become a niche
technology. They support:
1. Constant bit rate (e.g., telephony).
2. Real-time variable bit rate (e.g., compressed videoconferencing).
3. Non-real-time variable bit rate (e.g., watching a movie on demand).
4. Available bit rate (e.g., file transfer).
These categories are also useful for other purposes and other networks. Constant
bit rate is an attempt to simulate a wire by providing a uniform bandwidth and a
uniform delay. Variable bit rate occurs when video is compressed, with some
frames compressing more than others. Sending a frame with a lot of detail in it
may require sending many bits, whereas a shot of a white wall may compress ex-
tremely well. Movies on demand are not actually real time because a few seconds
of video can easily be buffered at the receiver before playback starts, so jitter on
the network merely causes the amount of stored-but-not-played video to vary.
Available bit rate is for applications such as email that are not sensitive to delay
or jitter and will take what bandwidth they can get.

SEC. 5.4 QUALITY OF SERVICE 407
5.4.2 Traffic Shaping
Before the network can make QoS guarantees, it must know what traffic is
being guaranteed. In the telephone network, this characterization is simple. For
example, a voice call (in uncompressed format) needs 64 kbps and consists of one
8-bit sample every 125 μsec. However, traffic in data networks is bursty. It typi-
cally arrives at nonuniform rates as the traffic rate varies (e.g., videoconferencing
with compression), users interact with applications (e.g., browsing a new Web
page), and computers switch between tasks. Bursts of traffic are more difficult to
handle than constant-rate traffic because they can fill buffers and cause packets to
be lost.
Traffic shaping is a technique for regulating the average rate and burstiness
of a flow of data that enters the network. The goal is to allow applications to
transmit a wide variety of traffic that suits their needs, including some bursts, yet
have a simple and useful way to describe the possible traffic patterns to the net-
work. When a flow is set up, the user and the network (i.e., the customer and the
provider) agree on a certain traffic pattern (i.e., shape) for that flow. In effect, the
customer says to the provider ‘‘My transmission pattern will look like this; can
you handle it?’’
Sometimes this agreement is called an SLA (Service Level Agreement), es-
pecially when it is made over aggregate flows and long periods of time, such as
all of the traffic for a given customer. As long as the customer fulfills her part of
the bargain and only sends packets according to the agreed-on contract, the pro-
vider promises to deliver them all in a timely fashion.
Traffic shaping reduces congestion and thus helps the network live up to its
promise. However, to make it work, there is also the issue of how the provider
can tell if the customer is following the agreement and what to do if the customer
is not. Packets in excess of the agreed pattern might be dropped by the network, or
they might be marked as having lower priority. Monitoring a traffic flow is called
traffic policing.
Shaping and policing are not so important for peer-to-peer and other transfers
that will consume any and all available bandwidth, but they are of great impor-
tance for real-time data, such as audio and video connections, which have
stringent quality-of-service requirements.
Leaky and Token Buckets
We have already seen one way to limit the amount of data an application
sends: the sliding window, which uses one parameter to limit how much data is in
transit at any given time, which indirectly limits the rate. Now we will look at a
more general way to characterize traffic, with the leaky bucket and token bucket
algorithms. The formulations are slightly different but give an equivalent result.

408 THE NETWORK LAYER CHAP. 5
Try to imagine a bucket with a small hole in the bottom, as illustrated in
Fig. 5-28(b). No matter the rate at which water enters the bucket, the outflow is at
a constant rate, R, when there is any water in the bucket and zero when the bucket
is empty. Also, once the bucket is full to capacity B, any additional water enter-
ing it spills over the sides and is lost.
Check
bucket
here
Host
Packets
Rate
R
B
B
Rate
R
Take out
water/tokens
Put in
water
Network
(a) (b) (c)
Figure 5-28. (a) Shaping packets. (b) A leaky bucket. (c) A token bucket.
This bucket can be used to shape or police packets entering the network, as
shown in Fig. 5-28(a). Conceptually, each host is connected to the network by an
interface containing a leaky bucket. To send a packet into the network, it must be
possible to put more water into the bucket. If a packet arrives when the bucket is
full, the packet must either be queued until enough water leaks out to hold it or be
discarded. The former might happen at a host shaping its traffic for the network
as part of the operating system. The latter might happen in hardware at a provider
network interface that is policing traffic entering the network. This technique was
proposed by Turner (1986) and is called the leaky bucket algorithm.
A different but equivalent formulation is to imagine the network interface as a
bucket that is being filled, as shown in Fig. 5-28(c). The tap is running at rate R
and the bucket has a capacity of B, as before. Now, to send a packet we must be
able to take water, or tokens, as the contents are commonly called, out of the
bucket (rather than putting water into the bucket). No more than a fixed number
of tokens, B, can accumulate in the bucket, and if the bucket is empty, we must
wait until more tokens arrive before we can send another packet. This algorithm
is called the token bucket algorithm.
Leaky and token buckets limit the long-term rate of a flow but allow short-
term bursts up to a maximum regulated length to pass through unaltered and
without suffering any artificial delays. Large bursts will be smoothed by a leaky
bucket traffic shaper to reduce congestion in the network. As an example, imag-
ine that a computer can produce data at up to 1000 Mbps (125 million bytes/sec)
and that the first link of the network also runs at this speed. The pattern of traffic
the host generates is shown in Fig. 5-29(a). This pattern is bursty. The average

SEC. 5.4 QUALITY OF SERVICE 409
rate over one second is 200 Mbps, even though the host sends a burst of 16,000
KB at the top speed of 1000 Mbps (for 1/8 of the second).
25 MB/s for
250 msec
125 MB/s for
125 msec
Time (msec)
16000
1000
Rate (Mbps)
(a) (d)
(b) (e)
(c) (f)
1000
Bucket (KB)
With R = 25 MB/s, B = 0
With R = 25 MB/s,
B = 9600 KB
Bucket always empty
Bucket empties,
traffic delayed
Time (msec) 1000
9600
0
Figure 5-29. (a) Traffic from a host. Output shaped by a token bucket of rate
200 Mbps and capacity (b) 9600 KB and (c) 0 KB. Token bucket level for shap-
ing with rate 200 Mbps and capacity (d) 16,000 KB, (e) 9600 KB, and (f) 0 KB.
Now suppose that the routers can accept data at the top speed only for short
intervals, until their buffers fill up. The buffer size is 9600 KB, smaller than the
traffic burst. For long intervals, the routers work best at rates not exceeding 200
Mbps (say, because this is all the bandwidth given to the customer). The implica-
tion is that if traffic is sent in this pattern, some of it will be dropped in the net-
work because it does not fit into the buffers at routers.
To avoid this packet loss, we can shape the traffic at the host with a token
bucket. If we use a rate, R, of 200 Mbps and a capacity, B, of 9600 KB, the traffic
will fall within what the network can handle. The output of this token bucket is
shown in Fig. 5-29(b). The host can send full throttle at 1000 Mbps for a short
while until it has drained the bucket. Then it has to cut back to 200 Mbps until the
burst has been sent. The effect is to spread out the burst over time because it was
too large to handle all at once. The level of the token bucket is shown in Fig. 5-
29(e). It starts off full and is depleted by the initial burst. When it reaches zero,
new packets can be sent only at the rate at which the buffer is filling; there can be
no more bursts until the bucket has recovered. The bucket fills when no traffic is
being sent and stays flat when traffic is being sent at the fill rate.
We can also shape the traffic to be less bursty. Fig. 5-29(c) shows the output
of a token bucket with R = 200 Mbps and a capacity of 0. This is the extreme case

410 THE NETWORK LAYER CHAP. 5
in which the traffic has been completely smoothed. No bursts are allowed, and the
traffic enters the network at a steady rate. The corresponding bucket level, shown
in Fig. 5-29(f), is always empty. Traffic is being queued on the host for release
into the network and there is always a packet waiting to be sent when it is allow-
ed.
Finally, Fig. 5-29(d) shows the bucket level for a token bucket with R = 200
Mbps and a capacity of B = 16,000 KB. This is the smallest token bucket through
which the traffic passes unaltered. It might be used at a router in the network to
police the traffic that the host sends. If the host is sending traffic that conforms to
the token bucket on which it has agreed with the network, the traffic will fit
through that same token bucket run at the router at the edge of the network. If the
host sends at a faster or burstier rate, the token bucket will run out of water. If this
happens, a traffic policer will know that the traffic is not as described. It will then
either drop the excess packets or lower their priority, depending on the design of
the network. In our example, the bucket empties only momentarily, at the end of
the initial burst, then recovers enough for the next burst.
Leaky and token buckets are easy to implement. We will now describe the
operation of a token bucket. Even though we have described water flowing con-
tinuously into and out of the bucket, real implementations must work with discrete
quantities. A token bucket is implemented with a counter for the level of the
bucket. The counter is advanced by R /ΔT units at every clock tick of ΔT seconds.
This would be 200 Kbit every 1 msec in our example above. Every time a unit of
traffic is sent into the network, the counter is decremented, and traffic may be sent
until the counter reaches zero.
When the packets are all the same size, the bucket level can just be counted in
packets (e.g., 200 Mbit is 20 packets of 1250 bytes). However, often variable-
sized packets are being used. In this case, the bucket level is counted in bytes. If
the residual byte count is too low to send a large packet, the packet must wait until
the next tick (or even longer, if the fill rate is small).
Calculating the length of the maximum burst (until the bucket empties) is
slightly tricky. It is longer than just 9600 KB divided by 125 MB/sec because
while the burst is being output, more tokens arrive. If we call the burst length S
sec., the maximum output rate M bytes/sec, the token bucket capacity B bytes, and
the token arrival rate R bytes/sec, we can see that an output burst contains a maxi-
mum of B + RS bytes. We also know that the number of bytes in a maximum-
speed burst of length S seconds is MS. Hence, we have
B + RS = MS
We can solve this equation to get S = B /(M − R). For our parameters of B = 9600
KB, M = 125 MB/sec, and R = 25 MB/sec, we get a burst time of about 94 msec.
A potential problem with the token bucket algorithm is that it reduces large
bursts down to the long-term rate R. It is frequently desirable to reduce the peak
rate, but without going down to the long-term rate (and also without raising the

SEC. 5.4 QUALITY OF SERVICE 411
long-term rate to allow more traffic into the network). One way to get smoother
traffic is to insert a second token bucket after the first one. The rate of the second
bucket should be much higher than the first one. Basically, the first bucket charac-
terizes the traffic, fixing its average rate but allowing some bursts. The second
bucket reduces the peak rate at which the bursts are sent into the network. For ex-
ample, if the rate of the second token bucket is set to be 500 Mbps and the capaci-
ty is set to 0, the initial burst will enter the network at a peak rate of 500 Mbps,
which is lower than the 1000 Mbps rate we had previously.
Using all of these buckets can be a bit tricky. When token buckets are used for
traffic shaping at hosts, packets are queued and delayed until the buckets permit
them to be sent. When token buckets are used for traffic policing at routers in the
network, the algorithm is simulated to make sure that no more packets are sent
than permitted. Nevertheless, these tools provide ways to shape the network traf-
fic into more manageable forms to assist in meeting quality-of-service re-
quirements.
5.4.3 Packet Scheduling
Being able to regulate the shape of the offered traffic is a good start. Howev-
er, to provide a performance guarantee, we must reserve sufficient resources
along the route that the packets take through the network. To do this, we are as-
suming that the packets of a flow follow the same route. Spraying them over rout-
ers at random makes it hard to guarantee anything. As a consequence, something
similar to a virtual circuit has to be set up from the source to the destination, and
all the packets that belong to the flow must follow this route.
Algorithms that allocate router resources among the packets of a flow and be-
tween competing flows are called packet scheduling algorithms. Three different
kinds of resources can potentially be reserved for different flows:
1. Bandwidth.
2. Buffer space.
3. CPU cycles.
The first one, bandwidth, is the most obvious. If a flow requires 1 Mbps and the
outgoing line has a capacity of 2 Mbps, trying to direct three flows through that
line is not going to work. Thus, reserving bandwidth means not oversubscribing
any output line.
A second resource that is often in short supply is buffer space. When a packet
arrives, it is buffered inside the router until it can be transmitted on the chosen
outgoing line. The purpose of the buffer is to absorb small bursts of traffic as the
flows contend with each other. If no buffer is available, the packet has to be dis-
carded since there is no place to put it. For good quality of service, some buffers
might be reserved for a specific flow so that flow does not have to compete for

412 THE NETWORK LAYER CHAP. 5
buffers with other flows. Up to some maximum value, there will always be a
buffer available when the flow needs one.
Finally, CPU cycles may also be a scarce resource. It takes router CPU time
to process a packet, so a router can process only a certain number of packets per
second. While modern routers are able to process most packets quickly, some
kinds of packets require greater CPU processing, such as the ICMP packets we
will describe in Sec. 5.6. Making sure that the CPU is not overloaded is needed to
ensure timely processing of these packets.
Packet scheduling algorithms allocate bandwidth and other router resources
by determining which of the buffered packets to send on the output line next. We
already described the most straightforward scheduler when explaining how rout-
ers work. Each router buffers packets in a queue for each output line until they
can be sent, and they are sent in the same order that they arrived. This algorithm
is known as FIFO (First-In First-Out), or equivalently FCFS (First-Come
First-Serve).
FIFO routers usually drop newly arriving packets when the queue is full.
Since the newly arrived packet would have been placed at the end of the queue,
this behavior is called tail drop. It is intuitive, and you may be wondering what
alternatives exist. In fact, the RED algorithm we described in Sec. 5.3.5 chose a
newly arriving packet to drop at random when the average queue length grew
large. The other scheduling algorithms that we will describe also create other
opportunities for deciding which packet to drop when the buffers are full.
FIFO scheduling is simple to implement, but it is not suited to providing good
quality of service because when there are multiple flows, one flow can easily
affect the performance of the other flows. If the first flow is aggressive and sends
large bursts of packets, they will lodge in the queue. Processing packets in the
order of their arrival means that the aggressive sender can hog most of the capaci-
ty of the routers its packets traverse, starving the other flows and reducing their
quality of service. To add insult to injury, the packets of the other flows that do
get through are likely to be delayed because they had to sit in the queue behind
many packets from the aggressive sender.
Many packet scheduling algorithms have been devised that provide stronger
isolation between flows and thwart attempts at interference (Bhatti and Crowcroft,
2000). One of the first ones was the fair queueing algorithm devised by Nagle
(1987). The essence of this algorithm is that routers have separate queues, one for
each flow for a given output line. When the line becomes idle, the router scans
the queues round-robin, as shown in Fig. 5-30. It then takes the first packet on the
next queue. In this way, with n hosts competing for the output line, each host gets
to send one out of every n packets. It is fair in the sense that all flows get to send
packets at the same rate. Sending more packets will not improve this rate.
Although a start, the algorithm has a flaw: it gives more bandwidth to hosts
that use large packets than to hosts that use small packets. Demers et al. (1990)
suggested an improvement in which the round-robin is done in such a way as to

SEC. 5.4 QUALITY OF SERVICE 413
Input queues
Round-robin
service
1
2
3
1123 23
Output line
Figure 5-30. Round-robin fair queueing.
simulate a byte-by-byte round-robin, instead of a packet-by-packet round-robin.
The trick is to compute a virtual time that is the number of the round at which
each packet would finish being sent. Each round drains a byte from all of the
queues that have data to send. The packets are then sorted in order of their fin-
ishing times and sent in that order.
This algorithm and an example of finish times for packets arriving in three
flows are illustrated in Fig. 5-31. If a packet has length L, the round at which it
will finish is simply L rounds after the start time. The start time is either the fin-
ish time of the previous packet, or the arrival time of the packet, if the queue is
empty when it arrives.
Input queues
Fair
queueing
Packet Arrival
time
Length Finish
time
Output
order
A 0 8 8 1
B 5 6 11 3
C 5 10 10 2
D 8 9 20 7
E 8 8 14 4
F 10 6 16 5
G 11 10 19 6
H 20 8 28 8
A
B
CEG
D
F
H
Arrives
late
(a) (b)
Arrives after D
but goes first
Weight is 2
2X
Figure 5-31. (a) Weighted Fair Queueing. (b) Finishing times for the packets.
From the table in Fig. 5-32(b), and looking only at the first two packets in the
top two queues, packets arrive in the order A, B, D, and F. Packet A arrives at
round 0 and is 8 bytes long, so its finish time is round 8. Similarly the finish time
for packet B is 11. Packet D arrives while B is being sent. Its finish time is 9
byte-rounds after it starts when B finishes, or 20. Similarly, the finish time for F
is 16. In the absence of new arrivals, the relative sending order is A, B, F, D, even
though F arrived after D. It is possible that another small packet will arrive on the
top flow and obtain a finish time before D. It will only jump ahead of D if the

414 THE NETWORK LAYER CHAP. 5
transmission of that packet has not started. Fair queueing does not preempt pack-
ets that are currently being transmitted. Because packets are sent in their entirety,
fair queueing is only an approximation of the ideal byte-by-byte scheme. But it is
a very good approximation, staying within one packet transmission of the ideal
scheme at all times.
One shortcoming of this algorithm in practice is that it gives all hosts the
same priority. In many situations, it is desirable to give, for example, video ser-
vers more bandwidth than, say, file servers. This is easily possible by giving the
video server two or more bytes per round. This modified algorithm is called
WFQ (Weighted Fair Queueing). Letting the number of bytes per round be the
weight of a flow, W, we can now give the formula for computing the finish time:
Fi = max(Ai ,Fi −1)+Li /W
where Ai is the arrival time, Fi is the finish time, and Li is the length of packet i.
The bottom queue of Fig. 5-31(a) has a weight of 2, so its packets are sent more
quickly as you can see in the finish times given in Fig. 5-31(b).
Another practical consideration is implementation complexity. WFQ requires
that packets be inserted by their finish time into a sorted queue. With N flows, this
is at best an O(logN) operation per packet, which is difficult to achieve for many
flows in high-speed routers. Shreedhar and Varghese (1995) describe an approxi-
mation called deficit round robin that can be implemented very efficiently, with
only O(1) operations per packet. WFQ is widely used given this approximation.
Other kinds of scheduling algorithms exist, too. A simple example is priority
scheduling, in which each packet is marked with a priority. High-priority packets
are always sent before any low-priority packets that are buffered. Within a prior-
ity, packets are sent in FIFO order. However, priority scheduling has the disad-
vantage that a burst of high-priority packets can starve low-priority packets, which
may have to wait indefinitely. WFQ often provides a better alternative. By giving
the high-priority queue a large weight, say 3, high-priority packets will often go
through a short line (as relatively few packets should be high priority) yet some
fraction of low priority packets will continue to be sent even when there is high
priority traffic. A high and low priority system is essentially a two-queue WFQ
system in which the high priority has infinite weight.
As a final example of a scheduler, packets might carry timestamps and be sent
in timestamp order. Clark et al. (1992) describe a design in which the timestamp
records how far the packet is behind or ahead of schedule as it is sent through a
sequence of routers on the path. Packets that have been queued behind other
packets at a router will tend to be behind schedule, and the packets that have been
serviced first will tend to be ahead of schedule. Sending packets in order of their
timestamps has the beneficial effect of speeding up slow packets while at the
same time slowing down fast packets. The result is that all packets are delivered
by the network with a more consistent delay.

SEC. 5.4 QUALITY OF SERVICE 415
5.4.4 Admission Control
We have now seen all the necessary elements for QoS and it is time to put
them together to actually provide it. QoS guarantees are established through the
process of admission control. We first saw admission control used to control con-
gestion, which is a performance guarantee, albeit a weak one. The guarantees we
are considering now are stronger, but the model is the same. The user offers a
flow with an accompanying QoS requirement to the network. The network then
decides whether to accept or reject the flow based on its capacity and the commit-
ments it has made to other flows. If it accepts, the network reserves capacity in
advance at routers to guarantee QoS when traffic is sent on the new flow.
The reservations must be made at all of the routers along the route that the
packets take through the network. Any routers on the path without reservations
might become congested, and a single congested router can break the QoS guaran-
tee. Many routing algorithms find the single best path between each source and
each destination and send all traffic over the best path. This may cause some
flows to be rejected if there is not enough spare capacity along the best path. QoS
guarantees for new flows may still be accommodated by choosing a different
route for the flow that has excess capacity. This is called QoS routing. Chen and
Nahrstedt (1998) give an overview of these techniques. It is also possible to split
the traffic for each destination over multiple paths to more easily find excess ca-
pacity. A simple method is for routers to choose equal-cost paths and to divide
the traffic equally or in proportion to the capacity of the outgoing links. However,
more sophisticated algorithms are also available (Nelakuditi and Zhang, 2002).
Given a path, the decision to accept or reject a flow is not a simple matter of
comparing the resources (bandwidth, buffers, cycles) requested by the flow with
the router’s excess capacity in those three dimensions. It is a little more compli-
cated than that. To start with, although some applications may know about their
bandwidth requirements, few know about buffers or CPU cycles, so at the mini-
mum, a different way is needed to describe flows and translate this description to
router resources. We will get to this shortly.
Next, some applications are far more tolerant of an occasional missed dead-
line than others. The applications must choose from the type of guarantees that
the network can make, whether hard guarantees or behavior that will hold most of
the time. All else being equal, everyone would like hard guarantees, but the diffi-
culty is that they are expensive because they constrain worst case behavior. Guar-
antees for most of the packets are often sufficient for applications, and more flows
with this guarantee can be supported for a fixed capacity.
Finally, some applications may be willing to haggle about the flow parameters
and others may not. For example, a movie viewer that normally runs at 30
frames/sec may be willing to drop back to 25 frames/sec if there is not enough
free bandwidth to support 30 frames/sec. Similarly, the number of pixels per
frame, audio bandwidth, and other properties may be adjustable.

416 THE NETWORK LAYER CHAP. 5
Because many parties may be involved in the flow negotiation (the sender, the
receiver, and all the routers along the path between them), flows must be de-
scribed accurately in terms of specific parameters that can be negotiated. A set of
such parameters is called a flow specification. Typically, the sender (e.g., the
video server) produces a flow specification proposing the parameters it would like
to use. As the specification propagates along the route, each router examines it
and modifies the parameters as need be. The modifications can only reduce the
flow, not increase it (e.g., a lower data rate, not a higher one). When it gets to the
other end, the parameters can be established.
As an example of what can be in a flow specification, consider the example of
Fig. 5-32. This is based on RFCs 2210 and 2211 for Integrated Services, a QoS
design we will cover in the next section. It has five parameters. The first two pa-
rameters, the token bucket rate and token bucket size, use a token bucket to give
the maximum sustained rate the sender may transmit, averaged over a long time
interval, and the largest burst it can send over a short time interval.
Parameter Unit
Token bucket rate Bytes/sec
Token bucket size Bytes
Peak data rate Bytes/sec
Minimum packet size Bytes
Maximum packet size Bytes
Figure 5-32. An example flow specification.
The third parameter, the peak data rate, is the maximum transmission rate
tolerated, even for brief time intervals. The sender must never exceed this rate
even for short bursts.
The last two parameters specify the minimum and maximum packet sizes, in-
cluding the transport and network layer headers (e.g., TCP and IP). The minimum
size is useful because processing each packet takes some fixed time, no matter
how short. A router may be prepared to handle 10,000 packets/sec of 1 KB each,
but not be prepared to handle 100,000 packets/sec of 50 bytes each, even though
this represents a lower data rate. The maximum packet size is important due to
internal network limitations that may not be exceeded. For example, if part of the
path goes over an Ethernet, the maximum packet size will be restricted to no more
than 1500 bytes no matter what the rest of the network can handle.
An interesting question is how a router turns a flow specification into a set of
specific resource reservations. At first glance, it might appear that if a router has
a link that runs at, say, 1 Gbps and the average packet is 1000 bits, it can process
1 million packets/sec. This observation is not the case, though, because there will
always be idle periods on the link due to statistical fluctuations in the load. If the

SEC. 5.4 QUALITY OF SERVICE 417
link needs every bit of capacity to get its work done, idling for even a few bits
creates a backlog it can never get rid of.
Even with a load slightly below the theoretical capacity, queues can build up
and delays can occur. Consider a situation in which packets arrive at random with
a mean arrival rate of λ packets/sec. The packets have random lengths and can be
sent on the link with a mean service rate of μ packets/sec. Under the assumption
that both the arrival and service distributions are Poisson distributions (what is
called an M/M/1 queueing system, where ‘‘M’’ stands for Markov, i.e., Poisson),
it can be proven using queueing theory that the mean delay experienced by a
packet, T, is
T =
μ
1 ×
1 − λ /μ
1 =
μ
1 ×
1 − ρ
1
where ρ = λ /μ is the CPU utilization. The first factor, 1/μ, is what the service
time would be in the absence of competition. The second factor is the slowdown
due to competition with other flows. For example, if λ = 950,000 packets/sec and
μ = 1,000,000 packets/sec, then ρ = 0.95 and the mean delay experienced by each
packet will be 20 μsec instead of 1 μsec. This time accounts for both the queue-
ing time and the service time, as can be seen when the load is very low (λ /μ ∼∼ 0).
If there are, say, 30 routers along the flow’s route, queueing delay alone will ac-
count for 600 μsec of delay.
One method of relating flow specifications to router resources that correspond
to bandwidth and delay performance guarantees is given by Parekh and Gallagher
(1993, 1994). It is based on traffic sources shaped by (R, B) token buckets and
WFQ at routers. Each flow is given a WFQ weight W large enough to drain its
token bucket rate R as shown in Fig. 5-33. For example, if the flow has a rate of 1
Mbps and the router and output link have a capacity of 1 Gbps, the weight for the
flow must be greater than 1/1000th of the total of the weights for all of the flows
at that router for the output link. This guarantees the flow a minimum bandwidth.
If it cannot be given a large enough rate, the flow cannot be admitted.
Weighted
fair queue
(R, B)
Traffic source
Router
Capacity C
W
wi
wi
W x CR < weights Figure 5-33. Bandwidth and delay guarantees with token buckets and WFQ. The largest queueing delay the flow will see is a function of the burst size of the token bucket. Consider the two extreme cases. If the traffic is smooth, without 418 THE NETWORK LAYER CHAP. 5 any bursts, packets will be drained from the router just as quickly as they arrive. There will be no queueing delay (ignoring packetization effects). On the other hand, if the traffic is saved up in bursts, then a maximum-size burst, B, may arrive at the router all at once. In this case the maximum queueing delay, D, will be the time taken to drain this burst at the guaranteed bandwidth, or B/R (again, ignoring packetization effects). If this delay is too large, the flow must request more band- width from the network. These guarantees are hard. The token buckets bound the burstiness of the source, and fair queueing isolates the bandwidth given to different flows. This means that the flow will meet its bandwidth and delay guarantees regardless of how the other competing flows behave at the router. Those other flows cannot break the guarantee even by saving up traffic and all sending at once. Moreover, the result holds for a path through multiple routers in any network topology. Each flow gets a minimum bandwidth because that bandwidth is guar- anteed at each router. The reason each flow gets a maximum delay is more sub- tle. In the worst case that a burst of traffic hits the first router and competes with the traffic of other flows, it will be delayed up to the maximum delay of D. How- ever, this delay will also smooth the burst. In turn, this means that the burst will incur no further queueing delays at later routers. The overall queueing delay will be at most D. 5.4.5 Integrated Services Between 1995 and 1997, IETF put a lot of effort into devising an architecture for streaming multimedia. This work resulted in over two dozen RFCs, starting with RFCs 2205–2212. The generic name for this work is integrated services. It was aimed at both unicast and multicast applications. An example of the former is a single user streaming a video clip from a news site. An example of the latter is a collection of digital television stations broadcasting their programs as streams of IP packets to many receivers at various locations. Below we will concentrate on multicast, since unicast is a special case of multicast. In many multicast applications, groups can change membership dynamically, for example, as people enter a video conference and then get bored and switch to a soap opera or the croquet channel. Under these conditions, the approach of hav- ing the senders reserve bandwidth in advance does not work well, since it would require each sender to track all entries and exits of its audience. For a system de- signed to transmit television with millions of subscribers, it would not work at all. RSVP—The Resource reSerVation Protocol The main part of the integrated services architecture that is visible to the users of the network is RSVP. It is described in RFCs 2205–2210. This protocol is used for making the reservations; other protocols are used for sending the data. SEC. 5.4 QUALITY OF SERVICE 419 RSVP allows multiple senders to transmit to multiple groups of receivers, permits individual receivers to switch channels freely, and optimizes bandwidth use while at the same time eliminating congestion. In its simplest form, the protocol uses multicast routing using spanning trees, as discussed earlier. Each group is assigned a group address. To send to a group, a sender puts the group’s address in its packets. The standard multicast routing al- gorithm then builds a spanning tree covering all group members. The routing al- gorithm is not part of RSVP. The only difference from normal multicasting is a little extra information that is multicast to the group periodically to tell the routers along the tree to maintain certain data structures in their memories. As an example, consider the network of Fig. 5-34(a). Hosts 1 and 2 are multi- cast senders, and hosts 3, 4, and 5 are multicast receivers. In this example, the senders and receivers are disjoint, but in general, the two sets may overlap. The multicast trees for hosts 1 and 2 are shown in Fig. 5-34(b) and Fig. 5-34(c), re- spectively. A D G J C F I L B K H E 1 2 3 4 5 Receivers Senders A D G J C F I L B K H E 1 2 3 4 5 1 2 3 4 5 A D G J C F I L B K H E (a) (b) (c) Figure 5-34. (a) A network. (b) The multicast spanning tree for host 1. (c) The multicast spanning tree for host 2. To get better reception and eliminate congestion, any of the receivers in a group can send a reservation message up the tree to the sender. The message is propagated using the reverse path forwarding algorithm discussed earlier. At each 420 THE NETWORK LAYER CHAP. 5 hop, the router notes the reservation and reserves the necessary bandwidth. We saw in the previous section how a weighted fair queueing scheduler can be used to make this reservation. If insufficient bandwidth is available, it reports back failure. By the time the message gets back to the source, bandwidth has been re- served all the way from the sender to the receiver making the reservation request along the spanning tree. An example of such a reservation is shown in Fig. 5-35(a). Here host 3 has requested a channel to host 1. Once it has been established, packets can flow from 1 to 3 without congestion. Now consider what happens if host 3 next reserves a channel to the other sender, host 2, so the user can watch two television programs at once. A second path is reserved, as illustrated in Fig. 5-35(b). Note that two separate channels are needed from host 3 to router E because two inde- pendent streams are being transmitted. A D G J C F Bandwidth reserved for source 1 Bandwidth reserved for source 2 I L B K H E 1 2 3 4 5 A D G J C F I L B K H E 1 2 2 3 4 5 A D G J C F I L B K H E (b) (c)(a) 3 4 5 1 Figure 5-35. (a) Host 3 requests a channel to host 1. (b) Host 3 then requests a second channel, to host 2. (c) Host 5 requests a channel to host 1. Finally, in Fig. 5-35(c), host 5 decides to watch the program being transmitted by host 1 and also makes a reservation. First, dedicated bandwidth is reserved as far as router H. However, this router sees that it already has a feed from host 1, so if the necessary bandwidth has already been reserved, it does not have to reserve any more. Note that hosts 3 and 5 might have asked for different amounts of bandwidth (e.g., if host 3 is playing on a small screen and only wants the low- resolution information), so the capacity reserved must be large enough to satisfy the greediest receiver. When making a reservation, a receiver can (optionally) specify one or more sources that it wants to receive from. It can also specify whether these choices SEC. 5.4 QUALITY OF SERVICE 421 are fixed for the duration of the reservation or whether the receiver wants to keep open the option of changing sources later. The routers use this information to op- timize bandwidth planning. In particular, two receivers are only set up to share a path if they both agree not to change sources later on. The reason for this strategy in the fully dynamic case is that reserved band- width is decoupled from the choice of source. Once a receiver has reserved band- width, it can switch to another source and keep that portion of the existing path that is valid for the new source. If host 2 is transmitting several video streams in real time, for example a TV broadcaster with multiple channels, host 3 may switch between them at will without changing its reservation: the routers do not care what program the receiver is watching. 5.4.6 Differentiated Services Flow-based algorithms have the potential to offer good quality of service to one or more flows because they reserve whatever resources are needed along the route. However, they also have a downside. They require an advance setup to es- tablish each flow, something that does not scale well when there are thousands or millions of flows. Also, they maintain internal per-flow state in the routers, mak- ing them vulnerable to router crashes. Finally, the changes required to the router code are substantial and involve complex router-to-router exchanges for setting up the flows. As a consequence, while work continues to advance integrated ser- vices, few deployments of it or anything like it exist yet. For these reasons, IETF has also devised a simpler approach to quality of ser- vice, one that can be largely implemented locally in each router without advance setup and without having the whole path involved. This approach is known as class-based (as opposed to flow-based) quality of service. IETF has standardized an architecture for it, called differentiated services, which is described in RFCs 2474, 2475, and numerous others. We will now describe it. Differentiated services can be offered by a set of routers forming an adminis- trative domain (e.g., an ISP or a telco). The administration defines a set of service classes with corresponding forwarding rules. If a customer subscribes to dif- ferentiated services, customer packets entering the domain are marked with the class to which they belong. This information is carried in the Differentiated ser- vices field of IPv4 and IPv6 packets (described in Sec. 5.6). The classes are de- fined as per hop behaviors because they correspond to the treatment the packet will receive at each router, not a guarantee across the network. Better service is provided to packets with some per-hop behaviors (e.g., premium service) than to others (e.g., regular service). Traffic within a class may be required to conform to some specific shape, such as a leaky bucket with some specified drain rate. An operator with a nose for business might charge extra for each premium packet transported or might allow up to N premium packets per month for a fixed addi- tional monthly fee. Note that this scheme requires no advance setup, no resource 422 THE NETWORK LAYER CHAP. 5 reservation, and no time-consuming end-to-end negotiation for each flow, as with integrated services. This makes differentiated services relatively easy to imple- ment. Class-based service also occurs in other industries. For example, package de- livery companies often offer overnight, two-day, and three-day service. Airlines offer first class, business class, and cattle-class service. Long-distance trains often have multiple service classes. Even the Paris subway has two different ser- vice classes. For packets, the classes may differ in terms of delay, jitter, and probability of being discarded in the event of congestion, among other possibili- ties (but probably not roomier Ethernet frames). To make the difference between flow-based quality of service and class-based quality of service clearer, consider an example: Internet telephony. With a flow- based scheme, each telephone call gets its own resources and guarantees. With a class-based scheme, all the telephone calls together get the resources reserved for the class telephony. These resources cannot be taken away by packets from the Web browsing class or other classes, but no telephone call gets any private re- sources reserved for it alone. Expedited Forwarding The choice of service classes is up to each operator, but since packets are often forwarded between networks run by different operators, IETF has defined some network-independent service classes. The simplest class is expedited for- warding, so let us start with that one. It is described in RFC 3246. The idea behind expedited forwarding is very simple. Two classes of service are available: regular and expedited. The vast majority of the traffic is expected to be regular, but a limited fraction of the packets are expedited. The expedited packets should be able to transit the network as though no other packets were present. In this way they will get low loss, low delay and low jitter service—just what is needed for VoIP. A symbolic representation of this ‘‘two-tube’’ system is given in Fig. 5-36. Note that there is still just one physical line. The two logical pipes shown in the figure represent a way to reserve bandwidth for different classes of service, not a second physical line. One way to implement this strategy is as follows. Packets are classified as expedited or regular and marked accordingly. This step might be done on the sending host or in the ingress (first) router. The advantage of doing classification on the sending host is that more information is available about which packets be- long to which flows. This task may be performed by networking software or even the operating system, to avoid having to change existing applications. For ex- ample, it is becoming common for VoIP packets to be marked for expedited ser- vice by hosts. If the packets pass through a corporate network or ISP that sup- ports expedited service, they will receive preferential treatment. If the network does not support expedited service, no harm is done. SEC. 5.4 QUALITY OF SERVICE 423 Regular packets Expedited packets Figure 5-36. Expedited packets experience a traffic-free network. Of course, if the marking is done by the host, the ingress router is likely to police the traffic to make sure that customers are not sending more expedited traf- fic than they have paid for. Within the network, the routers may have two output queues for each outgoing line, one for expedited packets and one for regular pack- ets. When a packet arrives, it is queued accordingly. The expedited queue is given priority over the regular one, for example, by using a priority scheduler. In this way, expedited packets see an unloaded network, even when there is, in fact, a heavy load of regular traffic. Assured Forwarding A somewhat more elaborate scheme for managing the service classes is called assured forwarding. It is described in RFC 2597. Assured forwarding specifies that there shall be four priority classes, each class having its own resources. The top three classes might be called gold, silver, and bronze. In addition, it defines three discard classes for packets that are experiencing congestion: low, medium, and high. Taken together, these two factors define 12 service classes. Figure 5-37 shows one way packets might be processed under assured for- warding. The first step is to classify the packets into one of the four priority classes. As before, this step might be done on the sending host (as shown in the figure) or in the ingress router, and the rate of higher-priority packets may be lim- ited by the operator as part of the service offering. The next step is to determine the discard class for each packet. This is done by passing the packets of each priority class through a traffic policer such as a token bucket. The policer lets all of the traffic through, but it identifies packets that fit within small bursts as low discard, packets that exceed small bursts as medium discard, and packets that exceed large bursts as high discard. The combi- nation of priority and discard class is then encoded in each packet. Finally, the packets are processed by routers in the network with a packet scheduler that distinguishes the different classes. A common choice is to use 424 THE NETWORK LAYER CHAP. 5 Weighted fair queues Router Silver Gold Bronze Packet source Four priority classes Classifier Policer Twelve priority/drop classes Packets with DiffServ mark Figure 5-37. A possible implementation of assured forwarding. weighted fair queueing for the four priority classes, with higher classes given higher weights. In this way, the higher classes will get most of the bandwidth, but the lower classes will not be starved of bandwidth entirely. For example, if the weights double from one class to the next higher class, the higher class will get twice the bandwidth. Within a priority class, packets with a higher discard class can be preferentially dropped by running an algorithm such as RED (Random Early Detection), which we saw in Sec. 5.3.5. RED will start to drop packets as congestion builds but before the router has run out of buffer space. At this stage, there is still buffer space with which to accept low discard packets while dropping high discard packets. 5.5 INTERNETWORKING Until now, we have implicitly assumed that there is a single homogeneous network, with each machine using the same protocol in each layer. Unfortunately, this assumption is wildly optimistic. Many different networks exist, including PANs, LANs, MANs, and WANs. We have described Ethernet, Internet over cable, the fixed and mobile telephone networks, 802.11, 802.16, and more. Num- erous protocols are in widespread use across these networks in every layer. In the following sections, we will take a careful look at the issues that arise when two or more networks are connected to form an internetwork , or more simply an inter- net. It would be much simpler to join networks together if everyone used a single networking technology, and it is often the case that there is a dominant kind of network, such as Ethernet. Some pundits speculate that the multiplicity of technol- ogies will go away as soon as everyone realizes how wonderful [fill in your favor- ite network] is. Do not count on it. History shows this to be wishful thinking. Dif- ferent kinds of networks grapple with different problems, so, for example, Ether- net and satellite networks are always likely to differ. Reusing existing systems, such as running data networks on top of cable, the telephone network, and power SEC. 5.5 INTERNETWORKING 425 lines, adds constraints that cause the features of the networks to diverge. Hetero- geneity is here to stay. If there will always be different networks, it would be simpler if we did not need to interconnect them. This also is unlikely. Bob Metcalfe postulated that the value of a network with N nodes is the number of connections that may be made between the nodes, or N 2 (Gilder, 1993). This means that large networks are much more valuable than small networks because they allow many more con- nections, so there always will be an incentive to combine smaller networks. The Internet is the prime example of this interconnection. (We will write In- ternet with a capital ‘‘I’’ to distinguish it from other internets, or connected net- works.) The purpose of joining all these networks is to allow users on any of them to communicate with users on all the other ones. When you pay an ISP for Internet service, you may be charged depending on the bandwidth of your line, but what you are really paying for is the ability to exchange packets with any other host that is also connected to the Internet. After all, the Internet would not be very popular if you could only send packets to other hosts in the same city. Since networks often differ in important ways, getting packets from one net- work to another is not always so easy. We must address problems of hetero- geneity, and also problems of scale as the resulting internet grows very large. We will begin by looking at how networks can differ to see what we are up against. Then we shall see the approach used so successfully by IP (Internet Protocol), the network layer protocol of the Internet, including techniques for tunneling through networks, routing in internetworks, and packet fragmentation. 5.5.1 How Networks Differ Networks can differ in many ways. Some of the differences, such as different modulation techniques or frame formats, are internal to the physical and data link layers. These differences will not concern us here. Instead, in Fig. 5-38 we list some of the differences that can be exposed to the network layer. It is papering over these differences that makes internetworking more difficult than operating within a single network. When packets sent by a source on one network must transit one or more for- eign networks before reaching the destination network, many problems can occur at the interfaces between networks. To start with, the source needs to be able to address the destination. What do we do if the source is on an Ethernet network and the destination is on a WiMAX network? Assuming we can even specify a WiMAX destination from an Ethernet network, packets would cross from a con- nectionless network to a connection-oriented one. This may require that a new connection be set up on short notice, which injects a delay, and much overhead if the connection is not used for many more packets. Many specific differences may have to be accommodated as well. How do we multicast a packet to a group with some members on a network that does not 426 THE NETWORK LAYER CHAP. 5 Item Some Possibilities Service offered Connectionless versus connection oriented Addressing Different sizes, flat or hierarchical Broadcasting Present or absent (also multicast) Packet size Every network has its own maximum Ordering Ordered and unordered delivery Quality of service Present or absent; many different kinds Reliability Different levels of loss Security Privacy rules, encryption, etc. Parameters Different timeouts, flow specifications, etc. Accounting By connect time, packet, byte, or not at all Figure 5-38. Some of the many ways networks can differ. support multicast? The differing max packet sizes used by different networks can be a major nuisance, too. How do you pass an 8000-byte packet through a net- work whose maximum size is 1500 bytes? If packets on a connection-oriented network transit a connectionless network, they may arrive in a different order than they were sent. That is something the sender likely did not expect, and it might come as an (unpleasant) surprise to the receiver as well. These kinds of differences can be papered over, with some effort. For ex- ample, a gateway joining two networks might generate separate packets for each destination in lieu of better network support for multicasting. A large packet might be broken up, sent in pieces, and then joined back together. Receivers might buffer packets and deliver them in order. Networks also can differ in large respects that are more difficult to reconcile. The clearest example is quality of service. If one network has strong QoS and the other offers best effort service, it will be impossible to make bandwidth and delay guarantees for real-time traffic end to end. In fact, they can likely only be made while the best-effort network is operated at a low utilization, or hardly used, which is unlikely to be the goal of most ISPs. Security mechanisms are prob- lematic, but at least encryption for confidentiality and data integrity can be lay- ered on top of networks that do not already include it. Finally, differences in ac- counting can lead to unwelcome bills when normal usage suddenly becomes ex- pensive, as roaming mobile phone users with data plans have discovered. 5.5.2 How Networks Can Be Connected There are two basic choices for connecting different networks: we can build devices that translate or convert packets from each kind of network into packets for each other network, or, like good computer scientists, we can try to solve the SEC. 5.5 INTERNETWORKING 427 problem by adding a layer of indirection and building a common layer on top of the different networks. In either case, the devices are placed at the boundaries be- tween networks. Early on, Cerf and Kahn (1974) argued for a common layer to hide the dif- ferences of existing networks. This approach has been tremendously successful, and the layer they proposed was eventually separated into the TCP and IP proto- cols. Almost four decades later, IP is the foundation of the modern Internet. For this accomplishment, Cerf and Kahn were awarded the 2004 Turing Award, infor- mally known as the Nobel Prize of computer science. IP provides a universal packet format that all routers recognize and that can be passed through almost every network. IP has extended its reach from computer networks to take over the telephone network. It also runs on sensor networks and other tiny devices that were once presumed too resource-constrained to support it. We have discussed several different devices that connect networks, including repeaters, hubs, switches, bridges, routers, and gateways. Repeaters and hubs just move bits from one wire to another. They are mostly analog devices and do not understand anything about higher layer protocols. Bridges and switches operate at the link layer. They can be used to build networks, but only with minor protocol translation in the process, for example, between 10, 100 and 1000 Mbps Ethernet switches. Our focus in this section is interconnection devices that operate at the network layer, namely the routers. We will leave gateways, which are higher- layer interconnection devices, until later. Let us first explore at a high level how interconnection with a common net- work layer can be used to interconnect dissimilar networks. An internet comprised of 802.11, MPLS, and Ethernet networks is shown in Fig. 5-39(a). Suppose that the source machine on the 802.11 network wants to send a packet to the destination machine on the Ethernet network. Since these technologies are dif- ferent, and they are further separated by another kind of network (MPLS), some added processing is needed at the boundaries between the networks. Because different networks may, in general, have different forms of ad- dressing, the packet carries a network layer address that can identify any host a- cross the three networks. The first boundary the packet reaches is when it tran- sitions from an 802.11 network to an MPLS network. 802.11 provides a con- nectionless service, but MPLS provides a connection-oriented service. This means that a virtual circuit must be set up to cross that network. Once the packet has traveled along the virtual circuit, it will reach the Ethernet network. At this boundary, the packet may be too large to be carried, since 802.11 can work with larger frames than Ethernet. To handle this problem, the packet is divided into fragments, and each fragment is sent separately. When the fragments reach the destination, they are reassembled. Then the packet has completed its journey. The protocol processing for this journey is shown in Fig. 5-39(b). The source accepts data from the transport layer and generates a packet with the common net- work layer header, which is IP in this example. The network header contains the 428 THE NETWORK LAYER CHAP. 5 802.11 MPLS Ethernet Source Destination Packet Virtual circuit 802.11 IP IP Router Router 802.11 IP IP MPLSIP Eth IP IPMPLS IP IP Eth IP Physical (a) (b) Data from transport layer Figure 5-39. (a) A packet crossing different networks. (b) Network and link layer protocol processing. ultimate destination address, which is used to determine that the packet should be sent via the first router. So the packet is encapsulated in an 802.11 frame whose destination is the first router and transmitted. At the router, the packet is removed from the frame’s data field and the 802.11 frame header is discarded. The router now examines the IP address in the packet and looks up this address in its routing table. Based on this address, it decides to send the packet to the second router next. For this part of the path, an MPLS virtual circuit must be established to the second router and the packet must be encapsulated with MPLS headers that travel this circuit. At the far end, the MPLS header is discarded and the network address is again consulted to find the next network layer hop. It is the destination itself. Since the packet is too long to be sent over Ethernet, it is split into two portions. Each of these portions is put into the data field of an Ethernet frame and sent to the Ethernet address of the destination. At the destination, the Ethernet header is stripped from each of the frames, and the contents are reassembled. The packet has finally reached its destination. Observe that there is an essential difference between the routed case and the switched (or bridged) case. With a router, the packet is extracted from the frame and the network address in the packet is used for deciding where to send it. With a switch (or bridge), the entire frame is transported on the basis of its MAC ad- dress. Switches do not have to understand the network layer protocol being used to switch packets. Routers do. Unfortunately, internetworking is not as easy as we have made it sound. In fact, when bridges were introduced, it was intended that they would join different types of networks, or at least different types of LANs. They were to do this by translating frames from one LAN into frames from another LAN. However, this SEC. 5.5 INTERNETWORKING 429 did not work well, for the same reason that internetworking is difficult: the dif- ferences in the features of LANs, such as different maximum packet sizes and LANs with and without priority classes, are hard to mask. Today, bridges are predominantly used to connect the same kind of network at the link layer, and routers connect different networks at the network layer. Internetworking has been very successful at building large networks, but it only works when there is a common network layer. There have, in fact, been many network protocols over time. Getting everybody to agree on a single format is difficult when companies perceive it to their commercial advantage to have a proprietary format that they control. Examples besides IP, which is now the near-universal network protocol, were IPX, SNA, and AppleTalk. None of these protocols are still in widespread use, but there will always be other protocols. The most relevant example now is probably IPv4 and IPv6. While these are both ver- sions of IP, they are not compatible (or it would not have been necessary to create IPv6). A router that can handle multiple network protocols is called a multiprotocol router. It must either translate the protocols, or leave connection for a higher protocol layer. Neither approach is entirely satisfactory. Connection at a higher layer, say, by using TCP, requires that all the networks implement TCP (which may not be the case). Then, it limits usage across the networks to applications that use TCP (which does not include many real-time applications). The alternative is to translate packets between the networks. However, unless the packet formats are close relatives with the same information fields, such conversions will always be incomplete and often doomed to failure. For example, IPv6 addresses are 128 bits long. They will not fit in a 32-bit IPv4 address field, no matter how hard the router tries. Getting IPv4 and IPv6 to run in the same net- work has proven to be a major obstacle to the deployment of IPv6. (To be fair, so has getting customers to understand why they should want IPv6 in the first place.) Greater problems can be expected when translating between fundamentally dif- ferent protocols, such as connectionless and connection-oriented network proto- cols. Given these difficulties, conversion is only rarely attempted. Arguably, even IP has only worked so well by serving as a kind of lowest common denomi- nator. It requires little of the networks on which it runs, but offers only best-effort service as a result. 5.5.3 Tunneling Handling the general case of making two different networks interwork is exceedingly difficult. However, there is a common special case that is man- ageable even for different network protocols. This case is where the source and destination hosts are on the same type of network, but there is a different network in between. As an example, think of an international bank with an IPv6 network 430 THE NETWORK LAYER CHAP. 5 in Paris, an IPv6 network in London and connectivity between the offices via the IPv4 Internet. This situation is shown in Fig. 5-40. IPv6 IPv4 IPv6 Paris London Tunnel Router Router IPv4 IPv6 packet IPv6 packetIPv6 packet Figure 5-40. Tunneling a packet from Paris to London. The solution to this problem is a technique called tunneling. To send an IP packet to a host in the London office, a host in the Paris office constructs the packet containing an IPv6 address in London, and sends it to the multiprotocol router that connects the Paris IPv6 network to the IPv4 Internet. When this router gets the IPv6 packet, it encapsulates the packet with an IPv4 header addressed to the IPv4 side of the multiprotocol router that connects to the London IPv6 net- work. That is, the router puts a (IPv6) packet inside a (IPv4) packet. When this wrapped packet arrives, the London router removes the original IPv6 packet and sends it onward to the destination host. The path through the IPv4 Internet can be seen as a big tunnel extending from one multiprotocol router to the other. The IPv6 packet just travels from one end of the tunnel to the other, snug in its nice box. It does not have to worry about dealing with IPv4 at all. Neither do the hosts in Paris or London. Only the multi- protocol routers have to understand both IPv4 and IPv6 packets. In effect, the en- tire trip from one multiprotocol router to the other is like a hop over a single link. An analogy may make tunneling clearer. Consider a person driving her car from Paris to London. Within France, the car moves under its own power, but when it hits the English Channel, it is loaded onto a high-speed train and tran- sported to England through the Chunnel (cars are not permitted to drive through the Chunnel). Effectively, the car is being carried as freight, as depicted in Fig. 5-41. At the far end, the car is let loose on the English roads and once again continues to move under its own power. Tunneling of packets through a foreign network works the same way. Tunneling is widely used to connect isolated hosts and networks using other networks. The network that results is called an overlay since it has effectively been overlaid on the base network. Deployment of a network protocol with a new feature is a common reason, as our ‘‘IPv6 over IPv4’’ example shows. The disad- vantage of tunneling is that none of the hosts on the network that is tunneled over can be reached because the packets cannot escape in the middle of the tunnel. SEC. 5.5 INTERNETWORKING 431 Car English Channel Paris London Railroad track Railroad carriage Figure 5-41. Tunneling a car from France to England. However, this limitation of tunnels is turned into an advantage with VPNs (Vir- tual Private Networks). A VPN is simply an overlay that is used to provide a measure of security. We will explore VPNs when we get to Chap. 8. 5.5.4 Internetwork Routing Routing through an internet poses the same basic problem as routing within a single network, but with some added complications. To start, the networks may internally use different routing algorithms. For example, one network may use link state routing and another distance vector routing. Since link state algorithms need to know the topology but distance vector algorithms do not, this difference alone would make it unclear how to find the shortest paths across the internet. Networks run by different operators lead to bigger problems. First, the opera- tors may have different ideas about what is a good path through the network. One operator may want the route with the least delay, while another may want the most inexpensive route. This will lead the operators to use different quantities to set the shortest-path costs (e.g., milliseconds of delay vs. monetary cost). The weights will not be comparable across networks, so shortest paths on the internet will not be well defined. Worse yet, one operator may not want another operator to even know the de- tails of the paths in its network, perhaps because the weights and paths may reflect sensitive information (such as the monetary cost) that represents a competitive business advantage. Finally, the internet may be much larger than any of the networks that comprise it. It may therefore require routing algorithms that scale well by using a hierarchy, even if none of the individual networks need to use a hierarchy. All of these considerations lead to a two-level routing algorithm. Within each network, an intradomain or interior gateway protocol is used for routing. (‘‘Gateway’’ is an older term for ‘‘router.’’) It might be a link state protocol of the kind we have already described. Across the networks that make up the internet, an interdomain or exterior gateway protocol is used. The networks may all use different intradomain protocols, but they must use the same interdomain protocol. 432 THE NETWORK LAYER CHAP. 5 In the Internet, the interdomain routing protocol is called BGP (Border Gateway Protocol). We will describe it in the next section. There is one more important term to introduce. Since each network is oper- ated independently of all the others, it is often referred to as an AS (Autonomous System). A good mental model for an AS is an ISP network. In fact, an ISP net- work may be comprised of more than one AS, if it is managed, or, has been ac- quired, as multiple networks. But the difference is usually not significant. The two levels are usually not strictly hierarchical, as highly suboptimal paths might result if a large international network and a small regional network were both abstracted to be a single network. However, relatively little information about routes within the networks is exposed to find routes across the internetwork. This helps to address all of the complications. It improves scaling and lets opera- tors freely select routes within their own networks using a protocol of their choos- ing. It also does not require weights to be compared across networks or expose sensitive information outside of networks. However, we have said little so far about how the routes across the networks of the internet are determined. In the Internet, a large determining factor is the business arrangements between ISPs. Each ISP may charge or receive money from the other ISPs for carrying traffic. Another factor is that if internetwork routing requires crossing international boundaries, various laws may suddenly come into play, such as Sweden’s strict privacy laws about exporting personal data about Swedish citizens from Sweden. All of these nontechnical factors are wrapped up in the concept of a routing policy that governs the way autonomous networks select the routes that they use. We will return to routing policies when we describe BGP. 5.5.5 Packet Fragmentation Each network or link imposes some maximum size on its packets. These lim- its have various causes, among them 1. Hardware (e.g., the size of an Ethernet frame). 2. Operating system (e.g., all buffers are 512 bytes). 3. Protocols (e.g., the number of bits in the packet length field). 4. Compliance with some (inter)national standard. 5. Desire to reduce error-induced retransmissions to some level. 6. Desire to prevent one packet from occupying the channel too long. The result of all these factors is that the network designers are not free to choose any old maximum packet size they wish. Maximum payloads for some common SEC. 5.5 INTERNETWORKING 433 technologies are 1500 bytes for Ethernet and 2272 bytes for 802.11. IP is more generous, allows for packets as big as 65,515 bytes. Hosts usually prefer to transmit large packets because this reduces packet overheads such as bandwidth wasted on header bytes. An obvious internetwork- ing problem appears when a large packet wants to travel through a network whose maximum packet size is too small. This nuisance has been a persistent issue, and solutions to it have evolved along with much experience gained on the Internet. One solution is to make sure the problem does not occur in the first place. However, this is easier said than done. A source does not usually know the path a packet will take through the network to a destination, so it certainly does not know how small packets must be to get there. This packet size is called the Path MTU (Path Maximum Transmission Unit). Even if the source did know the path MTU, packets are routed independently in a connectionless network such as the Internet. This routing means that paths may suddenly change, which can unexpectedly change the path MTU. The alternative solution to the problem is to allow routers to break up packets into fragments, sending each fragment as a separate network layer packet. How- ever, as every parent of a small child knows, converting a large object into small fragments is considerably easier than the reverse process. (Physicists have even given this effect a name: the second law of thermodynamics.) Packet-switching networks, too, have trouble putting the fragments back together again. Two opposing strategies exist for recombining the fragments back into the original packet. The first strategy is to make fragmentation caused by a ‘‘small- packet’’ network transparent to any subsequent networks through which the pack- et must pass on its way to the ultimate destination. This option is shown in Fig. 5- 42(a). In this approach, when an oversized packet arrives at G1, the router breaks it up into fragments. Each fragment is addressed to the same exit router, G2, where the pieces are recombined. In this way, passage through the small-packet network is made transparent. Subsequent networks are not even aware that frag- mentation has occurred. Transparent fragmentation is straightforward but has some problems. For one thing, the exit router must know when it has received all the pieces, so either a count field or an ‘‘end of packet’’ bit must be provided. Also, because all packets must exit via the same router so that they can be reassembled, the routes are con- strained. By not allowing some fragments to follow one route to the ultimate dest- ination and other fragments a disjoint route, some performance may be lost. More significant is the amount of work that the router may have to do. It may need to buffer the fragments as they arrive, and decide when to throw them away if not all of the fragments arrive. Some of this work may be wasteful, too, as the packet may pass through a series of small packet networks and need to be repeatedly fragmented and reassembled. The other fragmentation strategy is to refrain from recombining fragments at any intermediate routers. Once a packet has been fragmented, each fragment is 434 THE NETWORK LAYER CHAP. 5 G1 G2 G3 G4 G1 G2 G3 G4 Packet Network 1 G1 fragments a large packet G2 reassembles the fragments G3 fragments again G4 reassembles again Network 2 (a) Packet G1 fragments a large packet The fragments are not reassembled until the final destination (a host) is reached (b) Figure 5-42. (a) Transparent fragmentation. (b) Nontransparent fragmentation. treated as though it were an original packet. The routers pass the fragments, as shown in Fig. 5-42(b), and reassembly is performed only at the destination host. The main advantage of nontransparent fragmentation is that it requires routers to do less work. IP works this way. A complete design requires that the fragments be numbered in such a way that the original data stream can be reconstructed. The design used by IP is to give every fragment a packet number (carried on all packets), an absolute byte offset within the packet, and a flag indicating whether it is the end of the packet. An example is shown in Fig. 5-43. While simple, this design has some attractive properties. Fragments can be placed in a buffer at the destination in the right place for reassembly, even if they arrive out of order. Fragments can also be fragmented if they pass over a network with a yet smaller MTU. This is shown in Fig. 5-43(c). Retransmissions of the packet (if all frag- ments were not received) can be fragmented into different pieces. Finally, frag- ments can be of arbitrary size, down to a single byte plus the packet header. In all cases, the destination simply uses the packet number and fragment offset to place the data in the right position, and the end-of-packet flag to determine when it has the complete packet. Unfortunately, this design still has problems. The overhead can be higher than with transparent fragmentation because fragment headers are now carried over some links where they may not be needed. But the real problem is the exist- ence of fragments in the first place. Kent and Mogul (1987) argued that frag- mentation is detrimental to performance because, as well as the header overheads, a whole packet is lost if any of its fragments are lost, and because fragmentation is more of a burden for hosts than was originally realized. SEC. 5.5 INTERNETWORKING 435 Number of the first elementary fragment in this packet Packet number End of packet bit 27 0 1 A B C D E F G H I J 27 0 0 A B C D E F G H 27 8 1 I J 27 0 0 A B C D E 27 5 0 F G H 27 8 1 I J Header 1 byte Header Header Header Header Header (a) (b) (c) Figure 5-43. Fragmentation when the elementary data size is 1 byte. (a) Origi- nal packet, containing 10 data bytes. (b) Fragments after passing through a net- work with maximum packet size of 8 payload bytes plus header. (c) Fragments after passing through a size 5 gateway. This leads us back to the original solution of getting rid of fragmentation in the network, the strategy used in the modern Internet. The process is called path MTU discovery (Mogul and Deering, 1990). It works as follows. Each IP packet is sent with its header bits set to indicate that no fragmentation is allowed to be performed. If a router receives a packet that is too large, it generates an error packet, returns it to the source, and drops the packet. This is shown in Fig. 5-44. When the source receives the error packet, it uses the information inside to refrag- ment the packet into pieces that are small enough for the router to handle. If a router further down the path has an even smaller MTU, the process is repeated. Source Destination Packet (with length) “Try 900”“Try 1200” 1200 9001400 Figure 5-44. Path MTU discovery. 436 THE NETWORK LAYER CHAP. 5 The advantage of path MTU discovery is that the source now knows what length packet to send. If the routes and path MTU change, new error packets will be triggered and the source will adapt to the new path. However, fragmentation is still needed between the source and the destination unless the higher layers learn the path MTU and pass the right amount of data to IP. TCP and IP are typically implemented together (as ‘‘TCP/IP’’) to be able to pass this sort of information. Even if this is not done for other protocols, fragmentation has still been moved out of the network and into the hosts. The disadvantage of path MTU discovery is that there may be added startup delays simply to send a packet. More than one round-trip delay may be needed to probe the path and find the MTU before any data is delivered to the destination. This begs the question of whether there are better designs. The answer is proba- bly ‘‘Yes.’’ Consider the design in which each router simply truncates packets that exceed its MTU. This would ensure that the destination learns the MTU as rapidly as possible (from the amount of data that was delivered) and receives some of the data. 5.6 THE NETWORK LAYER IN THE INTERNET It is now time to discuss the network layer of the Internet in detail. But before getting into specifics, it is worth taking a look at the principles that drove its de- sign in the past and made it the success that it is today. All too often, nowadays, people seem to have forgotten them. These principles are enumerated and dis- cussed in RFC 1958, which is well worth reading (and should be mandatory for all protocol designers—with a final exam at the end). This RFC draws heavily on ideas put forth by Clark (1988) and Saltzer et al. (1984). We will now summarize what we consider to be the top 10 principles (from most important to least impor- tant). 1. Make sure it works. Do not finalize the design or standard until multiple prototypes have successfully communicated with each other. All too often, designers first write a 1000-page standard, get it approved, then discover it is deeply flawed and does not work. Then they write version 1.1 of the standard. This is not the way to go. 2. Keep it simple. When in doubt, use the simplest solution. William of Occam stated this principle (Occam’s razor) in the 14th century. Put in modern terms: fight features. If a feature is not absolutely es- sential, leave it out, especially if the same effect can be achieved by combining other features. 3. Make clear choices. If there are several ways of doing the same thing, choose one. Having two or more ways to do the same thing is looking for trouble. Standards often have multiple options or modes SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 437 or parameters because several powerful parties insist that their way is best. Designers should strongly resist this tendency. Just say no. 4. Exploit modularity. This principle leads directly to the idea of hav- ing protocol stacks, each of whose layers is independent of all the other ones. In this way, if circumstances require one module or layer to be changed, the other ones will not be affected. 5. Expect heterogeneity. Different types of hardware, transmission facilities, and applications will occur on any large network. To handle them, the network design must be simple, general, and flexi- ble. 6. Avoid static options and parameters. If parameters are unavoid- able (e.g., maximum packet size), it is best to have the sender and re- ceiver negotiate a value rather than defining fixed choices. 7. Look for a good design; it need not be perfect. Often, the de- signers have a good design but it cannot handle some weird special case. Rather than messing up the design, the designers should go with the good design and put the burden of working around it on the people with the strange requirements. 8. Be strict when sending and tolerant when receiving. In other words, send only packets that rigorously comply with the standards, but expect incoming packets that may not be fully conformant and try to deal with them. 9. Think about scalability. If the system is to handle millions of hosts and billions of users effectively, no centralized databases of any kind are tolerable and load must be spread as evenly as possible over the available resources. 10. Consider performance and cost. If a network has poor per- formance or outrageous costs, nobody will use it. Let us now leave the general principles and start looking at the details of the Internet’s network layer. In the network layer, the Internet can be viewed as a collection of networks or ASes (Autonomous Systems) that are interconnected. There is no real structure, but several major backbones exist. These are con- structed from high-bandwidth lines and fast routers. The biggest of these back- bones, to which everyone else connects to reach the rest of the Internet, are called Tier 1 networks. Attached to the backbones are ISPs (Internet Service Pro- viders) that provide Internet access to homes and businesses, data centers and colocation facilities full of server machines, and regional (mid-level) networks. The data centers serve much of the content that is sent over the Internet. Attached 438 THE NETWORK LAYER CHAP. 5 to the regional networks are more ISPs, LANs at many universities and com- panies, and other edge networks. A sketch of this quasihierarchical organization is given in Fig. 5-45. Leased lines to Asia A U.S. backbone Leased transatlantic lines A European backbone National network Company network Ethernet IP router Mobile network WiMAX Cable Home network Regional network Figure 5-45. The Internet is an interconnected collection of many networks. The glue that holds the whole Internet together is the network layer protocol, IP (Internet Protocol). Unlike most older network layer protocols, IP was de- signed from the beginning with internetworking in mind. A good way to think of the network layer is this: its job is to provide a best-effort (i.e., not guaranteed) way to transport packets from source to destination, without regard to whether these machines are on the same network or whether there are other networks in between them. Communication in the Internet works as follows. The transport layer takes data streams and breaks them up so that they may be sent as IP packets. In theory, packets can be up to 64 KB each, but in practice they are usually not more than 1500 bytes (so they fit in one Ethernet frame). IP routers forward each packet through the Internet, along a path from one router to the next, until the destination is reached. At the destination, the network layer hands the data to the transport layer, which gives it to the receiving process. When all the pieces finally get to the destination machine, they are reassembled by the network layer into the origi- nal datagram. This datagram is then handed to the transport layer. In the example of Fig. 5-45, a packet originating at a host on the home net- work has to traverse four networks and a large number of IP routers before even getting to the company network on which the destination host is located. This is SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 439 not unusual in practice, and there are many longer paths. There is also much redundant connectivity in the Internet, with backbones and ISPs connecting to each other in multiple locations. This means that there are many possible paths between two hosts. It is the job of the IP routing protocols to decide which paths to use. 5.6.1 The IP Version 4 Protocol An appropriate place to start our study of the network layer in the Internet is with the format of the IP datagrams themselves. An IPv4 datagram consists of a header part and a body or payload part. The header has a 20-byte fixed part and a variable-length optional part. The header format is shown in Fig. 5-46. The bits are transmitted from left to right and top to bottom, with the high-order bit of the Version field going first. (This is a ‘‘big-endian’’ network byte order. On little- endian machines, such as Intel x86 computers, a software conversion is required on both transmission and reception.) In retrospect, little endian would have been a better choice, but at the time IP was designed, no one knew it would come to dominate computing. Version IHL Total length Time to live Protocol Differentiated services Identification Header checksum Fragment offset Source address Destination address Options (0 or more words) D F M F 32 Bits Figure 5-46. The IPv4 (Internet Protocol) header. The Version field keeps track of which version of the protocol the datagram belongs to. Version 4 dominates the Internet today, and that is where we have started our discussion. By including the version at the start of each datagram, it becomes possible to have a transition between versions over a long period of time. In fact, IPv6, the next version of IP, was defined more than a decade ago, yet is only just beginning to be deployed. We will describe it later in this section. Its use will eventually be forced when each of China’s almost 231 people has a desk- top PC, a laptop, and an IP phone. As an aside on numbering, IPv5 was an exper- imental real-time stream protocol that was never widely used. 440 THE NETWORK LAYER CHAP. 5 Since the header length is not constant, a field in the header, IHL, is provided to tell how long the header is, in 32-bit words. The minimum value is 5, which applies when no options are present. The maximum value of this 4-bit field is 15, which limits the header to 60 bytes, and thus the Options field to 40 bytes. For some options, such as one that records the route a packet has taken, 40 bytes is far too small, making those options useless. The Differentiated services field is one of the few fields that has changed its meaning (slightly) over the years. Originally, it was called the Type of service field. It was and still is intended to distinguish between different classes of ser- vice. Various combinations of reliability and speed are possible. For digitized voice, fast delivery beats accurate delivery. For file transfer, error-free transmis- sion is more important than fast transmission. The Type of service field provided 3 bits to signal priority and 3 bits to signal whether a host cared more about delay, throughput, or reliability. However, no one really knew what to do with these bits at routers, so they were left unused for many years. When differentiated services were designed, IETF threw in the towel and reused this field. Now, the top 6 bits are used to mark the packet with its service class; we described the expedited and assured services earlier in this chapter. The bottom 2 bits are used to carry expli- cit congestion notification information, such as whether the packet has experi- enced congestion; we described explicit congestion notification as part of conges- tion control earlier in this chapter. The Total length includes everything in the datagram—both header and data. The maximum length is 65,535 bytes. At present, this upper limit is tolerable, but with future networks, larger datagrams may be needed. The Identification field is needed to allow the destination host to determine which packet a newly arrived fragment belongs to. All the fragments of a packet contain the same Identification value. Next comes an unused bit, which is surprising, as available real estate in the IP header is extremely scarce. As an April Fool’s joke, Bellovin (2003) proposed using this bit to detect malicious traffic. This would greatly simplify security, as packets with the ‘‘evil’’ bit set would be known to have been sent by attackers and could just be discarded. Unfortunately, network security is not this simple. Then come two 1-bit fields related to fragmentation. DF stands for Don’t Fragment. It is an order to the routers not to fragment the packet. Originally, it was intended to support hosts incapable of putting the pieces back together again. Now it is used as part of the process to discover the path MTU, which is the larg- est packet that can travel along a path without being fragmented. By marking the datagram with the DF bit, the sender knows it will either arrive in one piece, or an error message will be returned to the sender. MF stands for More Fragments. All fragments except the last one have this bit set. It is needed to know when all fragments of a datagram have arrived. The Fragment offset tells where in the current packet this fragment belongs. All fragments except the last one in a datagram must be a multiple of 8 bytes, the SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 441 elementary fragment unit. Since 13 bits are provided, there is a maximum of 8192 fragments per datagram, supporting a maximum packet length up to the limit of the Total length field. Working together, the Identification, MF, and Fragment offset fields are used to implement fragmentation as described in Sec. 5.5.5. The TtL (Time to live) field is a counter used to limit packet lifetimes. It was originally supposed to count time in seconds, allowing a maximum lifetime of 255 sec. It must be decremented on each hop and is supposed to be decremented mul- tiple times when a packet is queued for a long time in a router. In practice, it just counts hops. When it hits zero, the packet is discarded and a warning packet is sent back to the source host. This feature prevents packets from wandering around forever, something that otherwise might happen if the routing tables ever become corrupted. When the network layer has assembled a complete packet, it needs to know what to do with it. The Protocol field tells it which transport process to give the packet to. TCP is one possibility, but so are UDP and some others. The num- bering of protocols is global across the entire Internet. Protocols and other assign- ed numbers were formerly listed in RFC 1700, but nowadays they are contained in an online database located at www.iana.org. Since the header carries vital information such as addresses, it rates its own checksum for protection, the Header checksum. The algorithm is to add up all the 16-bit halfwords of the header as they arrive, using one’s complement arithmetic, and then take the one’s complement of the result. For purposes of this algorithm, the Header checksum is assumed to be zero upon arrival. Such a checksum is useful for detecting errors while the packet travels through the network. Note that it must be recomputed at each hop because at least one field always changes (the Time to live field), but tricks can be used to speed up the computation. The Source address and Destination address indicate the IP address of the source and destination network interfaces. We will discuss Internet addresses in the next section. The Options field was designed to provide an escape to allow subsequent ver- sions of the protocol to include information not present in the original design, to permit experimenters to try out new ideas, and to avoid allocating header bits to information that is rarely needed. The options are of variable length. Each begins with a 1-byte code identifying the option. Some options are followed by a 1-byte option length field, and then one or more data bytes. The Options field is padded out to a multiple of 4 bytes. Originally, the five options listed in Fig. 5-47 were defined. The Security option tells how secret the information is. In theory, a military router might use this field to specify not to route packets through certain countries the military considers to be ‘‘bad guys.’’ In practice, all routers ignore it, so its only practical function is to help spies find the good stuff more easily. The Strict source routing option gives the complete path from source to desti- nation as a sequence of IP addresses. The datagram is required to follow that www.iana.org 442 THE NETWORK LAYER CHAP. 5 Option Description Security Specifies how secret the datagram is Strict source routing Gives the complete path to be followed Loose source routing Gives a list of routers not to be missed Record route Makes each router append its IP address Timestamp Makes each router append its address and timestamp Figure 5-47. Some of the IP options. exact route. It is most useful for system managers who need to send emergency packets when the routing tables have been corrupted, or for making timing meas- urements. The Loose source routing option requires the packet to traverse the list of routers specified, in the order specified, but it is allowed to pass through other routers on the way. Normally, this option will provide only a few routers, to force a particular path. For example, to force a packet from London to Sydney to go west instead of east, this option might specify routers in New York, Los Angeles, and Honolulu. This option is most useful when political or economic consid- erations dictate passing through or avoiding certain countries. The Record route option tells each router along the path to append its IP ad- dress to the Options field. This allows system managers to track down bugs in the routing algorithms (‘‘Why are packets from Houston to Dallas visiting Tokyo first?’’). When the ARPANET was first set up, no packet ever passed through more than nine routers, so 40 bytes of options was plenty. As mentioned above, now it is too small. Finally, the Timestamp option is like the Record route option, except that in addition to recording its 32-bit IP address, each router also records a 32-bit time- stamp. This option, too, is mostly useful for network measurement. Today, IP options have fallen out of favor. Many routers ignore them or do not process them efficiently, shunting them to the side as an uncommon case. That is, they are only partly supported and they are rarely used. 5.6.2 IP Addresses A defining feature of IPv4 is its 32-bit addresses. Every host and router on the Internet has an IP address that can be used in the Source address and Destina- tion address fields of IP packets. It is important to note that an IP address does not actually refer to a host. It really refers to a network interface, so if a host is on two networks, it must have two IP addresses. However, in practice, most hosts are on one network and thus have one IP address. In contrast, routers have multi- ple interfaces and thus multiple IP addresses. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 443 Prefixes IP addresses are hierarchical, unlike Ethernet addresses. Each 32-bit address is comprised of a variable-length network portion in the top bits and a host portion in the bottom bits. The network portion has the same value for all hosts on a sin- gle network, such as an Ethernet LAN. This means that a network corresponds to a contiguous block of IP address space. This block is called a prefix. IP addresses are written in dotted decimal notation. In this format, each of the 4 bytes is written in decimal, from 0 to 255. For example, the 32-bit hexade- cimal address 80D00297 is written as 128.208.2.151. Prefixes are written by giv- ing the lowest IP address in the block and the size of the block. The size is deter- mined by the number of bits in the network portion; the remaining bits in the host portion can vary. This means that the size must be a power of two. By conven- tion, it is written after the prefix IP address as a slash followed by the length in bits of the network portion. In our example, if the prefix contains 28 addresses and so leaves 24 bits for the network portion, it is written as 128.208.0.0/24. Since the prefix length cannot be inferred from the IP address alone, routing protocols must carry the prefixes to routers. Sometimes prefixes are simply de- scribed by their length, as in a ‘‘/16’’ which is pronounced ‘‘slash 16.’’ The length of the prefix corresponds to a binary mask of 1s in the network portion. When written out this way, it is called a subnet mask. It can be ANDed with the IP ad- dress to extract only the network portion. For our example, the subnet mask is 255.255.255.0. Fig. 5-48 shows a prefix and a subnet mask. 32 bits Network Prefix length = L bits Host Subnet mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 32 – L bits Figure 5-48. An IP prefix and a subnet mask. Hierarchical addresses have significant advantages and disadvantages. The key advantage of prefixes is that routers can forward packets based on only the network portion of the address, as long as each of the networks has a unique ad- dress block. The host portion does not matter to the routers because all hosts on the same network will be sent in the same direction. It is only when the packets reach the network for which they are destined that they are forwarded to the cor- rect host. This makes the routing tables much smaller than they would otherwise be. Consider that the number of hosts on the Internet is approaching one billion. That would be a very large table for every router to keep. However, by using a hierarchy, routers need to keep routes for only around 300,000 prefixes. 444 THE NETWORK LAYER CHAP. 5 While using a hierarchy lets Internet routing scale, it has two disadvantages. First, the IP address of a host depends on where it is located in the network. An Ethernet address can be used anywhere in the world, but every IP address belongs to a specific network, and routers will only be able to deliver packets destined to that address to the network. Designs such as mobile IP are needed to support hosts that move between networks but want to keep the same IP addresses. The second disadvantage is that the hierarchy is wasteful of addresses unless it is carefully managed. If addresses are assigned to networks in (too) large blocks, there will be (many) addresses that are allocated but not in use. This al- location would not matter much if there were plenty of addresses to go around. However, it was realized more than two decades ago that the tremendous growth of the Internet was rapidly depleting the free address space. IPv6 is the solution to this shortage, but until it is widely deployed there will be great pressure to allocate IP addresses so that they are used very efficiently. Subnets Network numbers are managed by a nonprofit corporation called ICANN (Internet Corporation for Assigned Names and Numbers), to avoid conflicts. In turn, ICANN has delegated parts of the address space to various regional authorities, which dole out IP addresses to ISPs and other companies. This is the process by which a company is allocated a block of IP addresses. However, this process is only the start of the story, as IP address assignment is ongoing as companies grow. We have said that routing by prefix requires all the hosts in a network to have the same network number. This property can cause problems as networks grow. For example, consider a university that started out with our example /16 prefix for use by the Computer Science Dept. for the com- puters on its Ethernet. A year later, the Electrical Engineering Dept. wants to get on the Internet. The Art Dept. soon follows suit. What IP addresses should these departments use? Getting further blocks requires going outside the university and may be expensive or inconvenient. Moreover, the /16 already allocated has enough addresses for over 60,000 hosts. It might be intended to allow for signifi- cant growth, but until that happens, it is wasteful to allocate further blocks of IP addresses to the same university. A different organization is required. The solution is to allow the block of addresses to be split into several parts for internal use as multiple networks, while still acting like a single network to the outside world. This is called subnetting and the networks (such as Ethernet LANs) that result from dividing up a larger network are called subnets. As we mentioned in Chap. 1, you should be aware that this new usage of the term con- flicts with older usage of ‘‘subnet’’ to mean the set of all routers and communica- tion lines in a network. Fig. 5-49 shows how subnets can help with our example. The single /16 has been split into pieces. This split does not need to be even, but each piece must be SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 445 aligned so that any bits can be used in the lower host portion. In this case, half of the block (a /17) is allocated to the Computer Science Dept, a quarter is allocated to the Electrical Engineering Dept. (a /18), and one eighth (a /19) to the Art Dept. The remaining eighth is unallocated. A different way to see how the block was di- vided is to look at the resulting prefixes when written in binary notation: Computer Science: 10000000 11010000 1|xxxxxxx xxxxxxxx Electrical Eng.: 10000000 11010000 00|xxxxxx xxxxxxxx Art: 10000000 11010000 011|xxxxx xxxxxxxx Here, the vertical bar (|) shows the boundary between the subnet number and the host portion. Art 128.208.0.0/16 (to Internet) 128.208.96.0/19 EE CS 128.208.128.0/17 128.208.0.0/18 Figure 5-49. Splitting an IP prefix into separate networks with subnetting. When a packet comes into the main router, how does the router know which subnet to give it to? This is where the details of our prefixes come in. One way would be for each router to have a table with 65,536 entries telling it which out- going line to use for each host on campus. But this would undermine the main scaling benefit we get from using a hierarchy. Instead, the routers simply need to know the subnet masks for the networks on campus. When a packet arrives, the router looks at the destination address of the pack- et and checks which subnet it belongs to. The router can do this by ANDing the destination address with the mask for each subnet and checking to see if the result is the corresponding prefix. For example, consider a packet destined for IP ad- dress 128.208.2.151. To see if it is for the Computer Science Dept., we AND with 255.255.128.0 to take the first 17 bits (which is 128.208.0.0) and see if they match the prefix address (which is 128.208.128.0). They do not match. Checking the first 18 bits for the Electrical Engineering Dept., we get 128.208.0.0 when ANDing with the subnet mask. This does match the prefix address, so the packet is forwarded onto the interface which leads to the Electrical Engineering network. 446 THE NETWORK LAYER CHAP. 5 The subnet divisions can be changed later if necessary, by updating all subnet masks at routers inside the university. Outside the network, the subnetting is not visible, so allocating a new subnet does not require contacting ICANN or chang- ing any external databases. CIDR—Classless InterDomain Routing Even if blocks of IP addresses are allocated so that the addresses are used ef- ficiently, there is still a problem that remains: routing table explosion. Routers in organizations at the edge of a network, such as a university, need to have an entry for each of their subnets, telling the router which line to use to get to that network. For routes to destinations outside of the organization, they can use the simple default rule of sending the packets on the line toward the ISP that connects the organization to the rest of the Internet. The other destination ad- dresses must all be out there somewhere. Routers in ISPs and backbones in the middle of the Internet have no such lux- ury. They must know which way to go to get to every network and no simple de- fault will work. These core routers are said to be in the default-free zone of the Internet. No one really knows how many networks are connected to the Internet any more, but it is a large number, probably at least a million. This can make for a very large table. It may not sound large by computer standards, but realize that routers must perform a lookup in this table to forward every packet, and routers at large ISPs may forward up to millions of packets per second. Specialized hard- ware and fast memory are needed to process packets at these rates, not a general- purpose computer. In addition, routing algorithms require each router to exchange information about the addresses it can reach with other routers. The larger the tables, the more information needs to be communicated and processed. The processing grows at least linearly with the table size. Greater communication increases the likelihood that some parts will get lost, at least temporarily, possibly leading to routing insta- bilities. The routing table problem could have been solved by going to a deeper hier- archy, like the telephone network. For example, having each IP address contain a country, state/province, city, network, and host field might work. Then, each router would only need to know how to get to each country, the states or pro- vinces in its own country, the cities in its state or province, and the networks in its city. Unfortunately, this solution would require considerably more than 32 bits for IP addresses and would use addresses inefficiently (and Liechtenstein would have as many bits in its addresses as the United States). Fortunately, there is something we can do to reduce routing table sizes. We can apply the same insight as subnetting: routers at different locations can know about a given IP address as belonging to prefixes of different sizes. However, in- stead of splitting an address block into subnets, here we combine multiple small SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 447 prefixes into a single larger prefix. This process is called route aggregation. The resulting larger prefix is sometimes called a supernet, to contrast with subnets as the division of blocks of addresses. With aggregation, IP addresses are contained in prefixes of varying sizes. The same IP address that one router treats as part of a /22 (a block containing 210 ad- dresses) may be treated by another router as part of a larger /20 (which contains 212 addresses). It is up to each router to have the corresponding prefix infor- mation. This design works with subnetting and is called CIDR (Classless Inter- Domain Routing), which is pronounced ‘‘cider,’’ as in the drink. The most recent version of it is specified in RFC 4632 (Fuller and Li, 2006). The name highlights the contrast with addresses that encode hierarchy with classes, which we will de- scribe shortly. To make CIDR easier to understand, let us consider an example in which a block of 8192 IP addresses is available starting at 194.24.0.0. Suppose that Cam- bridge University needs 2048 addresses and is assigned the addresses 194.24.0.0 through 194.24.7.255, along with mask 255.255.248.0. This is a /21 prefix. Next, Oxford University asks for 4096 addresses. Since a block of 4096 addresses must lie on a 4096-byte boundary, Oxford cannot be given addresses starting at 194.24.8.0. Instead, it gets 194.24.16.0 through 194.24.31.255, along with subnet mask 255.255.240.0. Finally, the University of Edinburgh asks for 1024 ad- dresses and is assigned addresses 194.24.8.0 through 194.24.11.255 and mask 255.255.252.0. These assignments are summarized in Fig. 5-50. University First address Last address How many Prefix Cambridge 194.24.0.0 194.24.7.255 2048 194.24.0.0/21 Edinburgh 194.24.8.0 194.24.11.255 1024 194.24.8.0/22 (Available) 194.24.12.0 194.24.15.255 1024 194.24.12.0/22 Oxford 194.24.16.0 194.24.31.255 4096 194.24.16.0/20 Figure 5-50. A set of IP address assignments. All of the routers in the default-free zone are now told about the IP addresses in the three networks. Routers close to the universities may need to send on a dif- ferent outgoing line for each of the prefixes, so they need an entry for each of the prefixes in their routing tables. An example is the router in London in Fig. 5-51. Now let us look at these three universities from the point of view of a distant router in New York. All of the IP addresses in the three prefixes should be sent from New York (or the U.S. in general) to London. The routing process in London notices this and combines the three prefixes into a single aggregate entry for the prefix 194.24.0.0/19 that it passes to the New York router. This prefix contains 8K addresses and covers the three universities and the otherwise unallocated 1024 ad- dresses. By using aggregation, three prefixes have been reduced to one, reducing 448 THE NETWORK LAYER CHAP. 5 Edinburgh 192.24.0.0/19 (1 aggregate prefix) 192.24.8.0/22 Cambridge Oxford 192.24.16.0/20 192.24.0.0/21 LondonNew York (3 prefixes) Figure 5-51. Aggregation of IP prefixes. the prefixes that the New York router must be told about and the routing table en- tries in the New York router. When aggregation is turned on, it is an automatic process. It depends on which prefixes are located where in the Internet not on the actions of an adminis- trator assigning addresses to networks. Aggregation is heavily used throughout the Internet and can reduce the size of router tables to around 200,000 prefixes. As a further twist, prefixes are allowed to overlap. The rule is that packets are sent in the direction of the most specific route, or the longest matching prefix that has the fewest IP addresses. Longest matching prefix routing provides a use- ful degree of flexibility, as seen in the behavior of the router at New York in Fig. 5-52. This router still uses a single aggregate prefix to send traffic for the three universities to London. However, the previously available block of ad- dresses within this prefix has now been allocated to a network in San Francisco. One possibility is for the New York router to keep four prefixes, sending packets for three of them to London and packets for the fourth to San Francisco. Instead, longest matching prefix routing can handle this forwarding with the two prefixes that are shown. One overall prefix is used to direct traffic for the entire block to London. One more specific prefix is also used to direct a portion of the larger prefix to San Francisco. With the longest matching prefix rule, IP addresses with- in the San Francisco network will be sent on the outgoing line to San Francisco, and all other IP addresses in the larger prefix will be sent to London. Conceptually, CIDR works as follows. When a packet comes in, the routing table is scanned to determine if the destination lies within the prefix. It is possible that multiple entries with different prefix lengths will match, in which case the entry with the longest prefix is used. Thus, if there is a match for a /20 mask and a /24 mask, the /24 entry is used to look up the outgoing line for the packet. How- ever, this process would be tedious if the table were really scanned entry by entry. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 449 192.24.0.0/19 192.24.8.0/22 192.24.16.0/20 192.24.0.0/21 LondonNew York 192.24.12.0/22 San Francisco 192.24.12.0/22 Figure 5-52. Longest matching prefix routing at the New York router. Instead, complex algorithms have been devised to speed up the address matching process (Ruiz-Sanchez et al., 2001). Commercial routers use custom VLSI chips with these algorithms embedded in hardware. Classful and Special Addressing To help you better appreciate why CIDR is so useful, we will briefly relate the design that predated it. Before 1993, IP addresses were divided into the five categories listed in Fig. 5-53. This allocation has come to be called classful addressing. 32 Bits Range of host addresses 1.0.0.0 to 127.255.255.255 128.0.0.0 to 191.255.255.255 192.0.0.0 to 223.255.255.255 224.0.0.0 to 239.255.255.255 240.0.0.0 to 255.255.255.255 Class 0 Network Host 10 Network Host 110 Network Host 1110 Multicast address 1111 Reserved for future use A B C D E Figure 5-53. IP address formats. The class A, B, and C formats allow for up to 128 networks with 16 million hosts each, 16,384 networks with up to 65,536 hosts each, and 2 million networks (e.g., LANs) with up to 256 hosts each (although a few of these are special). Also supported is multicast (the class D format), in which a datagram is directed to multiple hosts. Addresses beginning with 1111 are reserved for use in the future. They would be valuable to use now given the depletion of the IPv4 address space. 450 THE NETWORK LAYER CHAP. 5 Unfortunately, many hosts will not accept these addresses as valid because they have been off-limits for so long and it is hard to teach old hosts new tricks. This is a hierarchical design, but unlike CIDR the sizes of the address blocks are fixed. Over 2 billion addresses exist, but organizing the address space by classes wastes millions of them. In particular, the real villain is the class B net- work. For most organizations, a class A network, with 16 million addresses, is too big, and a class C network, with 256 addresses is too small. A class B net- work, with 65,536, is just right. In Internet folklore, this situation is known as the three bears problem [as in Goldilocks and the Three Bears (Southey, 1848)]. In reality, though, a class B address is far too large for most organizations. Studies have shown that more than half of all class B networks have fewer than 50 hosts. A class C network would have done the job, but no doubt every organiza- tion that asked for a class B address thought that one day it would outgrow the 8- bit host field. In retrospect, it might have been better to have had class C net- works use 10 bits instead of 8 for the host number, allowing 1022 hosts per net- work. Had this been the case, most organizations would probably have settled for a class C network, and there would have been half a million of them (versus only 16,384 class B networks). It is hard to fault the Internet’s designers for not having provided more (and smaller) class B addresses. At the time the decision was made to create the three classes, the Internet was a research network connecting the major research univer- sities in the U.S. (plus a very small number of companies and military sites doing networking research). No one then perceived the Internet becoming a mass- market communication system rivaling the telephone network. At the time, some- one no doubt said: ‘‘The U.S. has about 2000 colleges and universities. Even if all of them connect to the Internet and many universities in other countries join, too, we are never going to hit 16,000, since there are not that many universities in the whole world. Furthermore, having the host number be an integral number of bytes speeds up packet processing’’ (which was then done entirely in software). Perhaps some day people will look back and fault the folks who designed the tele- phone number scheme and say: ‘‘What idiots. Why didn’t they include the planet number in the phone number?’’ But at the time, it did not seem necessary. To handle these problems, subnets were introduced to flexibly assign blocks of addresses within an organization. Later, CIDR was added to reduce the size of the global routing table. Today, the bits that indicate whether an IP address be- longs to class A, B, or C network are no longer used, though references to these classes in the literature are still common. To see how dropping the classes made forwarding more complicated, consider how simple it was in the old classful system. When a packet arrived at a router, a copy of the IP address was shifted right 28 bits to yield a 4-bit class number. A 16-way branch then sorted packets into A, B, C (and D and E) classes, with eight of the cases for class A, four of the cases for class B, and two of the cases for class C. The code for each class then masked off the 8-, 16-, or 24-bit network SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 451 number and right aligned it in a 32-bit word. The network number was then looked up in the A, B, or C table, usually by indexing for A and B networks and hashing for C networks. Once the entry was found, the outgoing line could be looked up and the packet forwarded. This is much simpler than the longest matching prefix operation, which can no longer use a simple table lookup because an IP address may have any length prefix. Class D addresses continue to be used in the Internet for multicast. Actually, it might be more accurate to say that they are starting to be used for multicast, since Internet multicast has not been widely deployed in the past. There are also several other addresses that have special meanings, as shown in Fig. 5-54. The IP address 0.0.0.0, the lowest address, is used by hosts when they are being booted. It means ‘‘this network’’ or ‘‘this host.’’ IP addresses with 0 as the network number refer to the current network. These addresses allow machines to refer to their own network without knowing its number (but they have to know the network mask to know how many 0s to include). The address consisting of all 1s, or 255.255.255.255—the highest address—is used to mean all hosts on the in- dicated network. It allows broadcasting on the local network, typically a LAN. The addresses with a proper network number and all 1s in the host field allow ma- chines to send broadcast packets to distant LANs anywhere in the Internet. How- ever, many network administrators disable this feature as it is mostly a security hazard. Finally, all addresses of the form 127.xx.yy.zz are reserved for loopback testing. Packets sent to that address are not put out onto the wire; they are proc- essed locally and treated as incoming packets. This allows packets to be sent to the host without the sender knowing its number, which is useful for testing. This host A host on this network Broadcast on the local network 0 Host Network 127 (Anything) Broadcast on a distant network Loopback 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0. . . . . .1 1 1 1 1 1 1 1 Figure 5-54. Special IP addresses. NAT—Network Address Translation IP addresses are scarce. An ISP might have a /16 address, giving it 65,534 usable host numbers. If it has more customers than that, it has a problem. 452 THE NETWORK LAYER CHAP. 5 This scarcity has led to techniques to use IP addresses sparingly. One ap- proach is to dynamically assign an IP address to a computer when it is on and using the network, and to take the IP address back when the host becomes inac- tive. The IP address can then be assigned to another computer that becomes ac- tive. In this way, a single /16 address can handle up to 65,534 active users. This strategy works well in some cases, for example, for dialup networking and mobile and other computers that may be temporarily absent or powered off. However, it does not work very well for business customers. Many PCs in busi- nesses are expected to be on continuously. Some are employee machines, backed up at night, and some are servers that may have to serve a remote request at a moment’s notice. These businesses have an access line that always provides con- nectivity to the rest of the Internet. Increasingly, this situation also applies to home users subscribing to ADSL or Internet over cable, since there is no connection charge (just a monthly flat rate charge). Many of these users have two or more computers at home, often one for each family member, and they all want to be online all the time. The solution is to connect all the computers into a home network via a LAN and put a (wireless) router on it. The router then connects to the ISP. From the ISP’s point of view, the family is now the same as a small business with a handful of computers. Wel- come to Jones, Inc. With the techniques we have seen so far, each computer must have its own IP address all day long. For an ISP with many thousands of custom- ers, particularly business customers and families that are just like small busi- nesses, the demand for IP addresses can quickly exceed the block that is available. The problem of running out of IP addresses is not a theoretical one that might occur at some point in the distant future. It is happening right here and right now. The long-term solution is for the whole Internet to migrate to IPv6, which has 128-bit addresses. This transition is slowly occurring, but it will be years before the process is complete. To get by in the meantime, a quick fix was needed. The quick fix that is widely used today came in the form of NAT (Network Address Translation), which is described in RFC 3022 and which we will summarize below. For additional information, see Dutcher (2001). The basic idea behind NAT is for the ISP to assign each home or business a single IP address (or at most, a small number of them) for Internet traffic. Within the customer network, every computer gets a unique IP address, which is used for routing intramural traffic. However, just before a packet exits the customer net- work and goes to the ISP, an address translation from the unique internal IP ad- dress to the shared public IP address takes place. This translation makes use of three ranges of IP addresses that have been declared as private. Networks may use them internally as they wish. The only rule is that no packets containing these addresses may appear on the Internet itself. The three reserved ranges are: 10.0.0.0 – 10.255.255.255/8 (16,777,216 hosts) 172.16.0.0 – 172.31.255.255/12 (1,048,576 hosts) 192.168.0.0 – 192.168.255.255/16 (65,536 hosts) SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 453 The first range provides for 16,777,216 addresses (except for all 0s and all 1s, as usual) and is the usual choice, even if the network is not large. The operation of NAT is shown in Fig. 5-55. Within the customer premises, every machine has a unique address of the form 10.x.y.z. However, before a pack- et leaves the customer premises, it passes through a NAT box that converts the in- ternal IP source address, 10.0.0.1 in the figure, to the customer’s true IP address, 198.60.42.12 in this example. The NAT box is often combined in a single device with a firewall, which provides security by carefully controlling what goes into the customer network and what comes out of it. We will study firewalls in Chap. 8. It is also possible to integrate the NAT box into a router or ADSL modem. Packet after translation Boundary of customer premises NAT box/firewall ISP router IP = 198.60.42.12 port = 3344 IP = 10.0.0.1 port = 5544 (to Internet) Packet before translation Customer router and LAN Figure 5-55. Placement and operation of a NAT box. So far, we have glossed over one tiny but crucial detail: when the reply comes back (e.g., from a Web server), it is naturally addressed to 198.60.42.12, so how does the NAT box know which internal address to replace it with? Herein lies the problem with NAT. If there were a spare field in the IP header, that field could be used to keep track of who the real sender was, but only 1 bit is still unused. In principle, a new option could be created to hold the true source address, but doing so would require changing the IP code on all the machines on the entire Internet to handle the new option. This is not a promising alternative for a quick fix. What actually happens is as follows. The NAT designers observed that most IP packets carry either TCP or UDP payloads. When we study TCP and UDP in Chap. 6, we will see that both of these have headers containing a source port and a destination port. Below we will just discuss TCP ports, but exactly the same story holds for UDP ports. The ports are 16-bit integers that indicate where the TCP connection begins and ends. These ports provide the field needed to make NAT work. When a process wants to establish a TCP connection with a remote process, it attaches itself to an unused TCP port on its own machine. This is called the source port and tells the TCP code where to send incoming packets belonging to this connection. The process also supplies a destination port to tell who to give 454 THE NETWORK LAYER CHAP. 5 the packets to on the remote side. Ports 0–1023 are reserved for well-known ser- vices. For example, port 80 is the port used by Web servers, so remote clients can locate them. Each outgoing TCP message contains both a source port and a desti- nation port. Together, these ports serve to identify the processes using the con- nection on both ends. An analogy may make the use of ports clearer. Imagine a company with a single main telephone number. When people call the main number, they reach an operator who asks which extension they want and then puts them through to that extension. The main number is analogous to the customer’s IP address and the extensions on both ends are analogous to the ports. Ports are effectively an extra 16 bits of addressing that identify which process gets which incoming packet. Using the Source port field, we can solve our mapping problem. Whenever an outgoing packet enters the NAT box, the 10.x.y.z source address is replaced by the customer’s true IP address. In addition, the TCP Source port field is replaced by an index into the NAT box’s 65,536-entry translation table. This table entry contains the original IP address and the original source port. Finally, both the IP and TCP header checksums are recomputed and inserted into the packet. It is necessary to replace the Source port because connections from machines 10.0.0.1 and 10.0.0.2 may both happen to use port 5000, for example, so the Source port alone is not enough to identify the sending process. When a packet arrives at the NAT box from the ISP, the Source port in the TCP header is extracted and used as an index into the NAT box’s mapping table. From the entry located, the internal IP address and original TCP Source port are extracted and inserted into the packet. Then, both the IP and TCP checksums are recomputed and inserted into the packet. The packet is then passed to the custo- mer router for normal delivery using the 10.x.y.z address. Although this scheme sort of solves the problem, networking purists in the IP community have a tendency to regard it as an abomination-on-the-face-of-the- earth. Briefly summarized, here are some of the objections. First, NAT violates the architectural model of IP, which states that every IP address uniquely identi- fies a single machine worldwide. The whole software structure of the Internet is built on this fact. With NAT, thousands of machines may (and do) use address 10.0.0.1. Second, NAT breaks the end-to-end connectivity model of the Internet, which says that any host can send a packet to any other host at any time. Since the map- ping in the NAT box is set up by outgoing packets, incoming packets cannot be accepted until after outgoing ones. In practice, this means that a home user with NAT can make TCP/IP connections to a remote Web server, but a remote user cannot make connections to a game server on the home network. Special configu- ration or NAT traversal techniques are needed to support this kind of situation. Third, NAT changes the Internet from a connectionless network to a peculiar kind of connection-oriented network. The problem is that the NAT box must maintain information (i.e., the mapping) for each connection passing through it. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 455 Having the network maintain connection state is a property of connection-oriented networks, not connectionless ones. If the NAT box crashes and its mapping table is lost, all its TCP connections are destroyed. In the absence of NAT, a router can crash and restart with no long-term effect on TCP connections. The sending proc- ess just times out within a few seconds and retransmits all unacknowledged pack- ets. With NAT, the Internet becomes as vulnerable as a circuit-switched network. Fourth, NAT violates the most fundamental rule of protocol layering: layer k may not make any assumptions about what layer k + 1 has put into the payload field. This basic principle is there to keep the layers independent. If TCP is later upgraded to TCP-2, with a different header layout (e.g., 32-bit ports), NAT will fail. The whole idea of layered protocols is to ensure that changes in one layer do not require changes in other layers. NAT destroys this independence. Fifth, processes on the Internet are not required to use TCP or UDP. If a user on machine A decides to use some new transport protocol to talk to a user on ma- chine B (for example, for a multimedia application), introduction of a NAT box will cause the application to fail because the NAT box will not be able to locate the TCP Source port correctly. A sixth and related problem is that some applications use multiple TCP/IP connections or UDP ports in prescribed ways. For example, FTP, the standard File Transfer Protocol, inserts IP addresses in the body of packet for the receiver to extract and use. Since NAT knows nothing about these arrangements, it cannot rewrite the IP addresses or otherwise account for them. This lack of under- standing means that FTP and other applications such as the H.323 Internet tele- phony protocol (which we will study in Chap. 7) will fail in the presence of NAT unless special precautions are taken. It is often possible to patch NAT for these cases, but having to patch the code in the NAT box every time a new application comes along is not a good idea. Finally, since the TCP Source port field is 16 bits, at most 65,536 machines can be mapped onto an IP address. Actually, the number is slightly less because the first 4096 ports are reserved for special uses. However, if multiple IP ad- dresses are available, each one can handle up to 61,440 machines. A view of these and other problems with NAT is given in RFC 2993. Despite the issues, NAT is widely used in practice, especially for home and small business networks, as the only expedient technique to deal with the IP address shortage. It has become wrapped up with firewalls and privacy because it blocks unsolicited incoming packets by default. For this reason, it is unlikely to go away even when IPv6 is widely deployed. 5.6.3 IP Version 6 IP has been in heavy use for decades. It has worked extremely well, as demonstrated by the exponential growth of the Internet. Unfortunately, IP has be- come a victim of its own popularity: it is close to running out of addresses. Even 456 THE NETWORK LAYER CHAP. 5 with CIDR and NAT using addresses more sparingly, the last IPv4 addresses are expected to be assigned by ICANN before the end of 2012. This looming disaster was recognized almost two decades ago, and it sparked a great deal of discussion and controversy within the Internet community about what to do about it. In this section, we will describe both the problem and several proposed solu- tions. The only long-term solution is to move to larger addresses. IPv6 (IP ver- sion 6) is a replacement design that does just that. It uses 128-bit addresses; a shortage of these addresses is not likely any time in the foreseeable future. How- ever, IPv6 has proved very difficult to deploy. It is a different network layer pro- tocol that does not really interwork with IPv4, despite many similarities. Also, companies and users are not really sure why they should want IPv6 in any case. The result is that IPv6 is deployed and used on only a tiny fraction of the Internet (estimates are 1%) despite having been an Internet Standard since 1998. The next several years will be an interesting time, as the few remaining IPv4 addresses are allocated. Will people start to auction off their IPv4 addresses on eBay? Will a black market in them spring up? Who knows. In addition to the address problems, other issues loom in the background. In its early years, the Internet was largely used by universities, high-tech industries, and the U.S. Government (especially the Dept. of Defense). With the explosion of interest in the Internet starting in the mid-1990s, it began to be used by a dif- ferent group of people, often with different requirements. For one thing, numer- ous people with smart phones use it to keep in contact with their home bases. For another, with the impending convergence of the computer, communication, and entertainment industries, it may not be that long before every telephone and tele- vision set in the world is an Internet node, resulting in a billion machines being used for audio and video on demand. Under these circumstances, it became apparent that IP had to evolve and become more flexible. Seeing these problems on the horizon, in 1990 IETF started work on a new version of IP, one that would never run out of addresses, would solve a variety of other problems, and be more flexible and efficient as well. Its major goals were: 1. Support billions of hosts, even with inefficient address allocation. 2. Reduce the size of the routing tables. 3. Simplify the protocol, to allow routers to process packets faster. 4. Provide better security (authentication and privacy). 5. Pay more attention to the type of service, particularly for real-time data. 6. Aid multicasting by allowing scopes to be specified. 7. Make it possible for a host to roam without changing its address. 8. Allow the protocol to evolve in the future. 9. Permit the old and new protocols to coexist for years. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 457 The design of IPv6 presented a major opportunity to improve all of the fea- tures in IPv4 that fall short of what is now wanted. To develop a protocol that met all these requirements, IETF issued a call for proposals and discussion in RFC 1550. Twenty-one responses were initially received. By December 1992, seven serious proposals were on the table. They ranged from making minor patches to IP, to throwing it out altogether and replacing it with a completely different proto- col. One proposal was to run TCP over CLNP, the network layer protocol de- signed for OSI. With its 160-bit addresses, CLNP would have provided enough address space forever as it could give every molecule of water in the oceans enough addresses (roughly 25) to set up a small network. This choice would also have unified two major network layer protocols. However, many people felt that this would have been an admission that something in the OSI world was actually done right, a statement considered Politically Incorrect in Internet circles. CLNP was patterned closely on IP, so the two are not really that different. In fact, the protocol ultimately chosen differs from IP far more than CLNP does. Another strike against CLNP was its poor support for service types, something required to transmit multimedia efficiently. Three of the better proposals were published in IEEE Network (Deering, 1993; Francis, 1993; and Katz and Ford, 1993). After much discussion, revision, and jockeying for position, a modified combined version of the Deering and Francis proposals, by now called SIPP (Simple Internet Protocol Plus) was se- lected and given the designation IPv6. IPv6 meets IETF’s goals fairly well. It maintains the good features of IP, dis- cards or deemphasizes the bad ones, and adds new ones where needed. In gener- al, IPv6 is not compatible with IPv4, but it is compatible with the other auxiliary Internet protocols, including TCP, UDP, ICMP, IGMP, OSPF, BGP, and DNS, with small modifications being required to deal with longer addresses. The main features of IPv6 are discussed below. More information about it can be found in RFCs 2460 through 2466. First and foremost, IPv6 has longer addresses than IPv4. They are 128 bits long, which solves the problem that IPv6 set out to solve: providing an effectively unlimited supply of Internet addresses. We will have more to say about addresses shortly. The second major improvement of IPv6 is the simplification of the header. It contains only seven fields (versus 13 in IPv4). This change allows routers to process packets faster and thus improves throughput and delay. We will discuss the header shortly, too. The third major improvement is better support for options. This change was essential with the new header because fields that previously were required are now optional (because they are not used so often). In addition, the way options are represented is different, making it simple for routers to skip over options not intended for them. This feature speeds up packet processing time. 458 THE NETWORK LAYER CHAP. 5 A fourth area in which IPv6 represents a big advance is in security. IETF had its fill of newspaper stories about precocious 12-year-olds using their personal computers to break into banks and military bases all over the Internet. There was a strong feeling that something had to be done to improve security. Authentica- tion and privacy are key features of the new IP. These were later retrofitted to IPv4, however, so in the area of security the differences are not so great any more. Finally, more attention has been paid to quality of service. Various half- hearted efforts to improve QoS have been made in the past, but now, with the growth of multimedia on the Internet, the sense of urgency is greater. The Main IPv6 Header The IPv6 header is shown in Fig. 5-56. The Version field is always 6 for IPv6 (and 4 for IPv4). During the transition period from IPv4, which has already taken more than a decade, routers will be able to examine this field to tell what kind of packet they have. As an aside, making this test wastes a few instructions in the critical path, given that the data link header usually indicates the network protocol for demultiplexing, so some routers may skip the check. For example, the Ether- net Type field has different values to indicate an IPv4 or an IPv6 payload. The discussions between the ‘‘Do it right’’ and ‘‘Make it fast’’ camps will no doubt be lengthy and vigorous. 32 Bits Version Flow labelDiff. services Next headerPayload length Hop limit Source address (16 bytes) Destination address (16 bytes) Figure 5-56. The IPv6 fixed header (required). The Differentiated services field (originally called Traffic class) is used to distinguish the class of service for packets with different real-time delivery SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 459 requirements. It is used with the differentiated service architecture for quality of service in the same manner as the field of the same name in the IPv4 packet. Also, the low-order 2 bits are used to signal explicit congestion indications, again in the same way as with IPv4. The Flow label field provides a way for a source and destination to mark groups of packets that have the same requirements and should be treated in the same way by the network, forming a pseudoconnection. For example, a stream of packets from one process on a certain source host to a process on a specific desti- nation host might have stringent delay requirements and thus need reserved band- width. The flow can be set up in advance and given an identifier. When a packet with a nonzero Flow label shows up, all the routers can look it up in internal tables to see what kind of special treatment it requires. In effect, flows are an at- tempt to have it both ways: the flexibility of a datagram network and the guaran- tees of a virtual-circuit network. Each flow for quality of service purposes is designated by the source address, destination address, and flow number. This design means that up to 220 flows may be active at the same time between a given pair of IP addresses. It also means that even if two flows coming from different hosts but with the same flow label pass through the same router, the router will be able to tell them apart using the source and destination addresses. It is expected that flow labels will be cho- sen randomly, rather than assigned sequentially starting at 1, so routers are ex- pected to hash them. The Payload length field tells how many bytes follow the 40-byte header of Fig. 5-56. The name was changed from the IPv4 Total length field because the meaning was changed slightly: the 40 header bytes are no longer counted as part of the length (as they used to be). This change means the payload can now be 65,535 bytes instead of a mere 65,515 bytes. The Next header field lets the cat out of the bag. The reason the header could be simplified is that there can be additional (optional) extension headers. This field tells which of the (currently) six extension headers, if any, follow this one. If this header is the last IP header, the Next header field tells which transport pro- tocol handler (e.g., TCP, UDP) to pass the packet to. The Hop limit field is used to keep packets from living forever. It is, in prac- tice, the same as the Time to live field in IPv4, namely, a field that is decremented on each hop. In theory, in IPv4 it was a time in seconds, but no router used it that way, so the name was changed to reflect the way it is actually used. Next come the Source address and Destination address fields. Deering’s original proposal, SIP, used 8-byte addresses, but during the review process many people felt that with 8-byte addresses IPv6 would run out of addresses within a few decades, whereas with 16-byte addresses it would never run out. Other peo- ple argued that 16 bytes was overkill, whereas still others favored using 20-byte addresses to be compatible with the OSI datagram protocol. Still another faction wanted variable-sized addresses. After much debate and more than a few words 460 THE NETWORK LAYER CHAP. 5 unprintable in an academic textbook, it was decided that fixed-length 16-byte ad- dresses were the best compromise. A new notation has been devised for writing 16-byte addresses. They are written as eight groups of four hexadecimal digits with colons between the groups, like this: 8000:0000:0000:0000:0123:4567:89AB:CDEF Since many addresses will have many zeros inside them, three optimizations have been authorized. First, leading zeros within a group can be omitted, so 0123 can be written as 123. Second, one or more groups of 16 zero bits can be replaced by a pair of colons. Thus, the above address now becomes 8000::123:4567:89AB:CDEF Finally, IPv4 addresses can be written as a pair of colons and an old dotted decimal number, for example: ::192.31.20.46 Perhaps it is unnecessary to be so explicit about it, but there are a lot of 16- byte addresses. Specifically, there are 2128 of them, which is approximately 3 × 1038. If the entire earth, land and water, were covered with computers, IPv6 would allow 7 × 1023 IP addresses per square meter. Students of chemistry will notice that this number is larger than Avogadro’s number. While it was not the intention to give every molecule on the surface of the earth its own IP address, we are not that far off. In practice, the address space will not be used efficiently, just as the telephone number address space is not (the area code for Manhattan, 212, is nearly full, but that for Wyoming, 307, is nearly empty). In RFC 3194, Durand and Huitema cal- culated that, using the allocation of telephone numbers as a guide, even in the most pessimistic scenario there will still be well over 1000 IP addresses per square meter of the entire earth’s surface (land and water). In any likely scenario, there will be trillions of them per square meter. In short, it seems unlikely that we will run out in the foreseeable future. It is instructive to compare the IPv4 header (Fig. 5-46) with the IPv6 header (Fig. 5-56) to see what has been left out in IPv6. The IHL field is gone because the IPv6 header has a fixed length. The Protocol field was taken out because the Next header field tells what follows the last IP header (e.g., a UDP or TCP seg- ment). All the fields relating to fragmentation were removed because IPv6 takes a different approach to fragmentation. To start with, all IPv6-conformant hosts are expected to dynamically determine the packet size to use. They do this using the path MTU discovery procedure we described in Sec. 5.5.5. In brief, when a host sends an IPv6 packet that is too large, instead of fragmenting it, the router that is unable to forward it drops the packet and sends an error message back to the SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 461 sending host. This message tells the host to break up all future packets to that destination. Having the host send packets that are the right size in the first place is ultimately much more efficient than having the routers fragment them on the fly. Also, the minimum-size packet that routers must be able to forward has been raised from 576 to 1280 bytes to allow 1024 bytes of data and many headers. Finally, the Checksum field is gone because calculating it greatly reduces per- formance. With the reliable networks now used, combined with the fact that the data link layer and transport layers normally have their own checksums, the value of yet another checksum was deemed not worth the performance price it extracted. Removing all these features has resulted in a lean and mean network layer protocol. Thus, the goal of IPv6—a fast, yet flexible, protocol with plenty of address space—is met by this design. Extension Headers Some of the missing IPv4 fields are occasionally still needed, so IPv6 intro- duces the concept of (optional) extension headers. These headers can be sup- plied to provide extra information, but encoded in an efficient way. Six kinds of extension headers are defined at present, as listed in Fig. 5-57. Each one is op- tional, but if more than one is present they must appear directly after the fixed header, and preferably in the order listed. Extension header Description Hop-by-hop options Miscellaneous information for routers Destination options Additional information for the destination Routing Loose list of routers to visit Fragmentation Management of datagram fragments Authentication Verification of the sender’s identity Encrypted security payload Information about the encrypted contents Figure 5-57. IPv6 extension headers. Some of the headers have a fixed format; others contain a variable number of variable-length options. For these, each item is encoded as a (Type, Length, Value) tuple. The Type is a 1-byte field telling which option this is. The Type values have been chosen so that the first 2 bits tell routers that do not know how to process the option what to do. The choices are: skip the option; discard the packet; discard the packet and send back an ICMP packet; and discard the packet but do not send ICMP packets for multicast addresses (to prevent one bad multi- cast packet from generating millions of ICMP reports). The Length is also a 1-byte field. It tells how long the value is (0 to 255 bytes). The Value is any information required, up to 255 bytes. 462 THE NETWORK LAYER CHAP. 5 The hop-by-hop header is used for information that all routers along the path must examine. So far, one option has been defined: support of datagrams exceed- ing 64 KB. The format of this header is shown in Fig. 5-58. When it is used, the Payload length field in the fixed header is set to 0. Next header Jumbo payload length 0 194 4 Figure 5-58. The hop-by-hop extension header for large datagrams (jumbograms). As with all extension headers, this one starts with a byte telling what kind of header comes next. This byte is followed by one telling how long the hop-by-hop header is in bytes, excluding the first 8 bytes, which are mandatory. All exten- sions begin this way. The next 2 bytes indicate that this option defines the datagram size (code 194) and that the size is a 4-byte number. The last 4 bytes give the size of the data- gram. Sizes less than 65,536 bytes are not permitted and will result in the first router discarding the packet and sending back an ICMP error message. Data- grams using this header extension are called jumbograms. The use of jumbo- grams is important for supercomputer applications that must transfer gigabytes of data efficiently across the Internet. The destination options header is intended for fields that need only be inter- preted at the destination host. In the initial version of IPv6, the only options de- fined are null options for padding this header out to a multiple of 8 bytes, so ini- tially it will not be used. It was included to make sure that new routing and host software can handle it, in case someone thinks of a destination option some day. The routing header lists one or more routers that must be visited on the way to the destination. It is very similar to the IPv4 loose source routing in that all ad- dresses listed must be visited in order, but other routers not listed may be visited in between. The format of the routing header is shown in Fig. 5-59. Next header Header extension length Routing type Segments left Type-specific data Figure 5-59. The extension header for routing. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 463 The first 4 bytes of the routing extension header contain four 1-byte integers. The Next header and Header extension length fields were described above. The Routing type field gives the format of the rest of the header. Type 0 says that a re- served 32-bit word follows the first word, followed by some number of IPv6 ad- dresses. Other types may be invented in the future, as needed. Finally, the Seg- ments left field keeps track of how many of the addresses in the list have not yet been visited. It is decremented every time one is visited. When it hits 0, the packet is on its own with no more guidance about what route to follow. Usually, at this point it is so close to the destination that the best route is obvious. The fragment header deals with fragmentation similarly to the way IPv4 does. The header holds the datagram identifier, fragment number, and a bit telling whether more fragments will follow. In IPv6, unlike in IPv4, only the source host can fragment a packet. Routers along the way may not do this. This change is a major philosophical break with the original IP, but in keeping with current prac- tice for IPv4. Plus, it simplifies the routers’ work and makes routing go faster. As mentioned above, if a router is confronted with a packet that is too big, it discards the packet and sends an ICMP error packet back to the source. This information allows the source host to fragment the packet into smaller pieces using this header and try again. The authentication header provides a mechanism by which the receiver of a packet can be sure of who sent it. The encrypted security payload makes it pos- sible to encrypt the contents of a packet so that only the intended recipient can read it. These headers use the cryptographic techniques that we will describe in Chap. 8 to accomplish their missions. Controversies Given the open design process and the strongly held opinions of many of the people involved, it should come as no surprise that many choices made for IPv6 were highly controversial, to say the least. We will summarize a few of these briefly below. For all the gory details, see the RFCs. We have already mentioned the argument about the address length. The result was a compromise: 16-byte fixed-length addresses. Another fight developed over the length of the Hop limit field. One camp felt strongly that limiting the maximum number of hops to 255 (implicit in using an 8-bit field) was a gross mistake. After all, paths of 32 hops are common now, and 10 years from now much longer paths may be common. These people argued that using a huge address size was farsighted but using a tiny hop count was short- sighted. In their view, the greatest sin a computer scientist can commit is to pro- vide too few bits somewhere. The response was that arguments could be made to increase every field, lead- ing to a bloated header. Also, the function of the Hop limit field is to keep pack- ets from wandering around for too long a time and 65,535 hops is far, far too long. 464 THE NETWORK LAYER CHAP. 5 Finally, as the Internet grows, more and more long-distance links will be built, making it possible to get from any country to any other country in half a dozen hops at most. If it takes more than 125 hops to get from the source and the desti- nation to their respective international gateways, something is wrong with the na- tional backbones. The 8-bitters won this one. Another hot potato was the maximum packet size. The supercomputer com- munity wanted packets in excess of 64 KB. When a supercomputer gets started transferring, it really means business and does not want to be interrupted every 64 KB. The argument against large packets is that if a 1-MB packet hits a 1.5-Mbps T1 line, that packet will tie the line up for over 5 seconds, producing a very noticeable delay for interactive users sharing the line. A compromise was reached here: normal packets are limited to 64 KB, but the hop-by-hop extension header can be used to permit jumbograms. A third hot topic was removing the IPv4 checksum. Some people likened this move to removing the brakes from a car. Doing so makes the car lighter so it can go faster, but if an unexpected event happens, you have a problem. The argument against checksums was that any application that really cares about data integrity has to have a transport layer checksum anyway, so having an- other one in IP (in addition to the data link layer checksum) is overkill. Fur- thermore, experience showed that computing the IP checksum was a major expense in IPv4. The antichecksum camp won this one, and IPv6 does not have a checksum. Mobile hosts were also a point of contention. If a portable computer flies halfway around the world, can it continue operating there with the same IPv6 ad- dress, or does it have to use a scheme with home agents? Some people wanted to build explicit support for mobile hosts into IPv6. That effort failed when no con- sensus could be found for any specific proposal. Probably the biggest battle was about security. Everyone agreed it was essen- tial. The war was about where to put it and how. First where. The argument for putting it in the network layer is that it then becomes a standard service that all applications can use without any advance planning. The argument against it is that really secure applications generally want nothing less than end-to-end en- cryption, where the source application does the encryption and the destination ap- plication undoes it. With anything less, the user is at the mercy of potentially buggy network layer implementations over which he has no control. The response to this argument is that these applications can just refrain from using the IP securi- ty features and do the job themselves. The rejoinder to that is that the people who do not trust the network to do it right do not want to pay the price of slow, bulky IP implementations that have this capability, even if it is disabled. Another aspect of where to put security relates to the fact that many (but not all) countries have very stringent export laws concerning cryptography. Some, notably France and Iraq, also restrict its use domestically, so that people cannot have secrets from the government. As a result, any IP implementation that used a SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 465 cryptographic system strong enough to be of much value could not be exported from the United States (and many other countries) to customers worldwide. Hav- ing to maintain two sets of software, one for domestic use and one for export, is something most computer vendors vigorously oppose. One point on which there was no controversy is that no one expects the IPv4 Internet to be turned off on a Sunday evening and come back up as an IPv6 Inter- net Monday morning. Instead, isolated ‘‘islands’’ of IPv6 will be converted, ini- tially communicating via tunnels, as we showed in Sec. 5.5.3. As the IPv6 islands grow, they will merge into bigger islands. Eventually, all the islands will merge, and the Internet will be fully converted. At least, that was the plan. Deployment has proved the Achilles heel of IPv6. It remains little used, even though all major operating systems fully support it. Most deployments are new situations in which a network operator—for example, a mobile phone operator— needs a large number of IP addresses. Many strategies have been defined to help ease the transition. Among them are ways to automat- ically configure the tunnels that carry IPv6 over the IPv4 Internet, and ways for hosts to automatically find the tunnel endpoints. Dual-stack hosts have an IPv4 and an IPv6 implementation so that they can select which protocol to use depend- ing on the destination of the packet. These strategies will streamline the substan- tial deployment that seems inevitable when IPv4 addresses are exhausted. For more information about IPv6, see Davies (2008). 5.6.4 Internet Control Protocols In addition to IP, which is used for data transfer, the Internet has several com- panion control protocols that are used in the network layer. They include ICMP, ARP, and DHCP. In this section, we will look at each of these in turn, describing the versions that correspond to IPv4 because they are the protocols that are in common use. ICMP and DHCP have similar versions for IPv6; the equivalent of ARP is called NDP (Neighbor Discovery Protocol) for IPv6. IMCP—The Internet Control Message Protocol The operation of the Internet is monitored closely by the routers. When some- thing unexpected occurs during packet processing at a router, the event is reported to the sender by the ICMP (Internet Control Message Protocol). ICMP is also used to test the Internet. About a dozen types of ICMP messages are defined. Each ICMP message type is carried encapsulated in an IP packet. The most im- portant ones are listed in Fig. 5-60. The DESTINATION UNREACHABLE message is used when the router cannot locate the destination or when a packet with the DF bit cannot be delivered be- cause a ‘‘small-packet’’ network stands in the way. 466 THE NETWORK LAYER CHAP. 5 Message type Description Destination unreachable Packet could not be delivered Time exceeded Time to live field hit 0 Parameter problem Invalid header field Source quench Choke packet Redirect Teach a router about geography Echo and echo reply Check if a machine is alive Timestamp request/reply Same as Echo, but with timestamp Router advertisement/solicitation Find a nearby router Figure 5-60. The principal ICMP message types. The TIME EXCEEDED message is sent when a packet is dropped because its TtL (Time to live) counter has reached zero. This event is a symptom that packets are looping, or that the counter values are being set too low. One clever use of this error message is the traceroute utility that was devel- oped by Van Jacobson in 1987. Traceroute finds the routers along the path from the host to a destination IP address. It finds this information without any kind of privileged network support. The method is simply to send a sequence of packets to the destination, first with a TtL of 1, then a TtL of 2, 3, and so on. The counters on these packets will reach zero at successive routers along the path. These rout- ers will each obediently send a TIME EXCEEDED message back to the host. From those messages, the host can determine the IP addresses of the routers along the path, as well as keep statistics and timings on parts of the path. It is not what the TIME EXCEEDED message was intended for, but it is perhaps the most useful net- work debugging tool of all time. The PARAMETER PROBLEM message indicates that an illegal value has been detected in a header field. This problem indicates a bug in the sending host’s IP software or possibly in the software of a router transited. The SOURCE QUENCH message was long ago used to throttle hosts that were sending too many packets. When a host received this message, it was expected to slow down. It is rarely used anymore because when congestion occurs, these packets tend to add more fuel to the fire and it is unclear how to respond to them. Congestion control in the Internet is now done largely by taking action in the tran- sport layer, using packet losses as a congestion signal; we will study it in detail in Chap. 6. The REDIRECT message is used when a router notices that a packet seems to be routed incorrectly. It is used by the router to tell the sending host to update to a better route. The ECHO and ECHO REPLY messages are sent by hosts to see if a given destination is reachable and currently alive. Upon receiving the ECHO message, SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 467 the destination is expected to send back an ECHO REPLY message. These mes- sages are used in the ping utility that checks if a host is up and on the Internet. The TIMESTAMP REQUEST and TIMESTAMP REPLY messages are similar, except that the arrival time of the message and the departure time of the reply are recorded in the reply. This facility can be used to measure network performance. The ROUTER ADVERTISEMENT and ROUTER SOLICITATION messages are used to let hosts find nearby routers. A host needs to learn the IP address of at least one router to be able to send packets off the local network. In addition to these messages, others have been defined. The online list is now kept at www.iana.org/assignments/icmp-parameters. ARP—The Address Resolution Protocol Although every machine on the Internet has one or more IP addresses, these addresses are not sufficient for sending packets. Data link layer NICs (Network Interface Cards) such as Ethernet cards do not understand Internet addresses. In the case of Ethernet, every NIC ever manufactured comes equipped with a unique 48-bit Ethernet address. Manufacturers of Ethernet NICs request a block of Ethernet addresses from IEEE to ensure that no two NICs have the same address (to avoid conflicts should the two NICs ever appear on the same LAN). The NICs send and receive frames based on 48-bit Ethernet addresses. They know nothing at all about 32-bit IP addresses. The question now arises, how do IP addresses get mapped onto data link layer addresses, such as Ethernet? To explain how this works, let us use the example of Fig. 5-61, in which a small university with two /24 networks is illustrated. One network (CS) is a switched Ethernet in the Computer Science Dept. It has the prefix 192.32.65.0/24. The other LAN (EE), also switched Ethernet, is in Electri- cal Engineering and has the prefix 192.32.63.0/24. The two LANs are connected by an IP router. Each machine on an Ethernet and each interface on the router has a unique Ethernet address, labeled E1 through E6, and a unique IP address on the CS or EE network. Let us start out by seeing how a user on host 1 sends a packet to a user on host 2 on the CS network. Let us assume the sender knows the name of the intended receiver, possibly something like eagle.cs.uni.edu. The first step is to find the IP address for host 2. This lookup is performed by DNS, which we will study in Chap. 7. For the moment, we will just assume that DNS returns the IP address for host 2 (192.32.65.5). The upper layer software on host 1 now builds a packet with 192.32.65.5 in the Destination address field and gives it to the IP software to transmit. The IP software can look at the address and see that the destination is on the CS network, (i.e., its own network). However, it still needs some way to find the destination’s Ethernet address to send the frame. One solution is to have a configuration file somewhere in the system that maps IP addresses onto Ethernet addresses. While www.iana.org/assignments/icmp-parameters 468 THE NETWORK LAYER CHAP. 5 Ethernet switch E3 CS Network 192.32.65.0/24 IP1 = 192.32.65.7 E2 E5E1 E4 E6 192.32.65.1 IP2 = 192.32.65.5 192.32.63.1 IP4 = 192.32.63.8 IP3 = 192.32.63.3 EE Network 192.32.63.0/24 Router Host 1 Host 2 Host 3 Host 4 Frame SourceIP Source Eth. Destination IP Destination Eth. Host 1 to 2, on CS net IP1 E1 IP2 E2 Host 1 to 4, on CS net IP1 E1 IP4 E3 Host 1 to 4, on EE net IP1 E4 IP4 E6 Figure 5-61. Two switched Ethernet LANs joined by a router. this solution is certainly possible, for organizations with thousands of machines keeping all these files up to date is an error-prone, time-consuming job. A better solution is for host 1 to output a broadcast packet onto the Ethernet asking who owns IP address 192.32.65.5. The broadcast will arrive at every ma- chine on the CS Ethernet, and each one will check its IP address. Host 2 alone will respond with its Ethernet address (E2). In this way host 1 learns that IP ad- dress 192.32.65.5 is on the host with Ethernet address E2. The protocol used for asking this question and getting the reply is called ARP (Address Resolution Protocol). Almost every machine on the Internet runs it. ARP is defined in RFC 826. The advantage of using ARP over configuration files is the simplicity. The system manager does not have to do much except assign each machine an IP ad- dress and decide about subnet masks. ARP does the rest. At this point, the IP software on host 1 builds an Ethernet frame addressed to E2, puts the IP packet (addressed to 192.32.65.5) in the payload field, and dumps it onto the Ethernet. The IP and Ethernet addresses of this packet are given in Fig. 5-61. The Ethernet NIC of host 2 detects this frame, recognizes it as a frame for itself, scoops it up, and causes an interrupt. The Ethernet driver extracts the IP packet from the payload and passes it to the IP software, which sees that it is cor- rectly addressed and processes it. Various optimizations are possible to make ARP work more efficiently. To start with, once a machine has run ARP, it caches the result in case it needs to contact the same machine shortly. Next time it will find the mapping in its own cache, thus eliminating the need for a second broadcast. In many cases, host 2 SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 469 will need to send back a reply, forcing it, too, to run ARP to determine the send- er’s Ethernet address. This ARP broadcast can be avoided by having host 1 in- clude its IP-to-Ethernet mapping in the ARP packet. When the ARP broadcast ar- rives at host 2, the pair (192.32.65.7, E1) is entered into host 2’s ARP cache. In fact, all machines on the Ethernet can enter this mapping into their ARP caches. To allow mappings to change, for example, when a host is configured to use a new IP address (but keeps its old Ethernet address), entries in the ARP cache should time out after a few minutes. A clever way to help keep the cached infor- mation current and to optimize performance is to have every machine broadcast its mapping when it is configured. This broadcast is generally done in the form of an ARP looking for its own IP address. There should not be a response, but a side effect of the broadcast is to make or update an entry in everyone’s ARP cache. This is known as a gratuitous ARP. If a response does (unexpectedly) arrive, two machines have been assigned the same IP address. The error must be resolv- ed by the network manager before both machines can use the network. Now let us look at Fig. 5-61 again, only this time assume that host 1 wants to send a packet to host 4 (192.32.63.8) on the EE network. Host 1 will see that the destination IP address is not on the CS network. It knows to send all such off-net- work traffic to the router, which is also known as the default gateway. By con- vention, the default gateway is the lowest address on the network (198.31.65.1). To send a frame to the router, host 1 must still know the Ethernet address of the router interface on the CS network. It discovers this by sending an ARP broadcast for 198.31.65.1, from which it learns E3. It then sends the frame. The same lookup mechanisms are used to send a packet from one router to the next over a sequence of routers in an Internet path. When the Ethernet NIC of the router gets this frame, it gives the packet to the IP software. It knows from the network masks that the packet should be sent onto the EE network where it will reach host 4. If the router does not know the Ether- net address for host 4, then it will use ARP again. The table in Fig. 5-61 lists the source and destination Ethernet and IP addresses that are present in the frames as observed on the CS and EE networks. Observe that the Ethernet addresses change with the frame on each network while the IP addresses remain constant (because they indicate the endpoints across all of the interconnected networks). It is also possible to send a packet from host 1 to host 4 without host 1 know- ing that host 4 is on a different network. The solution is to have the router answer ARPs on the CS network for host 4 and give its Ethernet address, E3, as the re- sponse. It is not possible to have host 4 reply directly because it will not see the ARP request (as routers do not forward Ethernet-level broadcasts). The router will then receive frames sent to 192.32.63.8 and forward them onto the EE network. This solution is called proxy ARP. It is used in special cases in which a host wants to appear on a network even though it actually resides on another network. A common situation, for example, is a mobile computer that wants some other node to pick up packets for it when it is not on its home network. 470 THE NETWORK LAYER CHAP. 5 DHCP—The Dynamic Host Configuration Protocol ARP (as well as other Internet protocols) makes the assumption that hosts are configured with some basic information, such as their own IP addresses. How do hosts get this information? It is possible to manually configure each computer, but that is tedious and error-prone. There is a better way, and it is called DHCP (Dynamic Host Configuration Protocol). With DHCP, every network must have a DHCP server that is responsible for configuration. When a computer is started, it has a built-in Ethernet or other link layer address embedded in the NIC, but no IP address. Much like ARP, the com- puter broadcasts a request for an IP address on its network. It does this by using a DHCP DISCOVER packet. This packet must reach the DHCP server. If that server is not directly attached to the network, the router will be configured to receive DHCP broadcasts and relay them to the DHCP server, wherever it is located. When the server receives the request, it allocates a free IP address and sends it to the host in a DHCP OFFER packet (which again may be relayed via the router). To be able to do this work even when hosts do not have IP addresses, the server identifies a host using its Ethernet address (which is carried in the DHCP DISCOVER packet) An issue that arises with automatic assignment of IP addresses from a pool is for how long an IP address should be allocated. If a host leaves the network and does not return its IP address to the DHCP server, that address will be perma- nently lost. After a period of time, many addresses may be lost. To prevent that from happening, IP address assignment may be for a fixed period of time, a tech- nique called leasing. Just before the lease expires, the host must ask for a DHCP renewal. If it fails to make a request or the request is denied, the host may no longer use the IP address it was given earlier. DHCP is described in RFCs 2131 and 2132. It is widely used in the Internet to configure all sorts of parameters in addition to providing hosts with IP ad- dresses. As well as in business and home networks, DHCP is used by ISPs to set the parameters of devices over the Internet access link, so that customers do not need to phone their ISPs to get this information. Common examples of the infor- mation that is configured include the network mask, the IP address of the default gateway, and the IP addresses of DNS and time servers. DHCP has largely re- placed earlier protocols (called RARP and BOOTP) with more limited func- tionality. 5.6.5 Label Switching and MPLS So far, on our tour of the network layer of the Internet, we have focused exclusively on packets as datagrams that are forwarded by IP routers. There is also another kind of technology that is starting to be widely used, especially by ISPs, in order to move Internet traffic across their networks. This technology is SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 471 called MPLS (MultiProtocol Label Switching) and it is perilously close to cir- cuit switching. Despite the fact that many people in the Internet community have an intense dislike for connection-oriented networking, the idea seems to keep coming back. As Yogi Berra once put it, it is like deja vu all over again. Howev- er, there are essential differences between the way the Internet handles route con- struction and the way connection-oriented networks do it, so the technique is cer- tainly not traditional circuit switching. MPLS adds a label in front of each packet, and forwarding is based on the label rather than on the destination address. Making the label an index into an in- ternal table makes finding the correct output line just a matter of table lookup. Using this technique, forwarding can be done very quickly. This advantage was the original motivation behind MPLS, which began as proprietary technology known by various names including tag switching. Eventually, IETF began to standardize the idea. It is described in RFC 3031 and many other RFCs. The main benefits over time have come to be routing that is flexible and forwarding that is suited to quality of service as well as fast. The first question to ask is where does the label go? Since IP packets were not designed for virtual circuits, there is no field available for virtual-circuit num- bers within the IP header. For this reason, a new MPLS header had to be added in front of the IP header. On a router-to-router line using PPP as the framing proto- col, the frame format, including the PPP, MPLS, IP, and TCP headers, is as shown in Fig. 5-62. PPP MPLS IP Label QoS S TtL 20Bits Headers 3 1 8 TCP User data CRC Figure 5-62. Transmitting a TCP segment using IP, MPLS, and PPP. The generic MPLS header is 4 bytes long and has four fields. Most important is the Label field, which holds the index. The QoS field indicates the class of ser- vice. The S field relates to stacking multiple labels (which is discussed below). The TtL field indicates how many more times the packet may be forwarded. It is decremented at each router, and if it hits 0, the packet is discarded. This feature prevents infinite looping in the case of routing instability. MPLS falls between the IP network layer protocol and the PPP link layer pro- tocol. It is not really a layer 3 protocol because it depends on IP or other network 472 THE NETWORK LAYER CHAP. 5 layer addresses to set up label paths. It is not really a layer 2 protocol either be- cause it forwards packets across multiple hops, not a single link. For this reason, MPLS is sometimes described as a layer 2.5 protocol. It is an illustration that real protocols do not always fit neatly into our ideal layered protocol model. On the brighter side, because the MPLS headers are not part of the network layer packet or the data link layer frame, MPLS is to a large extent independent of both layers. Among other things, this property means it is possible to build MPLS switches that can forward both IP packets and non-IP packets, depending on what shows up. This feature is where the ‘‘multiprotocol’’ in the name MPLS came from. MPLS can also carry IP packets over non-IP networks. When an MPLS-enhanced packet arrives at a LSR (Label Switched Router), the label is used as an index into a table to determine the outgoing line to use and also the new label to use. This label swapping is used in all virtual-circuit net- works. Labels have only local significance and two different routers can feed un- related packets with the same label into another router for transmission on the same outgoing line. To be distinguishable at the other end, labels have to be remapped at every hop. We saw this mechanism in action in Fig. 5-3. MPLS uses the same technique. As an aside, some people distinguish between forwarding and switching. For- warding is the process of finding the best match for a destination address in a table to decide where to send packets. An example is the longest matching prefix algorithm used for IP forwarding. In contrast, switching uses a label taken from the packet as an index into a forwarding table. It is simpler and faster. These defi- nitions are far from universal, however. Since most hosts and routers do not understand MPLS, we should also ask when and how the labels are attached to packets. This happens when an IP packet reaches the edge of an MPLS network. The LER (Label Edge Router) inspects the destination IP address and other fields to see which MPLS path the packet should follow, and puts the right label on the front of the packet. Within the MPLS network, this label is used to forward the packet. At the other edge of the MPLS network, the label has served its purpose and is removed, revealing the IP packet again for the next network. This process is shown in Fig. 5-63. One dif- ference from traditional virtual circuits is the level of aggregation. It is certainly possible for each flow to have its own set of labels through the MPLS network. However, it is more common for routers to group multiple flows that end at a par- ticular router or LAN and use a single label for them. The flows that are grouped together under a single label are said to belong to the same FEC (Forwarding Equivalence Class). This class covers not only where the packets are going, but also their service class (in the differentiated services sense) because all the pack- ets are treated the same way for forwarding purposes. With traditional virtual-circuit routing, it is not possible to group several dis- tinct paths with different endpoints onto the same virtual-circuit identifier because there would be no way to distinguish them at the final destination. With MPLS, SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 473 Switching on label only Label switch router IP IP IPLabel Label edge router Add label Remove label (to next network) Label Label Figure 5-63. Forwarding an IP packet through an MPLS network. the packets still contain their final destination address, in addition to the label. At the end of the labeled route, the label header can be removed and forwarding can continue the usual way, using the network layer destination address. Actually, MPLS goes even further. It can operate at multiple levels at once by adding more than one label to the front of a packet. For example, suppose that there are many packets that already have different labels (because we want to treat the packets differently somewhere in the network) that should follow a com- mon path to some destination. Instead of setting up many label switching paths, one for each of the different labels, we can set up a single path. When the al- ready-labeled packets reach the start of this path, another label is added to the front. This is called a stack of labels. The outermost label guides the packets along the path. It is removed at the end of the path, and the labels revealed, if any, are used to forward the packet further. The S bit in Fig. 5-62 allows a router removing a label to know if there are any additional labels left. It is set to 1 for the bottom label and 0 for all the other labels. The final question we will ask is how the label forwarding tables are set up so that packets follow them. This is one area of major difference between MPLS and conventional virtual-circuit designs. In traditional virtual-circuit networks, when a user wants to establish a connection, a setup packet is launched into the network to create the path and make the forwarding table entries. MPLS does not involve users in the setup phase. Requiring users to do anything other than send a datagram would break too much existing Internet software. Instead, the forwarding information is set up by protocols that are a combina- tion of routing protocols and connection setup protocols. These control protocols are cleanly separated from label forwarding, which allows multiple, different con- trol protocols to be used. One of the variants works like this. When a router is booted, it checks to see which routes it is the final destination for (e.g., which pre- fixes belong to its interfaces). It then creates one or more FECs for them, allo- cates a label for each one, and passes the labels to its neighbors. They, in turn, enter the labels in their forwarding tables and send new labels to their neighbors, until all the routers have acquired the path. Resources can also be reserved as the 474 THE NETWORK LAYER CHAP. 5 path is constructed to guarantee an appropriate quality of service. Other variants can set up different paths, such as traffic engineering paths that take unused ca- pacity into account, and create paths on-demand to support service offerings such as quality of service. Although the basic ideas behind MPLS are straightforward, the details are complicated, with many variations and use cases that are being actively devel- oped. For more information, see Davie and Farrel (2008) and Davie and Rekhter (2000). 5.6.6 OSPF—An Interior Gateway Routing Protocol We have now finished our study of how packets are forwarded in the Internet. It is time to move on to the next topic: routing in the Internet. As we mentioned earlier, the Internet is made up of a large number of independent networks or ASes (Autonomous Systems) that are operated by different organizations, usually a company, university, or ISP. Inside of its own network, an organization can use its own algorithm for internal routing, or intradomain routing, as it is more com- monly known. Nevertheless, there are only a handful of standard protocols that are popular. In this section, we will study the problem of intradomain routing and look at the OSPF protocol that is widely used in practice. An intradomain routing protocol is also called an interior gateway protocol. In the next section, we will study the problem of routing between independently operated networks, or inter- domain routing. For that case, all networks must use the same interdomain rout- ing protocol or exterior gateway protocol. The protocol that is used in the Inter- net is BGP (Border Gateway Protocol). Early intradomain routing protocols used a distance vector design, based on the distributed Bellman-Ford algorithm inherited from the ARPANET. RIP (Rout- ing Information Protocol) is the main example that is used to this day. It works well in small systems, but less well as networks get larger. It also suffers from the count-to-infinity problem and generally slow convergence. The ARPANET switched over to a link state protocol in May 1979 because of these problems, and in 1988 IETF began work on a link state protocol for intradomain routing. That protocol, called OSPF (Open Shortest Path First), became a standard in 1990. It drew on a protocol called IS-IS (Intermediate-System to Intermediate-Sys- tem), which became an ISO standard. Because of their shared heritage, the two protocols are much more alike than different. For the complete story, see RFC 2328. They are the dominant intradomain routing protocols, and most router ven- dors now support both of them. OSPF is more widely used in company networks, and IS-IS is more widely used in ISP networks. Of the two, we will give a sketch of how OSPF works. Given the long experience with other routing protocols, the group designing OSPF had a long list of requirements that had to be met. First, the algorithm had to be published in the open literature, hence the ‘‘O’’ in OSPF. A proprietary SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 475 solution owned by one company would not do. Second, the new protocol had to support a variety of distance metrics, including physical distance, delay, and so on. Third, it had to be a dynamic algorithm, one that adapted to changes in the topology automatically and quickly. Fourth, and new for OSPF, it had to support routing based on type of service. The new protocol had to be able to route real-time traffic one way and other traf- fic a different way. At the time, IP had a Type of service field, but no existing routing protocol used it. This field was included in OSPF but still nobody used it, and it was eventually removed. Perhaps this requirement was ahead of its time, as it preceded IETF’s work on differentiated services, which has rejuvenated classes of service. Fifth, and related to the above, OSPF had to do load balancing, splitting the load over multiple lines. Most previous protocols sent all packets over a single best route, even if there were two routes that were equally good. The other route was not used at all. In many cases, splitting the load over multiple routes gives better performance. Sixth, support for hierarchical systems was needed. By 1988, some networks had grown so large that no router could be expected to know the entire topology. OSPF had to be designed so that no router would have to. Seventh, some modicum of security was required to prevent fun-loving stu- dents from spoofing routers by sending them false routing information. Finally, provision was needed for dealing with routers that were connected to the Internet via a tunnel. Previous protocols did not handle this well. OSPF supports both point-to-point links (e.g., SONET) and broadcast net- works (e.g., most LANs). Actually, it is able to support networks with multiple routers, each of which can communicate directly with the others (called multiac- cess networks) even if they do not have broadcast capability. Earlier protocols did not handle this case well. An example of an autonomous system network is given in Fig. 5-64(a). Hosts are omitted because they do not generally play a role in OSPF, while routers and networks (which may contain hosts) do. Most of the routers in Fig. 5-64(a) are connected to other routers by point-to-point links, and to networks to reach the hosts on those networks. However, routers R3, R4, and R5 are connected by a broadcast LAN such as switched Ethernet. OSPF operates by abstracting the collection of actual networks, routers, and links into a directed graph in which each arc is assigned a weight (distance, delay, etc.). A point-to-point connection between two routers is represented by a pair of arcs, one in each direction. Their weights may be different. A broadcast network is represented by a node for the network itself, plus a node for each router. The arcs from that network node to the routers have weight 0. They are important nonetheless, as without them there is no path through the network. Other net- works, which have only hosts, have only an arc reaching them and not one re- turning. This structure gives routes to hosts, but not through them. 476 THE NETWORK LAYER CHAP. 5 LAN 1 LAN 2 LAN 4 LAN 3 R4R2 R1 R3 R5 R4 R2 R1 R3 R5LAN 1 LAN 2 LAN 1 LAN 4 (a) (b) 0 0 03 3 4 5 8 7 5 5 44 1 1 Figure 5-64. (a) An autonomous system. (b) A graph representation of (a). Figure 5-64(b) shows the graph representation of the network of Fig. 5-64(a). What OSPF fundamentally does is represent the actual network as a graph like this and then use the link state method to have every router compute the shortest path from itself to all other nodes. Multiple paths may be found that are equally short. In this case, OSPF remembers the set of shortest paths and during packet forwarding, traffic is split across them. This helps to balance load. It is called ECMP (Equal Cost MultiPath). Many of the ASes in the Internet are themselves large and nontrivial to man- age. To work at this scale, OSPF allows an AS to be divided into numbered areas, where an area is a network or a set of contiguous networks. Areas do not overlap but need not be exhaustive, that is, some routers may belong to no area. Routers that lie wholly within an area are called internal routers. An area is a generalization of an individual network. Outside an area, its destinations are visi- ble but not its topology. This characteristic helps routing to scale. Every AS has a backbone area, called area 0. The routers in this area are called backbone routers. All areas are connected to the backbone, possibly by tunnels, so it is possible to go from any area in the AS to any other area in the AS via the backbone. A tunnel is represented in the graph as just another arc with a cost. As with other areas, the topology of the backbone is not visible outside the backbone. Each router that is connected to two or more areas is called an area border router. It must also be part of the backbone. The job of an area border router is to summarize the destinations in one area and to inject this summary into the other SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 477 areas to which it is connected. This summary includes cost information but not all the details of the topology within an area. Passing cost information allows hosts in other areas to find the best area border router to use to enter an area. Not passing topology information reduces traffic and simplifies the shortest-path computations of routers in other areas. However, if there is only one border router out of an area, even the summary does not need to be passed. Routes to destinations out of the area always start with the instruction ‘‘Go to the border router.’’ This kind of area is called a stub area. The last kind of router is the AS boundary router. It injects routes to exter- nal destinations on other ASes into the area. The external routes then appear as destinations that can be reached via the AS boundary router with some cost. An external route can be injected at one or more AS boundary routers. The relation- ship between ASes, areas, and the various kinds of routers is shown in Fig. 5-65. One router may play multiple roles, for example, a border router is also a back- bone router. Area 0 (backbone) Area 1Area 2 (stub) Backbone router AS boundary router Internal router Area border router One autonomous system Figure 5-65. The relation between ASes, backbones, and areas in OSPF. During normal operation, each router within an area has the same link state database and runs the same shortest path algorithm. Its main job is to calculate the shortest path from itself to every other router and network in the entire AS. An area border router needs the databases for all the areas to which it is connected and must run the shortest path algorithm for each area separately. For a source and destination in the same area, the best intra-area route (that lies wholly within the area) is chosen. For a source and destination in different areas, the inter-area route must go from the source to the backbone, across the backbone to the destination area, and then to the destination. This algorithm forces a star configuration on OSPF, with the backbone being the hub and the other areas being spokes. Because the route with the lowest cost is chosen, rout- ers in different parts of the network may use different area border routers to enter the backbone and destination area. Packets are routed from source to destination ‘‘as is.’’ They are not encapsulated or tunneled (unless going to an area whose 478 THE NETWORK LAYER CHAP. 5 only connection to the backbone is a tunnel). Also, routes to external destinations may include the external cost from the AS boundary router over the external path, if desired, or just the cost internal to the AS. When a router boots, it sends HELLO messages on all of its point-to-point lines and multicasts them on LANs to the group consisting of all the other routers. From the responses, each router learns who its neighbors are. Routers on the same LAN are all neighbors. OSPF works by exchanging information between adjacent routers, which is not the same as between neighboring routers. In particular, it is inefficient to have every router on a LAN talk to every other router on the LAN. To avoid this situa- tion, one router is elected as the designated router. It is said to be adjacent to all the other routers on its LAN, and exchanges information with them. In effect, it is acting as the single node that represents the LAN. Neighboring routers that are not adjacent do not exchange information with each other. A backup de- signated router is always kept up to date to ease the transition should the primary designated router crash and need to be replaced immediately. During normal operation, each router periodically floods LINK STATE UPDATE messages to each of its adjacent routers. These messages gives its state and provide the costs used in the topological database. The flooding messages are acknowledged, to make them reliable. Each message has a sequence number, so a router can see whether an incoming LINK STATE UPDATE is older or newer than what it currently has. Routers also send these messages when a link goes up or down or its cost changes. DATABASE DESCRIPTION messages give the sequence numbers of all the link state entries currently held by the sender. By comparing its own values with those of the sender, the receiver can determine who has the most recent values. These messages are used when a link is brought up. Either partner can request link state information from the other one by using LINK STATE REQUEST messages. The result of this algorithm is that each pair of adjacent routers checks to see who has the most recent data, and new information is spread throughout the area this way. All these messages are sent directly in IP packets. The five kinds of messages are summarized in Fig. 5-66. Message type Description Hello Used to discover who the neighbors are Link state update Provides the sender’s costs to its neighbors Link state ack Acknowledges link state update Database description Announces which updates the sender has Link state request Requests information from the partner Figure 5-66. The five types of OSPF messages. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 479 Finally, we can put all the pieces together. Using flooding, each router informs all the other routers in its area of its links to other routers and networks and the cost of these links. This information allows each router to construct the graph for its area(s) and compute the shortest paths. The backbone area does this work, too. In addition, the backbone routers accept information from the area border routers in order to compute the best route from each backbone router to every other router. This information is propagated back to the area border routers, which advertise it within their areas. Using this information, internal routers can select the best route to a destination outside their area, including the best exit router to the backbone. 5.6.7 BGP—The Exterior Gateway Routing Protocol Within a single AS, OSPF and IS-IS are the protocols that are commonly used. Between ASes, a different protocol, called BGP (Border Gateway Proto- col), is used. A different protocol is needed because the goals of an intradomain protocol and an interdomain protocol are not the same. All an intradomain proto- col has to do is move packets as efficiently as possible from the source to the dest- ination. It does not have to worry about politics. In contrast, interdomain routing protocols have to worry about politics a great deal (Metz, 2001). For example, a corporate AS might want the ability to send packets to any Internet site and receive packets from any Internet site. However, it might be unwilling to carry transit packets originating in a foreign AS and end- ing in a different foreign AS, even if its own AS is on the shortest path between the two foreign ASes (‘‘That’s their problem, not ours’’). On the other hand, it might be willing to carry transit traffic for its neighbors, or even for specific other ASes that paid it for this service. Telephone companies, for example, might be happy to act as carriers for their customers, but not for others. Exterior gateway protocols in general, and BGP in particular, have been designed to allow many kinds of routing policies to be enforced in the interAS traffic. Typical policies involve political, security, or economic considerations. A few examples of possible routing constraints are: 1. Do not carry commercial traffic on the educational network. 2. Never send traffic from the Pentagon on a route through Iraq. 3. Use TeliaSonera instead of Verizon because it is cheaper. 4. Don’t use AT&T in Australia because performance is poor. 5. Traffic starting or ending at Apple should not transit Google. As you might imagine from this list, routing policies can be highly individual. They are often proprietary because they contain sensitive business information. 480 THE NETWORK LAYER CHAP. 5 However, we can describe some patterns that capture the reasoning of the com- pany above and that are often used as a starting point. A routing policy is implemented by deciding what traffic can flow over which of the links between ASes. One common policy is that a customer ISP pays anoth- er provider ISP to deliver packets to any other destination on the Internet and re- ceive packets sent from any other destination. The customer ISP is said to buy transit service from the provider ISP. This is just like a customer at home buying Internet access service from an ISP. To make it work, the provider should adver- tise routes to all destinations on the Internet to the customer over the link that con- nects them. In this way, the customer will have a route to use to send packets anywhere. Conversely, the customer should advertise routes only to the destina- tions on its network to the provider. This will let the provider send traffic to the customer only for those addresses; the customer does not want to handle traffic in- tended for other destinations. We can see an example of transit service in Fig. 5-67. There are four ASes that are connected. The connection is often made with a link at IXPs (Internet eXchange Points), facilities to which many ISPs have a link for the purpose of connecting with other ISPs. AS2, AS3, and AS4 are customers of AS1. They buy transit service from it. Thus, when source A sends to destination C, the packets travel from AS2 to AS1 and finally to AS4. The routing advertisements travel in the opposite direction to the packets. AS4 advertises C as a destination to its tran- sit provider, AS1, to let sources reach C via AS1. Later, AS1 advertises a route to C to its other customers, including AS2, to let the customers know that they can send traffic to C via AS1. TR AS1 AS2 AS3 AS4 A PE CU PE CU CU TR TR Path of BGP routing advertisements (dash) Path of IP packets (solid) Routing policy: TR = Transit CU = Customer PE = Peer B C Figure 5-67. Routing policies between four autonomous systems. In Fig. 5-67, all of the other ASes buy transit service from AS1. This provides them with connectivity so they can interact with any host on the Internet. Howev- er, they have to pay for this privilege. Suppose that AS2 and AS3 exchange a lot of traffic. Given that their networks are connected already, if they want to, they SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 481 can use a different policy—they can send traffic directly to each other for free. This will reduce the amount of traffic they must have AS1 deliver on their behalf, and hopefully it will reduce their bills. This policy is called peering. To implement peering, two ASes send routing advertisements to each other for the addresses that reside in their networks. Doing so makes it possible for AS2 to send AS3 packets from A destined to B and vice versa. However, note that peering is not transitive. In Fig. 5-67, AS3 and AS4 also peer with each other. This peering allows traffic from C destined for B to be sent directly to AS4. What hap- pens if C sends a packet to A? AS3 is only advertising a route to B to AS4. It is not advertising a route to A. The consequence is that traffic will not pass from AS4 to AS3 to AS2, even though a physical path exists. This restriction is exactly what AS3 wants. It peers with AS4 to exchange traffic, but does not want to carry traffic from AS4 to other parts of the Internet since it is not being paid to so do. In- stead, AS4 gets transit service from AS1. Thus, it is AS1 who will carry the packet from C to A. Now that we know about transit and peering, we can also see that A, B, and C have transit arrangements. For example, A must buy Internet access from AS2. A might be a single home computer or a company network with many LANs. How- ever, it does not need to run BGP because it is a stub network that is connected to the rest of the Internet by only one link. So the only place for it to send packets destined outside of the network is over the link to AS2. There is nowhere else to go. This path can be arranged simply by setting up a default route. For this rea- son, we have not shown A, B, and C as ASes that participate in interdomain rout- ing. On the other hand, some company networks are connected to multiple ISPs. This technique is used to improve reliability, since if the path through one ISP fails, the company can use the path via the other ISP. This technique is called multihoming. In this case, the company network is likely to run an interdomain routing protocol (e.g., BGP) to tell other ASes which addresses should be reached via which ISP links. Many variations on these transit and peering policies are possible, but they al- ready illustrate how business relationships and control over where route advertise- ments go can implement different kinds of policies. Now we will consider in more detail how routers running BGP advertise routes to each other and select paths over which to forward packets. BGP is a form of distance vector protocol, but it is quite unlike intradomain distance vector protocols such as RIP. We have already seen that policy, instead of minimum distance, is used to pick which routes to use. Another large dif- ference is that instead of maintaining just the cost of the route to each destination, each BGP router keeps track of the path used. This approach is called a path vec- tor protocol. The path consists of the next hop router (which may be on the other side of the ISP, not adjacent) and the sequence of ASes, or AS path, that the route has followed (given in reverse order). Finally, pairs of BGP routers communicate 482 THE NETWORK LAYER CHAP. 5 with each other by establishing TCP connections. Operating this way provides re- liable communication and also hides all the details of the network being passed through. An example of how BGP routes are advertised is shown in Fig. 5-68. There are three ASes and the middle one is providing transit to the left and right ISPs. A route advertisement to prefix C starts in AS3. When it is propagated across the link to R2c at the top of the figure, it has the AS path of simply AS3 and the next hop router of R3a. At the bottom, it has the same AS path but a different next hop because it came across a different link. This advertisement continues to propagate and crosses the boundary into AS1. At router R1a, at the top of the figure, the AS path is AS2, AS3 and the next hop is R2a. R3a Prefix A B C AS1 AS2 AS3 Path of packets R3b R2c R2d R2a R2b R1a R1b C, AS3, R3aC, AS2, AS3, R2a C, AS2, AS3, R2b C, AS2, AS3, R1a C, AS2, AS3, R1b AS path Next hop C, AS3, R3b Figure 5-68. Propagation of BGP route advertisements. Carrying the complete path with the route makes it easy for the receiving router to detect and break routing loops. The rule is that each router that sends a route outside of the AS prepends its own AS number to the route. (This is why the list is in reverse order.) When a router receives a route, it checks to see if its own AS number is already in the AS path. If it is, a loop has been detected and the advertisement is discarded. However, and somewhat ironically, it was realized in the late 1990s that despite this precaution BGP suffers from a version of the count-to-infinity problem (Labovitz et al., 2001). There are no long-lived loops, but routes can sometimes be slow to converge and have transient loops. Giving a list of ASes is a very coarse way to specify a path. An AS might be a small company, or an international backbone network. There is no way of telling from the route. BGP does not even try because different ASes may use different intradomain protocols whose costs cannot be compared. Even if they could be compared, an AS may not want to reveal its internal metrics. This is one of the ways that interdomain routing protocols differ from intradomain protocols. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 483 So far we have seen how a route advertisement is sent across the link between two ISPs. We still need some way to propagate BGP routes from one side of the ISP to the other, so they can be sent on to the next ISP. This task could be handled by the intradomain protocol, but because BGP is very good at scaling to large net- works, a variant of BGP is often used. It is called iBGP (internal BGP) to distin- guish it from the regular use of BGP as eBGP (external BGP). The rule for propagating routes inside an ISP is that every router at the bound- ary of the ISP learns of all the routes seen by all the other boundary routers, for consistency. If one boundary router on the ISP learns of a prefix to IP 128.208.0.0/16, all the other routers will learn of this prefix. The prefix will then be reachable from all parts of the ISP, no matter how packets enter the ISP from other ASes. We have not shown this propagation in Fig. 5-68 to avoid clutter, but, for ex- ample, router R2b will know that it can reach C via either router R2c at top or router R2d at bottom. The next hop is updated as the route crosses within the ISP so that routers on the far side of the ISP know which router to use to exit the ISP on the other side. This can be seen in the leftmost routes in which the next hop points to a router in the same ISP and not a router in the next ISP. We can now describe the key missing piece, which is how BGP routers choose which route to use for each destination. Each BGP router may learn a route for a given destination from the router it is connected to in the next ISP and from all of the other boundary routers (which have heard different routes from the routers they are connected to in other ISPs). Each router must decide which route in this set of routes is the best one to use. Ultimately the answer is that it is up to the ISP to write some policy to pick the preferred route. However, this explana- tion is very general and not at all satisfying, so we can at least describe some common strategies. The first strategy is that routes via peered networks are chosen in preference to routes via transit providers. The former are free; the latter cost money. A simi- lar strategy is that customer routes are given the highest preference. It is only good business to send traffic directly to the paying customers. A different kind of strategy is the default rule that shorter AS paths are better. This is debatable given that an AS could be a network of any size, so a path through three small ASes could actually be shorter than a path through one big AS. However, shorter tends to be better on average, and this rule is a common tiebreaker. The final strategy is to prefer the route that has the lowest cost within the ISP. This is the strategy implemented in Fig. 5-68. Packets sent from A to C exit AS1 at the top router, R1a. Packets sent from B exit via the bottom router, R1b. The reason is that both A and B are taking the lowest-cost path or quickest route out of AS1. Because they are located in different parts of the ISP, the quickest exit for each one is different. The same thing happens as the packets pass through AS2. On the last leg, AS3 has to carry the packet from B through its own network. 484 THE NETWORK LAYER CHAP. 5 This strategy is known as early exit or hot-potato routing. It has the curious side effect of tending to make routes asymmetric. For example, consider the path taken when C sends a packet back to B. The packet will exit AS3 quickly, at the top router, to avoid wasting its resources. Similarly, it will stay at the top when AS2 passes it to AS1 as quickly as possible. Then the packet will have a longer journey in AS1. This is a mirror image of the path taken from B to C. The above discussion should make clear that each BGP router chooses its own best route from the known possibilities. It is not the case, as might naively be ex- pected, that BGP chooses a path to follow at the AS level and OSPF chooses paths within each of the ASes. BGP and the interior gateway protocol are integrated much more deeply. This means that, for example, BGP can find the best exit point from one ISP to the next and this point will vary across the ISP, as in the case of the hot-potato policy. It also means that BGP routers in different parts of one AS may choose different AS paths to reach the same destination. Care must be exercised by the ISP to configure all of the BGP routers to make compatible choices given all of this freedom, but this can be done in practice. Amazingly, we have only scratched the surface of BGP. For more infor- mation, see the BGP version 4 specification in RFC 4271 and related RFCs. However, realize that much of its complexity lies with policies, which are not de- scribed in the specification of the BGP protocol. 5.6.8 Internet Multicasting Normal IP communication is between one sender and one receiver. However, for some applications, it is useful for a process to be able to send to a large num- ber of receivers simultaneously. Examples are streaming a live sports event to many viewers, delivering program updates to a pool of replicated servers, and handling digital conference (i.e., multiparty) telephone calls. IP supports one-to-many communication, or multicasting, using class D IP ad- dresses. Each class D address identifies a group of hosts. Twenty-eight bits are available for identifying groups, so over 250 million groups can exist at the same time. When a process sends a packet to a class D address, a best-effort attempt is made to deliver it to all the members of the group addressed, but no guarantees are given. Some members may not get the packet. The range of IP addresses 224.0.0.0/24 is reserved for multicast on the local network. In this case, no routing protocol is needed. The packets are multicast by simply broadcasting them on the LAN with a multicast address. All hosts on the LAN receive the broadcasts, and hosts that are members of the group process the packet. Routers do not forward the packet off the LAN. Some examples of local multicast addresses are: 224.0.0.1 All systems on a LAN 224.0.0.2 All routers on a LAN 224.0.0.5 All OSPF routers on a LAN 224.0.0.251 All DNS servers on a LAN SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 485 Other multicast addresses may have members on different networks. In this case, a routing protocol is needed. But first the multicast routers need to know which hosts are members of a group. A process asks its host to join in a specific group. It can also ask its host to leave the group. Each host keeps track of which groups its processes currently belong to. When the last process on a host leaves a group, the host is no longer a member of that group. About once a minute, each multicast router sends a query packet to all the hosts on its LAN (using the local multicast address of 224.0.0.1, of course) asking them to report back on the groups to which they currently belong. The multicast routers may or may not be colocated with the standard routers. Each host sends back responses for all the class D addresses it is interested in. These query and response packets use a pro- tocol called IGMP (Internet Group Management Protocol). It is described in RFC 3376. Any of several multicast routing protocols may be used to build multicast spanning trees that give paths from senders to all of the members of the group. The algorithms that are used are the ones we described in Sec. 5.2.8. Within an AS, the main protocol used is PIM (Protocol Independent Multicast). PIM comes in several flavors. In Dense Mode PIM, a pruned reverse path forwarding tree is created. This is suited to situations in which members are everywhere in the network, such as distributing files to many servers within a data center net- work. In Sparse Mode PIM, spanning trees that are built are similar to core-based trees. This is suited to situations such as a content provider multicasting TV to subscribers on its IP network. A variant of this design, called Source-Specific Multicast PIM, is optimized for the case that there is only one sender to the group. Finally, multicast extensions to BGP or tunnels need to be used to create multicast routes when the group members are in more than one AS. 5.6.9 Mobile IP Many users of the Internet have mobile computers and want to stay connected when they are away from home and even on the road in between. Unfortunately, the IP addressing system makes working far from home easier said than done, as we will describe shortly. When people began demanding the ability anyway, IETF set up a Working Group to find a solution. The Working Group quickly for- mulated a number of goals considered desirable in any solution. The major ones were: 1. Each mobile host must be able to use its home IP address anywhere. 2. Software changes to the fixed hosts were not permitted. 3. Changes to the router software and tables were not permitted. 4. Most packets for mobile hosts should not make detours on the way. 5. No overhead should be incurred when a mobile host is at home. 486 THE NETWORK LAYER CHAP. 5 The solution chosen was the one described in Sec. 5.2.10. In brief, every site that wants to allow its users to roam has to create a helper at the site called a home agent. When a mobile host shows up at a foreign site, it obtains a new IP address (called a care-of address) at the foreign site. The mobile then tells the home agent where it is now by giving it the care-of address. When a packet for the mobile arrives at the home site and the mobile is elsewhere, the home agent grabs the packet and tunnels it to the mobile at the current care-of address. The mobile can send reply packets directly to whoever it is communicating with, but still using its home address as the source address. This solution meets all the re- quirements stated above except that packets for mobile hosts do make detours. Now that we have covered the network layer of the Internet, we can go into the solution in more detail. The need for mobility support in the first place comes from the IP addressing scheme itself. Every IP address contains a network num- ber and a host number. For example, consider the machine with IP address 160.80.40.20/16. The 160.80 gives the network number; the 40.20 is the host number. Routers all over the world have routing tables telling which link to use to get to network 160.80. Whenever a packet comes in with a destination IP address of the form 160.80.xxx.yyy, it goes out on that line. If all of a sudden, the ma- chine with that address is carted off to some distant site, the packets for it will continue to be routed to its home LAN (or router). At this stage, there are two options—both unattractive. The first is that we could create a route to a more specific prefix. That is, if the distant site advertises a route to 160.80.40.20/32, packets sent to the destination will start arriving in the right place again. This option depends on the longest matching prefix algorithm that is used at routers. However, we have added a route to an IP prefix with a sin- gle IP address in it. All ISPs in the world will learn about this prefix. If everyone changes global IP routes in this way when they move their computer, each router would have millions of table entries, at astronomical cost to the Internet. This option is not workable. The second option is to change the IP address of the mobile. True, packets sent to the home IP address will no longer be delivered until all the relevant peo- ple, programs, and databases are informed of the change. But the mobile can still use the Internet at the new location to browse the Web and run other applications. This option handles mobility at a higher layer. It is what typically happens when a user takes a laptop to a coffee store and uses the Internet via the local wireless network. The disadvantage is that it breaks some applications, and it does not keep connectivity as the mobile moves around. As an aside, mobility can also be handled at a lower layer, the link layer. This is what happens when using a laptop on a single 802.11 wireless network. The IP address of the mobile does not change and the network path remains the same. It is the wireless link that is providing mobility. However, the degree of mobility is limited. If the laptop moves too far, it will have to connect to the Internet via an- other network with a different IP address. SEC. 5.6 THE NETWORK LAYER IN THE INTERNET 487 The mobile IP solution for IPv4 is given in RFC 3344. It works with the existing Internet routing and allows hosts to stay connected with their own IP ad- dresses as they move about. For it to work, the mobile must be able to discover when it has moved. This is accomplished with ICMP router advertisement and solicitation messages. Mobiles listen for periodic router advertisements or send a solicitation to discover the nearest router. If this router is not the usual address of the router when the mobile is at home, it must be on a foreign network. If this router has changed since last time, the mobile has moved to another foreign net- work. This same mechanism lets mobile hosts find their home agents. To get a care-of IP address on the foreign network, a mobile can simply use DHCP. Alternatively, if IPv4 addresses are in short supply, the mobile can send and receive packets via a foreign agent that already has an IP address on the net- work. The mobile host finds a foreign agent using the same ICMP mechanism used to find the home agent. After the mobile obtains an IP address or finds a for- eign agent, it is able to use the network to send a message to its home agent, informing the home agent of its current location. The home agent needs a way to intercept packets sent to the mobile only when the mobile is not at home. ARP provides a convenient mechanism. To send a packet over an Ethernet to an IP host, the router needs to know the Ethernet ad- dress of the host. The usual mechanism is for the router to send an ARP query to ask, for example, what is the Ethernet address of 160.80.40.20. When the mobile is at home, it answers ARP queries for its IP address with its own Ethernet ad- dress. When the mobile is away, the home agent responds to this query by giving its Ethernet address. The router then sends packets for 160.80.40.20 to the home agent. Recall that this is called a proxy ARP. To quickly update ARP mappings back and forth when the mobile leaves home or arrives back home, another ARP technique called a gratuitous ARP can be used. Basically, the mobile or home agent send themselves an ARP query for the mobile IP address that supplies the right answer so that the router notices and updates its mapping. Tunneling to send a packet between the home agent and the mobile host at the care-of address is done by encapsulating the packet with another IP header des- tined for the care-of address. When the encapsulated packet arrives at the care-of address, the outer IP header is removed to reveal the packet. As with many Internet protocols, the devil is in the details, and most often the details of compatibility with other protocols that are deployed. There are two complications. First, NAT boxes depend on peeking past the IP header to look at the TCP or UDP header. The original form of tunneling for mobile IP did not use these headers, so it did not work with NAT boxes. The solution was to change the encapsulation to include a UDP header. The second complication is that some ISPs check the source IP addresses of packets to see that they match where the routing protocol believes the source should be located. This technique is called ingress filtering, and it is a security 488 THE NETWORK LAYER CHAP. 5 measure intended to discard traffic with seemingly incorrect addresses that may be malicious. However, packets sent from the mobile to other Internet hosts when it is on a foreign network will have a source IP address that is out of place, so they will be discarded. To get around this problem, the mobile can use the care-of ad- dress as a source to tunnel the packets back to the home agent. From here, they are sent into the Internet from what appears to be the right location. The cost is that the route is more roundabout. Another issue we have not discussed is security. When a home agent gets a message asking it to please forward all of Roberta’s packets to some IP address, it had better not comply unless it is convinced that Roberta is the source of this re- quest, and not somebody trying to impersonate her. Cryptographic authentication protocols are used for this purpose. We will study such protocols in Chap. 8. Mobility protocols for IPv6 build on the IPv4 foundation. The scheme above suffers from the triangle routing problem in which packets sent to the mobile take a dogleg through a distant home agent. In IPv6, route optimization is used to fol- low a direct path between the mobile and other IP addresses after the initial pack- ets have followed the long route. Mobile IPv6 is defined in RFC 3775. There is another kind of mobility that is also being defined for the Internet. Some airplanes have built-in wireless networking that passengers can use to con- nect their laptops to the Internet. The plane has a router that connects to the rest of the Internet via a wireless link. (Did you expect a wired link?) So now we have a flying router, which means that the whole network is mobile. Network mobility designs support this situation without the laptops realizing that the plane is mobile. As far as they are concerned, it is just another network. Of course, some of the laptops may be using mobile IP to keep their home addresses while they are on the plane, so we have two levels of mobility. Network mobility is de- fined for IPv6 in RFC 3963. 5.7 SUMMARY The network layer provides services to the transport layer. It can be based on either datagrams or virtual circuits. In both cases, its main job is routing packets from the source to the destination. In datagram networks, a routing decision is made on every packet. In virtual-circuit networks, it is made when the virtual cir- cuit is set up. Many routing algorithms are used in computer networks. Flooding is a simple algorithm to send a packet along all paths. Most algorithms find the shortest path and adapt to changes in the network topology. The main algorithms are distance vector routing and link state routing. Most actual networks use one of these. Other important routing topics are the use of hierarchy in large networks, routing for mobile hosts, and broadcast, multicast, and anycast routing. SEC. 5.7 SUMMARY 489 Networks can easily become congested, leading to increased delay and lost packets. Network designers attempt to avoid congestion by designing the network to have enough capacity, choosing uncongested routes, refusing to accept more traffic, signaling sources to slow down, and shedding load. The next step beyond just dealing with congestion is to actually try to achieve a promised quality of service. Some applications care more about throughput whereas others care more about delay and jitter. The methods that can be used to provide different qualities of service include a combination of traffic shaping, reserving resources at routers, and admission control. Approaches that have been designed for good quality of service include IETF integrated services (including RSVP) and differentiated services. Networks differ in various ways, so when multiple networks are intercon- nected, problems can occur. When different networks have different maximum packet sizes, fragmentation may be needed. Different networks may run different routing protocols internally but need to run a common protocol externally. Some- times the problems can be finessed by tunneling a packet through a hostile net- work, but if the source and destination networks are different, this approach fails. The Internet has a rich variety of protocols related to the network layer. These include the datagram protocol, IP, and associated control protocols such as ICMP, ARP, and DHCP. A connection-oriented protocol called MPLS carries IP packets across some networks. One of the main routing protocols used within net- works is OSPF, and the routing protocol used across networks is BGP. The Inter- net is rapidly running out of IP addresses, so a new version of IP, IPv6, has been developed and is ever-so-slowly being deployed. PROBLEMS 1. Give two example computer applications for which connection-oriented service is ap- propriate. Now give two examples for which connectionless service is best. 2. Datagram networks route each packet as a separate unit, independent of all others. Virtual-circuit networks do not have to do this, since each data packet follows a prede- termined route. Does this observation mean that virtual-circuit networks do not need the capability to route isolated packets from an arbitrary source to an arbitrary destina- tion? Explain your answer. 3. Give three examples of protocol parameters that might be negotiated when a con- nection is set up. 4. Assuming that all routers and hosts are working properly and that all software in both is free of all errors, is there any chance, however small, that a packet will be delivered to the wrong destination? 490 THE NETWORK LAYER CHAP. 5 5. Give a simple heuristic for finding two paths through a network from a given source to a given destination that can survive the loss of any communication line (assuming two such paths exist). The routers are considered reliable enough, so it is not necessary to worry about the possibility of router crashes. 6. Consider the network of Fig. 5-12(a). Distance vector routing is used, and the follow- ing vectors have just come in to router C: from B: (5, 0, 8, 12, 6, 2); from D: (16, 12, 6, 0, 9, 10); and from E: (7, 6, 3, 9, 0, 4). The cost of the links from C to B, D, and E, are 6, 3, and 5, respectively. What is C’s new routing table? Give both the outgoing line to use and the cost. 7. If costs are recorded as 8-bit numbers in a 50-router network, and distance vectors are exchanged twice a second, how much bandwidth per (full-duplex) line is chewed up by the distributed routing algorithm? Assume that each router has three lines to other routers. 8. In Fig. 5-13 the Boolean OR of the two sets of ACF bits are 111 in every row. Is this just an accident here, or does it hold for all networks under all circumstances? 9. For hierarchical routing with 4800 routers, what region and cluster sizes should be chosen to minimize the size of the routing table for a three-layer hierarchy? A good starting place is the hypothesis that a solution with k clusters of k regions of k routers is close to optimal, which means that k is about the cube root of 4800 (around 16). Use trial and error to check out combinations where all three parameters are in the general vicinity of 16. 10. In the text it was stated that when a mobile host is not at home, packets sent to its home LAN are intercepted by its home agent on that LAN. For an IP network on an 802.3 LAN, how does the home agent accomplish this interception? 11. Looking at the network of Fig. 5-6, how many packets are generated by a broadcast from B, using (a) reverse path forwarding? (b) the sink tree? 12. Consider the network of Fig. 5-15(a). Imagine that one new line is added, between F and G, but the sink tree of Fig. 5-15(b) remains unchanged. What changes occur to Fig. 5-15(c)? 13. Compute a multicast spanning tree for router C in the following network for a group with members at routers A, B, C, D, E, F, I, and K. A G H I L D K B C F E J CHAP. 5 PROBLEMS 491 14. Suppose that node B in Fig. 5-20 has just rebooted and has no routing information in its tables. It suddenly needs a route to H. It sends out broadcasts with TtL set to 1, 2, 3, and so on. How many rounds does it take to find a route? 15. As a possible congestion control mechanism in a network using virtual circuits inter- nally, a router could refrain from acknowledging a received packet until (1) it knows its last transmission along the virtual circuit was received successfully and (2) it has a free buffer. For simplicity, assume that the routers use a stop-and-wait protocol and that each virtual circuit has one buffer dedicated to it for each direction of traffic. If it takes T sec to transmit a packet (data or acknowledgement) and there are n routers on the path, what is the rate at which packets are delivered to the destination host? As- sume that transmission errors are rare and that the host-router connection is infinitely fast. 16. A datagram network allows routers to drop packets whenever they need to. The probability of a router discarding a packet is p. Consider the case of a source host connected to the source router, which is connected to the destination router, and then to the destination host. If either of the routers discards a packet, the source host even- tually times out and tries again. If both host-router and router-router lines are counted as hops, what is the mean number of (a) hops a packet makes per transmission? (b) transmissions a packet makes? (c) hops required per received packet? 17. Describe two major differences between the ECN method and the RED method of congestion avoidance. 18. A token bucket scheme is used for traffic shaping. A new token is put into the bucket every 5 μsec. Each token is good for one short packet, which contains 48 bytes of data. What is the maximum sustainable data rate? 19. A computer on a 6-Mbps network is regulated by a token bucket. The token bucket is filled at a rate of 1 Mbps. It is initially filled to capacity with 8 megabits. How long can the computer transmit at the full 6 Mbps? 20. The network of Fig. 5-34 uses RSVP with multicast trees for hosts 1 and 2 as shown. Suppose that host 3 requests a channel of bandwidth 2 MB/sec for a flow from host 1 and another channel of bandwidth 1 MB/sec for a flow from host 2. At the same time, host 4 requests a channel of bandwidth 2 MB/sec for a flow from host 1 and host 5 re- quests a channel of bandwidth 1 MB/sec for a flow from host 2. How much total bandwidth will be reserved for these requests at routers A, B, C, E, H, J, K, and L? 21. A router can process 2 million packets/sec. The load offered to it is 1.5 million pack- ets/sec on average. If a route from source to destination contains 10 routers, how much time is spent being queued and serviced by the router? 22. Consider the user of differentiated services with expedited forwarding. Is there a guarantee that expedited packets experience a shorter delay than regular packets? Why or why not? 492 THE NETWORK LAYER CHAP. 5 23. Suppose that host A is connected to a router R 1, R 1 is connected to another router, R 2, and R 2 is connected to host B. Suppose that a TCP message that contains 900 bytes of data and 20 bytes of TCP header is passed to the IP code at host A for deliv- ery to B. Show the Total length, Identification, DF, MF, and Fragment offset fields of the IP header in each packet transmitted over the three links. Assume that link A-R1 can support a maximum frame size of 1024 bytes including a 14-byte frame header, link R1-R2 can support a maximum frame size of 512 bytes, including an 8-byte frame header, and link R2-B can support a maximum frame size of 512 bytes including a 12-byte frame header. 24. A router is blasting out IP packets whose total length (data plus header) is 1024 bytes. Assuming that packets live for 10 sec, what is the maximum line speed the router can operate at without danger of cycling through the IP datagram ID number space? 25. An IP datagram using the Strict source routing option has to be fragmented. Do you think the option is copied into each fragment, or is it sufficient to just put it in the first fragment? Explain your answer. 26. Suppose that instead of using 16 bits for the network part of a class B address origi- nally, 20 bits had been used. How many class B networks would there have been? 27. Convert the IP address whose hexadecimal representation is C22F1582 to dotted decimal notation. 28. A network on the Internet has a subnet mask of 255.255.240.0. What is the maximum number of hosts it can handle? 29. While IP addresses are tried to specific networks, Ethernet addresses are not. Can you think of a good reason why they are not? 30. A large number of consecutive IP addresses are available starting at 198.16.0.0. Sup- pose that four organizations, A, B, C, and D, request 4000, 2000, 4000, and 8000 ad- dresses, respectively, and in that order. For each of these, give the first IP address as- signed, the last IP address assigned, and the mask in the w.x.y.z/s notation. 31. A router has just received the following new IP addresses: 57.6.96.0/21, 57.6.104.0/21, 57.6.112.0/21, and 57.6.120.0/21. If all of them use the same outgoing line, can they be aggregated? If so, to what? If not, why not? 32. The set of IP addresses from 29.18.0.0 to 19.18.128.255 has been aggregated to 29.18.0.0/17. However, there is a gap of 1024 unassigned addresses from 29.18.60.0 to 29.18.63.255 that are now suddenly assigned to a host using a different outgoing line. Is it now necessary to split up the aggregate address into its constituent blocks, add the new block to the table, and then see if any reaggregation is possible? If not, what can be done instead? 33. A router has the following (CIDR) entries in its routing table: Address/mask Next hop 135.46.56.0/22 Interface 0 135.46.60.0/22 Interface 1 192.53.40.0/23 Router 1 default Router 2 CHAP. 5 PROBLEMS 493 For each of the following IP addresses, what does the router do if a packet with that address arrives? (a) 135.46.63.10 (b) 135.46.57.14 (c) 135.46.52.2 (d) 192.53.40.7 (e) 192.53.56.7 34. Many companies have a policy of having two (or more) routers connecting the com- pany to the Internet to provide some redundancy in case one of them goes down. Is this policy still possible with NAT? Explain your answer. 35. You have just explained the ARP protocol to a friend. When you are all done, he says: ‘‘I’ve got it. ARP provides a service to the network layer, so it is part of the data link layer.’’ What do you say to him? 36. Describe a way to reassemble IP fragments at the destination. 37. Most IP datagram reassembly algorithms have a timer to avoid having a lost fragment tie up reassembly buffers forever. Suppose that a datagram is fragmented into four fragments. The first three fragments arrive, but the last one is delayed. Eventually, the timer goes off and the three fragments in the receiver’s memory are discarded. A little later, the last fragment stumbles in. What should be done with it? 38. In IP, the checksum covers only the header and not the data. Why do you suppose this design was chosen? 39. A person who lives in Boston travels to Minneapolis, taking her portable computer with her. To her surprise, the LAN at her destination in Minneapolis is a wireless IP LAN, so she does not have to plug in. Is it still necessary to go through the entire bus- iness with home agents and foreign agents to make email and other traffic arrive cor- rectly? 40. IPv6 uses 16-byte addresses. If a block of 1 million addresses is allocated every picosecond, how long will the addresses last? 41. The Protocol field used in the IPv4 header is not present in the fixed IPv6 header. Why not? 42. When the IPv6 protocol is introduced, does the ARP protocol have to be changed? If so, are the changes conceptual or technical? 43. Write a program to simulate routing using flooding. Each packet should contain a counter that is decremented on each hop. When the counter gets to zero, the packet is discarded. Time is discrete, with each line handling one packet per time interval. Make three versions of the program: all lines are flooded, all lines except the input line are flooded, and only the (statically chosen) best k lines are flooded. Compare flooding with deterministic routing (k = 1) in terms of both delay and the bandwidth used. 44. Write a program that simulates a computer network using discrete time. The first packet on each router queue makes one hop per time interval. Each router has only a finite number of buffers. If a packet arrives and there is no room for it, it is discarded 494 THE NETWORK LAYER CHAP. 5 and not retransmitted. Instead, there is an end-to-end protocol, complete with time- outs and acknowledgement packets, that eventually regenerates the packet from the source router. Plot the throughput of the network as a function of the end-to-end time- out interval, parameterized by error rate. 45. Write a function to do forwarding in an IP router. The procedure has one parameter, an IP address. It also has access to a global table consisting of an array of triples. Each triple contains three integers: an IP address, a subnet mask, and the outline line to use. The function looks up the IP address in the table using CIDR and returns the line to use as its value. 46. Use the traceroute (UNIX) or tracert (Windows) programs to trace the route from your computer to various universities on other continents. Make a list of transoceanic links you have discovered. Some sites to try are www.berkeley.edu (California) www.mit.edu (Massachusetts) www.vu.nl (Amsterdam) www.ucl.ac.uk (London) www.usyd.edu.au (Sydney) www.u-tokyo.ac.jp (Tokyo) www.uct.ac.za (Cape Town) www.berkeley.edu www.mit.edu www.vu.nl www.ucl.ac.uk www.usyd.edu.au www.u-tokyo.ac.jp www.uct.ac.za 6 THE TRANSPORT LAYER Together with the network layer, the transport layer is the heart of the proto- col hierarchy. The network layer provides end-to-end packet delivery using data- grams or virtual circuits. The transport layer builds on the network layer to pro- vide data transport from a process on a source machine to a process on a destina- tion machine with a desired level of reliability that is independent of the physical networks currently in use. It provides the abstractions that applications need to use the network. Without the transport layer, the whole concept of layered proto- cols would make little sense. In this chapter, we will study the transport layer in detail, including its services and choice of API design to tackle issues of reliabil- ity, connections and congestion control, protocols such as TCP and UDP, and per- formance. 6.1 THE TRANSPORT SERVICE In the following sections, we will provide an introduction to the transport ser- vice. We look at what kind of service is provided to the application layer. To make the issue of transport service more concrete, we will examine two sets of transport layer primitives. First comes a simple (but hypothetical) one to show the basic ideas. Then comes the interface commonly used in the Internet. 495 496 THE TRANSPORT LAYER CHAP. 6 6.1.1 Services Provided to the Upper Layers The ultimate goal of the transport layer is to provide efficient, reliable, and cost-effective data transmission service to its users, normally processes in the ap- plication layer. To achieve this, the transport layer makes use of the services pro- vided by the network layer. The software and/or hardware within the transport layer that does the work is called the transport entity. The transport entity can be located in the operating system kernel, in a library package bound into network applications, in a separate user process, or even on the network interface card. The first two options are most common on the Internet. The (logical) relationship of the network, transport, and application layers is illustrated in Fig. 6-1. Application/transport interface Transport/network interface Application (or session) layer Transport entity Transport address Network address Network layer Application (or session) layer Transport entity Network layer Segment Transport protocol Host 1 Host 2 Figure 6-1. The network, transport, and application layers. Just as there are two types of network service, connection-oriented and con- nectionless, there are also two types of transport service. The connection-oriented transport service is similar to the connection-oriented network service in many ways. In both cases, connections have three phases: establishment, data transfer, and release. Addressing and flow control are also similar in both layers. Fur- thermore, the connectionless transport service is also very similar to the con- nectionless network service. However, note that it can be difficult to provide a connectionless transport service on top of a connection-oriented network service, since it is inefficient to set up a connection to send a single packet and then tear it down immediately afterwards. The obvious question is this: if the transport layer service is so similar to the network layer service, why are there two distinct layers? Why is one layer not SEC. 6.1 THE TRANSPORT SERVICE 497 adequate? The answer is subtle, but crucial. The transport code runs entirely on the users’ machines, but the network layer mostly runs on the routers, which are operated by the carrier (at least for a wide area network). What happens if the network layer offers inadequate service? What if it frequently loses packets? What happens if routers crash from time to time? Problems occur, that’s what. The users have no real control over the network layer, so they cannot solve the problem of poor service by using better routers or putting more error handling in the data link layer because they don’t own the rout- ers. The only possibility is to put on top of the network layer another layer that improves the quality of the service. If, in a connectionless network, packets are lost or mangled, the transport entity can detect the problem and compensate for it by using retransmissions. If, in a connection-oriented network, a transport entity is informed halfway through a long transmission that its network connection has been abruptly terminated, with no indication of what has happened to the data cur- rently in transit, it can set up a new network connection to the remote transport entity. Using this new network connection, it can send a query to its peer asking which data arrived and which did not, and knowing where it was, pick up from where it left off. In essence, the existence of the transport layer makes it possible for the tran- sport service to be more reliable than the underlying network. Furthermore, the transport primitives can be implemented as calls to library procedures to make them independent of the network primitives. The network service calls may vary considerably from one network to another (e.g., calls based on a connectionless Ethernet may be quite different from calls on a connection-oriented WiMAX net- work). Hiding the network service behind a set of transport service primitives ensures that changing the network merely requires replacing one set of library procedures with another one that does the same thing with a different underlying service. Thanks to the transport layer, application programmers can write code accord- ing to a standard set of primitives and have these programs work on a wide variety of networks, without having to worry about dealing with different network inter- faces and levels of reliability. If all real networks were flawless and all had the same service primitives and were guaranteed never, ever to change, the transport layer might not be needed. However, in the real world it fulfills the key function of isolating the upper layers from the technology, design, and imperfections of the network. For this reason, many people have made a qualitative distinction between lay- ers 1 through 4 on the one hand and layer(s) above 4 on the other. The bottom four layers can be seen as the transport service provider, whereas the upper layer(s) are the transport service user. This distinction of provider versus user has a considerable impact on the design of the layers and puts the transport layer in a key position, since it forms the major boundary between the provider and user of the reliable data transmission service. It is the level that applications see. 498 THE TRANSPORT LAYER CHAP. 6 6.1.2 Transport Service Primitives To allow users to access the transport service, the transport layer must provide some operations to application programs, that is, a transport service interface. Each transport service has its own interface. In this section, we will first examine a simple (hypothetical) transport service and its interface to see the bare essen- tials. In the following section, we will look at a real example. The transport service is similar to the network service, but there are also some important differences. The main difference is that the network service is intended to model the service offered by real networks, warts and all. Real networks can lose packets, so the network service is generally unreliable. The connection-oriented transport service, in contrast, is reliable. Of course, real networks are not error-free, but that is precisely the purpose of the transport layer—to provide a reliable service on top of an unreliable network. As an example, consider two processes on a single machine connected by a pipe in UNIX (or any other interprocess communication facility). They assume the connection between them is 100% perfect. They do not want to know about acknowledgements, lost packets, congestion, or anything at all like that. What they want is a 100% reliable connection. Process A puts data into one end of the pipe, and process B takes it out of the other. This is what the connection-oriented transport service is all about—hiding the imperfections of the network service so that user processes can just assume the existence of an error-free bit stream even when they are on different machines. As an aside, the transport layer can also provide unreliable (datagram) ser- vice. However, there is relatively little to say about that besides ‘‘it’s datagrams,’’ so we will mainly concentrate on the connection-oriented transport service in this chapter. Nevertheless, there are some applications, such as client-server comput- ing and streaming multimedia, that build on a connectionless transport service, and we will say a little bit about that later on. A second difference between the network service and transport service is whom the services are intended for. The network service is used only by the tran- sport entities. Few users write their own transport entities, and thus few users or programs ever see the bare network service. In contrast, many programs (and thus programmers) see the transport primitives. Consequently, the transport service must be convenient and easy to use. To get an idea of what a transport service might be like, consider the five primitives listed in Fig. 6-2. This transport interface is truly bare bones, but it gives the essential flavor of what a connection-oriented transport interface has to do. It allows application programs to establish, use, and then release connections, which is sufficient for many applications. To see how these primitives might be used, consider an application with a ser- ver and a number of remote clients. To start with, the server executes a LISTEN primitive, typically by calling a library procedure that makes a system call that SEC. 6.1 THE TRANSPORT SERVICE 499 Primitive Packet sent Meaning LISTEN (none) Block until some process tries to connect CONNECT CONNECTION REQ. Actively attempt to establish a connection SEND DATA Send information RECEIVE (none) Block until a DATA packet arrives DISCONNECT DISCONNECTION REQ. Request a release of the connection Figure 6-2. The primitives for a simple transport service. blocks the server until a client turns up. When a client wants to talk to the server, it executes a CONNECT primitive. The transport entity carries out this primitive by blocking the caller and sending a packet to the server. Encapsulated in the pay- load of this packet is a transport layer message for the server’s transport entity. A quick note on terminology is now in order. For lack of a better term, we will use the term segment for messages sent from transport entity to transport en- tity. TCP, UDP and other Internet protocols use this term. Some older protocols used the ungainly name TPDU (Transport Protocol Data Unit). That term is not used much any more now but you may see it in older papers and books. Thus, segments (exchanged by the transport layer) are contained in packets (exchanged by the network layer). In turn, these packets are contained in frames (exchanged by the data link layer). When a frame arrives, the data link layer processes the frame header and, if the destination address matches for local deliv- ery, passes the contents of the frame payload field up to the network entity. The network entity similarly processes the packet header and then passes the contents of the packet payload up to the transport entity. This nesting is illustrated in Fig. 6-3. Frame header Packet header Segment header Segment payload Frame payload Packet payload Figure 6-3. Nesting of segments, packets, and frames. Getting back to our client-server example, the client’s CONNECT call causes a CONNECTION REQUEST segment to be sent to the server. When it arrives, the 500 THE TRANSPORT LAYER CHAP. 6 transport entity checks to see that the server is blocked on a LISTEN (i.e., is inter- ested in handling requests). If so, it then unblocks the server and sends a CON- NECTION ACCEPTED segment back to the client. When this segment arrives, the client is unblocked and the connection is established. Data can now be exchanged using the SEND and RECEIVE primitives. In the simplest form, either party can do a (blocking) RECEIVE to wait for the other party to do a SEND. When the segment arrives, the receiver is unblocked. It can then process the segment and send a reply. As long as both sides can keep track of whose turn it is to send, this scheme works fine. Note that in the transport layer, even a simple unidirectional data exchange is more complicated than at the network layer. Every data packet sent will also be acknowledged (eventually). The packets bearing control segments are also acknowledged, implicitly or explicitly. These acknowledgements are managed by the transport entities, using the network layer protocol, and are not visible to the transport users. Similarly, the transport entities need to worry about timers and retransmissions. None of this machinery is visible to the transport users. To the transport users, a connection is a reliable bit pipe: one user stuffs bits in and they magically appear in the same order at the other end. This ability to hide com- plexity is the reason that layered protocols are such a powerful tool. When a connection is no longer needed, it must be released to free up table space within the two transport entities. Disconnection has two variants: asymmet- ric and symmetric. In the asymmetric variant, either transport user can issue a DISCONNECT primitive, which results in a DISCONNECT segment being sent to the remote transport entity. Upon its arrival, the connection is released. In the symmetric variant, each direction is closed separately, independently of the other one. When one side does a DISCONNECT, that means it has no more data to send but it is still willing to accept data from its partner. In this model, a con- nection is released when both sides have done a DISCONNECT. A state diagram for connection establishment and release for these simple primitives is given in Fig. 6-4. Each transition is triggered by some event, either a primitive executed by the local transport user or an incoming packet. For simpli- city, we assume here that each segment is separately acknowledged. We also as- sume that a symmetric disconnection model is used, with the client going first. Please note that this model is quite unsophisticated. We will look at more realis- tic models later on when we describe how TCP works. 6.1.3 Berkeley Sockets Let us now briefly inspect another set of transport primitives, the socket prim- itives as they are used for TCP. Sockets were first released as part of the Berke- ley UNIX 4.2BSD software distribution in 1983. They quickly became popular. The primitives are now widely used for Internet programming on many operating SEC. 6.1 THE TRANSPORT SERVICE 501 ACTIVE ESTABLISHMENT PENDING PASSIVE ESTABLISHMENT PENDING PASSIVE DISCONNECT PENDING ACTIVE DISCONNECT PENDING IDLE IDLE ESTABLISHED Disconnection request segment received Disconnect primitive executed Disconnect primitive executed Disconnection request segment received Connection request segment received Connection accepted segment received Connect primitive executed Connect primitive executed Figure 6-4. A state diagram for a simple connection management scheme. Transitions labeled in italics are caused by packet arrivals. The solid lines show the client’s state sequence. The dashed lines show the server’s state sequence. systems, especially UNIX-based systems, and there is a socket-style API for Win- dows called ‘‘winsock.’’ The primitives are listed in Fig. 6-5. Roughly speaking, they follow the mo- del of our first example but offer more features and flexibility. We will not look at the corresponding segments here. That discussion will come later. Primitive Meaning SOCKET Create a new communication endpoint BIND Associate a local address with a socket LISTEN Announce willingness to accept connections; give queue size ACCEPT Passively establish an incoming connection CONNECT Actively attempt to establish a connection SEND Send some data over the connection RECEIVE Receive some data from the connection CLOSE Release the connection Figure 6-5. The socket primitives for TCP. 502 THE TRANSPORT LAYER CHAP. 6 The first four primitives in the list are executed in that order by servers. The SOCKET primitive creates a new endpoint and allocates table space for it within the transport entity. The parameters of the call specify the addressing format to be used, the type of service desired (e.g., reliable byte stream), and the protocol. A successful SOCKET call returns an ordinary file descriptor for use in succeeding calls, the same way an OPEN call on a file does. Newly created sockets do not have network addresses. These are assigned using the BIND primitive. Once a server has bound an address to a socket, remote clients can connect to it. The reason for not having the SOCKET call create an ad- dress directly is that some processes care about their addresses (e.g., they have been using the same address for years and everyone knows this address), whereas others do not. Next comes the LISTEN call, which allocates space to queue incoming calls for the case that several clients try to connect at the same time. In contrast to LISTEN in our first example, in the socket model LISTEN is not a blocking call. To block waiting for an incoming connection, the server executes an ACCEPT primitive. When a segment asking for a connection arrives, the transport entity creates a new socket with the same properties as the original one and returns a file descriptor for it. The server can then fork off a process or thread to handle the connection on the new socket and go back to waiting for the next connection on the original socket. ACCEPT returns a file descriptor, which can be used for read- ing and writing in the standard way, the same as for files. Now let us look at the client side. Here, too, a socket must first be created using the SOCKET primitive, but BIND is not required since the address used does not matter to the server. The CONNECT primitive blocks the caller and actively starts the connection process. When it completes (i.e., when the appropriate seg- ment is received from the server), the client process is unblocked and the con- nection is established. Both sides can now use SEND and RECEIVE to transmit and receive data over the full-duplex connection. The standard UNIX READ and WRITE system calls can also be used if none of the special options of SEND and RECEIVE are required. Connection release with sockets is symmetric. When both sides have exe- cuted a CLOSE primitive, the connection is released. Sockets have proved tremendously popular and are the de facto standard for abstracting transport services to applications. The socket API is often used with the TCP protocol to provide a connection-oriented service called a reliable byte stream, which is simply the reliable bit pipe that we described. However, other protocols could be used to implement this service using the same API. It should all be the same to the transport service users. A strength of the socket API is that is can be used by an application for other transport services. For instance, sockets can be used with a connectionless tran- sport service. In this case, CONNECT sets the address of the remote transport peer and SEND and RECEIVE send and receive datagrams to and from the remote peer. SEC. 6.1 THE TRANSPORT SERVICE 503 (It is also common to use an expanded set of calls, for example, SENDTO and RECEIVEFROM, that emphasize messages and do not limit an application to a sin- gle transport peer.) Sockets can also be used with transport protocols that provide a message stream rather than a byte stream and that do or do not have congestion control. For example, DCCP (Datagram Congestion Controlled Protocol) is a version of UDP with congestion control (Kohler et al., 2006). It is up to the tran- sport users to understand what service they are getting. However, sockets are not likely to be the final word on transport interfaces. For example, applications often work with a group of related streams, such as a Web browser that requests several objects from the same server. With sockets, the most natural fit is for application programs to use one stream per object. This structure means that congestion control is applied separately for each stream, not across the group, which is suboptimal. It punts to the application the burden of managing the set. Newer protocols and interfaces have been devised that support groups of related streams more effectively and simply for the application. Two examples are SCTP (Stream Control Transmission Protocol) defined in RFC 4960 and SST (Structured Stream Transport) (Ford, 2007). These protocols must change the socket API slightly to get the benefits of groups of related streams, and they also support features such as a mix of connection-oriented and connectionless traffic and even multiple network paths. Time will tell if they are successful. 6.1.4 An Example of Socket Programming: An Internet File Server As an example of the nitty-gritty of how real socket calls are made, consider the client and server code of Fig. 6-6. Here we have a very primitive Internet file server along with an example client that uses it. The code has many limitations (discussed below), but in principle the server code can be compiled and run on any UNIX system connected to the Internet. The client code can be compiled and run on any other UNIX machine on the Internet, anywhere in the world. The cli- ent code can be executed with appropriate parameters to fetch any file to which the server has access on its machine. The file is written to standard output, which, of course, can be redirected to a file or pipe. Let us look at the server code first. It starts out by including some standard headers, the last three of which contain the main Internet-related definitions and data structures. Next comes a definition of SERVER PORT as 12345. This num- ber was chosen arbitrarily. Any number between 1024 and 65535 will work just as well, as long as it is not in use by some other process; ports below 1023 are re- served for privileged users. The next two lines in the server define two constants needed. The first one determines the chunk size in bytes used for the file transfer. The second one de- termines how many pending connections can be held before additional ones are discarded upon arrival. 504 THE TRANSPORT LAYER CHAP. 6 /* This page contains a client program that can request a file from the server program * on the next page. The server responds by sending the whole file. */ #include
#include
#include
#include
#define SERVER PORT 12345 /* arbitrary, but client & server must agree */
#define BUF SIZE 4096 /* block transfer size */
int main(int argc, char **argv)
{
int c, s, bytes;
char buf[BUF SIZE]; /* buffer for incoming file */
struct hostent *h; /* info about server */
struct sockaddr in channel; /* holds IP address */
if (argc != 3) fatal(“Usage: client server-name file-name”);
h = gethostbyname(argv[1]); /* look up host’s IP address */
if (!h) fatal(“gethostbyname failed”);
s = socket(PF INET, SOCK STREAM, IPPROTO TCP);
if (s <0) fatal("socket"); memset(&channel, 0, sizeof(channel)); channel.sin family= AF INET; memcpy(&channel.sin addr.s addr, h->h addr, h->h length);
channel.sin port= htons(SERVER PORT);
c = connect(s, (struct sockaddr *) &channel, sizeof(channel));
if (c < 0) fatal("connect failed"); /* Connection is now established. Send file name including 0 byte at end. */ write(s, argv[2], strlen(argv[2])+1); /* Go get the file and write it to standard output. */ while (1) { bytes = read(s, buf, BUF SIZE); /* read from socket */ if (bytes <= 0) exit(0); /* check for end of file */ write(1, buf, bytes); /* write to standard output */ } } fatal(char *string) { printf("%s\n", string); exit(1); } Figure 6-6. Client code using sockets. The server code is on the next page. SEC. 6.1 THE TRANSPORT SERVICE 505 #include /* This is the server code */
#include
#include
#include
#include
#define SERVER PORT 12345 /* arbitrary, but client & server must agree */
#define BUF SIZE 4096 /* block transfer size */
#define QUEUE SIZE 10
int main(int argc, char *argv[])
{
int s, b, l, fd, sa, bytes, on = 1;
char buf[BUF SIZE]; /* buffer for outgoing file */
struct sockaddr in channel; /* holds IP address */
/* Build address structure to bind to socket. */
memset(&channel, 0, sizeof(channel)); /* zero channel */
channel.sin family = AF INET;
channel.sin addr.s addr = htonl(INADDR ANY);
channel.sin port = htons(SERVER PORT);
/* Passive open. Wait for connection. */
s = socket(AF INET, SOCK STREAM, IPPROTO TCP); /* create socket */
if (s < 0) fatal("socket failed"); setsockopt(s, SOL SOCKET, SO REUSEADDR, (char *) &on, sizeof(on)); b = bind(s, (struct sockaddr *) &channel, sizeof(channel)); if (b < 0) fatal("bind failed"); l = listen(s, QUEUE SIZE); /* specify queue size */ if (l < 0) fatal("listen failed"); /* Socket is now set up and bound. Wait for connection and process it. */ while (1) { sa = accept(s, 0, 0); /* block for connection request */ if (sa < 0) fatal("accept failed"); read(sa, buf, BUF SIZE); /* read file name from socket */ /* Get and return the file. */ fd = open(buf, O RDONLY); /* open the file to be sent back */ if (fd < 0) fatal("open failed"); while (1) { bytes = read(fd, buf, BUF SIZE); /* read from file */ if (bytes <= 0) break; /* check for end of file */ write(sa, buf, bytes); /* write bytes to socket */ } close(fd); /* close file */ close(sa); /* close connection */ } } 506 THE TRANSPORT LAYER CHAP. 6 After the declarations of local variables, the server code begins. It starts out by initializing a data structure that will hold the server’s IP address. This data structure will soon be bound to the server’s socket. The call to memset sets the data structure to all 0s. The three assignments following it fill in three of its fields. The last of these contains the server’s port. The functions htonl and htons have to do with converting values to a standard format so the code runs correctly on both little-endian machines (e.g., Intel x86) and big-endian machines (e.g., the SPARC). Their exact semantics are not relevant here. Next, the server creates a socket and checks for errors (indicated by s < 0). In a production version of the code, the error message could be a trifle more explana- tory. The call to setsockopt is needed to allow the port to be reused so the server can run indefinitely, fielding request after request. Now the IP address is bound to the socket and a check is made to see if the call to bind succeeded. The final step in the initialization is the call to listen to announce the server’s willingness to ac- cept incoming calls and tell the system to hold up to QUEUE SIZE of them in case new requests arrive while the server is still processing the current one. If the queue is full and additional requests arrive, they are quietly discarded. At this point, the server enters its main loop, which it never leaves. The only way to stop it is to kill it from outside. The call to accept blocks the server until some client tries to establish a connection with it. If the accept call succeeds, it returns a socket descriptor that can be used for reading and writing, analogous to how file descriptors can be used to read from and write to pipes. However, unlike pipes, which are unidirectional, sockets are bidirectional, so sa (the accepted socket) can be used for reading from the connection and also for writing to it. A pipe file descriptor is for reading or writing but not both. After the connection is established, the server reads the file name from it. If the name is not yet available, the server blocks waiting for it. After getting the file name, the server opens the file and enters a loop that alternately reads blocks from the file and writes them to the socket until the entire file has been copied. Then the server closes the file and the connection and waits for the next con- nection to show up. It repeats this loop forever. Now let us look at the client code. To understand how it works, it is neces- sary to understand how it is invoked. Assuming it is called client, a typical call is client flits.cs.vu.nl /usr/tom/filename >f
This call only works if the server is already running on flits.cs.vu.nl and the file
/usr/tom/filename exists and the server has read access to it. If the call is suc-
cessful, the file is transferred over the Internet and written to f, after which the cli-
ent program exits. Since the server continues after a transfer, the client can be
started again and again to get other files.
The client code starts with some includes and declarations. Execution begins
by checking to see if it has been called with the right number of arguments (argc
= 3 means the program name plus two arguments). Note that argv [1] contains the

SEC. 6.1 THE TRANSPORT SERVICE 507
name of the server (e.g., flits.cs.vu.nl) and is converted to an IP address by
gethostbyname. This function uses DNS to look up the name. We will study DNS
in Chap. 7.
Next, a socket is created and initialized. After that, the client attempts to es-
tablish a TCP connection to the server, using connect. If the server is up and run-
ning on the named machine and attached to SERVER PORT and is either idle or
has room in its listen queue, the connection will (eventually) be established.
Using the connection, the client sends the name of the file by writing on the
socket. The number of bytes sent is one larger than the name proper, since the 0
byte terminating the name must also be sent to tell the server where the name
ends.
Now the client enters a loop, reading the file block by block from the socket
and copying it to standard output. When it is done, it just exits.
The procedure fatal prints an error message and exits. The server needs the
same procedure, but it was omitted due to lack of space on the page. Since the
client and server are compiled separately and normally run on different com-
puters, they cannot share the code of fatal.
These two programs (as well as other material related to this book) can be
fetched from the book’s Web site
http://www.pearsonhighered.com/tanenbaum
Just for the record, this server is not the last word in serverdom. Its error
checking is meager and its error reporting is mediocre. Since it handles all re-
quests strictly sequentially (because it has only a single thread), its performance is
poor. It has clearly never heard about security, and using bare UNIX system calls
is not the way to gain platform independence. It also makes some assumptions
that are technically illegal, such as assuming that the file name fits in the buffer
and is transmitted atomically. These shortcomings notwithstanding, it is a work-
ing Internet file server. In the exercises, the reader is invited to improve it. For
more information about programming with sockets, see Donahoo and Calvert
(2008, 2009).
6.2 ELEMENTS OF TRANSPORT PROTOCOLS
The transport service is implemented by a transport protocol used between
the two transport entities. In some ways, transport protocols resemble the data
link protocols we studied in detail in Chap. 3. Both have to deal with error con-
trol, sequencing, and flow control, among other issues.
However, significant differences between the two also exist. These dif-
ferences are due to major dissimilarities between the environments in which the
two protocols operate, as shown in Fig. 6-7. At the data link layer, two routers

http://www.pearsonhighered.com/tanenbaum

508 THE TRANSPORT LAYER CHAP. 6
communicate directly via a physical channel, whether wired or wireless, whereas
at the transport layer, this physical channel is replaced by the entire network. This
difference has many important implications for the protocols.
Router Router
Physical
communication channel Host
(a) (b)
Network
Figure 6-7. (a) Environment of the data link layer. (b) Environment of the
transport layer.
For one thing, over point-to-point links such as wires or optical fiber, it is
usually not necessary for a router to specify which router it wants to talk to—each
outgoing line leads directly to a particular router. In the transport layer, explicit
addressing of destinations is required.
For another thing, the process of establishing a connection over the wire of
Fig. 6-7(a) is simple: the other end is always there (unless it has crashed, in which
case it is not there). Either way, there is not much to do. Even on wireless links,
the process is not much different. Just sending a message is sufficient to have it
reach all other destinations. If the message is not acknowledged due to an error, it
can be resent. In the transport layer, initial connection establishment is complicat-
ed, as we will see.
Another (exceedingly annoying) difference between the data link layer and
the transport layer is the potential existence of storage capacity in the network.
When a router sends a packet over a link, it may arrive or be lost, but it cannot
bounce around for a while, go into hiding in a far corner of the world, and sudden-
ly emerge after other packets that were sent much later. If the network uses data-
grams, which are independently routed inside, there is a nonnegligible probability
that a packet may take the scenic route and arrive late and out of the expected
order, or even that duplicates of the packet will arrive. The consequences of the
network’s ability to delay and duplicate packets can sometimes be disastrous and
can require the use of special protocols to correctly transport information.
A final difference between the data link and transport layers is one of degree
rather than of kind. Buffering and flow control are needed in both layers, but the
presence in the transport layer of a large and varying number of connections with
bandwidth that fluctuates as the connections compete with each other may require
a different approach than we used in the data link layer. Some of the protocols
discussed in Chap. 3 allocate a fixed number of buffers to each line, so that when
a frame arrives a buffer is always available. In the transport layer, the larger num-
ber of connections that must be managed and variations in the bandwidth each

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 509
connection may receive make the idea of dedicating many buffers to each one less
attractive. In the following sections, we will examine all of these important is-
sues, and others.
6.2.1 Addressing
When an application (e.g., a user) process wishes to set up a connection to a
remote application process, it must specify which one to connect to. (Con-
nectionless transport has the same problem: to whom should each message be
sent?) The method normally used is to define transport addresses to which proc-
esses can listen for connection requests. In the Internet, these endpoints are called
ports. We will use the generic term TSAP (Transport Service Access Point) to
mean a specific endpoint in the transport layer. The analogous endpoints in the
network layer (i.e., network layer addresses) are not-surprisingly called NSAPs
(Network Service Access Points). IP addresses are examples of NSAPs.
Figure 6-8 illustrates the relationship between the NSAPs, the TSAPs, and a
transport connection. Application processes, both clients and servers, can attach
themselves to a local TSAP to establish a connection to a remote TSAP. These
connections run through NSAPs on each host, as shown. The purpose of having
TSAPs is that in some networks, each computer has a single NSAP, so some way
is needed to distinguish multiple transport endpoints that share that NSAP.
Application
process
Application
layer
Transport
connection
TSAP 1522
TSAP 1208
NSAP
NSAP
Transport
layer
Network
layer
Data link
layer
Physical
layer
Server 1
Host 1 Host 2
Server 2
TSAP1836
Figure 6-8. TSAPs, NSAPs, and transport connections.

510 THE TRANSPORT LAYER CHAP. 6
A possible scenario for a transport connection is as follows:
1. A mail server process attaches itself to TSAP 1522 on host 2 to wait
for an incoming call. How a process attaches itself to a TSAP is out-
side the networking model and depends entirely on the local operat-
ing system. A call such as our LISTEN might be used, for example.
2. An application process on host 1 wants to send an email message, so
it attaches itself to TSAP 1208 and issues a CONNECT request. The
request specifies TSAP 1208 on host 1 as the source and TSAP 1522
on host 2 as the destination. This action ultimately results in a tran-
sport connection being established between the application process
and the server.
3. The application process sends over the mail message.
4. The mail server responds to say that it will deliver the message.
5. The transport connection is released.
Note that there may well be other servers on host 2 that are attached to other
TSAPs and are waiting for incoming connections that arrive over the same NSAP.
The picture painted above is fine, except we have swept one little problem
under the rug: how does the user process on host 1 know that the mail server is at-
tached to TSAP 1522? One possibility is that the mail server has been attaching
itself to TSAP 1522 for years and gradually all the network users have learned
this. In this model, services have stable TSAP addresses that are listed in files in
well-known places. For example, the /etc/services file on UNIX systems lists
which servers are permanently attached to which ports, including the fact that the
mail server is found on TCP port 25.
While stable TSAP addresses work for a small number of key services that
never change (e.g., the Web server), user processes, in general, often want to talk
to other user processes that do not have TSAP addresses that are known in ad-
vance, or that may exist for only a short time.
To handle this situation, an alternative scheme can be used. In this scheme,
there exists a special process called a portmapper. To find the TSAP address
corresponding to a given service name, such as ‘‘BitTorrent,’’ a user sets up a con-
nection to the portmapper (which listens to a well-known TSAP). The user then
sends a message specifying the service name, and the portmapper sends back the
TSAP address. Then the user releases the connection with the portmapper and es-
tablishes a new one with the desired service.
In this model, when a new service is created, it must register itself with the
portmapper, giving both its service name (typically, an ASCII string) and its
TSAP. The portmapper records this information in its internal database so that
when queries come in later, it will know the answers.

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 511
The function of the portmapper is analogous to that of a directory assistance
operator in the telephone system—it provides a mapping of names onto numbers.
Just as in the telephone system, it is essential that the address of the well-known
TSAP used by the portmapper is indeed well known. If you do not know the
number of the information operator, you cannot call the information operator to
find it out. If you think the number you dial for information is obvious, try it in a
foreign country sometime.
Many of the server processes that can exist on a machine will be used only
rarely. It is wasteful to have each of them active and listening to a stable TSAP
address all day long. An alternative scheme is shown in Fig. 6-9 in a simplified
form. It is known as the initial connection protocol. Instead of every conceiv-
able server listening at a well-known TSAP, each machine that wishes to offer
services to remote users has a special process server that acts as a proxy for less
heavily used servers. This server is called inetd on UNIX systems. It listens to a
set of ports at the same time, waiting for a connection request. Potential users of a
service begin by doing a CONNECT request, specifying the TSAP address of the
service they want. If no server is waiting for them, they get a connection to the
process server, as shown in Fig. 6-9(a).
Layer
4
TSAP
Mail
server
(a) (b)
Host 1 Host 2 Host 1 Host 2
Process
server
User ProcessserverUser
Figure 6-9. How a user process in host 1 establishes a connection with a mail
server in host 2 via a process server.
After it gets the incoming request, the process server spawns the requested
server, allowing it to inherit the existing connection with the user. The new server

512 THE TRANSPORT LAYER CHAP. 6
does the requested work, while the process server goes back to listening for new
requests, as shown in Fig. 6-9(b). This method is only applicable when servers
can be created on demand.
6.2.2 Connection Establishment
Establishing a connection sounds easy, but it is actually surprisingly tricky.
At first glance, it would seem sufficient for one transport entity to just send a
CONNECTION REQUEST segment to the destination and wait for a CONNECTION
ACCEPTED reply. The problem occurs when the network can lose, delay, corrupt,
and duplicate packets. This behavior causes serious complications.
Imagine a network that is so congested that acknowledgements hardly ever
get back in time and each packet times out and is retransmitted two or three times.
Suppose that the network uses datagrams inside and that every packet follows a
different route. Some of the packets might get stuck in a traffic jam inside the
network and take a long time to arrive. That is, they may be delayed in the net-
work and pop out much later, when the sender thought that they had been lost.
The worst possible nightmare is as follows. A user establishes a connection
with a bank, sends messages telling the bank to transfer a large amount of money
to the account of a not-entirely-trustworthy person. Unfortunately, the packets de-
cide to take the scenic route to the destination and go off exploring a remote
corner of the network. The sender then times out and sends them all again. This
time the packets take the shortest route and are delivered quickly so the sender re-
leases the connection.
Unfortunately, eventually the initial batch of packets finally come out of hid-
ing and arrive at the destination in order, asking the bank to establish a new con-
nection and transfer money (again). The bank has no way of telling that these are
duplicates. It must assume that this is a second, independent transaction, and
transfers the money again.
This scenario may sound unlikely, or even implausible but the point is this:
protocols must be designed to be correct in all cases. Only the common cases need
be implemented efficiently to obtain good network performance, but the protocol
must be able to cope with the uncommon cases without breaking. If it cannot, we
have built a fair-weather network that can fail without warning when the condi-
tions get tough.
For the remainder of this section, we will study the problem of delayed dupli-
cates, with emphasis on algorithms for establishing connections in a reliable way,
so that nightmares like the one above cannot happen. The crux of the problem is
that the delayed duplicates are thought to be new packets. We cannot prevent
packets from being duplicated and delayed. But if and when this happens, the
packets must be rejected as duplicates and not processed as fresh packets.
The problem can be attacked in various ways, none of them very satisfactory.
One way is to use throwaway transport addresses. In this approach, each time a

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 513
transport address is needed, a new one is generated. When a connection is re-
leased, the address is discarded and never used again. Delayed duplicate packets
then never find their way to a transport process and can do no damage. However,
this approach makes it more difficult to connect with a process in the first place.
Another possibility is to give each connection a unique identifier (i.e., a se-
quence number incremented for each connection established) chosen by the ini-
tiating party and put in each segment, including the one requesting the connection.
After each connection is released, each transport entity can update a table listing
obsolete connections as (peer transport entity, connection identifier) pairs. When-
ever a connection request comes in, it can be checked against the table to see if it
belongs to a previously released connection.
Unfortunately, this scheme has a basic flaw: it requires each transport entity to
maintain a certain amount of history information indefinitely. This history must
persist at both the source and destination machines. Otherwise, if a machine
crashes and loses its memory, it will no longer know which connection identifiers
have already been used by its peers.
Instead, we need to take a different tack to simplify the problem. Rather than
allowing packets to live forever within the network, we devise a mechanism to
kill off aged packets that are still hobbling about. With this restriction, the prob-
lem becomes somewhat more manageable.
Packet lifetime can be restricted to a known maximum using one (or more) of
the following techniques:
1. Restricted network design.
2. Putting a hop counter in each packet.
3. Timestamping each packet.
The first technique includes any method that prevents packets from looping, com-
bined with some way of bounding delay including congestion over the (now
known) longest possible path. It is difficult, given that internets may range from a
single city to international in scope. The second method consists of having the
hop count initialized to some appropriate value and decremented each time the
packet is forwarded. The network protocol simply discards any packet whose hop
counter becomes zero. The third method requires each packet to bear the time it
was created, with the routers agreeing to discard any packet older than some
agreed-upon time. This latter method requires the router clocks to be synchron-
ized, which itself is a nontrivial task, and in practice a hop counter is a close
enough approximation to age.
In practice, we will need to guarantee not only that a packet is dead, but also
that all acknowledgements to it are dead, too, so we will now introduce a period
T, which is some small multiple of the true maximum packet lifetime. The maxi-
mum packet lifetime is a conservative constant for a network; for the Internet, it is
somewhat arbitrarily taken to be 120 seconds. The multiple is protocol dependent

514 THE TRANSPORT LAYER CHAP. 6
and simply has the effect of making T longer. If we wait a time T secs after a
packet has been sent, we can be sure that all traces of it are now gone and that nei-
ther it nor its acknowledgements will suddenly appear out of the blue to compli-
cate matters.
With packet lifetimes bounded, it is possible to devise a practical and fool-
proof way to reject delayed duplicate segments. The method described below is
due to Tomlinson (1975), as refined by Sunshine and Dalal (1978). Variants of it
are widely used in practice, including in TCP.
The heart of the method is for the source to label segments with sequence
numbers that will not be reused within T secs. The period, T, and the rate of pack-
ets per second determine the size of the sequence numbers. In this way, only one
packet with a given sequence number may be outstanding at any given time. Dup-
licates of this packet may still occur, and they must be discarded by the destina-
tion. However, it is no longer the case that a delayed duplicate of an old packet
may beat a new packet with the same sequence number and be accepted by the
destination in its stead.
To get around the problem of a machine losing all memory of where it was
after a crash, one possibility is to require transport entities to be idle for T secs
after a recovery. The idle period will let all old segments die off, so the sender can
start again with any sequence number. However, in a complex internetwork, T
may be large, so this strategy is unattractive.
Instead, Tomlinson proposed equipping each host with a time-of-day clock.
The clocks at different hosts need not be synchronized. Each clock is assumed to
take the form of a binary counter that increments itself at uniform intervals. Fur-
thermore, the number of bits in the counter must equal or exceed the number of
bits in the sequence numbers. Last, and most important, the clock is assumed to
continue running even if the host goes down.
When a connection is set up, the low-order k bits of the clock are used as the
k-bit initial sequence number. Thus, unlike our protocols of Chap. 3, each con-
nection starts numbering its segments with a different initial sequence number.
The sequence space should be so large that by the time sequence numbers wrap
around, old segments with the same sequence number are long gone. This linear
relation between time and initial sequence numbers is shown in Fig. 6-10(a). The
forbidden region shows the times for which segment sequence numbers are illegal
leading up to their use. If any segment is sent with a sequence number in this re-
gion, it could be delayed and impersonate a different packet with the same se-
quence number that will be issued slightly later. For example, if the host crashes
and restarts at time 70 seconds, it will use initial sequence numbers based on the
clock to pick up after it left off; the host does not start with a lower sequence
number in the forbidden region.
Once both transport entities have agreed on the initial sequence number, any
sliding window protocol can be used for data flow control. This window protocol
will correctly find and discard duplicates of packets after they have already been

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 515
120
80
70
60
0
30 60 90
Time
(a)
Time
(b)
120 150 1800
S
eq
ue
nc
e
nu
m
be
rs
S
eq
ue
nc
e
nu
m
be
rs
Restart after
crash with 70
TT
Actual sequence
numbers used
2k–1
Fo
rb
id
de
n
re
gi
on
Figure 6-10. (a) Segments may not enter the forbidden region. (b) The resyn-
chronization problem.
accepted. In reality, the initial sequence number curve (shown by the heavy line)
is not linear, but a staircase, since the clock advances in discrete steps. For sim-
plicity, we will ignore this detail.
To keep packet sequence numbers out of the forbidden region, we need to
take care in two respects. We can get into trouble in two distinct ways. If a host
sends too much data too fast on a newly opened connection, the actual sequence
number versus time curve may rise more steeply than the initial sequence number
versus time curve, causing the sequence number to enter the forbidden region. To
prevent this from happening, the maximum data rate on any connection is one
segment per clock tick. This also means that the transport entity must wait until
the clock ticks before opening a new connection after a crash restart, lest the same
number be used twice. Both of these points argue in favor of a short clock tick (1
μsec or less). But the clock cannot tick too fast relative to the sequence number.
For a clock rate of C and a sequence number space of size S, we must have
S/C>T so that the sequence numbers cannot wrap around too quickly.
Entering the forbidden region from underneath by sending too fast is not the
only way to get into trouble. From Fig. 6-10(b), we see that at any data rate less
than the clock rate, the curve of actual sequence numbers used versus time will
eventually run into the forbidden region from the left as the sequence numbers
wrap around. The greater the slope of the actual sequence numbers, the longer
this event will be delayed. Avoiding this situation limits how slowly sequence
numbers can advance on a connection (or how long the connections may last).
The clock-based method solves the problem of not being able to distinguish
delayed duplicate segments from new segments. However, there is a practical
snag for using it for establishing connections. Since we do not normally remember
sequence numbers across connections at the destination, we still have no way of

516 THE TRANSPORT LAYER CHAP. 6
knowing if a CONNECTION REQUEST segment containing an initial sequence
number is a duplicate of a recent connection. This snag does not exist during a
connection because the sliding window protocol does remember the current se-
quence number.
To solve this specific problem, Tomlinson (1975) introduced the three-way
handshake. This establishment protocol involves one peer checking with the
other that the connection request is indeed current. The normal setup procedure
when host 1 initiates is shown in Fig. 6-11(a). Host 1 chooses a sequence number,
x, and sends a CONNECTION REQUEST segment containing it to host 2. Host 2
replies with an ACK segment acknowledging x and announcing its own initial se-
quence number, y. Finally, host 1 acknowledges host 2’s choice of an initial se-
quence number in the first data segment that it sends.
Now let us see how the three-way handshake works in the presence of delayed
duplicate control segments. In Fig. 6-11(b), the first segment is a delayed dupli-
cate CONNECTION REQUEST from an old connection. This segment arrives at
host 2 without host 1’s knowledge. Host 2 reacts to this segment by sending host
1 an ACK segment, in effect asking for verification that host 1 was indeed trying
to set up a new connection. When host 1 rejects host 2’s attempt to establish a
connection, host 2 realizes that it was tricked by a delayed duplicate and abandons
the connection. In this way, a delayed duplicate does no damage.
The worst case is when both a delayed CONNECTION REQUEST and an ACK
are floating around in the subnet. This case is shown in Fig. 6-11(c). As in the
previous example, host 2 gets a delayed CONNECTION REQUEST and replies to
it. At this point, it is crucial to realize that host 2 has proposed using y as the ini-
tial sequence number for host 2 to host 1 traffic, knowing full well that no seg-
ments containing sequence number y or acknowledgements to y are still in exist-
ence. When the second delayed segment arrives at host 2, the fact that z has been
acknowledged rather than y tells host 2 that this, too, is an old duplicate. The im-
portant thing to realize here is that there is no combination of old segments that
can cause the protocol to fail and have a connection set up by accident when no
one wants it.
TCP uses this three-way handshake to establish connections. Within a con-
nection, a timestamp is used to extend the 32-bit sequence number so that it will
not wrap within the maximum packet lifetime, even for gigabit-per-second con-
nections. This mechanism is a fix to TCP that was needed as it was used on faster
and faster links. It is described in RFC 1323 and called PAWS (Protection
Against Wrapped Sequence numbers). Across connections, for the initial se-
quence numbers and before PAWS can come into play, TCP originally used the
clock-based scheme just described. However, this turned out to have a security
vulnerability. The clock made it easy for an attacker to predict the next initial se-
quence number and send packets that tricked the three-way handshake and estab-
lished a forged connection. To close this hole, pseudorandom initial sequence
numbers are used for connections in practice. However, it remains important that

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 517
T
im
e
T
im
e
T
im
e
DATA (seq = x, ACK = y)
ACK
(seq
= y,
ACK
= x)
CR (seq = x)
Host 1 Host 2
REJECT (ACK = y)
DATA (seq = x,ACK = z)
ACK
(seq
= y,
ACK
= x)
CR (seq = x)
Host 1 Host 2
REJECT (ACK = y)
ACK
(seq
= y,
ACK
= x)
CR (seq = x)
Host 1 Host 2
Old duplicate
Old duplicate
Old duplicate
(a) (b)
(c)
Figure 6-11. Three protocol scenarios for establishing a connection using a
three-way handshake. CR denotes CONNECTION REQUEST. (a) Normal opera-
tion. (b) Old duplicate CONNECTION REQUEST appearing out of nowhere.
(c) Duplicate CONNECTION REQUEST and duplicate ACK.
the initial sequence numbers not repeat for an interval even though they appear
random to an observer. Otherwise, delayed duplicates can wreak havoc.
6.2.3 Connection Release
Releasing a connection is easier than establishing one. Nevertheless, there are
more pitfalls than one might expect here. As we mentioned earlier, there are two
styles of terminating a connection: asymmetric release and symmetric release.

518 THE TRANSPORT LAYER CHAP. 6
Asymmetric release is the way the telephone system works: when one party hangs
up, the connection is broken. Symmetric release treats the connection as two sep-
arate unidirectional connections and requires each one to be released separately.
Asymmetric release is abrupt and may result in data loss. Consider the scen-
ario of Fig. 6-12. After the connection is established, host 1 sends a segment that
arrives properly at host 2. Then host 1 sends another segment. Unfortunately,
host 2 issues a DISCONNECT before the second segment arrives. The result is that
the connection is released and data are lost.
T
im
e
CR
DATA
DATA
Host 1 Host 2
ACK
DR
No data are
delivered after
a disconnect
request
Figure 6-12. Abrupt disconnection with loss of data.
Clearly, a more sophisticated release protocol is needed to avoid data loss.
One way is to use symmetric release, in which each direction is released indepen-
dently of the other one. Here, a host can continue to receive data even after it has
sent a DISCONNECT segment.
Symmetric release does the job when each process has a fixed amount of data
to send and clearly knows when it has sent it. In other situations, determining that
all the work has been done and the connection should be terminated is not so ob-
vious. One can envision a protocol in which host 1 says ‘‘I am done. Are you
done too?’’ If host 2 responds: ‘‘I am done too. Goodbye, the connection can be
safely released.’’
Unfortunately, this protocol does not always work. There is a famous prob-
lem that illustrates this issue. It is called the two-army problem. Imagine that a
white army is encamped in a valley, as shown in Fig. 6-13. On both of the sur-
rounding hillsides are blue armies. The white army is larger than either of the
blue armies alone, but together the blue armies are larger than the white army. If
either blue army attacks by itself, it will be defeated, but if the two blue armies at-
tack simultaneously, they will be victorious.
The blue armies want to synchronize their attacks. However, their only com-
munication medium is to send messengers on foot down into the valley, where

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 519
W
BB
White army
Blue
army
#1
Blue
army
#2
Figure 6-13. The two-army problem.
they might be captured and the message lost (i.e., they have to use an unreliable
communication channel). The question is: does a protocol exist that allows the
blue armies to win?
Suppose that the commander of blue army #1 sends a message reading: ‘‘I
propose we attack at dawn on March 29. How about it?’’ Now suppose that the
message arrives, the commander of blue army #2 agrees, and his reply gets safely
back to blue army #1. Will the attack happen? Probably not, because commander
#2 does not know if his reply got through. If it did not, blue army #1 will not at-
tack, so it would be foolish for him to charge into battle.
Now let us improve the protocol by making it a three-way handshake. The
initiator of the original proposal must acknowledge the response. Assuming no
messages are lost, blue army #2 will get the acknowledgement, but the com-
mander of blue army #1 will now hesitate. After all, he does not know if his ac-
knowledgement got through, and if it did not, he knows that blue army #2 will not
attack. We could now make a four-way handshake protocol, but that does not
help either.
In fact, it can be proven that no protocol exists that works. Suppose that some
protocol did exist. Either the last message of the protocol is essential, or it is not.
If it is not, we can remove it (and any other unessential messages) until we are left
with a protocol in which every message is essential. What happens if the final
message does not get through? We just said that it was essential, so if it is lost,
the attack does not take place. Since the sender of the final message can never be
sure of its arrival, he will not risk attacking. Worse yet, the other blue army
knows this, so it will not attack either.
To see the relevance of the two-army problem to releasing connections, rather
than to military affairs, just substitute ‘‘disconnect’’ for ‘‘attack.’’ If neither side is

520 THE TRANSPORT LAYER CHAP. 6
prepared to disconnect until it is convinced that the other side is prepared to
disconnect too, the disconnection will never happen.
In practice, we can avoid this quandary by foregoing the need for agreement
and pushing the problem up to the transport user, letting each side independently
decide when it is done. This is an easier problem to solve. Figure 6-14 illustrates
four scenarios of releasing using a three-way handshake. While this protocol is
not infallible, it is usually adequate.
In Fig. 6-14(a), we see the normal case in which one of the users sends a DR
(DISCONNECTION REQUEST) segment to initiate the connection release. When
it arrives, the recipient sends back a DR segment and starts a timer, just in case its
DR is lost. When this DR arrives, the original sender sends back an ACK segment
and releases the connection. Finally, when the ACK segment arrives, the receiver
also releases the connection. Releasing a connection means that the transport en-
tity removes the information about the connection from its table of currently open
connections and signals the connection’s owner (the transport user) somehow.
This action is different from a transport user issuing a DISCONNECT primitive.
If the final ACK segment is lost, as shown in Fig. 6-14(b), the situation is
saved by the timer. When the timer expires, the connection is released anyway.
Now consider the case of the second DR being lost. The user initiating the
disconnection will not receive the expected response, will time out, and will start
all over again. In Fig. 6-14(c), we see how this works, assuming that the second
time no segments are lost and all segments are delivered correctly and on time.
Our last scenario, Fig. 6-14(d), is the same as Fig. 6-14(c) except that now we
assume all the repeated attempts to retransmit the DR also fail due to lost seg-
ments. After N retries, the sender just gives up and releases the connection.
Meanwhile, the receiver times out and also exits.
While this protocol usually suffices, in theory it can fail if the initial DR and
N retransmissions are all lost. The sender will give up and release the connection,
while the other side knows nothing at all about the attempts to disconnect and is
still fully active. This situation results in a half-open connection.
We could have avoided this problem by not allowing the sender to give up
after N retries and forcing it to go on forever until it gets a response. However, if
the other side is allowed to time out, the sender will indeed go on forever, because
no response will ever be forthcoming. If we do not allow the receiving side to
time out, the protocol hangs in Fig. 6-14(d).
One way to kill off half-open connections is to have a rule saying that if no
segments have arrived for a certain number of seconds, the connection is automat-
ically disconnected. That way, if one side ever disconnects, the other side will
detect the lack of activity and also disconnect. This rule also takes care of the
case where the connection is broken (because the network can no longer deliver
packets between the hosts) without either end disconnecting first. Of course, if
this rule is introduced, it is necessary for each transport entity to have a timer that
is stopped and then restarted whenever a segment is sent. If this timer expires, a

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 521
DR
ACK
ACK
Host 1 Host 2
DR
DR
Send DR
+ start timer
Send DR
+ start timer
Send ACK
Release
connection
(Timeout)
release
connection
(Timeout)
release
connection
(N Timeouts)
release
connection
( Timeout)
send DR
+ start timer
Release
connection
DR
DR
Host 1 Host 2
DR
Send DR
+ start timer
Send DR &
start timer
Send DR &
start timer
Send DR &
start timer
Send ACK
Release
connection
Release
connection
DR
ACK
Host 1 Host 2
DR
Send DR
+ start timer
Send DR
+ start timer
Send ACK
Release
connection
Lost
Lost
( Timeout)
send DR
+ start timer
DR
Host 1 Host 2
Send DR
+ start timer
Lost
Lost
(a) (b)
(c) (d)
Figure 6-14. Four protocol scenarios for releasing a connection. (a) Normal
case of three-way handshake. (b) Final ACK lost. (c) Response lost. (d) Re-
sponse lost and subsequent DRs lost.
dummy segment is transmitted, just to keep the other side from disconnecting. On
the other hand, if the automatic disconnect rule is used and too many dummy seg-
ments in a row are lost on an otherwise idle connection, first one side, then the
other will automatically disconnect.
We will not belabor this point any more, but by now it should be clear that
releasing a connection without data loss is not nearly as simple as it first appears.
The lesson here is that the transport user must be involved in deciding when to

522 THE TRANSPORT LAYER CHAP. 6
disconnect—the problem cannot be cleanly solved by the transport entities them-
selves. To see the importance of the application, consider that while TCP nor-
mally does a symmetric close (with each side independently closing its half of the
connection with a FIN packet when it has sent its data), many Web servers send
the client a RST packet that causes an abrupt close of the connection that is more
like an asymmetric close. This works only because the Web server knows the pat-
tern of data exchange. First it receives a request from the client, which is all the
data the client will send, and then it sends a response to the client. When the Web
server is finished with its response, all of the data has been sent in either direction.
The server can send the client a warning and abruptly shut the connection. If the
client gets this warning, it will release its connection state then and there. If the
client does not get the warning, it will eventually realize that the server is no long-
er talking to it and release the connection state. The data has been successfully
transferred in either case.
6.2.4 Error Control and Flow Control
Having examined connection establishment and release in some detail, let us
now look at how connections are managed while they are in use. The key issues
are error control and flow control. Error control is ensuring that the data is deliv-
ered with the desired level of reliability, usually that all of the data is delivered
without any errors. Flow control is keeping a fast transmitter from overrunning a
slow receiver.
Both of these issues have come up before, when we studied the data link
layer. The solutions that are used at the transport layer are the same mechanisms
that we studied in Chap. 3. As a very brief recap:
1. A frame carries an error-detecting code (e.g., a CRC or checksum)
that is used to check if the information was correctly received.
2. A frame carries a sequence number to identify itself and is retrans-
mitted by the sender until it receives an acknowledgement of suc-
cessful receipt from the receiver. This is called ARQ (Automatic
Repeat reQuest).
3. There is a maximum number of frames that the sender will allow to
be outstanding at any time, pausing if the receiver is not acknowledg-
ing frames quickly enough. If this maximum is one packet the proto-
col is called stop-and-wait. Larger windows enable pipelining and
improve performance on long, fast links.
4. The sliding window protocol combines these features and is also
used to support bidirectional data transfer.
Given that these mechanisms are used on frames at the link layer, it is natural
to wonder why they would be used on segments at the transport layer as well.

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 523
However, there is little duplication between the link and transport layers in prac-
tice. Even though the same mechanisms are used, there are differences in function
and degree.
For a difference in function, consider error detection. The link layer check-
sum protects a frame while it crosses a single link. The transport layer checksum
protects a segment while it crosses an entire network path. It is an end-to-end
check, which is not the same as having a check on every link. Saltzer et al. (1984)
describe a situation in which packets were corrupted inside a router. The link
layer checksums protected the packets only while they traveled across a link, not
while they were inside the router. Thus, packets were delivered incorrectly even
though they were correct according to the checks on every link.
This and other examples led Saltzer et al. to articulate the end-to-end argu-
ment. According to this argument, the transport layer check that runs end-to-end
is essential for correctness, and the link layer checks are not essential but nonethe-
less valuable for improving performance (since without them a corrupted packet
can be sent along the entire path unnecessarily).
As a difference in degree, consider retransmissions and the sliding window
protocol. Most wireless links, other than satellite links, can have only a single
frame outstanding from the sender at a time. That is, the bandwidth-delay product
for the link is small enough that not even a whole frame can be stored inside the
link. In this case, a small window size is sufficient for good performance. For ex-
ample, 802.11 uses a stop-and-wait protocol, transmitting or retransmitting each
frame and waiting for it to be acknowledged before moving on to the next frame.
Having a window size larger than one frame would add complexity without im-
proving performance. For wired and optical fiber links, such as (switched) Ether-
net or ISP backbones, the error-rate is low enough that link-layer retransmissions
can be omitted because the end-to-end retransmissions will repair the residual
frame loss.
On the other hand, many TCP connections have a bandwidth-delay product
that is much larger than a single segment. Consider a connection sending data a-
cross the U.S. at 1 Mbps with a round-trip time of 100 msec. Even for this slow
connection, 200 Kbit of data will be stored at the receiver in the time it takes to
send a segment and receive an acknowledgement. For these situations, a large
sliding window must be used. Stop-and-wait will cripple performance. In our ex-
ample it would limit performance to one segment every 200 msec, or 5 seg-
ments/sec no matter how fast the network really is.
Given that transport protocols generally use larger sliding windows, we will
look at the issue of buffering data more carefully. Since a host may have many
connections, each of which is treated separately, it may need a substantial amount
of buffering for the sliding windows. The buffers are needed at both the sender
and the receiver. Certainly they are needed at the sender to hold all transmitted
but as yet unacknowledged segments. They are needed there because these seg-
ments may be lost and need to be retransmitted.

524 THE TRANSPORT LAYER CHAP. 6
However, since the sender is buffering, the receiver may or may not dedicate
specific buffers to specific connections, as it sees fit. The receiver may, for ex-
ample, maintain a single buffer pool shared by all connections. When a segment
comes in, an attempt is made to dynamically acquire a new buffer. If one is avail-
able, the segment is accepted; otherwise, it is discarded. Since the sender is pre-
pared to retransmit segments lost by the network, no permanent harm is done by
having the receiver drop segments, although some resources are wasted. The
sender just keeps trying until it gets an acknowledgement.
The best trade-off between source buffering and destination buffering depends
on the type of traffic carried by the connection. For low-bandwidth bursty traffic,
such as that produced by an interactive terminal, it is reasonable not to dedicate
any buffers, but rather to acquire them dynamically at both ends, relying on buff-
ering at the sender if segments must occasionally be discarded. On the other
hand, for file transfer and other high-bandwidth traffic, it is better if the receiver
does dedicate a full window of buffers, to allow the data to flow at maximum
speed. This is the strategy that TCP uses.
There still remains the question of how to organize the buffer pool. If most
segments are nearly the same size, it is natural to organize the buffers as a pool of
identically sized buffers, with one segment per buffer, as in Fig. 6-15(a). Howev-
er, if there is wide variation in segment size, from short requests for Web pages to
large packets in peer-to-peer file transfers, a pool of fixed-sized buffers presents
problems. If the buffer size is chosen to be equal to the largest possible segment,
space will be wasted whenever a short segment arrives. If the buffer size is cho-
sen to be less than the maximum segment size, multiple buffers will be needed for
long segments, with the attendant complexity.
Another approach to the buffer size problem is to use variable-sized buffers,
as in Fig. 6-15(b). The advantage here is better memory utilization, at the price of
more complicated buffer management. A third possibility is to dedicate a single
large circular buffer per connection, as in Fig. 6-15(c). This system is simple and
elegant and does not depend on segment sizes, but makes good use of memory
only when the connections are heavily loaded.
As connections are opened and closed and as the traffic pattern changes, the
sender and receiver need to dynamically adjust their buffer allocations. Conse-
quently, the transport protocol should allow a sending host to request buffer space
at the other end. Buffers could be allocated per connection, or collectively, for all
the connections running between the two hosts. Alternatively, the receiver, know-
ing its buffer situation (but not knowing the offered traffic) could tell the sender
‘‘I have reserved X buffers for you.’’ If the number of open connections should in-
crease, it may be necessary for an allocation to be reduced, so the protocol should
provide for this possibility.
A reasonably general way to manage dynamic buffer allocation is to decouple
the buffering from the acknowledgements, in contrast to the sliding window pro-
tocols of Chap. 3. Dynamic buffer management means, in effect, a variable-sized

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 525
Segment 1
Segment 2
Segment 3
Segment 4
(a) (b)
(c)
Unused
space
Figure 6-15. (a) Chained fixed-size buffers. (b) Chained variable-sized buffers.
(c) One large circular buffer per connection.
window. Initially, the sender requests a certain number of buffers, based on its
expected needs. The receiver then grants as many of these as it can afford. Every
time the sender transmits a segment, it must decrement its allocation, stopping
altogether when the allocation reaches zero. The receiver separately piggybacks
both acknowledgements and buffer allocations onto the reverse traffic. TCP uses
this scheme, carrying buffer allocations in a header field called Window size.
Figure 6-16 shows an example of how dynamic window management might
work in a datagram network with 4-bit sequence numbers. In this example, data
flows in segments from host A to host B and acknowledgements and buffer alloca-
tions flow in segments in the reverse direction. Initially, A wants eight buffers,
but it is granted only four of these. It then sends three segments, of which the
third is lost. Segment 6 acknowledges receipt of all segments up to and including
sequence number 1, thus allowing A to release those buffers, and furthermore
informs A that it has permission to send three more segments starting beyond 1
(i.e., segments 2, 3, and 4). A knows that it has already sent number 2, so it thinks
that it may send segments 3 and 4, which it proceeds to do. At this point it is
blocked and must wait for more buffer allocation. Timeout-induced retransmis-
sions (line 9), however, may occur while blocked, since they use buffers that have
already been allocated. In line 10, B acknowledges receipt of all segments up to
and including 4 but refuses to let A continue. Such a situation is impossible with
the fixed-window protocols of Chap. 3. The next segment from B to A allocates

526 THE TRANSPORT LAYER CHAP. 6
another buffer and allows A to continue. This will happen when B has buffer
space, likely because the transport user has accepted more segment data.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
< request 8 buffers>

A wants 8 buffers
B grants messages 0-3 only
A has 3 buffers left now
A has 2 buffers left now
Message lost but A thinks it has 1 left
B acknowledges 0 and 1, permits 2-4
A has 1 buffer left
A has 0 buffers left, and must stop
A times out and retransmits
Everything acknowledged, but A still blocked
A may now send 5
B found a new buffer somewhere
A has 1 buffer left
A is now blocked again
A is still blocked
Potential deadlock
A BMessage Comments
Figure 6-16. Dynamic buffer allocation. The arrows show the direction of
transmission. An ellipsis (…) indicates a lost segment.
Problems with buffer allocation schemes of this kind can arise in datagram
networks if control segments can get lost—which they most certainly can. Look
at line 16. B has now allocated more buffers to A, but the allocation segment was
lost. Oops. Since control segments are not sequenced or timed out, A is now
deadlocked. To prevent this situation, each host should periodically send control
segments giving the acknowledgement and buffer status on each connection. That
way, the deadlock will be broken, sooner or later.
Until now we have tacitly assumed that the only limit imposed on the sender’s
data rate is the amount of buffer space available in the receiver. This is often not
the case. Memory was once expensive but prices have fallen dramatically. Hosts
may be equipped with sufficient memory that the lack of buffers is rarely, if ever,
a problem, even for wide area connections. Of course, this depends on the buffer
size being set to be large enough, which has not always been the case for TCP
(Zhang et al., 2002).
When buffer space no longer limits the maximum flow, another bottleneck
will appear: the carrying capacity of the network. If adjacent routers can ex-
change at most x packets/sec and there are k disjoint paths between a pair of hosts,
there is no way that those hosts can exchange more than kx segments/sec, no mat-
ter how much buffer space is available at each end. If the sender pushes too hard

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 527
(i.e., sends more than kx segments/sec), the network will become congested be-
cause it will be unable to deliver segments as fast as they are coming in.
What is needed is a mechanism that limits transmissions from the sender
based on the network’s carrying capacity rather than on the receiver’s buffering
capacity. Belsnes (1975) proposed using a sliding window flow-control scheme
in which the sender dynamically adjusts the window size to match the network’s
carrying capacity. This means that a dynamic sliding window can implement both
flow control and congestion control. If the network can handle c segments/sec
and the round-trip time (including transmission, propagation, queueing, proc-
essing at the receiver, and return of the acknowledgement) is r, the sender’s win-
dow should be cr. With a window of this size, the sender normally operates with
the pipeline full. Any small decrease in network performance will cause it to
block. Since the network capacity available to any given flow varies over time,
the window size should be adjusted frequently, to track changes in the carrying
capacity. As we will see later, TCP uses a similar scheme.
6.2.5 Multiplexing
Multiplexing, or sharing several conversations over connections, virtual cir-
cuits, and physical links plays a role in several layers of the network architecture.
In the transport layer, the need for multiplexing can arise in a number of ways.
For example, if only one network address is available on a host, all transport con-
nections on that machine have to use it. When a segment comes in, some way is
needed to tell which process to give it to. This situation, called multiplexing, is
shown in Fig. 6-17(a). In this figure, four distinct transport connections all use the
same network connection (e.g., IP address) to the remote host.
Multiplexing can also be useful in the transport layer for another reason. Sup-
pose, for example, that a host has multiple network paths that it can use. If a user
needs more bandwidth or more reliability than one of the network paths can pro-
vide, a way out is to have a connection that distributes the traffic among multiple
network paths on a round-robin basis, as indicated in Fig. 6-17(b). This modus
operandi is called inverse multiplexing. With k network connections open, the
effective bandwidth might be increased by a factor of k. An example of inverse
multiplexing is SCTP (Stream Control Transmission Protocol), which can run
a connection using multiple network interfaces. In contrast, TCP uses a single net-
work endpoint. Inverse multiplexing is also found at the link layer, when several
low-rate links are used in parallel as one high-rate link.
6.2.6 Crash Recovery
If hosts and routers are subject to crashes or connections are long-lived (e.g.,
large software or media downloads), recovery from these crashes becomes an
issue. If the transport entity is entirely within the hosts, recovery from network

528 THE TRANSPORT LAYER CHAP. 6
Layer
4
3
2
1
To router
Router lines
Transport address
Network
address
(a) (b)
Figure 6-17. (a) Multiplexing. (b) Inverse multiplexing.
and router crashes is straightforward. The transport entities expect lost segments
all the time and know how to cope with them by using retransmissions.
A more troublesome problem is how to recover from host crashes. In particu-
lar, it may be desirable for clients to be able to continue working when servers
crash and quickly reboot. To illustrate the difficulty, let us assume that one host,
the client, is sending a long file to another host, the file server, using a simple
stop-and-wait protocol. The transport layer on the server just passes the incoming
segments to the transport user, one by one. Partway through the transmission, the
server crashes. When it comes back up, its tables are reinitialized, so it no longer
knows precisely where it was.
In an attempt to recover its previous status, the server might send a broadcast
segment to all other hosts, announcing that it has just crashed and requesting that
its clients inform it of the status of all open connections. Each client can be in one
of two states: one segment outstanding, S1, or no segments outstanding, S0.
Based on only this state information, the client must decide whether to retransmit
the most recent segment.
At first glance, it would seem obvious: the client should retransmit if and only
if it has an unacknowledged segment outstanding (i.e., is in state S1) when it
learns of the crash. However, a closer inspection reveals difficulties with this
naive approach. Consider, for example, the situation in which the server’s tran-
sport entity first sends an acknowledgement and then, when the acknowledgement
has been sent, writes to the application process. Writing a segment onto the out-
put stream and sending an acknowledgement are two distinct events that cannot
be done simultaneously. If a crash occurs after the acknowledgement has been
sent but before the write has been fully completed, the client will receive the

SEC. 6.2 ELEMENTS OF TRANSPORT PROTOCOLS 529
acknowledgement and thus be in state S0 when the crash recovery announcement
arrives. The client will therefore not retransmit, (incorrectly) thinking that the
segment has arrived. This decision by the client leads to a missing segment.
At this point you may be thinking: ‘‘That problem can be solved easily. All
you have to do is reprogram the transport entity to first do the write and then send
the acknowledgement.’’ Try again. Imagine that the write has been done but the
crash occurs before the acknowledgement can be sent. The client will be in state
S1 and thus retransmit, leading to an undetected duplicate segment in the output
stream to the server application process.
No matter how the client and server are programmed, there are always situa-
tions where the protocol fails to recover properly. The server can be programmed
in one of two ways: acknowledge first or write first. The client can be pro-
grammed in one of four ways: always retransmit the last segment, never retrans-
mit the last segment, retransmit only in state S0, or retransmit only in state S1.
This gives eight combinations, but as we shall see, for each combination there is
some set of events that makes the protocol fail.
Three events are possible at the server: sending an acknowledgement (A),
writing to the output process (W), and crashing (C). The three events can occur
in six different orderings: AC(W), AWC, C(AW), C(WA), WAC, and WC(A),
where the parentheses are used to indicate that neither A nor W can follow C (i.e.,
once it has crashed, it has crashed). Figure 6-18 shows all eight combinations of
client and server strategies and the valid event sequences for each one. Notice
that for each strategy there is some sequence of events that causes the protocol to
fail. For example, if the client always retransmits, the AWC event will generate
an undetected duplicate, even though the other two events work properly.
Always retransmit OK DUP OK
LOST OK LOST
OK DUP LOST
LOST OK OK
Never retransmit
Retransmit in S0
Retransmit in S1
AC(W)
Strategy used by
sending host AWC
First ACK, then write First write, then ACK
C(AW)
OK DUP DUP
LOST OK OK
LOST DUP OK
OK OK DUP
C(WA) W AC WC(A)
OK = Protocol functions correctly
DUP = Protocol generates a duplicate message
LOST = Protocol loses a message
Strategy used by receiving host
Figure 6-18. Different combinations of client and server strategies.

530 THE TRANSPORT LAYER CHAP. 6
Making the protocol more elaborate does not help. Even if the client and ser-
ver exchange several segments before the server attempts to write, so that the cli-
ent knows exactly what is about to happen, the client has no way of knowing
whether a crash occurred just before or just after the write. The conclusion is
inescapable: under our ground rules of no simultaneous events—that is, separate
events happen one after another not at the same time—host crash and recovery
cannot be made transparent to higher layers.
Put in more general terms, this result can be restated as ‘‘recovery from a
layer N crash can only be done by layer N + 1,’’ and then only if the higher layer
retains enough status information to reconstruct where it was before the problem
occurred. This is consistent with the case mentioned above that the transport
layer can recover from failures in the network layer, provided that each end of a
connection keeps track of where it is.
This problem gets us into the issue of what a so-called end-to-end acknowl-
edgement really means. In principle, the transport protocol is end-to-end and not
chained like the lower layers. Now consider the case of a user entering requests
for transactions against a remote database. Suppose that the remote transport enti-
ty is programmed to first pass segments to the next layer up and then acknow-
ledge. Even in this case, the receipt of an acknowledgement back at the user’s
machine does not necessarily mean that the remote host stayed up long enough to
actually update the database. A truly end-to-end acknowledgement, whose receipt
means that the work has actually been done and lack thereof means that it has not,
is probably impossible to achieve. This point is discussed in more detail by
Saltzer et al. (1984).
6.3 CONGESTION CONTROL
If the transport entities on many machines send too many packets into the net-
work too quickly, the network will become congested, with performance degraded
as packets are delayed and lost. Controlling congestion to avoid this problem is
the combined responsibility of the network and transport layers. Congestion oc-
curs at routers, so it is detected at the network layer. However, congestion is ulti-
mately caused by traffic sent into the network by the transport layer. The only ef-
fective way to control congestion is for the transport protocols to send packets
into the network more slowly.
In Chap. 5, we studied congestion control mechanisms in the network layer.
In this section, we will study the other half of the problem, congestion control
mechanisms in the transport layer. After describing the goals of congestion con-
trol, we will describe how hosts can regulate the rate at which they send packets
into the network. The Internet relies heavily on the transport layer for congestion
control, and specific algorithms are built into TCP and other protocols.

SEC. 6.3 CONGESTION CONTROL 531
6.3.1 Desirable Bandwidth Allocation
Before we describe how to regulate traffic, we must understand what we are
trying to achieve by running a congestion control algorithm. That is, we must
specify the state in which a good congestion control algorithm will operate the
network. The goal is more than to simply avoid congestion. It is to find a good al-
location of bandwidth to the transport entities that are using the network. A good
allocation will deliver good performance because it uses all the available band-
width but avoids congestion, it will be fair across competing transport entities, and
it will quickly track changes in traffic demands. We will make each of these cri-
teria more precise in turn.
Efficiency and Power
An efficient allocation of bandwidth across transport entities will use all of
the network capacity that is available. However, it is not quite right to think that if
there is a 100-Mbps link, five transport entities should get 20 Mbps each. They
should usually get less than 20 Mbps for good performance. The reason is that the
traffic is often bursty. Recall that in Sec. 5.3 we described the goodput (or rate of
useful packets arriving at the receiver) as a function of the offered load. This
curve and a matching curve for the delay as a function of the offered load are
given in Fig. 6-19.
Capacity
(a)
Offered load (packets/sec)
Congestion
collapse
Offered load (packets/sec)
G
oo
dp
ut
(p
ac
ke
ts
/s
ec
)
Desired
response
D
el
ay
(s
ec
on
ds
)
(b)
Onset of
congestion
Figure 6-19. (a) Goodput and (b) delay as a function of offered load.
As the load increases in Fig. 6-19(a) goodput initially increases at the same
rate, but as the load approaches the capacity, goodput rises more gradually. This
falloff is because bursts of traffic can occasionally mount up and cause some
losses at buffers inside the network. If the transport protocol is poorly designed
and retransmits packets that have been delayed but not lost, the network can enter
congestion collapse. In this state, senders are furiously sending packets, but in-
creasingly little useful work is being accomplished.

532 THE TRANSPORT LAYER CHAP. 6
The corresponding delay is given in Fig. 6-19(b) Initially the delay is fixed,
representing the propagation delay across the network. As the load approaches the
capacity, the delay rises, slowly at first and then much more rapidly. This is again
because of bursts of traffic that tend to mound up at high load. The delay cannot
really go to infinity, except in a model in which the routers have infinite buffers.
Instead, packets will be lost after experiencing the maximum buffering delay.
For both goodput and delay, performance begins to degrade at the onset of
congestion. Intuitively, we will obtain the best performance from the network if
we allocate bandwidth up until the delay starts to climb rapidly. This point is be-
low the capacity. To identify it, Kleinrock (1979) proposed the metric of power,
where
power =
delay
load
Power will initially rise with offered load, as delay remains small and roughly
constant, but will reach a maximum and fall as delay grows rapidly. The load with
the highest power represents an efficient load for the transport entity to place on
the network.
Max-Min Fairness
In the preceding discussion, we did not talk about how to divide bandwidth
between different transport senders. This sounds like a simple question to
answer—give all the senders an equal fraction of the bandwidth—but it involves
several considerations.
Perhaps the first consideration is to ask what this problem has to do with con-
gestion control. After all, if the network gives a sender some amount of bandwidth
to use, the sender should just use that much bandwidth. However, it is often the
case that networks do not have a strict bandwidth reservation for each flow or
connection. They may for some flows if quality of service is supported, but many
connections will seek to use whatever bandwidth is available or be lumped toget-
her by the network under a common allocation. For example, IETF’s differentiat-
ed services separates traffic into two classes and connections compete for band-
width within each class. IP routers often have all connections competing for the
same bandwidth. In this situation, it is the congestion control mechanism that is
allocating bandwidth to the competing connections.
A second consideration is what a fair portion means for flows in a network. It
is simple enough if N flows use a single link, in which case they can all have 1 /N
of the bandwidth (although efficiency will dictate that they use slightly less if the
traffic is bursty). But what happens if the flows have different, but overlapping,
network paths? For example, one flow may cross three links, and the other flows
may cross one link. The three-link flow consumes more network resources. It
might be fairer in some sense to give it less bandwidth than the one-link flows. It

SEC. 6.3 CONGESTION CONTROL 533
should certainly be possible to support more one-link flows by reducing the band-
width of the three-link flow. This point demonstrates an inherent tension between
fairness and efficiency.
However, we will adopt a notion of fairness that does not depend on the
length of the network path. Even with this simple model, giving connections an
equal fraction of bandwidth is a bit complicated because different connections
will take different paths through the network and these paths will themselves have
different capacities. In this case, it is possible for a flow to be bottlenecked on a
downstream link and take a smaller portion of an upstream link than other flows;
reducing the bandwidth of the other flows would slow them down but would not
help the bottlenecked flow at all.
The form of fairness that is often desired for network usage is max-min fair-
ness. An allocation is max-min fair if the bandwidth given to one flow cannot be
increased without decreasing the bandwidth given to another flow with an alloca-
tion that is no larger. That is, increasing the bandwidth of a flow will only make
the situation worse for flows that are less well off.
Let us see an example. A max-min fair allocation is shown for a network with
four flows, A, B, C, and D, in Fig. 6-20. Each of the links between routers has the
same capacity, taken to be 1 unit, though in the general case the links will have
different capacities. Three flows compete for the bottom-left link between routers
R4 and R5. Each of these flows therefore gets 1/3 of the link. The remaining
flow, A, competes with B on the link from R2 to R3. Since B has an allocation of
1/3, A gets the remaining 2/3 of the link. Notice that all of the other links have
spare capacity. However, this capacity cannot be given to any of the flows without
decreasing the capacity of another, lower flow. For example, if more of the band-
width on the link between R2 and R3 is given to flow B, there will be less for flow
A. This is reasonable as flow A already has more bandwidth. However, the ca-
pacity of flow C or D (or both) must be decreased to give more bandwidth to B,
and these flows will have less bandwidth than B. Thus, the allocation is max-min
fair.
1/3
R1 R2
D
C
B
A
1/3
2/3
1/3
1/3
1/31/3
D
C
B
A
R4
R3
R6R5
2/3
1/3
Figure 6-20. Max-min bandwidth allocation for four flows.
Max-min allocations can be computed given a global knowledge of the net-
work. An intuitive way to think about them is to imagine that the rate for all of the

534 THE TRANSPORT LAYER CHAP. 6
flows starts at zero and is slowly increased. When the rate reaches a bottleneck for
any flow, then that flow stops increasing. The other flows all continue to increase,
sharing equally in the available capacity, until they too reach their respective bot-
tlenecks.
A third consideration is the level over which to consider fairness. A network
could be fair at the level of connections, connections between a pair of hosts, or
all connections per host. We examined this issue when we were discussing WFQ
(Weighted Fair Queueing) in Sec. 5.4 and concluded that each of these definitions
has its problems. For example, defining fairness per host means that a busy server
will fare no better than a mobile phone, while defining fairness per connection
encourages hosts to open more connections. Given that there is no clear answer,
fairness is often considered per connection, but precise fairness is usually not a
concern. It is more important in practice that no connection be starved of band-
width than that all connections get precisely the same amount of bandwidth. In
fact, with TCP it is possible to open multiple connections and compete for band-
width more aggressively. This tactic is used by bandwidth-hungry applications
such as BitTorrent for peer-to-peer file sharing.
Convergence
A final criterion is that the congestion control algorithm converge quickly to a
fair and efficient allocation of bandwidth. The discussion of the desirable operat-
ing point above assumes a static network environment. However, connections are
always coming and going in a network, and the bandwidth needed by a given con-
nection will vary over time too, for example, as a user browses Web pages and
occasionally downloads large videos.
Because of the variation in demand, the ideal operating point for the network
varies over time. A good congestion control algorithm should rapidly converge to
the ideal operating point, and it should track that point as it changes over time. If
the convergence is too slow, the algorithm will never be close to the changing op-
erating point. If the algorithm is not stable, it may fail to converge to the right
point in some cases, or even oscillate around the right point.
An example of a bandwidth allocation that changes over time and converges
quickly is shown in Fig. 6-21. Initially, flow 1 has all of the bandwidth. One sec-
ond later, flow 2 starts. It needs bandwidth as well. The allocation quickly
changes to give each of these flows half the bandwidth. At 4 seconds, a third flow
joins. However, this flow uses only 20% of the bandwidth, which is less than its
fair share (which is a third). Flows 1 and 2 quickly adjust, dividing the available
bandwidth to each have 40% of the bandwidth. At 9 seconds, the second flow
leaves, and the third flow remains unchanged. The first flow quickly captures 80%
of the bandwidth. At all times, the total allocated bandwidth is approximately
100%, so that the network is fully used, and competing flows get equal treatment
(but do not have to use more bandwidth than they need).

SEC. 6.3 CONGESTION CONTROL 535
Flow 1
0.5
Time (secs)
B
an
dw
id
th
al
lo
ca
tio
n
0
1
1 4 9
Flow 3 Flow 2 stops
Flow 2 starts
Figure 6-21. Changing bandwidth allocation over time.
6.3.2 Regulating the Sending Rate
Now it is time for the main course. How do we regulate the sending rates to
obtain a desirable bandwidth allocation? The sending rate may be limited by two
factors. The first is flow control, in the case that there is insufficient buffering at
the receiver. The second is congestion, in the case that there is insufficient capaci-
ty in the network. In Fig. 6-22, we see this problem illustrated hydraulically. In
Fig. 6-22(a), we see a thick pipe leading to a small-capacity receiver. This is a
flow-control limited situation. As long as the sender does not send more water
than the bucket can contain, no water will be lost. In Fig. 6-22(b), the limiting
factor is not the bucket capacity, but the internal carrying capacity of the network.
If too much water comes in too fast, it will back up and some will be lost (in this
case, by overflowing the funnel).
These cases may appear similar to the sender, as transmitting too fast causes
packets to be lost. However, they have different causes and call for different solu-
tions. We have already talked about a flow-control solution with a variable-sized
window. Now we will consider a congestion control solution. Since either of
these problems can occur, the transport protocol will in general need to run both
solutions and slow down if either problem occurs.
The way that a transport protocol should regulate the sending rate depends on
the form of the feedback returned by the network. Different network layers may
return different kinds of feedback. The feedback may be explicit or implicit, and it
may be precise or imprecise.
An example of an explicit, precise design is when routers tell the sources the
rate at which they may send. Designs in the literature such as XCP (eXplicit Con-
gestion Protocol) operate in this manner (Katabi et al., 2002). An explicit, impre-
cise design is the use of ECN (Explicit Congestion Notification) with TCP. In this
design, routers set bits on packets that experience congestion to warn the senders
to slow down, but they do not tell them how much to slow down.

536 THE TRANSPORT LAYER CHAP. 6
Transmission
rate adjustment
Transmission
network Internal
congestion
Small-capacity
receiver
Large-capacity
receiver
(a) (b)
Figure 6-22. (a) A fast network feeding a low-capacity receiver. (b) A slow
network feeding a high-capacity receiver.
In other designs, there is no explicit signal. FAST TCP measures the round-
trip delay and uses that metric as a signal to avoid congestion (Wei et al., 2006).
Finally, in the form of congestion control most prevalent in the Internet today,
TCP with drop-tail or RED routers, packet loss is inferred and used to signal that
the network has become congested. There are many variants of this form of TCP,
including CUBIC TCP, which is used in Linux (Ha et al., 2008). Combinations
are also possible. For example, Windows includes Compound TCP that uses both
packet loss and delay as feedback signals (Tan et al., 2006). These designs are
summarized in Fig. 6-23.
If an explicit and precise signal is given, the transport entity can use that sig-
nal to adjust its rate to the new operating point. For example, if XCP tells senders
the rate to use, the senders may simply use that rate. In the other cases, however,
some guesswork is involved. In the absence of a congestion signal, the senders
should decrease their rates. When a congestion signal is given, the senders should
decrease their rates. The way in which the rates are increased or decreased is
given by a control law. These laws have a major effect on performance.

SEC. 6.3 CONGESTION CONTROL 537
Protocol Signal Explicit? Precise?
XCP Rate to use Yes Yes
TCP with ECN Congestion warning Yes No
FAST TCP End-to-end delay No Yes
Compound TCP Packet loss & end-to-end delay No Yes
CUBIC TCP Packet loss No No
TCP Packet loss No No
Figure 6-23. Signals of some congestion control protocols.
Chiu and Jain (1989) studied the case of binary congestion feedback and con-
cluded that AIMD (Additive Increase Multiplicative Decrease) is the appropr-
iate control law to arrive at the efficient and fair operating point. To argue this
case, they constructed a graphical argument for the simple case of two con-
nections competing for the bandwidth of a single link. The graph in Fig. 6-24
shows the bandwidth allocated to user 1 on the x-axis and to user 2 on the y-axis.
When the allocation is fair, both users will receive the same amount of bandwidth.
This is shown by the dotted fairness line. When the allocations sum to 100%, the
capacity of the link, the allocation is efficient. This is shown by the dotted effi-
ciency line. A congestion signal is given by the network to both users when the
sum of their allocations crosses this line. The intersection of these lines is the de-
sired operating point, when both users have the same bandwidth and all of the net-
work bandwidth is used.
Additive increase
and decrease
User 1’s bandwidth
Fairness line
Efficiency line
Optimal point
U
se
r
2’
s
ba
nd
w
id
th
0
Multiplicative increase
and decrease
100%
100%
Figure 6-24. Additive and multiplicative bandwidth adjustments.
Consider what happens from some starting allocation if both user 1 and user 2
additively increase their respective bandwidths over time. For example, the users
may each increase their sending rate by 1 Mbps every second. Eventually, the

538 THE TRANSPORT LAYER CHAP. 6
operating point crosses the efficiency line and both users receive a congestion sig-
nal from the network. At this stage, they must reduce their allocations. However,
an additive decrease would simply cause them to oscillate along an additive line.
This situation is shown in Fig. 6-24. The behavior will keep the operating point
close to efficient, but it will not necessarily be fair.
Similarly, consider the case when both users multiplicatively increase their
bandwidth over time until they receive a congestion signal. For example, the users
may increase their sending rate by 10% every second. If they then multiplica-
tively decrease their sending rates, the operating point of the users will simply
oscillate along a multiplicative line. This behavior is also shown in Fig. 6-24.
The multiplicative line has a different slope than the additive line. (It points to the
origin, while the additive line has an angle of 45 degrees.) But it is otherwise no
better. In neither case will the users converge to the optimal sending rates that are
both fair and efficient.
Now consider the case that the users additively increase their bandwidth al-
locations and then multiplicatively decrease them when congestion is signaled.
This behavior is the AIMD control law, and it is shown in Fig. 6-25. It can be
seen that the path traced by this behavior does converge to the optimal point that
is both fair and efficient. This convergence happens no matter what the starting
point, making AIMD broadly useful. By the same argument, the only other com-
bination, multiplicative increase and additive decrease, would diverge from the
optimal point.
Start
User 1’s bandwidth 100%
Fairness line
Efficiency line
Optimal point
U
se
r
2’
s
ba
nd
w
id
th
= Additive increase
(up at 45 )
= Multiplicative decrease
(line points to origin)
Legend:
100%
0
0
Figure 6-25. Additive Increase Multiplicative Decrease (AIMD) control law.
AIMD is the control law that is used by TCP, based on this argument and an-
other stability argument (that it is easy to drive the network into congestion and
difficult to recover, so the increase policy should be gentle and the decrease poli-
cy aggressive). It is not quite fair, since TCP connections adjust their window
size by a given amount every round-trip time. Different connections will have dif-
ferent round-trip times. This leads to a bias in which connections to closer hosts
receive more bandwidth than connections to distant hosts, all else being equal.

SEC. 6.3 CONGESTION CONTROL 539
In Sec. 6.5, we will describe in detail how TCP implements an AIMD control
law to adjust the sending rate and provide congestion control. This task is more
difficult than it sounds because rates are measured over some interval and traffic
is bursty. Instead of adjusting the rate directly, a strategy that is often used in
practice is to adjust the size of a sliding window. TCP uses this strategy. If the
window size is W and the round-trip time is RTT, the equivalent rate is W/RTT.
This strategy is easy to combine with flow control, which already uses a window,
and has the advantage that the sender paces packets using acknowledgements and
hence slows down in one RTT if it stops receiving reports that packets are leaving
the network.
As a final issue, there may be many different transport protocols that send
traffic into the network. What will happen if the different protocols compete with
different control laws to avoid congestion? Unequal bandwidth allocations, that is
what. Since TCP is the dominant form of congestion control in the Internet, there
is significant community pressure for new transport protocols to be designed so
that they compete fairly with it. The early streaming media protocols caused prob-
lems by excessively reducing TCP throughput because they did not compete
fairly. This led to the notion of TCP-friendly congestion control in which TCP
and non-TCP transport protocols can be freely mixed with no ill effects (Floyd et
al., 2000).
6.3.3 Wireless Issues
Transport protocols such as TCP that implement congestion control should be
independent of the underlying network and link layer technologies. That is a good
theory, but in practice there are issues with wireless networks. The main issue is
that packet loss is often used as a congestion signal, including by TCP as we have
just discussed. Wireless networks lose packets all the time due to transmission er-
rors.
With the AIMD control law, high throughput requires very small levels of
packet loss. Analyses by Padhye et al. (1998) show that the throughput goes up as
the inverse square-root of the packet loss rate. What this means in practice is that
the loss rate for fast TCP connections is very small; 1% is a moderate loss rate,
and by the time the loss rate reaches 10% the connection has effectively stopped
working. However, for wireless networks such as 802.11 LANs, frame loss rates
of at least 10% are common. This difference means that, absent protective meas-
ures, congestion control schemes that use packet loss as a signal will unneces-
sarily throttle connections that run over wireless links to very low rates.
To function well, the only packet losses that the congestion control algorithm
should observe are losses due to insufficient bandwidth, not losses due to trans-
mission errors. One solution to this problem is to mask the wireless losses by
using retransmissions over the wireless link. For example, 802.11 uses a stop-
and-wait protocol to deliver each frame, retrying transmissions multiple times if

540 THE TRANSPORT LAYER CHAP. 6
need be before reporting a packet loss to the higher layer. In the normal case, each
packet is delivered despite transient transmission errors that are not visible to the
higher layers.
Fig. 6-26 shows a path with a wired and wireless link for which the masking
strategy is used. There are two aspects to note. First, the sender does not neces-
sarily know that the path includes a wireless link, since all it sees is the wired link
to which it is attached. Internet paths are heterogeneous and there is no general
method for the sender to tell what kind of links comprise the path. This compli-
cates the congestion control problem, as there is no easy way to use one protocol
for wireless links and another protocol for wired links.
Wired link
Sender Receiver
Transport with end-to-end congestion control (loss = congestion)
Link layer retransmission
(loss = transmission error)
Wireless link
Figure 6-26. Congestion control over a path with a wireless link.
The second aspect is a puzzle. The figure shows two mechanisms that are
driven by loss: link layer frame retransmissions, and transport layer congestion
control. The puzzle is how these two mechanisms can co-exist without getting
confused. After all, a loss should cause only one mechanism to take action be-
cause it is either a transmission error or a congestion signal. It cannot be both. If
both mechanisms take action (by retransmitting the frame and slowing down the
sending rate) then we are back to the original problem of transports that run far
too slowly over wireless links. Consider this puzzle for a moment and see if you
can solve it.
The solution is that the two mechanisms act at different timescales. Link
layer retransmissions happen on the order of microseconds to milliseconds for
wireless links such as 802.11. Loss timers in transport protocols fire on the order
of milliseconds to seconds. The difference is three orders of magnitude. This al-
lows wireless links to detect frame losses and retransmit frames to repair trans-
mission errors long before packet loss is inferred by the transport entity.
The masking strategy is sufficient to let most transport protocols run well
across most wireless links. However, it is not always a fitting solution. Some
wireless links have long round-trip times, such as satellites. For these links other
techniques must be used to mask loss, such as FEC (Forward Error Correction), or
the transport protocol must use a non-loss signal for congestion control.

SEC. 6.3 CONGESTION CONTROL 541
A second issue with congestion control over wireless links is variable capaci-
ty. That is, the capacity of a wireless link changes over time, sometimes abruptly,
as nodes move and the signal-to-noise ratio varies with the changing channel con-
ditions. This is unlike wired links whose capacity is fixed. The transport protocol
must adapt to the changing capacity of wireless links, otherwise it will either con-
gest the network or fail to use the available capacity.
One possible solution to this problem is simply not to worry about it. This
strategy is feasible because congestion control algorithms must already handle the
case of new users entering the network or existing users changing their sending
rates. Even though the capacity of wired links is fixed, the changing behavior of
other users presents itself as variability in the bandwidth that is available to a
given user. Thus it is possible to simply run TCP over a path with an 802.11 wire-
less link and obtain reasonable performance.
However, when there is much wireless variability, transport protocols de-
signed for wired links may have trouble keeping up and deliver poor performance.
The solution in this case is a transport protocol that is designed for wireless links.
A particularly challenging setting is a wireless mesh network in which multiple,
interfering wireless links must be crossed, routes change due to mobility, and
there is lots of loss. Research in this area is ongoing. See Li et al. (2009) for an
example of wireless transport protocol design.
6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP
The Internet has two main protocols in the transport layer, a connectionless
protocol and a connection-oriented one. The protocols complement each other.
The connectionless protocol is UDP. It does almost nothing beyond sending pack-
ets between applications, letting applications build their own protocols on top as
needed. The connection-oriented protocol is TCP. It does almost everything. It
makes connections and adds reliability with retransmissions, along with flow con-
trol and congestion control, all on behalf of the applications that use it.
In the following sections, we will study UDP and TCP. We will start with
UDP because it is simplest. We will also look at two uses of UDP. Since UDP is
a transport layer protocol that typically runs in the operating system and protocols
that use UDP typically run in user space, these uses might be considered applica-
tions. However, the techniques they use are useful for many applications and are
better considered to belong to a transport service, so we will cover them here.
6.4.1 Introduction to UDP
The Internet protocol suite supports a connectionless transport protocol called
UDP (User Datagram Protocol). UDP provides a way for applications to send
encapsulated IP datagrams without having to establish a connection. UDP is de-
scribed in RFC 768.

542 THE TRANSPORT LAYER CHAP. 6
UDP transmits segments consisting of an 8-byte header followed by the pay-
load. The header is shown in Fig. 6-27. The two ports serve to identify the end-
points within the source and destination machines. When a UDP packet arrives,
its payload is handed to the process attached to the destination port. This attach-
ment occurs when the BIND primitive or something similar is used, as we saw in
Fig. 6-6 for TCP (the binding process is the same for UDP). Think of ports as
mailboxes that applications can rent to receive packets. We will have more to say
about them when we describe TCP, which also uses ports. In fact, the main value
of UDP over just using raw IP is the addition of the source and destination ports.
Without the port fields, the transport layer would not know what to do with each
incoming packet. With them, it delivers the embedded segment to the correct ap-
plication.
32 Bits
Source port
UDP length
Destination port
UDP checksum
Figure 6-27. The UDP header.
The source port is primarily needed when a reply must be sent back to the
source. By copying the Source port field from the incoming segment into the
Destination port field of the outgoing segment, the process sending the reply can
specify which process on the sending machine is to get it.
The UDP length field includes the 8-byte header and the data. The minimum
length is 8 bytes, to cover the header. The maximum length is 65,515 bytes, which
is lower than the largest number that will fit in 16 bits because of the size limit on
IP packets.
An optional Checksum is also provided for extra reliability. It checksums the
header, the data, and a conceptual IP pseudoheader. When performing this com-
putation, the Checksum field is set to zero and the data field is padded out with an
additional zero byte if its length is an odd number. The checksum algorithm is
simply to add up all the 16-bit words in one’s complement and to take the one’s
complement of the sum. As a consequence, when the receiver performs the calcu-
lation on the entire segment, including the Checksum field, the result should be 0.
If the checksum is not computed, it is stored as a 0, since by a happy coincidence
of one’s complement arithmetic a true computed 0 is stored as all 1s. However,
turning it off is foolish unless the quality of the data does not matter (e.g., for digi-
tized speech).
The pseudoheader for the case of IPv4 is shown in Fig. 6-28. It contains the
32-bit IPv4 addresses of the source and destination machines, the protocol number
for UDP (17), and the byte count for the UDP segment (including the header). It

SEC. 6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP 543
is different but analogous for IPv6. Including the pseudoheader in the UDP
checksum computation helps detect misdelivered packets, but including it also
violates the protocol hierarchy since the IP addresses in it belong to the IP layer,
not to the UDP layer. TCP uses the same pseudoheader for its checksum.
32 Bits
Source address
Destination address
0 0 0 0 0 0 0 0 Protocol = 17 UDP length
Figure 6-28. The IPv4 pseudoheader included in the UDP checksum.
It is probably worth mentioning explicitly some of the things that UDP does
not do. It does not do flow control, congestion control, or retransmission upon
receipt of a bad segment. All of that is up to the user processes. What it does do
is provide an interface to the IP protocol with the added feature of demultiplexing
multiple processes using the ports and optional end-to-end error detection. That is
all it does.
For applications that need to have precise control over the packet flow, error
control, or timing, UDP provides just what the doctor ordered. One area where it
is especially useful is in client-server situations. Often, the client sends a short re-
quest to the server and expects a short reply back. If either the request or the
reply is lost, the client can just time out and try again. Not only is the code sim-
ple, but fewer messages are required (one in each direction) than with a protocol
requiring an initial setup like TCP.
An application that uses UDP this way is DNS (Domain Name System),
which we will study in Chap. 7. In brief, a program that needs to look up the IP
address of some host name, for example, www.cs.berkeley.edu, can send a UDP
packet containing the host name to a DNS server. The server replies with a UDP
packet containing the host’s IP address. No setup is needed in advance and no re-
lease is needed afterward. Just two messages go over the network.
6.4.2 Remote Procedure Call
In a certain sense, sending a message to a remote host and getting a reply back
is a lot like making a function call in a programming language. In both cases, you
start with one or more parameters and you get back a result. This observation has
led people to try to arrange request-reply interactions on networks to be cast in the

www.cs.berkeley.edu

544 THE TRANSPORT LAYER CHAP. 6
form of procedure calls. Such an arrangement makes network applications much
easier to program and more familiar to deal with. For example, just imagine a
procedure named get IP address (host name) that works by sending a UDP
packet to a DNS server and waiting for the reply, timing out and trying again if
one is not forthcoming quickly enough. In this way, all the details of networking
can be hidden from the programmer.
The key work in this area was done by Birrell and Nelson (1984). In a nut-
shell, what Birrell and Nelson suggested was allowing programs to call proce-
dures located on remote hosts. When a process on machine 1 calls a procedure on
machine 2, the calling process on 1 is suspended and execution of the called pro-
cedure takes place on 2. Information can be transported from the caller to the cal-
lee in the parameters and can come back in the procedure result. No message pas-
sing is visible to the application programmer. This technique is known as RPC
(Remote Procedure Call) and has become the basis for many networking appli-
cations. Traditionally, the calling procedure is known as the client and the called
procedure is known as the server, and we will use those names here too.
The idea behind RPC is to make a remote procedure call look as much as pos-
sible like a local one. In the simplest form, to call a remote procedure, the client
program must be bound with a small library procedure, called the client stub, that
represents the server procedure in the client’s address space. Similarly, the server
is bound with a procedure called the server stub. These procedures hide the fact
that the procedure call from the client to the server is not local.
The actual steps in making an RPC are shown in Fig. 6-29. Step 1 is the cli-
ent calling the client stub. This call is a local procedure call, with the parameters
pushed onto the stack in the normal way. Step 2 is the client stub packing the pa-
rameters into a message and making a system call to send the message. Packing
the parameters is called marshaling. Step 3 is the operating system sending the
message from the client machine to the server machine. Step 4 is the operating
system passing the incoming packet to the server stub. Finally, step 5 is the server
stub calling the server procedure with the unmarshaled parameters. The reply
traces the same path in the other direction.
The key item to note here is that the client procedure, written by the user, just
makes a normal (i.e., local) procedure call to the client stub, which has the same
name as the server procedure. Since the client procedure and client stub are in the
same address space, the parameters are passed in the usual way. Similarly, the
server procedure is called by a procedure in its address space with the parameters
it expects. To the server procedure, nothing is unusual. In this way, instead of
I/O being done on sockets, network communication is done by faking a normal
procedure call.
Despite the conceptual elegance of RPC, there are a few snakes hiding under
the grass. A big one is the use of pointer parameters. Normally, passing a pointer
to a procedure is not a problem. The called procedure can use the pointer in the
same way the caller can because both procedures live in the same virtual address

SEC. 6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP 545
Client CPU
Client
stub
Client
2
1
Operating system
Server CPU
Server
stub
4
3
5
Operating system
Server
Network
Figure 6-29. Steps in making a remote procedure call. The stubs are shaded.
space. With RPC, passing pointers is impossible because the client and server are
in different address spaces.
In some cases, tricks can be used to make it possible to pass pointers. Sup-
pose that the first parameter is a pointer to an integer, k. The client stub can
marshal k and send it along to the server. The server stub then creates a pointer to
k and passes it to the server procedure, just as it expects. When the server proce-
dure returns control to the server stub, the latter sends k back to the client, where
the new k is copied over the old one, just in case the server changed it. In effect,
the standard calling sequence of call-by-reference has been replaced by call-by-
copy-restore. Unfortunately, this trick does not always work, for example, if the
pointer points to a graph or other complex data structure. For this reason, some
restrictions must be placed on parameters to procedures called remotely, as we
shall see.
A second problem is that in weakly typed languages, like C, it is perfectly
legal to write a procedure that computes the inner product of two vectors (arrays),
without specifying how large either one is. Each could be terminated by a special
value known only to the calling and called procedures. Under these circum-
stances, it is essentially impossible for the client stub to marshal the parameters: it
has no way of determining how large they are.
A third problem is that it is not always possible to deduce the types of the pa-
rameters, not even from a formal specification or the code itself. An example is
printf, which may have any number of parameters (at least one), and the parame-
ters can be an arbitrary mixture of integers, shorts, longs, characters, strings, float-
ing-point numbers of various lengths, and other types. Trying to call printf as a
remote procedure would be practically impossible because C is so permissive.
However, a rule saying that RPC can be used provided that you do not program in
C (or C++) would not be popular with a lot of programmers.

546 THE TRANSPORT LAYER CHAP. 6
A fourth problem relates to the use of global variables. Normally, the calling
and called procedure can communicate by using global variables, in addition to
communicating via parameters. But if the called procedure is moved to a remote
machine, the code will fail because the global variables are no longer shared.
These problems are not meant to suggest that RPC is hopeless. In fact, it is
widely used, but some restrictions are needed to make it work well in practice.
In terms of transport layer protocols, UDP is a good base on which to imple-
ment RPC. Both requests and replies may be sent as a single UDP packet in the
simplest case and the operation can be fast. However, an implementation must in-
clude other machinery as well. Because the request or the reply may be lost, the
client must keep a timer to retransmit the request. Note that a reply serves as an
implicit acknowledgement for a request, so the request need not be separately
acknowledged. Sometimes the parameters or results may be larger than the maxi-
mum UDP packet size, in which case some protocol is needed to deliver large
messages. If multiple requests and replies can overlap (as in the case of concur-
rent programming), an identifier is needed to match the request with the reply.
A higher-level concern is that the operation may not be idempotent (i.e., safe
to repeat). The simple case is idempotent operations such as DNS requests and
replies. The client can safely retransmit these requests again and again if no
replies are forthcoming. It does not matter whether the server never received the
request, or it was the reply that was lost. The answer, when it finally arrives, will
be the same (assuming the DNS database is not updated in the meantime). How-
ever, not all operations are idempotent, for example, because they have important
side-effects such as incrementing a counter. RPC for these operations requires
stronger semantics so that when the programmer calls a procedure it is not exe-
cuted multiple times. In this case, it may be necessary to set up a TCP connection
and send the request over it rather than using UDP.
6.4.3 Real-Time Transport Protocols
Client-server RPC is one area in which UDP is widely used. Another one is
for real-time multimedia applications. In particular, as Internet radio, Internet te-
lephony, music-on-demand, videoconferencing, video-on-demand, and other mul-
timedia applications became more commonplace, people have discovered that
each application was reinventing more or less the same real-time transport proto-
col. It gradually became clear that having a generic real-time transport protocol
for multiple applications would be a good idea.
Thus was RTP (Real-time Transport Protocol) born. It is described in RFC
3550 and is now in widespread use for multimedia applications. We will describe
two aspects of real-time transport. The first is the RTP protocol for transporting
audio and video data in packets. The second is the processing that takes place,
mostly at the receiver, to play out the audio and video at the right time. These
functions fit into the protocol stack as shown in Fig. 6-30.

SEC. 6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP 547
Multimedia application
RTP
Socket interface
UDP
IP
Ethernet
(a) (b)
Ethernet
header
IP
header
UDP
header
RTP
header
RTP payload
UDP payload
IP payload
Ethernet payload
User
space
OS
Kernel
Figure 6-30. (a) The position of RTP in the protocol stack. (b) Packet nesting.
RTP normally runs in user space over UDP (in the operating system). It oper-
ates as follows. The multimedia application consists of multiple audio, video,
text, and possibly other streams. These are fed into the RTP library, which is in
user space along with the application. This library multiplexes the streams and
encodes them in RTP packets, which it stuffs into a socket. On the operating sys-
tem side of the socket, UDP packets are generated to wrap the RTP packets and
handed to IP for transmission over a link such as Ethernet. The reverse process
happens at the receiver. The multimedia application eventually receives multi-
media data from the RTP library. It is responsible for playing out the media. The
protocol stack for this situation is shown in Fig. 6-30(a). The packet nesting is
shown in Fig. 6-30(b).
As a consequence of this design, it is a little hard to say which layer RTP is
in. Since it runs in user space and is linked to the application program, it certainly
looks like an application protocol. On the other hand, it is a generic, application-
independent protocol that just provides transport facilities, so it also looks like a
transport protocol. Probably the best description is that it is a transport protocol
that just happens to be implemented in the application layer, which is why we are
covering it in this chapter.
RTP—The Real-time Transport Protocol
The basic function of RTP is to multiplex several real-time data streams onto
a single stream of UDP packets. The UDP stream can be sent to a single destina-
tion (unicasting) or to multiple destinations (multicasting). Because RTP just uses
normal UDP, its packets are not treated specially by the routers unless some nor-
mal IP quality-of-service features are enabled. In particular, there are no special
guarantees about delivery, and packets may be lost, delayed, corrupted, etc.
The RTP format contains several features to help receivers work with multi-
media information. Each packet sent in an RTP stream is given a number one

548 THE TRANSPORT LAYER CHAP. 6
higher than its predecessor. This numbering allows the destination to determine if
any packets are missing. If a packet is missing, the best action for the destination
to take is up to the application. It may be to skip a video frame if the packets are
carrying video data, or to approximate the missing value by interpolation if the
packets are carrying audio data. Retransmission is not a practical option since the
retransmitted packet would probably arrive too late to be useful. As a conse-
quence, RTP has no acknowledgements, and no mechanism to request retransmis-
sions.
Each RTP payload may contain multiple samples, and they may be coded any
way that the application wants. To allow for interworking, RTP defines several
profiles (e.g., a single audio stream), and for each profile, multiple encoding for-
mats may be allowed. For example, a single audio stream may be encoded as 8-
bit PCM samples at 8 kHz using delta encoding, predictive encoding, GSM en-
coding, MP3 encoding, and so on. RTP provides a header field in which the
source can specify the encoding but is otherwise not involved in how encoding is
done.
Another facility many real-time applications need is timestamping. The idea
here is to allow the source to associate a timestamp with the first sample in each
packet. The timestamps are relative to the start of the stream, so only the dif-
ferences between timestamps are significant. The absolute values have no mean-
ing. As we will describe shortly, this mechanism allows the destination to do a
small amount of buffering and play each sample the right number of milliseconds
after the start of the stream, independently of when the packet containing the sam-
ple arrived.
Not only does timestamping reduce the effects of variation in network delay,
but it also allows multiple streams to be synchronized with each other. For ex-
ample, a digital television program might have a video stream and two audio
streams. The two audio streams could be for stereo broadcasts or for handling
films with an original language soundtrack and a soundtrack dubbed into the local
language, giving the viewer a choice. Each stream comes from a different physi-
cal device, but if they are timestamped from a single counter, they can be played
back synchronously, even if the streams are transmitted and/or received somewhat
erratically.
The RTP header is illustrated in Fig. 6-31. It consists of three 32-bit words
and potentially some extensions. The first word contains the Version field, which
is already at 2. Let us hope this version is very close to the ultimate version since
there is only one code point left (although 3 could be defined as meaning that the
real version was in an extension word).
The P bit indicates that the packet has been padded to a multiple of 4 bytes.
The last padding byte tells how many bytes were added. The X bit indicates that
an extension header is present. The format and meaning of the extension header
are not defined. The only thing that is defined is that the first word of the exten-
sion gives the length. This is an escape hatch for any unforeseen requirements.

SEC. 6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP 549
32 bits
Ver. P X M Payload type Sequence number
Timestamp
Synchronization source identifier
Contributing source identifier
CC
Figure 6-31. The RTP header.
The CC field tells how many contributing sources are present, from 0 to 15
(see below). The M bit is an application-specific marker bit. It can be used to
mark the start of a video frame, the start of a word in an audio channel, or some-
thing else that the application understands. The Payload type field tells which en-
coding algorithm has been used (e.g., uncompressed 8-bit audio, MP3, etc.).
Since every packet carries this field, the encoding can change during transmission.
The Sequence number is just a counter that is incremented on each RTP packet
sent. It is used to detect lost packets.
The Timestamp is produced by the stream’s source to note when the first sam-
ple in the packet was made. This value can help reduce timing variability called
jitter at the receiver by decoupling the playback from the packet arrival time. The
Synchronization source identifier tells which stream the packet belongs to. It is
the method used to multiplex and demultiplex multiple data streams onto a single
stream of UDP packets. Finally, the Contributing source identifiers, if any, are
used when mixers are present in the studio. In that case, the mixer is the syn-
chronizing source, and the streams being mixed are listed here.
RTCP—The Real-time Transport Control Protocol
RTP has a little sister protocol (little sibling protocol?) called RTCP (Real-
time Transport Control Protocol). It is defined along with RTP in RFC 3550
and handles feedback, synchronization, and the user interface. It does not tran-
sport any media samples.
The first function can be used to provide feedback on delay, variation in delay
or jitter, bandwidth, congestion, and other network properties to the sources. This
information can be used by the encoding process to increase the data rate (and
give better quality) when the network is functioning well and to cut back the data

550 THE TRANSPORT LAYER CHAP. 6
rate when there is trouble in the network. By providing continuous feedback, the
encoding algorithms can be continuously adapted to provide the best quality pos-
sible under the current circumstances. For example, if the bandwidth increases or
decreases during the transmission, the encoding may switch from MP3 to 8-bit
PCM to delta encoding as required. The Payload type field is used to tell the dest-
ination what encoding algorithm is used for the current packet, making it possible
to vary it on demand.
An issue with providing feedback is that the RTCP reports are sent to all par-
ticipants. For a multicast application with a large group, the bandwidth used by
RTCP would quickly grow large. To prevent this from happening, RTCP senders
scale down the rate of their reports to collectively consume no more than, say, 5%
of the media bandwidth. To do this, each participant needs to know the media
bandwidth, which it learns from the sender, and the number of participants, which
it estimates by listening to other RTCP reports.
RTCP also handles interstream synchronization. The problem is that different
streams may use different clocks, with different granularities and different drift
rates. RTCP can be used to keep them in sync.
Finally, RTCP provides a way for naming the various sources (e.g., in ASCII
text). This information can be displayed on the receiver’s screen to indicate who
is talking at the moment.
More information about RTP can be found in Perkins (2003).
Playout with Buffering and Jitter Control
Once the media information reaches the receiver, it must be played out at the
right time. In general, this will not be the time at which the RTP packet arrived at
the receiver because packets will take slightly different amounts of time to transit
the network. Even if the packets are injected with exactly the right intervals be-
tween them at the sender, they will reach the receiver with different relative
times. This variation in delay is called jitter. Even a small amount of packet jitter
can cause distracting media artifacts, such as jerky video frames and unintelligible
audio, if the media is simply played out as it arrives.
The solution to this problem is to buffer packets at the receiver before they
are played out to reduce the jitter. As an example, in Fig. 6-32 we see a stream of
packets being delivered with a substantial amount of jitter. Packet 1 is sent from
the server at t = 0 sec and arrives at the client at t = 1 sec. Packet 2 undergoes
more delay and takes 2 sec to arrive. As the packets arrive, they are buffered on
the client machine.
At t = 10 sec, playback begins. At this time, packets 1 through 6 have been
buffered so that they can be removed from the buffer at uniform intervals for
smooth play. In the general case, it is not necessary to use uniform intervals be-
cause the RTP timestamps tell when the media should be played.

SEC. 6.4 THE INTERNET TRANSPORT PROTOCOLS: UDP 551
0 5
1 2 3 4 5 6 7 8
10
Time (sec)
Time in buffer
15 20
Gap in playback
1
Packet removed from buffer
Packet arrives at buffer 2 3 4 5 6 7 8
1 2 3 4 5 6 7 8Packet departs source
Figure 6-32. Smoothing the output stream by buffering packets.
Unfortunately, we can see that packet 8 has been delayed so much that it is
not available when its play slot comes up. There are two options. Packet 8 can be
skipped and the player can move on to subsequent packets. Alternatively, play-
back can stop until packet 8 arrives, creating an annoying gap in the music or
movie. In a live media application like a voice-over-IP call, the packet will typi-
cally be skipped. Live applications do not work well on hold. In a streaming me-
dia application, the player might pause. This problem can be alleviated by delay-
ing the starting time even more, by using a larger buffer. For a streaming audio or
video player, buffers of about 10 seconds are often used to ensure that the player
receives all of the packets (that are not dropped in the network) in time. For live
applications like videoconferencing, short buffers are needed for responsiveness.
A key consideration for smooth playout is the playback point, or how long to
wait at the receiver for media before playing it out. Deciding how long to wait
depends on the jitter. The difference between a low-jitter and high-jitter con-
nection is shown in Fig. 6-33. The average delay may not differ greatly between
the two, but if there is high jitter the playback point may need to be much further
out to capture 99% of the packets than if there is low jitter.
To pick a good playback point, the application can measure the jitter by look-
ing at the difference between the RTP timestamps and the arrival time. Each dif-
ference gives a sample of the delay (plus an arbitrary, fixed offset). However, the
delay can change over time due to other, competing traffic and changing routes.
To accommodate this change, applications can adapt their playback point while
they are running. However, if not done well, changing the playback point can pro-
duce an observable glitch to the user. One way to avoid this problem for audio is
to adapt the playback point between talkspurts, in the gaps in a conversation. No
one will notice the difference between a short and slightly longer silence. RTP
lets applications set the M marker bit to indicate the start of a new talkspurt for
this purpose.
If the absolute delay until media is played out is too long, live applications
will suffer. Nothing can be done to reduce the propagation delay if a direct path is

552 THE TRANSPORT LAYER CHAP. 6
High jitter
Low jitter
Minimum
delay
(due to speed of light)
Delay
(a)
Fr
ac
tio
n
of
pa
ck
et
s
Fr
ac
tio
n
of
pa
ck
et
s
Delay
(b)
Figure 6-33. (a) High jitter. (b) Low jitter.
already being used. The playback point can be pulled in by simply accepting that
a larger fraction of packets will arrive too late to be played. If this is not ac-
ceptable, the only way to pull in the playback point is to reduce the jitter by using
a better quality of service, for example, the expedited forwarding differentiated
service. That is, a better network is needed.
6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP
UDP is a simple protocol and it has some very important uses, such as client-
server interactions and multimedia, but for most Internet applications, reliable, se-
quenced delivery is needed. UDP cannot provide this, so another protocol is re-
quired. It is called TCP and is the main workhorse of the Internet. Let us now
study it in detail.
6.5.1 Introduction to TCP
TCP (Transmission Control Protocol) was specifically designed to provide
a reliable end-to-end byte stream over an unreliable internetwork. An internet-
work differs from a single network because different parts may have wildly dif-
ferent topologies, bandwidths, delays, packet sizes, and other parameters. TCP
was designed to dynamically adapt to properties of the internetwork and to be
robust in the face of many kinds of failures.
TCP was formally defined in RFC 793 in September 1981. As time went on,
many improvements have been made, and various errors and inconsistencies have
been fixed. To give you a sense of the extent of TCP, the important RFCs are

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 553
now RFC 793 plus: clarifications and bug fixes in RFC 1122; extensions for
high-performance in RFC 1323; selective acknowledgements in RFC 2018; con-
gestion control in RFC 2581; repurposing of header fields for quality of service in
RFC 2873; improved retransmission timers in RFC 2988; and explicit congestion
notification in RFC 3168. The full collection is even larger, which led to a guide
to the many RFCs, published of course as another RFC document, RFC 4614.
Each machine supporting TCP has a TCP transport entity, either a library pro-
cedure, a user process, or most commonly part of the kernel. In all cases, it man-
ages TCP streams and interfaces to the IP layer. A TCP entity accepts user data
streams from local processes, breaks them up into pieces not exceeding 64 KB (in
practice, often 1460 data bytes in order to fit in a single Ethernet frame with the
IP and TCP headers), and sends each piece as a separate IP datagram. When
datagrams containing TCP data arrive at a machine, they are given to the TCP en-
tity, which reconstructs the original byte streams. For simplicity, we will some-
times use just ‘‘TCP’’ to mean the TCP transport entity (a piece of software) or
the TCP protocol (a set of rules). From the context it will be clear which is meant.
For example, in ‘‘The user gives TCP the data,’’ the TCP transport entity is clear-
ly intended.
The IP layer gives no guarantee that datagrams will be delivered properly, nor
any indication of how fast datagrams may be sent. It is up to TCP to send data-
grams fast enough to make use of the capacity but not cause congestion, and to
time out and retransmit any datagrams that are not delivered. Datagrams that do
arrive may well do so in the wrong order; it is also up to TCP to reassemble them
into messages in the proper sequence. In short, TCP must furnish good per-
formance with the reliability that most applications want and that IP does not pro-
vide.
6.5.2 The TCP Service Model
TCP service is obtained by both the sender and the receiver creating end
points, called sockets, as discussed in Sec. 6.1.3. Each socket has a socket num-
ber (address) consisting of the IP address of the host and a 16-bit number local to
that host, called a port. A port is the TCP name for a TSAP. For TCP service to
be obtained, a connection must be explicitly established between a socket on one
machine and a socket on another machine. The socket calls are listed in Fig. 6-5.
A socket may be used for multiple connections at the same time. In other
words, two or more connections may terminate at the same socket. Connections
are identified by the socket identifiers at both ends, that is, (socket1, socket2). No
virtual circuit numbers or other identifiers are used.
Port numbers below 1024 are reserved for standard services that can usually
only be started by privileged users (e.g., root in UNIX systems). They are called
well-known ports. For example, any process wishing to remotely retrieve mail
from a host can connect to the destination host’s port 143 to contact its IMAP

554 THE TRANSPORT LAYER CHAP. 6
daemon. The list of well-known ports is given at www.iana.org. Over 700 have
been assigned. A few of the better-known ones are listed in Fig. 6-34.
Port Protocol Use
20, 21 FTP File transfer
22 SSH Remote login, replacement for Telnet
25 SMTP Email
80 HTTP World Wide Web
110 POP-3 Remote email access
143 IMAP Remote email access
443 HTTPS Secure Web (HTTP over SSL/TLS)
543 RTSP Media player control
631 IPP Printer sharing
Figure 6-34. Some assigned ports.
Other ports from 1024 through 49151 can be registered with IANA for use by
unprivileged users, but applications can and do choose their own ports. For ex-
ample, the BitTorrent peer-to-peer file-sharing application (unofficially) uses
ports 6881–6887, but may run on other ports as well.
It would certainly be possible to have the FTP daemon attach itself to port 21
at boot time, the SSH daemon attach itself to port 22 at boot time, and so on.
However, doing so would clutter up memory with daemons that were idle most of
the time. Instead, what is commonly done is to have a single daemon, called
inetd (Internet daemon) in UNIX, attach itself to multiple ports and wait for the
first incoming connection. When that occurs, inetd forks off a new process and
executes the appropriate daemon in it, letting that daemon handle the request. In
this way, the daemons other than inetd are only active when there is work for
them to do. Inetd learns which ports it is to use from a configuration file. Conse-
quently, the system administrator can set up the system to have permanent dae-
mons on the busiest ports (e.g., port 80) and inetd on the rest.
All TCP connections are full duplex and point-to-point. Full duplex means
that traffic can go in both directions at the same time. Point-to-point means that
each connection has exactly two end points. TCP does not support multicasting or
broadcasting.
A TCP connection is a byte stream, not a message stream. Message bound-
aries are not preserved end to end. For example, if the sending process does four
512-byte writes to a TCP stream, these data may be delivered to the receiving
process as four 512-byte chunks, two 1024-byte chunks, one 2048-byte chunk (see
Fig. 6-35), or some other way. There is no way for the receiver to detect the
unit(s) in which the data were written, no matter how hard it tries.

www.iana.org

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 555
A B C D A B C D
IP header TCP header
(a) (b)
Figure 6-35. (a) Four 512-byte segments sent as separate IP datagrams. (b) The
2048 bytes of data delivered to the application in a single READ call.
Files in UNIX have this property too. The reader of a file cannot tell whether
the file was written a block at a time, a byte at a time, or all in one blow. As with
a UNIX file, the TCP software has no idea of what the bytes mean and no interest
in finding out. A byte is just a byte.
When an application passes data to TCP, TCP may send it immediately or
buffer it (in order to collect a larger amount to send at once), at its discretion.
However, sometimes the application really wants the data to be sent immediately.
For example, suppose a user of an interactive game wants to send a stream of
updates. It is essential that the updates be sent immediately, not buffered until
there is a collection of them. To force data out, TCP has the notion of a PUSH
flag that is carried on packets. The original intent was to let applications tell TCP
implementations via the PUSH flag not to delay the transmission. However, ap-
plications cannot literally set the PUSH flag when they send data. Instead, dif-
ferent operating systems have evolved different options to expedite transmission
(e.g., TCP NODELAY in Windows and Linux).
For Internet archaeologists, we will also mention one interesting feature of
TCP service that remains in the protocol but is rarely used: urgent data. When
an application has high priority data that should be processed immediately, for ex-
ample, if an interactive user hits the CTRL-C key to break off a remote computa-
tion that has already begun, the sending application can put some control infor-
mation in the data stream and give it to TCP along with the URGENT flag. This
event causes TCP to stop accumulating data and transmit everything it has for that
connection immediately.
When the urgent data are received at the destination, the receiving application
is interrupted (e.g., given a signal in UNIX terms) so it can stop whatever it was
doing and read the data stream to find the urgent data. The end of the urgent data
is marked so the application knows when it is over. The start of the urgent data is
not marked. It is up to the application to figure that out.
This scheme provides a crude signaling mechanism and leaves everything else
up to the application. However, while urgent data is potentially useful, it found no
compelling application early on and fell into disuse. Its use is now discouraged
because of implementation differences, leaving applications to handle their own
signaling. Perhaps future transport protocols will provide better signaling.

556 THE TRANSPORT LAYER CHAP. 6
6.5.3 The TCP Protocol
In this section, we will give a general overview of the TCP protocol. In the
next one, we will go over the protocol header, field by field.
A key feature of TCP, and one that dominates the protocol design, is that
every byte on a TCP connection has its own 32-bit sequence number. When the
Internet began, the lines between routers were mostly 56-kbps leased lines, so a
host blasting away at full speed took over 1 week to cycle through the sequence
numbers. At modern network speeds, the sequence numbers can be consumed at
an alarming rate, as we will see later. Separate 32-bit sequence numbers are car-
ried on packets for the sliding window position in one direction and for acknowl-
edgements in the reverse direction, as discussed below.
The sending and receiving TCP entities exchange data in the form of seg-
ments. A TCP segment consists of a fixed 20-byte header (plus an optional part)
followed by zero or more data bytes. The TCP software decides how big seg-
ments should be. It can accumulate data from several writes into one segment or
can split data from one write over multiple segments. Two limits restrict the seg-
ment size. First, each segment, including the TCP header, must fit in the 65,515-
byte IP payload. Second, each link has an MTU (Maximum Transfer Unit).
Each segment must fit in the MTU at the sender and receiver so that it can be sent
and received in a single, unfragmented packet. In practice, the MTU is generally
1500 bytes (the Ethernet payload size) and thus defines the upper bound on seg-
ment size.
However, it is still possible for IP packets carrying TCP segments to be frag-
mented when passing over a network path for which some link has a small MTU.
If this happens, it degrades performance and causes other problems (Kent and
Mogul, 1987). Instead, modern TCP implementations perform path MTU
discovery by using the technique outlined in RFC 1191 that we described in Sec.
5.5.5. This technique uses ICMP error messages to find the smallest MTU for any
link on the path. TCP then adjusts the segment size downwards to avoid frag-
mentation.
The basic protocol used by TCP entities is the sliding window protocol with a
dynamic window size. When a sender transmits a segment, it also starts a timer.
When the segment arrives at the destination, the receiving TCP entity sends back
a segment (with data if any exist, and otherwise without) bearing an acknowledge-
ment number equal to the next sequence number it expects to receive and the re-
maining window size. If the sender’s timer goes off before the acknowledgement
is received, the sender transmits the segment again.
Although this protocol sounds simple, there are many sometimes subtle ins
and outs, which we will cover below. Segments can arrive out of order, so bytes
3072–4095 can arrive but cannot be acknowledged because bytes 2048–3071 have
not turned up yet. Segments can also be delayed so long in transit that the sender
times out and retransmits them. The retransmissions may include different byte

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 557
ranges than the original transmission, requiring careful administration to keep
track of which bytes have been correctly received so far. However, since each
byte in the stream has its own unique offset, it can be done.
TCP must be prepared to deal with these problems and solve them in an effi-
cient way. A considerable amount of effort has gone into optimizing the per-
formance of TCP streams, even in the face of network problems. A number of the
algorithms used by many TCP implementations will be discussed below.
6.5.4 The TCP Segment Header
Figure 6-36 shows the layout of a TCP segment. Every segment begins with a
fixed-format, 20-byte header. The fixed header may be followed by header op-
tions. After the options, if any, up to 65,535 − 20 − 20 = 65,495 data bytes may
follow, where the first 20 refer to the IP header and the second to the TCP header.
Segments without any data are legal and are commonly used for acknowledge-
ments and control messages.
32 Bits
Source port Destination port
Sequence number
Acknowledgement number
TCP
header
length
U
R
G
A
C
K
P
S
H
R
S
T
S
Y
N
F
I
N
Window size
Checksum Urgent pointer
Options (0 or more 32-bit words)
Data (optional)
E
C
E
C
W
R
Figure 6-36. The TCP header.
Let us dissect the TCP header field by field. The Source port and Destination
port fields identify the local end points of the connection. A TCP port plus its
host’s IP address forms a 48-bit unique end point. The source and destination end
points together identify the connection. This connection identifier is called a 5
tuple because it consists of five pieces of information: the protocol (TCP), source
IP and source port, and destination IP and destination port.

558 THE TRANSPORT LAYER CHAP. 6
The Sequence number and Acknowledgement number fields perform their
usual functions. Note that the latter specifies the next in-order byte expected, not
the last byte correctly received. It is a cumulative acknowledgement because it
summarizes the received data with a single number. It does not go beyond lost
data. Both are 32 bits because every byte of data is numbered in a TCP stream.
The TCP header length tells how many 32-bit words are contained in the TCP
header. This information is needed because the Options field is of variable length,
so the header is, too. Technically, this field really indicates the start of the data
within the segment, measured in 32-bit words, but that number is just the header
length in words, so the effect is the same.
Next comes a 4-bit field that is not used. The fact that these bits have
remained unused for 30 years (as only 2 of the original reserved 6 bits have been
reclaimed) is testimony to how well thought out TCP is. Lesser protocols would
have needed these bits to fix bugs in the original design.
Now come eight 1-bit flags. CWR and ECE are used to signal congestion
when ECN (Explicit Congestion Notification) is used, as specified in RFC 3168.
ECE is set to signal an ECN-Echo to a TCP sender to tell it to slow down when
the TCP receiver gets a congestion indication from the network. CWR is set to
signal Congestion Window Reduced from the TCP sender to the TCP receiver so
that it knows the sender has slowed down and can stop sending the ECN-Echo.
We discuss the role of ECN in TCP congestion control in Sec. 6.5.10.
URG is set to 1 if the Urgent pointer is in use. The Urgent pointer is used to
indicate a byte offset from the current sequence number at which urgent data are
to be found. This facility is in lieu of interrupt messages. As we mentioned
above, this facility is a bare-bones way of allowing the sender to signal the re-
ceiver without getting TCP itself involved in the reason for the interrupt, but it is
seldom used.
The ACK bit is set to 1 to indicate that the Acknowledgement number is valid.
This is the case for nearly all packets. If ACK is 0, the segment does not contain
an acknowledgement, so the Acknowledgement number field is ignored.
The PSH bit indicates PUSHed data. The receiver is hereby kindly requested
to deliver the data to the application upon arrival and not buffer it until a full buff-
er has been received (which it might otherwise do for efficiency).
The RST bit is used to abruptly reset a connection that has become confused
due to a host crash or some other reason. It is also used to reject an invalid seg-
ment or refuse an attempt to open a connection. In general, if you get a segment
with the RST bit on, you have a problem on your hands.
The SYN bit is used to establish connections. The connection request has
SYN = 1 and ACK = 0 to indicate that the piggyback acknowledgement field is not
in use. The connection reply does bear an acknowledgement, however, so it has
SYN = 1 and ACK = 1. In essence, the SYN bit is used to denote both CONNEC-
TION REQUEST and CONNECTION ACCEPTED, with the ACK bit used to distin-
guish between those two possibilities.

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 559
The FIN bit is used to release a connection. It specifies that the sender has no
more data to transmit. However, after closing a connection, the closing process
may continue to receive data indefinitely. Both SYN and FIN segments have se-
quence numbers and are thus guaranteed to be processed in the correct order.
Flow control in TCP is handled using a variable-sized sliding window. The
Window size field tells how many bytes may be sent starting at the byte acknow-
ledged. A Window size field of 0 is legal and says that the bytes up to and includ-
ing Acknowledgement number − 1 have been received, but that the receiver has
not had a chance to consume the data and would like no more data for the mo-
ment, thank you. The receiver can later grant permission to send by transmitting a
segment with the same Acknowledgement number and a nonzero Window size
field.
In the protocols of Chap. 3, acknowledgements of frames received and per-
mission to send new frames were tied together. This was a consequence of a
fixed window size for each protocol. In TCP, acknowledgements and permission
to send additional data are completely decoupled. In effect, a receiver can say: ‘‘I
have received bytes up through k but I do not want any more just now, thank
you.’’ This decoupling (in fact, a variable-sized window) gives additional flexibil-
ity. We will study it in detail below.
A Checksum is also provided for extra reliability. It checksums the header,
the data, and a conceptual pseudoheader in exactly the same way as UDP, except
that the pseudoheader has the protocol number for TCP (6) and the checksum is
mandatory. Please see Sec. 6.4.1 for details.
The Options field provides a way to add extra facilities not covered by the
regular header. Many options have been defined and several are commonly used.
The options are of variable length, fill a multiple of 32 bits by using padding with
zeros, and may extend to 40 bytes to accommodate the longest TCP header that
can be specified. Some options are carried when a connection is established to ne-
gotiate or inform the other side of capabilities. Other options are carried on pack-
ets during the lifetime of the connection. Each option has a Type-Length-Value
encoding.
A widely used option is the one that allows each host to specify the MSS
(Maximum Segment Size) it is willing to accept. Using large segments is more
efficient than using small ones because the 20-byte header can be amortized over
more data, but small hosts may not be able to handle big segments. During con-
nection setup, each side can announce its maximum and see its partner’s. If a host
does not use this option, it defaults to a 536-byte payload. All Internet hosts are
required to accept TCP segments of 536 + 20 = 556 bytes. The maximum seg-
ment size in the two directions need not be the same.
For lines with high bandwidth, high delay, or both, the 64-KB window corres-
ponding to a 16-bit field is a problem. For example, on an OC-12 line (of roughly
600 Mbps), it takes less than 1 msec to output a full 64-KB window. If the
round-trip propagation delay is 50 msec (which is typical for a transcontinental

560 THE TRANSPORT LAYER CHAP. 6
fiber), the sender will be idle more than 98% of the time waiting for acknowledge-
ments. A larger window size would allow the sender to keep pumping data out.
The window scale option allows the sender and receiver to negotiate a window
scale factor at the start of a connection. Both sides use the scale factor to shift the
Window size field up to 14 bits to the left, thus allowing windows of up to 230
bytes. Most TCP implementations support this option.
The timestamp option carries a timestamp sent by the sender and echoed by
the receiver. It is included in every packet, once its use is established during con-
nection setup, and used to compute round-trip time samples that are used to esti-
mate when a packet has been lost. It is also used as a logical extension of the 32-
bit sequence number. On a fast connection, the sequence number may wrap
around quickly, leading to possible confusion between old and new data. The
PAWS (Protection Against Wrapped Sequence numbers) scheme discards ar-
riving segments with old timestamps to prevent this problem.
Finally, the SACK (Selective ACKnowledgement) option lets a receiver tell
a sender the ranges of sequence numbers that it has received. It supplements the
Acknowledgement number and is used after a packet has been lost but subsequent
(or duplicate) data has arrived. The new data is not reflected by the Acknowledge-
ment number field in the header because that field gives only the next in-order
byte that is expected. With SACK, the sender is explicitly aware of what data the
receiver has and hence can determine what data should be retransmitted. SACK
is defined in RFC 2108 and RFC 2883 and is increasingly used. We describe the
use of SACK along with congestion control in Sec. 6.5.10.
6.5.5 TCP Connection Establishment
Connections are established in TCP by means of the three-way handshake dis-
cussed in Sec. 6.2.2. To establish a connection, one side, say, the server, pas-
sively waits for an incoming connection by executing the LISTEN and ACCEPT
primitives in that order, either specifying a specific source or nobody in particular.
The other side, say, the client, executes a CONNECT primitive, specifying the
IP address and port to which it wants to connect, the maximum TCP segment size
it is willing to accept, and optionally some user data (e.g., a password). The CON-
NECT primitive sends a TCP segment with the SYN bit on and ACK bit off and
waits for a response.
When this segment arrives at the destination, the TCP entity there checks to
see if there is a process that has done a LISTEN on the port given in the Destination
port field. If not, it sends a reply with the RST bit on to reject the connection.
If some process is listening to the port, that process is given the incoming
TCP segment. It can either accept or reject the connection. If it accepts, an ac-
knowledgement segment is sent back. The sequence of TCP segments sent in the
normal case is shown in Fig. 6-37(a). Note that a SYN segment consumes 1 byte
of sequence space so that it can be acknowledged unambiguously.

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 561
T
im
e
Host 1 Host 2
SYN (SE
Q = y, A
CK = x +
1)
SYN (SEQ = x)
(SEQ = x + 1, ACK = y + 1)
Host 1 Host 2
SYN (
SEQ =
y, ACK
= x + 1
)
SYN (SEQ = x)
SYN (SE
Q = y)
SYN (SEQ = x , ACK = y + 1)
(a) (b)
Figure 6-37. (a) TCP connection establishment in the normal case. (b) Simul-
taneous connection establishment on both sides.
In the event that two hosts simultaneously attempt to establish a connection
between the same two sockets, the sequence of events is as illustrated in Fig. 6-
37(b). The result of these events is that just one connection is established, not
two, because connections are identified by their end points. If the first setup re-
sults in a connection identified by (x, y) and the second one does too, only one
table entry is made, namely, for (x, y).
Recall that the initial sequence number chosen by each host should cycle
slowly, rather than be a constant such as 0. This rule is to protect against delayed
duplicate packets, as we discussed in Sec 6.2.2. Originally this was accomplished
with a clock-based scheme in which the clock ticked every 4 μsec.
However, a vulnerability with implementing the three-way handshake is that
the listening process must remember its sequence number as soon it responds with
its own SYN segment. This means that a malicious sender can tie up resources on
a host by sending a stream of SYN segments and never following through to com-
plete the connection. This attack is called a SYN flood, and it crippled many
Web servers in the 1990s.
One way to defend against this attack is to use SYN cookies. Instead of
remembering the sequence number, a host chooses a cryptographically generated
sequence number, puts it on the outgoing segment, and forgets it. If the three-way
handshake completes, this sequence number (plus 1) will be returned to the host.
It can then regenerate the correct sequence number by running the same crypto-
graphic function, as long as the inputs to that function are known, for example, the
other host’s IP address and port, and a local secret. This procedure allows the host
to check that an acknowledged sequence number is correct without having to

562 THE TRANSPORT LAYER CHAP. 6
remember the sequence number separately. There are some caveats, such as the
inability to handle TCP options, so SYN cookies may be used only when the host
is subject to a SYN flood. However, they are an interesting twist on connection
establishment. For more information, see RFC 4987 and Lemon (2002).
6.5.6 TCP Connection Release
Although TCP connections are full duplex, to understand how connections are
released it is best to think of them as a pair of simplex connections. Each simplex
connection is released independently of its sibling. To release a connection, either
party can send a TCP segment with the FIN bit set, which means that it has no
more data to transmit. When the FIN is acknowledged, that direction is shut down
for new data. Data may continue to flow indefinitely in the other direction, how-
ever. When both directions have been shut down, the connection is released.
Normally, four TCP segments are needed to release a connection: one FIN and
one ACK for each direction. However, it is possible for the first ACK and the sec-
ond FIN to be contained in the same segment, reducing the total count to three.
Just as with telephone calls in which both people say goodbye and hang up the
phone simultaneously, both ends of a TCP connection may send FIN segments at
the same time. These are each acknowledged in the usual way, and the con-
nection is shut down. There is, in fact, no essential difference between the two
hosts releasing sequentially or simultaneously.
To avoid the two-army problem (discussed in Sec. 6.2.3), timers are used. If a
response to a FIN is not forthcoming within two maximum packet lifetimes, the
sender of the FIN releases the connection. The other side will eventually notice
that nobody seems to be listening to it anymore and will time out as well. While
this solution is not perfect, given the fact that a perfect solution is theoretically
impossible, it will have to do. In practice, problems rarely arise.
6.5.7 TCP Connection Management Modeling
The steps required to establish and release connections can be represented in a
finite state machine with the 11 states listed in Fig. 6-38. In each state, certain
events are legal. When a legal event happens, some action may be taken. If some
other event happens, an error is reported.
Each connection starts in the CLOSED state. It leaves that state when it does
either a passive open (LISTEN) or an active open (CONNECT). If the other side
does the opposite one, a connection is established and the state becomes ESTA-
BLISHED. Connection release can be initiated by either side. When it is com-
plete, the state returns to CLOSED.
The finite state machine itself is shown in Fig. 6-39. The common case of a
client actively connecting to a passive server is shown with heavy lines—solid for
the client, dotted for the server. The lightface lines are unusual event sequences.

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 563
State Description
CLOSED No connection is active or pending
LISTEN The server is waiting for an incoming call
SYN RCVD A connection request has arrived; wait for ACK
SYN SENT The application has started to open a connection
ESTABLISHED The normal data transfer state
FIN WAIT 1 The application has said it is finished
FIN WAIT 2 The other side has agreed to release
TIME WAIT Wait for all packets to die off
CLOSING Both sides have tried to close simultaneously
CLOSE WAIT The other side has initiated a release
LAST ACK Wait for all packets to die off
Figure 6-38. The states used in the TCP connection management finite state machine.
Each line in Fig. 6-39 is marked by an event/action pair. The event can either be
a user-initiated system call (CONNECT, LISTEN, SEND, or CLOSE), a segment arrival
(SYN, FIN, ACK, or RST), or, in one case, a timeout of twice the maximum packet
lifetime. The action is the sending of a control segment (SYN, FIN, or RST) or
nothing, indicated by —. Comments are shown in parentheses.
One can best understand the diagram by first following the path of a client
(the heavy solid line), then later following the path of a server (the heavy dashed
line). When an application program on the client machine issues a CONNECT re-
quest, the local TCP entity creates a connection record, marks it as being in the
SYN SENT state, and shoots off a SYN segment. Note that many connections may
be open (or being opened) at the same time on behalf of multiple applications, so
the state is per connection and recorded in the connection record. When the
SYN+ACK arrives, TCP sends the final ACK of the three-way handshake and
switches into the ESTABLISHED state. Data can now be sent and received.
When an application is finished, it executes a CLOSE primitive, which causes
the local TCP entity to send a FIN segment and wait for the corresponding ACK
(dashed box marked ‘‘active close’’). When the ACK arrives, a transition is made
to the state FIN WAIT 2 and one direction of the connection is closed. When the
other side closes, too, a FIN comes in, which is acknowledged. Now both sides
are closed, but TCP waits a time equal to twice the maximum packet lifetime to
guarantee that all packets from the connection have died off, just in case the ac-
knowledgement was lost. When the timer goes off, TCP deletes the connection
record.
Now let us examine connection management from the server’s viewpoint.
The server does a LISTEN and settles down to see who turns up. When a SYN

564 THE TRANSPORT LAYER CHAP. 6
CLOSED
LISTEN
ESTABLISHED
CLOSING CLOSE
WAIT
(Start)
CONNECT/SYN (Step 1 of the 3-way handshake)
LISTEN/–
SYN/SYN + ACK
SYN
RCVD
FIN
WAIT 1
TIME
WAIT
LAST
ACK
FIN
WAIT 2
SYN
SENT
RST/–
ACK/–
(Active close)
FIN/ACK
FIN + ACK/ACK
FIN/ACK
ACK/–
ACK/–
ACK/–
SEND/SYN
SYN/SYN + ACK (simultaneous open)
(Data transfer state)
SYN + ACK/ACK
(Step 3 of the 3-way handshake)
CLOSE/FIN
CLOSE/FIN FIN/ACK
CLOSE/–
CLOSE/–
CLOSE/FIN
CLOSED
(Passive close)
(Timeout/)
(Go back to start)
(Step 2 of the 3-way handshake)
Figure 6-39. TCP connection management finite state machine. The heavy
solid line is the normal path for a client. The heavy dashed line is the normal
path for a server. The light lines are unusual events. Each transition is labeled
with the event causing it and the action resulting from it, separated by a slash.
comes in, it is acknowledged and the server goes to the SYN RCVD state. When
the server’s SYN is itself acknowledged, the three-way handshake is complete and
the server goes to the ESTABLISHED state. Data transfer can now occur.
When the client is done transmitting its data, it does a CLOSE, which causes a
FIN to arrive at the server (dashed box marked ‘‘passive close’’). The server is
then signaled. When it, too, does a CLOSE, a FIN is sent to the client. When the

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 565
client’s acknowledgement shows up, the server releases the connection and
deletes the connection record.
6.5.8 TCP Sliding Window
As mentioned earlier, window management in TCP decouples the issues of
acknowledgement of the correct receipt of segments and receiver buffer alloca-
tion. For example, suppose the receiver has a 4096-byte buffer, as shown in
Fig. 6-40. If the sender transmits a 2048-byte segment that is correctly received,
the receiver will acknowledge the segment. However, since it now has only 2048
bytes of buffer space (until the application removes some data from the buffer), it
will advertise a window of 2048 starting at the next byte expected.
Application
does a 2-KB
write
Application
does a 2-KB
write
Application
reads 2 KB
Sender is
blocked
Sender may
send up to 2-KB
Receiver’s
buffer
0 4 KB
2 KB
2 KB
Empty
Full
2 KB SEQ = 0
2 KB SEQ = 2048
1 KB SEQ = 4096
ACK = 2048 WIN = 2048
ACK =
4096 W
IN = 0
ACK =
4096 W
IN = 20
48
2 KB1 KB
Sender Receiver
Figure 6-40. Window management in TCP.
Now the sender transmits another 2048 bytes, which are acknowledged, but
the advertised window is of size 0. The sender must stop until the application

566 THE TRANSPORT LAYER CHAP. 6
process on the receiving host has removed some data from the buffer, at which
time TCP can advertise a larger window and more data can be sent.
When the window is 0, the sender may not normally send segments, with two
exceptions. First, urgent data may be sent, for example, to allow the user to kill
the process running on the remote machine. Second, the sender may send a 1-byte
segment to force the receiver to reannounce the next byte expected and the win-
dow size. This packet is called a window probe. The TCP standard explicitly
provides this option to prevent deadlock if a window update ever gets lost.
Senders are not required to transmit data as soon as they come in from the ap-
plication. Neither are receivers required to send acknowledgements as soon as
possible. For example, in Fig. 6-40, when the first 2 KB of data came in, TCP,
knowing that it had a 4-KB window, would have been completely correct in just
buffering the data until another 2 KB came in, to be able to transmit a segment
with a 4-KB payload. This freedom can be used to improve performance.
Consider a connection to a remote terminal, for example using SSH or telnet,
that reacts on every keystroke. In the worst case, whenever a character arrives at
the sending TCP entity, TCP creates a 21-byte TCP segment, which it gives to IP
to send as a 41-byte IP datagram. At the receiving side, TCP immediately sends a
40-byte acknowledgement (20 bytes of TCP header and 20 bytes of IP header).
Later, when the remote terminal has read the byte, TCP sends a window update,
moving the window 1 byte to the right. This packet is also 40 bytes. Finally, when
the remote terminal has processed the character, it echoes the character for local
display using a 41-byte packet. In all, 162 bytes of bandwidth are used and four
segments are sent for each character typed. When bandwidth is scarce, this meth-
od of doing business is not desirable.
One approach that many TCP implementations use to optimize this situation
is called delayed acknowledgements . The idea is to delay acknowledgements
and window updates for up to 500 msec in the hope of acquiring some data on
which to hitch a free ride. Assuming the terminal echoes within 500 msec, only
one 41-byte packet now need be sent back by the remote side, cutting the packet
count and bandwidth usage in half.
Although delayed acknowledgements reduce the load placed on the network
by the receiver, a sender that sends multiple short packets (e.g., 41-byte packets
containing 1 byte of data) is still operating inefficiently. A way to reduce this
usage is known as Nagle’s algorithm (Nagle, 1984). What Nagle suggested is
simple: when data come into the sender in small pieces, just send the first piece
and buffer all the rest until the first piece is acknowledged. Then send all the
buffered data in one TCP segment and start buffering again until the next segment
is acknowledged. That is, only one short packet can be outstanding at any time.
If many pieces of data are sent by the application in one round-trip time, Nagle’s
algorithm will put the many pieces in one segment, greatly reducing the band-
width used. The algorithm additionally says that a new segment should be sent if
enough data have trickled in to fill a maximum segment.

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 567
Nagle’s algorithm is widely used by TCP implementations, but there are times
when it is better to disable it. In particular, in interactive games that are run over
the Internet, the players typically want a rapid stream of short update packets.
Gathering the updates to send them in bursts makes the game respond erratically,
which makes for unhappy users. A more subtle problem is that Nagle’s algorithm
can sometimes interact with delayed acknowledgements to cause a temporary
deadlock: the receiver waits for data on which to piggyback an acknowledgement,
and the sender waits on the acknowledgement to send more data. This interaction
can delay the downloads of Web pages. Because of these problems, Nagle’s algo-
rithm can be disabled (which is called the TCP NODELAY option). Mogul and
Minshall (2001) discuss this and other solutions.
Another problem that can degrade TCP performance is the silly window syn-
drome (Clark, 1982). This problem occurs when data are passed to the sending
TCP entity in large blocks, but an interactive application on the receiving side
reads data only 1 byte at a time. To see the problem, look at Fig. 6-41. Initially,
the TCP buffer on the receiving side is full (i.e., it has a window of size 0) and the
sender knows this. Then the interactive application reads one character from the
TCP stream. This action makes the receiving TCP happy, so it sends a window
update to the sender saying that it is all right to send 1 byte. The sender obliges
and sends 1 byte. The buffer is now full, so the receiver acknowledges the 1-byte
segment and sets the window to 0. This behavior can go on forever.
Clark’s solution is to prevent the receiver from sending a window update for 1
byte. Instead, it is forced to wait until it has a decent amount of space available
and advertise that instead. Specifically, the receiver should not send a window
update until it can handle the maximum segment size it advertised when the con-
nection was established or until its buffer is half empty, whichever is smaller.
Furthermore, the sender can also help by not sending tiny segments. Instead, it
should wait until it can send a full segment, or at least one containing half of the
receiver’s buffer size.
Nagle’s algorithm and Clark’s solution to the silly window syndrome are
complementary. Nagle was trying to solve the problem caused by the sending ap-
plication delivering data to TCP a byte at a time. Clark was trying to solve the
problem of the receiving application sucking the data up from TCP a byte at a
time. Both solutions are valid and can work together. The goal is for the sender
not to send small segments and the receiver not to ask for them.
The receiving TCP can go further in improving performance than just doing
window updates in large units. Like the sending TCP, it can also buffer data, so it
can block a READ request from the application until it has a large chunk of data
for it. Doing so reduces the number of calls to TCP (and the overhead). It also
increases the response time, but for noninteractive applications like file transfer,
efficiency may be more important than response time to individual requests.
Another issue that the receiver must handle is that segments may arrive out of
order. The receiver will buffer the data until it can be passed up to the application

568 THE TRANSPORT LAYER CHAP. 6
Application reads 1 byte
Window update segment sent
New byte arrives
Header
Header
Receiver’s buffer is full
Receiver’s buffer is full
Room for one more byte
1 Byte
Figure 6-41. Silly window syndrome.
in order. Actually, nothing bad would happen if out-of-order segments were dis-
carded, since they would eventually be retransmitted by the sender, but it would
be wasteful.
Acknowledgements can be sent only when all the data up to the byte acknow-
ledged have been received. This is called a cumulative acknowledgement . If
the receiver gets segments 0, 1, 2, 4, 5, 6, and 7, it can acknowledge everything up
to and including the last byte in segment 2. When the sender times out, it then
retransmits segment 3. As the receiver has buffered segments 4 through 7, upon
receipt of segment 3 it can acknowledge all bytes up to the end of segment 7.
6.5.9 TCP Timer Management
TCP uses multiple timers (at least conceptually) to do its work. The most im-
portant of these is the RTO (Retransmission TimeOut). When a segment is
sent, a retransmission timer is started. If the segment is acknowledged before the
timer expires, the timer is stopped. If, on the other hand, the timer goes off before
the acknowledgement comes in, the segment is retransmitted (and the timer os
started again). The question that arises is: how long should the timeout be?
This problem is much more difficult in the transport layer than in data link
protocols such as 802.11. In the latter case, the expected delay is measured in

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 569
microseconds and is highly predictable (i.e., has a low variance), so the timer can
be set to go off just slightly after the acknowledgement is expected, as shown in
Fig. 6-42(a). Since acknowledgements are rarely delayed in the data link layer
(due to lack of congestion), the absence of an acknowledgement at the expected
time generally means either the frame or the acknowledgement has been lost.
T T1 T20.3
0.2
0.1
0
0 10 20
Round-trip time (microseconds)
(a) (b)
P
ro
ba
bi
lit
y
0.3
0.2
0.1
0
P
ro
ba
bi
lit
y
30 40 50 0 10 20
Round-trip time (milliseconds)
30 40 50
Figure 6-42. (a) Probability density of acknowledgement arrival times in the
data link layer. (b) Probability density of acknowledgement arrival times for TCP.
TCP is faced with a radically different environment. The probability density
function for the time it takes for a TCP acknowledgement to come back looks
more like Fig. 6-42(b) than Fig. 6-42(a). It is larger and more variable. Deter-
mining the round-trip time to the destination is tricky. Even when it is known,
deciding on the timeout interval is also difficult. If the timeout is set too short,
say, T 1 in Fig. 6-42(b), unnecessary retransmissions will occur, clogging the In-
ternet with useless packets. If it is set too long (e.g., T 2), performance will suffer
due to the long retransmission delay whenever a packet is lost. Furthermore, the
mean and variance of the acknowledgement arrival distribution can change rapid-
ly within a few seconds as congestion builds up or is resolved.
The solution is to use a dynamic algorithm that constantly adapts the timeout
interval, based on continuous measurements of network performance. The algo-
rithm generally used by TCP is due to Jacobson (1988) and works as follows. For
each connection, TCP maintains a variable, SRTT (Smoothed Round-Trip Time),
that is the best current estimate of the round-trip time to the destination in ques-
tion. When a segment is sent, a timer is started, both to see how long the ac-
knowledgement takes and also to trigger a retransmission if it takes too long. If

570 THE TRANSPORT LAYER CHAP. 6
the acknowledgement gets back before the timer expires, TCP measures how long
the acknowledgement took, say, R. It then updates SRTT according to the formula
SRTT = α SRTT + (1 − α) R
where α is a smoothing factor that determines how quickly the old values are for-
gotten. Typically, α = 7/8. This kind of formula is an EWMA (Exponentially
Weighted Moving Average) or low-pass filter that discards noise in the samples.
Even given a good value of SRTT, choosing a suitable retransmission timeout
is a nontrivial matter. Initial implementations of TCP used 2xRTT, but experience
showed that a constant value was too inflexible because it failed to respond when
the variance went up. In particular, queueing models of random (i.e., Poisson)
traffic predict that when the load approaches capacity, the delay becomes large
and highly variable. This can lead to the retransmission timer firing and a copy of
the packet being retransmitted although the original packet is still transiting the
network. It is all the more likely to happen under conditions of high load, which is
the worst time at which to send additional packets into the network.
To fix this problem, Jacobson proposed making the timeout value sensitive to
the variance in round-trip times as well as the smoothed round-trip time. This
change requires keeping track of another smoothed variable, RTTVAR (Round-
Trip Time VARiation) that is updated using the formula
RTTVAR = β RTTVAR + (1 − β) | SRTT − R |
This is an EWMA as before, and typically β = 3/4. The retransmission timeout,
RTO, is set to be
RTO = SRTT + 4 × RTTVAR
The choice of the factor 4 is somewhat arbitrary, but multiplication by 4 can be
done with a single shift, and less than 1% of all packets come in more than four
standard deviations late. Note that RTTVAR is not exactly the same as the standard
deviation (it is really the mean deviation), but it is close enough in practice.
Jacobson’s paper is full of clever tricks to compute timeouts using only integer
adds, subtracts, and shifts. This economy is not needed for modern hosts, but it
has become part of the culture that allows TCP to run on all manner of devices,
from supercomputers down to tiny devices. So far nobody has put it on an RFID
chip, but someday? Who knows.
More details of how to compute this timeout, including initial settings of the
variables, are given in RFC 2988. The retransmission timer is also held to a mini-
mum of 1 second, regardless of the estimates. This is a conservative value chosen
to prevent spurious retransmissions based on measurements (Allman and Paxson,
1999).
One problem that occurs with gathering the samples, R, of the round-trip time
is what to do when a segment times out and is sent again. When the acknowl-
edgement comes in, it is unclear whether the acknowledgement refers to the first

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 571
transmission or a later one. Guessing wrong can seriously contaminate the re-
transmission timeout. Phil Karn discovered this problem the hard way. Karn is
an amateur radio enthusiast interested in transmitting TCP/IP packets by ham
radio, a notoriously unreliable medium. He made a simple proposal: do not up-
date estimates on any segments that have been retransmitted. Additionally, the
timeout is doubled on each successive retransmission until the segments get
through the first time. This fix is called Karn’s algorithm (Karn and Partridge,
1987). Most TCP implementations use it.
The retransmission timer is not the only timer TCP uses. A second timer is
the persistence timer. It is designed to prevent the following deadlock. The re-
ceiver sends an acknowledgement with a window size of 0, telling the sender to
wait. Later, the receiver updates the window, but the packet with the update is
lost. Now the sender and the receiver are each waiting for the other to do some-
thing. When the persistence timer goes off, the sender transmits a probe to the re-
ceiver. The response to the probe gives the window size. If it is still 0, the per-
sistence timer is set again and the cycle repeats. If it is nonzero, data can now be
sent.
A third timer that some implementations use is the keepalive timer. When a
connection has been idle for a long time, the keepalive timer may go off to cause
one side to check whether the other side is still there. If it fails to respond, the con-
nection is terminated. This feature is controversial because it adds overhead and
may terminate an otherwise healthy connection due to a transient network parti-
tion.
The last timer used on each TCP connection is the one used in the TIME
WAIT state while closing. It runs for twice the maximum packet lifetime to make
sure that when a connection is closed, all packets created by it have died off.
6.5.10 TCP Congestion Control
We have saved one of the key functions of TCP for last: congestion control.
When the load offered to any network is more than it can handle, congestion
builds up. The Internet is no exception. The network layer detects congestion
when queues grow large at routers and tries to manage it, if only by dropping
packets. It is up to the transport layer to receive congestion feedback from the
network layer and slow down the rate of traffic that it is sending into the network.
In the Internet, TCP plays the main role in controlling congestion, as well as the
main role in reliable transport. That is why it is such a special protocol.
We covered the general situation of congestion control in Sec. 6.3. One key
takeaway was that a transport protocol using an AIMD (Additive Increase Multi-
plicative Decrease) control law in response to binary congestion signals from the
network would converge to a fair and efficient bandwidth allocation. TCP con-
gestion control is based on implementing this approach using a window and with
packet loss as the binary signal. To do so, TCP maintains a congestion window

572 THE TRANSPORT LAYER CHAP. 6
whose size is the number of bytes the sender may have in the network at any time.
The corresponding rate is the window size divided by the round-trip time of the
connection. TCP adjusts the size of the window according to the AIMD rule.
Recall that the congestion window is maintained in addition to the flow con-
trol window, which specifies the number of bytes that the receiver can buffer.
Both windows are tracked in parallel, and the number of bytes that may be sent is
the smaller of the two windows. Thus, the effective window is the smaller of
what the sender thinks is all right and what the receiver thinks is all right. It takes
two to tango. TCP will stop sending data if either the congestion or the flow con-
trol window is temporarily full. If the receiver says ‘‘send 64 KB’’ but the sender
knows that bursts of more than 32 KB clog the network, it will send 32 KB. On
the other hand, if the receiver says ‘‘send 64 KB’’ and the sender knows that
bursts of up to 128 KB get through effortlessly, it will send the full 64 KB re-
quested. The flow control window was described earlier, and in what follows we
will only describe the congestion window.
Modern congestion control was added to TCP largely through the efforts of
Van Jacobson (1988). It is a fascinating story. Starting in 1986, the growing pop-
ularity of the early Internet led to the first occurrence of what became known as a
congestion collapse, a prolonged period during which goodput dropped precipi-
tously (i.e., by more than a factor of 100) due to congestion in the network. Jacob-
son (and many others) set out to understand what was happening and remedy the
situation.
The high-level fix that Jacobson implemented was to approximate an AIMD
congestion window. The interesting part, and much of the complexity of TCP con-
gestion control, is how he added this to an existing implementation without chang-
ing any of the message formats, which made it instantly deployable. To start, he
observed that packet loss is a suitable signal of congestion. This signal comes a
little late (as the network is already congested) but it is quite dependable. After
all, it is difficult to build a router that does not drop packets when it is overloaded.
This fact is unlikely to change. Even when terabyte memories appear to buffer
vast numbers of packets, we will probably have terabit/sec networks to fill up
those memories.
However, using packet loss as a congestion signal depends on transmission er-
rors being relatively rare. This is not normally the case for wireless links such as
802.11, which is why they include their own retransmission mechanism at the link
layer. Because of wireless retransmissions, network layer packet loss due to
transmission errors is normally masked on wireless networks. It is also rare on
other links because wires and optical fibers typically have low bit-error rates.
All the Internet TCP algorithms assume that lost packets are caused by con-
gestion and monitor timeouts and look for signs of trouble the way miners watch
their canaries. A good retransmission timer is needed to detect packet loss signals
accurately and in a timely manner. We have already discussed how the TCP re-
transmission timer includes estimates of the mean and variation in round-trip

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 573
times. Fixing this timer, by including the variation factor, was an important step in
Jacobson’s work. Given a good retransmission timeout, the TCP sender can track
the outstanding number of bytes, which are loading the network. It simply looks
at the difference between the sequence numbers that are transmitted and acknow-
ledged.
Now it seems that our task is easy. All we need to do is to track the conges-
tion window, using sequence and acknowledgement numbers, and adjust the con-
gestion window using an AIMD rule. As you might have expected, it is more
complicated than that. A first consideration is that the way packets are sent into
the network, even over short periods of time, must be matched to the network
path. Otherwise the traffic will cause congestion. For example, consider a host
with a congestion window of 64 KB attached to a 1-Gbps switched Ethernet. If
the host sends the entire window at once, this burst of traffic may travel over a
slow 1-Mbps ADSL line further along the path. The burst that took only half a
millisecond on the 1-Gbps line will clog the 1-Mbps line for half a second, com-
pletely disrupting protocols such as voice over IP. This behavior might be a good
idea for a protocol designed to cause congestion, but not for a protocol to control
it.
However, it turns out that we can use small bursts of packets to our advan-
tage. Fig. 6-43 shows what happens when a sender on a fast network (the 1-Gbps
link) sends a small burst of four packets to a receiver on a slow network (the 1-
Mbps link) that is the bottleneck or slowest part of the path. Initially the four
packets travel over the link as quickly as they can be sent by the sender. At the
router, they are queued while being sent because it takes longer to send a packet
over the slow link than to receive the next packet over the fast link. But the queue
is not large because only a small number of packets were sent at once. Note the
increased length of the packets on the slow link. The same packet, of 1 KB say, is
now longer because it takes more time to send it on a slow link than on a fast one.
Fast link Slow link
(bottleneck)
1: Burst of packets
sent on fast link
2: Burst queues at router
and drains onto slow link
3: Receive acks packets
at slow link rate
4: Acks preserve slow
link timing at sender Ack clock
ReceiverSender
. . . . . . . . .. . . . . . . . .
Figure 6-43. A burst of packets from a sender and the returning ack clock.
Eventually the packets get to the receiver, where they are acknowledged. The
times for the acknowledgements reflect the times at which the packets arrived at
the receiver after crossing the slow link. They are spread out compared to the
original packets on the fast link. As these acknowledgements travel over the net-
work and back to the sender they preserve this timing.

574 THE TRANSPORT LAYER CHAP. 6
The key observation is this: the acknowledgements return to the sender at
about the rate that packets can be sent over the slowest link in the path. This is
precisely the rate that the sender wants to use. If it injects new packets into the
network at this rate, they will be sent as fast as the slow link permits, but they will
not queue up and congest any router along the path. This timing is known as an
ack clock. It is an essential part of TCP. By using an ack clock, TCP smoothes
out traffic and avoids unnecessary queues at routers.
A second consideration is that the AIMD rule will take a very long time to
reach a good operating point on fast networks if the congestion window is started
from a small size. Consider a modest network path that can support 10 Mbps with
an RTT of 100 msec. The appropriate congestion window is the bandwidth-delay
product, which is 1 Mbit or 100 packets of 1250 bytes each. If the congestion win-
dow starts at 1 packet and increases by 1 packet every RTT, it will be 100 RTTs
or 10 seconds before the connection is running at about the right rate. That is a
long time to wait just to get to the right speed for a transfer. We could reduce this
startup time by starting with a larger initial window, say of 50 packets. But this
window would be far too large for slow or short links. It would cause congestion
if used all at once, as we have just described.
Instead, the solution Jacobson chose to handle both of these considerations is
a mix of linear and multiplicative increase. When a connection is established, the
sender initializes the congestion window to a small initial value of at most four
segments; the details are described in RFC 3390, and the use of four segments is
an increase from an earlier initial value of one segment based on experience. The
sender then sends the initial window. The packets will take a round-trip time to
be acknowledged. For each segment that is acknowledged before the retransmis-
sion timer goes off, the sender adds one segment’s worth of bytes to the conges-
tion window. Plus, as that segment has been acknowledged, there is now one less
segment in the network. The upshot is that every acknowledged segment allows
two more segments to be sent. The congestion window is doubling every round-
trip time.
This algorithm is called slow start, but it is not slow at all—it is exponential
growth—except in comparison to the previous algorithm that let an entire flow
control window be sent all at once. Slow start is shown in Fig. 6-44. In the first
round-trip time, the sender injects one packet into the network (and the receiver
receives one packet). Two packets are sent in the next round-trip time, then four
packets in the third round-trip time.
Slow-start works well over a range of link speeds and round-trip times, and
uses an ack clock to match the rate of sender transmissions to the network path.
Take a look at the way acknowledgements return from the sender to the receiver
in Fig. 6-44. When the sender gets an acknowledgement, it increases the conges-
tion window by one and immediately sends two packets into the network. (One
packet is the increase by one; the other packet is a replacement for the packet that
has been acknowledged and left the network. At all times, the number of

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 575
cwnd = 1
1 RTT, 1 packet
cwnd = 2
cwnd = 3
cwnd = 4
cwnd = 5
cwnd = 6
cwnd = 7
cwnd = 8
1 RTT, 2 packets
1 RTT, 4 packets
1 RTT, 4 packets
(pipe is full)
Data
Acknowledgement
TCP sender TCP receiver
Figure 6-44. Slow start from an initial congestion window of one segment.
unacknowledged packets is given by the congestion window.) However, these two
packets will not necessarily arrive at the receiver as closely spaced as when they
were sent. For example, suppose the sender is on a 100-Mbps Ethernet. Each
packet of 1250 bytes takes 100 μsec to send. So the delay between the packets can
be as small as 100 μsec. The situation changes if these packets go across a 1-
Mbps ADSL link anywhere along the path. It now takes 10 msec to send the same
packet. This means that the minimum spacing between the two packets has
grown by a factor of 100. Unless the packets have to wait together in a queue on a
later link, the spacing will remain large.
In Fig. 6-44, this effect is shown by enforcing a minimum spacing between
data packets arriving at the receiver. The same spacing is kept when the receiver
sends acknowledgements, and thus when the sender receives the acknowledge-
ments. If the network path is slow, acknowledgements will come in slowly (after
a delay of an RTT). If the network path is fast, acknowledgements will come in
quickly (again, after the RTT). All the sender has to do is follow the timing of the
ack clock as it injects new packets, which is what slow start does.
Because slow start causes exponential growth, eventually (and sooner rather
than later) it will send too many packets into the network too quickly. When this
happens, queues will build up in the network. When the queues are full, one or
more packets will be lost. After this happens, the TCP sender will time out when
an acknowledgement fails to arrive in time. There is evidence of slow start grow-
ing too fast in Fig. 6-44. After three RTTs, four packets are in the network. These
four packets take an entire RTT to arrive at the receiver. That is, a congestion
window of four packets is the right size for this connection. However, as these
packets are acknowledged, slow start continues to grow the congestion window,
reaching eight packets in another RTT. Only four of these packets can reach the
receiver in one RTT, no matter how many are sent. That is, the network pipe is
full. Additional packets placed into the network by the sender will build up in

576 THE TRANSPORT LAYER CHAP. 6
router queues, since they cannot be delivered to the receiver quickly enough. Con-
gestion and packet loss will occur soon.
To keep slow start under control, the sender keeps a threshold for the connect-
ion called the slow start threshold. Initially this value is set arbitrarily high, to
the size of the flow control window, so that it will not limit the connection. TCP
keeps increasing the congestion window in slow start until a timeout occurs or the
congestion window exceeds the threshold (or the receiver’s window is filled).
Whenever a packet loss is detected, for example, by a timeout, the slow start
threshold is set to be half of the congestion window and the entire process is
restarted. The idea is that the current window is too large because it caused con-
gestion previously that is only now detected by a timeout. Half of the window,
which was used successfully at an earlier time, is probably a better estimate for a
congestion window that is close to the path capacity but will not cause loss. In
our example in Fig. 6-44, growing the congestion window to eight packets may
cause loss, while the congestion window of four packets in the previous RTT was
the right value. The congestion window is then reset to its small initial value and
slow start resumes.
Whenever the slow start threshold is crossed, TCP switches from slow start to
additive increase. In this mode, the congestion window is increased by one seg-
ment every round-trip time. Like slow start, this is usually implemented with an
increase for every segment that is acknowledged, rather than an increase once per
RTT. Call the congestion window cwnd and the maximum segment size MSS. A
common approximation is to increase cwnd by (MSS × MSS)/cwnd for each of the
cwnd /MSS packets that may be acknowledged. This increase does not need to be
fast. The whole idea is for a TCP connection to spend a lot of time with its con-
gestion window close to the optimum value—not so small that throughput will be
low, and not so large that congestion will occur.
Additive increase is shown in Fig. 6-45 for the same situation as slow start. At
the end of every RTT, the sender’s congestion window has grown enough that it
can inject an additional packet into the network. Compared to slow start, the
linear rate of growth is much slower. It makes little difference for small conges-
tion windows, as is the case here, but a large difference in the time taken to grow
the congestion window to 100 segments, for example.
There is something else that we can do to improve performance too. The
defect in the scheme so far is waiting for a timeout. Timeouts are relatively long
because they must be conservative. After a packet is lost, the receiver cannot
acknowledge past it, so the acknowledgement number will stay fixed, and the
sender will not be able to send any new packets into the network because its con-
gestion window remains full. This condition can continue for a relatively long
period until the timer fires and the lost packet is retransmitted. At that stage, TCP
slow starts again.
There is a quick way for the sender to recognize that one of its packets has
been lost. As packets beyond the lost packet arrive at the receiver, they trigger

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 577
cwnd = 2
1 RTT, 2 packets
cwnd = 3
cwnd = 4
cwnd = 5
1 RTT, 3 packets
1 RTT, 4 packets
1 RTT, 4 packets
(pipe is full)
Data
Acknowledgement
TCP sender TCP receiver
cwnd = 1
1 RTT, 1 packet
Figure 6-45. Additive increase from an initial congestion window of one segment.
acknowledgements that return to the sender. These acknowledgements bear the
same acknowledgement number. They are called duplicate acknowledgements .
Each time the sender receives a duplicate acknowledgement, it is likely that an-
other packet has arrived at the receiver and the lost packet still has not shown up.
Because packets can take different paths through the network, they can arrive
out of order. This will trigger duplicate acknowledgements even though no pack-
ets have been lost. However, this is uncommon in the Internet much of the time.
When there is reordering across multiple paths, the received packets are usually
not reordered too much. Thus, TCP somewhat arbitrarily assumes that three dupli-
cate acknowledgements imply that a packet has been lost. The identity of the lost
packet can be inferred from the acknowledgement number as well. It is the very
next packet in sequence. This packet can then be retransmitted right away, before
the retransmission timeout fires.
This heuristic is called fast retransmission. After it fires, the slow start
threshold is still set to half the current congestion window, just as with a timeout.
Slow start can be restarted by setting the congestion window to one packet. With
this window size, a new packet will be sent after the one round-trip time that it
takes to acknowledge the retransmitted packet along with all data that had been
sent before the loss was detected.
An illustration of the congestion algorithm we have built up so far is shown in
Fig. 6-46. This version of TCP is called TCP Tahoe after the 4.2BSD Tahoe re-
lease in 1988 in which it was included. The maximum segment size here is 1 KB.
Initially, the congestion window was 64 KB, but a timeout occurred, so the thres-
hold is set to 32 KB and the congestion window to 1 KB for transmission 0. The
congestion window grows exponentially until it hits the threshold (32 KB). The

578 THE TRANSPORT LAYER CHAP. 6
window is increased every time a new acknowledgement arrives rather than con-
tinuously, which leads to the discrete staircase pattern. After the threshold is pas-
sed, the window grows linearly. It is increased by one segment every RTT.
5
Transmission round (RTTs)
Additive
increase
Threshold 32KB Packet
loss
C
on
ge
st
io
n
w
in
do
w
(K
B
or
pa
ck
et
s)
10
15
20
30
35
40
25
2 4 6 8 10 12 14 16 18 20 22 24
Slow start
0
Threshold 20KB
Figure 6-46. Slow start followed by additive increase in TCP Tahoe.
The transmissions in round 13 are unlucky (they should have known), and one
of them is lost in the network. This is detected when three duplicate acknowledge-
ments arrive. At that time, the lost packet is retransmitted, the threshold is set to
half the current window (by now 40 KB, so half is 20 KB), and slow start is ini-
tiated all over again. Restarting with a congestion window of one packet takes one
round-trip time for all of the previously transmitted data to leave the network and
be acknowledged, including the retransmitted packet. The congestion window
grows with slow start as it did previously, until it reaches the new threshold of 20
KB. At that time, the growth becomes linear again. It will continue in this fashion
until another packet loss is detected via duplicate acknowledgements or a timeout
(or the receiver’s window becomes the limit).
TCP Tahoe (which included good retransmission timers) provided a working
congestion control algorithm that solved the problem of congestion collapse.
Jacobson realized that it is possible to do even better. At the time of the fast re-
transmission, the connection is running with a congestion window that is too
large, but it is still running with a working ack clock. Every time another dupli-
cate acknowledgement arrives, it is likely that another packet has left the network.
Using duplicate acknowledgements to count the packets in the network, makes it
possible to let some packets exit the network and continue to send a new packet
for each additional duplicate acknowledgement.
Fast recovery is the heuristic that implements this behavior. It is a temporary
mode that aims to maintain the ack clock running with a congestion window that
is the new threshold, or half the value of the congestion window at the time of the

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 579
fast retransmission. To do this, duplicate acknowledgements are counted (includ-
ing the three that triggered fast retransmission) until the number of packets in the
network has fallen to the new threshold. This takes about half a round-trip time.
From then on, a new packet can be sent for each duplicate acknowledgement that
is received. One round-trip time after the fast retransmission, the lost packet will
have been acknowledged. At that time, the stream of duplicate acknowledgements
will cease and fast recovery mode will be exited. The congestion window will be
set to the new slow start threshold and grows by linear increase.
The upshot of this heuristic is that TCP avoids slow start, except when the
connection is first started and when a timeout occurs. The latter can still happen
when more than one packet is lost and fast retransmission does not recover ade-
quately. Instead of repeated slow starts, the congestion window of a running con-
nection follows a sawtooth pattern of additive increase (by one segment every
RTT) and multiplicative decrease (by half in one RTT). This is exactly the AIMD
rule that we sought to implement.
This sawtooth behavior is shown in Fig. 6-47. It is produced by TCP Reno,
named after the 4.3BSD Reno release in 1990 in which it was included. TCP
Reno is essentially TCP Tahoe plus fast recovery. After an initial slow start, the
congestion window climbs linearly until a packet loss is detected by duplicate ac-
knowledgements. The lost packet is retransmitted and fast recovery is used to
keep the ack clock running until the retransmission is acknowledged. At that time,
the congestion window is resumed from the new slow start threshold, rather than
from 1. This behavior continues indefinitely, and the connection spends most of
the time with its congestion window close to the optimum value of the band-
width-delay product.
5
Transmission round (RTTs)
Additive
increasePacket
loss
C
on
ge
st
io
n
w
in
do
w
(K
B
or
pa
ck
et
s)
10
15
20
30
35
40
25
4 8 12 16 20 24 28 32 36 40 44 48
Slow start
0
Thresh.
Threshold
Fast
recovery
Multiplicative
decrease
Threshold
Figure 6-47. Fast recovery and the sawtooth pattern of TCP Reno.
TCP Reno with its mechanisms for adjusting the congestion window has
formed the basis for TCP congestion control for more than two decades. Most of

580 THE TRANSPORT LAYER CHAP. 6
the changes in the intervening years have adjusted these mechanisms in minor
ways, for example, by changing the choices of the initial window and removing
various ambiguities. Some improvements have been made for recovering from
two or more losses in a window of packets. For example, the TCP NewReno ver-
sion uses a partial advance of the acknowledgement number after a retransmission
to find and repair another loss (Hoe, 1996), as described in RFC 3782. Since the
mid-1990s, several variations have emerged that follow the principles we have de-
scribed but use slightly different control laws. For example, Linux uses a variant
called CUBIC TCP (Ha et al., 2008) and Windows includes a variant called Com-
pound TCP (Tan et al., 2006).
Two larger changes have also affected TCP implementations. First, much of
the complexity of TCP comes from inferring from a stream of duplicate acknowl-
edgements which packets have arrived and which packets have been lost. The
cumulative acknowledgement number does not provide this information. A sim-
ple fix is the use of SACK (Selective ACKnowledgements), which lists up to
three ranges of bytes that have been received. With this information, the sender
can more directly decide what packets to retransmit and track the packets in flight
to implement the congestion window.
When the sender and receiver set up a connection, they each send the SACK
permitted TCP option to signal that they understand selective acknowledgements.
Once SACK is enabled for a connection, it works as shown in Fig. 6-48. A re-
ceiver uses the TCP Acknowledgement number field in the normal manner, as a
cumulative acknowledgement of the highest in-order byte that has been received.
When it receives packet 3 out of order (because packet 2 was lost), it sends a
SACK option for the received data along with the (duplicate) cumulative acknowl-
edgement for packet 1. The SACK option gives the byte ranges that have been re-
ceived above the number given by the cumulative acknowledgement. The first
range is the packet that triggered the duplicate acknowledgement. The next
ranges, if present, are older blocks. Up to three ranges are commonly used. By
the time packet 6 is received, two SACK byte ranges are used to indicate that
packet 6 and packets 3 to 4 have been received, in addition to all packets up to
packet 1. From the information in each SACK option that it receives, the sender
can decide which packets to retransmit. In this case, retransmitting packets 2 and
5 would be a good idea.
SACK is strictly advisory information. The actual detection of loss using dup-
licate acknowledgements and adjustments to the congestion window proceed just
as before. However, with SACK, TCP can recover more easily from situations in
which multiple packets are lost at roughly the same time, since the TCP sender
knows which packets have not been received. SACK is now widely deployed. It
is described in RFC 2883, and TCP congestion control using SACK is described
in RFC 3517.
The second change is the use of ECN (Explicit Congestion Notification) in
addition to packet loss as a congestion signal. ECN is an IP layer mechanism to

SEC. 6.5 THE INTERNET TRANSPORT PROTOCOLS: TCP 581
6 5 4 3 2 1
Lost packets
ACK: 1 ACK: 1
SACK: 3
ACK: 1
SACK: 3-4
ACK: 1
SACK: 6, 3-4
Sender Receiver
Retransmit 2 and 5!
Figure 6-48. Selective acknowledgements.
notify hosts of congestion that we described in Sec. 5.3.4. With it, the TCP re-
ceiver can receive congestion signals from IP.
The use of ECN is enabled for a TCP connection when both the sender and re-
ceiver indicate that they are capable of using ECN by setting the ECE and CWR
bits during connection establishment. If ECN is used, each packet that carries a
TCP segment is flagged in the IP header to show that it can carry an ECN signal.
Routers that support ECN will set a congestion signal on packets that can carry
ECN flags when congestion is approaching, instead of dropping those packets
after congestion has occurred.
The TCP receiver is informed if any packet that arrives carries an ECN con-
gestion signal. The receiver then uses the ECE (ECN Echo) flag to signal the TCP
sender that its packets have experienced congestion. The sender tells the receiver
that it has heard the signal by using the CWR (Congestion Window Reduced) flag.
The TCP sender reacts to these congestion notifications in exactly the same
way as it does to packet loss that is detected via duplicate acknowledgements.
However, the situation is strictly better. Congestion has been detected and no
packet was harmed in any way. ECN is described in RFC 3168. It requires both
host and router support, and is not yet widely used on the Internet.
For more information on the complete set of congestion control behaviors that
are implemented in TCP, see RFC 5681.
6.5.11 The Future of TCP
As the workhorse of the Internet, TCP has been used for many applications
and extended over time to give good performance over a wide range of networks.
Many versions are deployed with slightly different implementations than the clas-
sic algorithms we have described, especially for congestion control and robustness
against attacks. It is likely that TCP will continue to evolve with the Internet. We
will mention two particular issues.
The first one is that TCP does not provide the transport semantics that all ap-
plications want. For example, some applications want to send messages or records
whose boundaries need to be preserved. Other applications work with a group of

582 THE TRANSPORT LAYER CHAP. 6
related conversations, such as a Web browser that transfers several objects from
the same server. Still other applications want better control over the network paths
that they use. TCP with its standard sockets interface does not meet these needs
well. Essentially, the application has the burden of dealing with any problem not
solved by TCP. This has led to proposals for new protocols that would provide a
slightly different interface. Two examples are SCTP (Stream Control Transmis-
sion Protocol), defined in RFC 4960, and SST (Structured Stream Transport)
(Ford, 2007). However, whenever someone proposes changing something that
has worked so well for so long, there is always a huge battle between the ‘‘Users
are demanding more features’’ and ‘‘If it ain’t broke, don’t fix it’’ camps.
The second issue is congestion control. You may have expected that this is a
solved problem after our deliberations and the mechanisms that have been devel-
oped over time. Not so. The form of TCP congestion control that we described,
and which is widely used, is based on packet losses as a signal of congestion.
When Padhye et al. (1998) modeled TCP throughput based on the sawtooth pat-
tern, they found that the packet loss rate must drop off rapidly with increasing
speed. To reach a throughput of 1 Gbps with a round-trip time of 100 ms and 1500
byte packets, one packet can be lost approximately every 10 minutes. That is a
packet loss rate of 2 × 10−8, which is incredibly small. It is too infrequent to serve
as a good congestion signal, and any other source of loss (e.g., packet transmis-
sion error rates of 10−7) can easily dominate it, limiting the throughput.
This relationship has not been a problem in the past, but networks are getting
faster and faster, leading many people to revisit congestion control. One possibil-
ity is to use an alternate congestion control in which the signal is not packet loss
at all. We gave several examples in Sec. 6.2. The signal might be round-trip time,
which grows when the network becomes congested, as is used by FAST TCP
(Wei et al., 2006). Other approaches are possible too, and time will tell which is
the best.
6.6 PERFORMANCE ISSUES
Performance issues are very important in computer networks. When hundreds
or thousands of computers are interconnected, complex interactions, with unfore-
seen consequences, are common. Frequently, this complexity leads to poor per-
formance and no one knows why. In the following sections, we will examine
many issues related to network performance to see what kinds of problems exist
and what can be done about them.
Unfortunately, understanding network performance is more an art than a sci-
ence. There is little underlying theory that is actually of any use in practice. The
best we can do is give some rules of thumb gained from hard experience and pres-
ent examples taken from the real world. We have delayed this discussion until we
studied the transport layer because the performance that applications receive

SEC. 6.6 PERFORMANCE ISSUES 583
depends on the combined performance of the transport, network and link layers,
and to be able to use TCP as an example in various places.
In the next sections, we will look at six aspects of network performance:
1. Performance problems.
2. Measuring network performance.
3. Host design for fast networks.
4. Fast segment processing.
5. Header compression.
6. Protocols for ‘‘long fat’’ networks.
These aspects consider network performance both at the host and across the net-
work, and as networks are increased in speed and size.
6.6.1 Performance Problems in Computer Networks
Some performance problems, such as congestion, are caused by temporary re-
source overloads. If more traffic suddenly arrives at a router than the router can
handle, congestion will build up and performance will suffer. We studied conges-
tion in detail in this and the previous chapter.
Performance also degrades when there is a structural resource imbalance. For
example, if a gigabit communication line is attached to a low-end PC, the poor
host will not be able to process the incoming packets fast enough and some will
be lost. These packets will eventually be retransmitted, adding delay, wasting
bandwidth, and generally reducing performance.
Overloads can also be synchronously triggered. As an example, if a segment
contains a bad parameter (e.g., the port for which it is destined), in many cases the
receiver will thoughtfully send back an error notification. Now consider what
could happen if a bad segment is broadcast to 1000 machines: each one might
send back an error message. The resulting broadcast storm could cripple the
network. UDP suffered from this problem until the ICMP protocol was changed
to cause hosts to refrain from responding to errors in UDP segments sent to broad-
cast addresses. Wireless networks must be particularly careful to avoid unchecked
broadcast responses because broadcast occurs naturally and the wireless band-
width is limited.
A second example of synchronous overload is what happens after an electrical
power failure. When the power comes back on, all the machines simultaneously
start rebooting. A typical reboot sequence might require first going to some
(DHCP) server to learn one’s true identity, and then to some file server to get a
copy of the operating system. If hundreds of machines in a data center all do this
at once, the server will probably collapse under the load.

584 THE TRANSPORT LAYER CHAP. 6
Even in the absence of synchronous overloads and the presence of sufficient
resources, poor performance can occur due to lack of system tuning. For ex-
ample, if a machine has plenty of CPU power and memory but not enough of the
memory has been allocated for buffer space, flow control will slow down segment
reception and limit performance. This was a problem for many TCP connections
as the Internet became faster but the default size of the flow control window
stayed fixed at 64 KB.
Another tuning issue is setting timeouts. When a segment is sent, a timer is
set to guard against loss of the segment. If the timeout is set too short, unneces-
sary retransmissions will occur, clogging the wires. If the timeout is set too long,
unnecessary delays will occur after a segment is lost. Other tunable parameters
include how long to wait for data on which to piggyback before sending a separate
acknowledgement, and how many retransmissions to make before giving up.
Another performance problem that occurs with real-time applications like
audio and video is jitter. Having enough bandwidth on average is not sufficient
for good performance. Short transmission delays are also required. Consistently
achieving short delays demands careful engineering of the load on the network,
quality-of-service support at the link and network layers, or both.
6.6.2 Network Performance Measurement
When a network performs poorly, its users often complain to the folks running
it, demanding improvements. To improve the performance, the operators must
first determine exactly what is going on. To find out what is really happening, the
operators must make measurements. In this section, we will look at network per-
formance measurements. Much of the discussion below is based on the seminal
work of Mogul (1993).
Measurements can be made in different ways and at many locations (both in
the protocol stack and physically). The most basic kind of measurement is to start
a timer when beginning some activity and see how long that activity takes. For
example, knowing how long it takes for a segment to be acknowledged is a key
measurement. Other measurements are made with counters that record how often
some event has happened (e.g., number of lost segments). Finally, one is often in-
terested in knowing the amount of something, such as the number of bytes proc-
essed in a certain time interval.
Measuring network performance and parameters has many potential pitfalls.
We list a few of them here. Any systematic attempt to measure network per-
formance should be careful to avoid these.
Make Sure That the Sample Size Is Large Enough
Do not measure the time to send one segment, but repeat the measurement,
say, one million times and take the average. Startup effects, such as the 802.16
NIC or cable modem getting a bandwidth reservation after an idle period, can

SEC. 6.6 PERFORMANCE ISSUES 585
slow the first segment, and queueing introduces variability. Having a large sam-
ple will reduce the uncertainty in the measured mean and standard deviation. This
uncertainty can be computed using standard statistical formulas.
Make Sure That the Samples Are Representative
Ideally, the whole sequence of one million measurements should be repeated
at different times of the day and the week to see the effect of different network
conditions on the measured quantity. Measurements of congestion, for example,
are of little use if they are made at a moment when there is no congestion. Some-
times the results may be counterintuitive at first, such as heavy congestion at 11
A.M., and 1 P.M., but no congestion at noon (when all the users are at lunch).
With wireless networks, location is an important variable because of signal
propagation. Even a measurement node placed close to a wireless client may not
observe the same packets as the client due to differences in the antennas. It is best
to take measurements from the wireless client under study to see what it sees.
Failing that, it is possible to use techniques to combine the wireless measurements
taken at different vantage points to gain a more complete picture of what is going
on (Mahajan et al., 2006).
Caching Can Wreak Havoc with Measurements
Repeating a measurement many times will return an unexpectedly fast answer
if the protocols use caching mechanisms. For instance, fetching a Web page or
looking up a DNS name (to find the IP address) may involve a network exchange
the first time, and then return the answer from a local cache without sending any
packets over the network. The results from such a measurement are essentially
worthless (unless you want to measure cache performance).
Buffering can have a similar effect. TCP/IP performance tests have been
known to report that UDP can achieve a performance substantially higher than the
network allows. How does this occur? A call to UDP normally returns control as
soon as the message has been accepted by the kernel and added to the transmis-
sion queue. If there is sufficient buffer space, timing 1000 UDP calls does not
mean that all the data have been sent. Most of them may still be in the kernel, but
the performance test program thinks they have all been transmitted.
Caution is advised to be absolutely sure that you understand how data can be
cached and buffered as part of a network operation.
Be Sure That Nothing Unexpected Is Going On during Your Tests
Making measurements at the same time that some user has decided to run a
video conference over your network will often give different results than if there
is no video conference. It is best to run tests on an idle network and create the

586 THE TRANSPORT LAYER CHAP. 6
entire workload yourself. Even this approach has pitfalls, though. While you
might think nobody will be using the network at 3 A.M., that might be when the
automatic backup program begins copying all the disks to tape. Or, there might
be heavy traffic for your wonderful Web pages from distant time zones.
Wireless networks are challenging in this respect because it is often not pos-
sible to separate them from all sources of interference. Even if there are no other
wireless networks sending traffic nearby, someone may microwave popcorn and
inadvertently cause interference that degrades 802.11 performance. For these rea-
sons, it is a good practice to monitor the overall network activity so that you can
at least realize when something unexpected does happen.
Be Careful When Using a Coarse-Grained Clock
Computer clocks function by incrementing some counter at regular intervals.
For example, a millisecond timer adds 1 to a counter every 1 msec. Using such a
timer to measure an event that takes less than 1 msec is possible but requires some
care. Some computers have more accurate clocks, of course, but there are always
shorter events to measure too. Note that clocks are not always as accurate as the
precision with which the time is returned when they are read.
To measure the time to make a TCP connection, for example, the clock (say,
in milliseconds) should be read out when the transport layer code is entered and
again when it is exited. If the true connection setup time is 300 μsec, the dif-
ference between the two readings will be either 0 or 1, both wrong. However, if
the measurement is repeated one million times and the total of all measurements
is added up and divided by one million, the mean time will be accurate to better
than 1 μsec.
Be Careful about Extrapolating the Results
Suppose that you make measurements with simulated network loads running
from 0 (idle) to 0.4 (40% of capacity). For example, the response time to send a
voice-over-IP packet over an 802.11 network might be as shown by the data
points and solid line through them in Fig. 6-49. It may be tempting to extrapolate
linearly, as shown by the dotted line. However, many queueing results involve a
factor of 1/(1 − ρ), where ρ is the load, so the true values may look more like the
dashed line, which rises much faster than linearly when the load gets high. That
is, beware contention effects that become much more pronounced at high load.
6.6.3 Host Design for Fast Networks
Measuring and tinkering can improve performance considerably, but they can-
not substitute for good design in the first place. A poorly designed network can
be improved only so much. Beyond that, it has to be redesigned from scratch.

SEC. 6.6 PERFORMANCE ISSUES 587
5
4
3
2
1
0
R
es
po
ns
e
tim
e
1.00 0.1 0.2 0.3 0.4 0.5
Load
0.6 0.7 0.8 0.9
Figure 6-49. Response as a function of load.
In this section, we will present some rules of thumb for software imple-
mentation of network protocols on hosts. Surprisingly, experience shows that this
is often a performance bottleneck on otherwise fast networks, for two reasons.
First, NICs (Network Interface Cards) and routers have already been engineered
(with hardware support) to run at ‘‘wire speed.’’ This means that they can process
packets as quickly as the packets can possibly arrive on the link. Second, the
relevant performance is that which applications obtain. It is not the link capacity,
but the throughput and delay after network and transport processing.
Reducing software overheads improves performance by increasing throughput
and decreasing delay. It can also reduce the energy that is spent on networking,
which is an important consideration for mobile computers. Most of these ideas
have been common knowledge to network designers for years. They were first
stated explicitly by Mogul (1993); our treatment largely follows his. Another
relevant source is Metcalfe (1993).
Host Speed Is More Important Than Network Speed
Long experience has shown that in nearly all fast networks, operating system
and protocol overhead dominate actual time on the wire. For example, in theory,
the minimum RPC time on a 1-Gbps Ethernet is 1 μsec, corresponding to a mini-
mum (512-byte) request followed by a minimum (512-byte) reply. In practice,
overcoming the software overhead and getting the RPC time anywhere near there
is a substantial achievement. It rarely happens in practice.

588 THE TRANSPORT LAYER CHAP. 6
Similarly, the biggest problem in running at 1 Gbps is often getting the bits
from the user’s buffer out onto the network fast enough and having the receiving
host process them as fast as they come in. If you double the host (CPU and mem-
ory) speed, you often can come close to doubling the throughput. Doubling the
network capacity has no effect if the bottleneck is in the hosts.
Reduce Packet Count to Reduce Overhead
Each segment has a certain amount of overhead (e.g., the header) as well as
data (e.g., the payload). Bandwidth is required for both components. Processing is
also required for both components (e.g., header processing and doing the check-
sum). When 1 million bytes are being sent, the data cost is the same no matter
what the segment size is. However, using 128-byte segments means 32 times as
much per-segment overhead as using 4-KB segments. The bandwidth and proc-
essing overheads add up fast to reduce throughput.
Per-packet overhead in the lower layers amplifies this effect. Each arriving
packet causes a fresh interrupt if the host is keeping up. On a modern pipelined
processor, each interrupt breaks the CPU pipeline, interferes with the cache, re-
quires a change to the memory management context, voids the branch prediction
table, and forces a substantial number of CPU registers to be saved. An n-fold re-
duction in segments sent thus reduces the interrupt and packet overhead by a fac-
tor of n.
You might say that both people and computers are poor at multitasking. This
observation underlies the desire to send MTU packets that are as large as will pass
along the network path without fragmentation. Mechanisms such as Nagle’s algo-
rithm and Clark’s solution are also attempts to avoid sending small packets.
Minimize Data Touching
The most straightforward way to implement a layered protocol stack is with
one module for each layer. Unfortunately, this leads to copying (or at least ac-
cessing the data on multiple passes) as each layer does its own work. For ex-
ample, after a packet is received by the NIC, it is typically copied to a kernel buff-
er. From there, it is copied to a network layer buffer for network layer processing,
then to a transport layer buffer for transport layer processing, and finally to the re-
ceiving application process. It is not unusual for an incoming packet to be copied
three or four times before the segment enclosed in it is delivered.
All this copying can greatly degrade performance because memory operations
are an order of magnitude slower than register–register instructions. For example,
if 20% of the instructions actually go to memory (i.e., are cache misses), which is
likely when touching incoming packets, the average instruction execution time is
slowed down by a factor of 2.8 (0.8 × 1 + 0.2 × 10). Hardware assistance will not
help here. The problem is too much copying by the operating system.

SEC. 6.6 PERFORMANCE ISSUES 589
A clever operating system will minimize copying by combining the proc-
essing of multiple layers. For example, TCP and IP are usually implemented to-
gether (as ‘‘TCP/IP’’) so that it is not necessary to copy the payload of the packet
as processing switches from network to transport layer. Another common trick is
to perform multiple operations within a layer in a single pass over the data. For
example, checksums are often computed while copying the data (when it has to be
copied) and the newly computed checksum is appended to the end.
Minimize Context Switches
A related rule is that context switches (e.g., from kernel mode to user mode)
are deadly. They have the bad properties of interrupts and copying combined.
This cost is why transport protocols are often implemented in the kernel. Like
reducing packet count, context switches can be reduced by having the library pro-
cedure that sends data do internal buffering until it has a substantial amount of
them. Similarly, on the receiving side, small incoming segments should be col-
lected together and passed to the user in one fell swoop instead of individually, to
minimize context switches.
In the best case, an incoming packet causes a context switch from the current
user to the kernel, and then a switch to the receiving process to give it the newly
arrived data. Unfortunately, with some operating systems, additional context
switches happen. For example, if the network manager runs as a special process
in user space, a packet arrival is likely to cause a context switch from the current
user to the kernel, then another one from the kernel to the network manager, fol-
lowed by another one back to the kernel, and finally one from the kernel to the re-
ceiving process. This sequence is shown in Fig. 6-50. All these context switches
on each packet are wasteful of CPU time and can have a devastating effect on net-
work performance.
User space
Kernel space
1 2 3 4
User process running at the
time of the packet arrival
Network
manager
Receiving
process
Figure 6-50. Four context switches to handle one packet with a user-space net-
work manager.

590 THE TRANSPORT LAYER CHAP. 6
Avoiding Congestion Is Better Than Recovering from It
The old maxim that an ounce of prevention is worth a pound of cure certainly
holds for network congestion. When a network is congested, packets are lost,
bandwidth is wasted, useless delays are introduced, and more. All of these costs
are unnecessary, and recovering from congestion takes time and patience. Not
having it occur in the first place is better. Congestion avoidance is like getting
your DTP vaccination: it hurts a little at the time you get it, but it prevents some-
thing that would hurt a lot more in the future.
Avoid Timeouts
Timers are necessary in networks, but they should be used sparingly and time-
outs should be minimized. When a timer goes off, some action is generally re-
peated. If it is truly necessary to repeat the action, so be it, but repeating it
unnecessarily is wasteful.
The way to avoid extra work is to be careful that timers are set a little bit on
the conservative side. A timer that takes too long to expire adds a small amount
of extra delay to one connection in the (unlikely) event of a segment being lost. A
timer that goes off when it should not have uses up host resources, wastes band-
width, and puts extra load on perhaps dozens of routers for no good reason.
6.6.4 Fast Segment Processing
Now that we have covered general rules, we will look at some specific meth-
ods for speeding up segment processing. For more information, see Clark et al.
(1989), and Chase et al. (2001).
Segment processing overhead has two components: overhead per segment and
overhead per byte. Both must be attacked. The key to fast segment processing is
to separate out the normal, successful case (one-way data transfer) and handle it
specially. Many protocols tend to emphasize what to do when something goes
wrong (e.g., a packet getting lost), but to make the protocols run fast, the designer
should aim to minimize processing time when everything goes right. Minimizing
processing time when an error occurs is secondary.
Although a sequence of special segments is needed to get into the ESTAB-
LISHED state, once there, segment processing is straightforward until one side
starts to close the connection. Let us begin by examining the sending side in the
ESTABLISHED state when there are data to be transmitted. For the sake of clar-
ity, we assume here that the transport entity is in the kernel, although the same
ideas apply if it is a user-space process or a library inside the sending process. In
Fig. 6-51, the sending process traps into the kernel to do the SEND. The first thing
the transport entity does is test to see if this is the normal case: the state is ESTA-
BLISHED, neither side is trying to close the connection, a regular (i.e., not an

SEC. 6.6 PERFORMANCE ISSUES 591
out-of-band) full segment is being sent, and enough window space is available at
the receiver. If all conditions are met, no further tests are needed and the fast path
through the sending transport entity can be taken. Typically, this path is taken
most of the time.
Trap into the kernel to send segment
Test
Segment passed to the receiving process
Test
S S
Sending
process
Receiving process
Network
Figure 6-51. The fast path from sender to receiver is shown with a heavy line.
The processing steps on this path are shaded.
In the usual case, the headers of consecutive data segments are almost the
same. To take advantage of this fact, a prototype header is stored within the tran-
sport entity. At the start of the fast path, it is copied as fast as possible to a
scratch buffer, word by word. Those fields that change from segment to segment
are overwritten in the buffer. Frequently, these fields are easily derived from state
variables, such as the next sequence number. A pointer to the full segment header
plus a pointer to the user data are then passed to the network layer. Here, the
same strategy can be followed (not shown in Fig. 6-51). Finally, the network
layer gives the resulting packet to the data link layer for transmission.
As an example of how this principle works in practice, let us consider TCP/IP.
Fig. 6-52(a) shows the TCP header. The fields that are the same between consec-
utive segments on a one-way flow are shaded. All the sending transport entity has
to do is copy the five words from the prototype header into the output buffer, fill
in the next sequence number (by copying it from a word in memory), compute the
checksum, and increment the sequence number in memory. It can then hand the
header and data to a special IP procedure for sending a regular, maximum seg-
ment. IP then copies its five-word prototype header [see Fig. 6-52(b)] into the
buffer, fills in the Identification field, and computes its checksum. The packet is
now ready for transmission.
Now let us look at fast path processing on the receiving side of Fig. 6-51.
Step 1 is locating the connection record for the incoming segment. For TCP, the

592 THE TRANSPORT LAYER CHAP. 6
Sequence number
(a) (b)
Header checksum
Identification
Source port
Acknowledgement number
Len Unused Window size
Checksum Urgent pointer
Destination port
Fragment offset
VER. IHL
Diff. Serv.
Total length
TTL Protocol
Source address
Destination address
Diff. Serv.
Figure 6-52. (a) TCP header. (b) IP header. In both cases, they are taken from
the prototype without change.
connection record can be stored in a hash table for which some simple function of
the two IP addresses and two ports is the key. Once the connection record has
been located, both addresses and both ports must be compared to verify that the
correct record has been found.
An optimization that often speeds up connection record lookup even more is
to maintain a pointer to the last one used and try that one first. Clark et al. (1989)
tried this and observed a hit rate exceeding 90%.
The segment is checked to see if it is a normal one: the state is ESTAB-
LISHED, neither side is trying to close the connection, the segment is a full one,
no special flags are set, and the sequence number is the one expected. These tests
take just a handful of instructions. If all conditions are met, a special fast path
TCP procedure is called.
The fast path updates the connection record and copies the data to the user.
While it is copying, it also computes the checksum, eliminating an extra pass over
the data. If the checksum is correct, the connection record is updated and an ac-
knowledgement is sent back. The general scheme of first making a quick check to
see if the header is what is expected and then having a special procedure handle
that case is called header prediction. Many TCP implementations use it. When
this optimization and all the other ones discussed in this chapter are used together,
it is possible to get TCP to run at 90% of the speed of a local memory-to-memory
copy, assuming the network itself is fast enough.
Two other areas where major performance gains are possible are buffer man-
agement and timer management. The issue in buffer management is avoiding
unnecessary copying, as mentioned above. Timer management is important be-
cause nearly all timers set do not expire. They are set to guard against segment
loss, but most segments and their acknowledgements arrive correctly. Hence, it is
important to optimize timer management for the case of timers rarely expiring.
A common scheme is to use a linked list of timer events sorted by expiration
time. The head entry contains a counter telling how many ticks away from expiry
it is. Each successive entry contains a counter telling how many ticks after the

SEC. 6.6 PERFORMANCE ISSUES 593
previous entry it is. Thus, if timers expire in 3, 10, and 12 ticks, respectively, the
three counters are 3, 7, and 2, respectively.
At every clock tick, the counter in the head entry is decremented. When it
hits zero, its event is processed and the next item on the list becomes the head. Its
counter does not have to be changed. This way, inserting and deleting timers are
expensive operations, with execution times proportional to the length of the list.
A much more efficient approach can be used if the maximum timer interval is
bounded and known in advance. Here, an array called a timing wheel can be
used, as shown in Fig. 6-53. Each slot corresponds to one clock tick. The current
time shown is T = 4. Timers are scheduled to expire at 3, 10, and 12 ticks from
now. If a new timer suddenly is set to expire in seven ticks, an entry is just made
in slot 11. Similarly, if the timer set for T + 10 has to be canceled, the list starting
in slot 14 has to be searched and the required entry removed. Note that the array
of Fig. 6-53 cannot accommodate timers beyond T + 15.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
Slot
0
0
0
0
0
0
0
0
0
0
0
0
0
Pointer to list of timers for T + 12
Pointer to list of timers for T + 3
Pointer to list of timers for T + 10
Current time, T
Figure 6-53. A timing wheel.
When the clock ticks, the current time pointer is advanced by one slot (circu-
larly). If the entry now pointed to is nonzero, all of its timers are processed.
Many variations on the basic idea are discussed by Varghese and Lauck (1987).
6.6.5 Header Compression
We have been looking at fast networks for too long. There is more out there.
Let us now consider performance on wireless and other networks in which band-
width is limited. Reducing software overhead can help mobile computers run

594 THE TRANSPORT LAYER CHAP. 6
more efficiently, but it does nothing to improve performance when the network
links are the bottleneck.
To use bandwidth well, protocol headers and payloads should be carried with
the minimum of bits. For payloads, this means using compact encodings of infor-
mation, such as images that are in JPEG format rather than a bitmap, or document
formats such as PDF that include compression. It also means application-level
caching mechanisms, such as Web caches that reduce transfers in the first place.
What about for protocol headers? At the link layer, headers for wireless net-
works are typically compact because they were designed with scarce bandwidth in
mind. For example, 802.16 headers have short connection identifiers instead of
longer addresses. However, higher layer protocols such as IP, TCP and UDP
come in one version for all link layers, and they are not designed with compact
headers. In fact, streamlined processing to reduce software overhead often leads
to headers that are not as compact as they could otherwise be (e.g., IPv6 has a
more loosely packed headers than IPv4).
The higher-layer headers can be a significant performance hit. Consider, for
example, voice-over-IP data that is being carried with the combination of IP,
UDP, and RTP. These protocols require 40 bytes of header (20 for IPv4, 8 for
UDP, and 12 for RTP). With IPv6 the situation is even worse: 60 bytes, including
the 40-byte IPv6 header. The headers can wind up as the majority of the trans-
mitted data and consume more than half the bandwidth.
Header compression is used to reduce the bandwidth taken over links by
higher-layer protocol headers. Specially designed schemes are used instead of
general purpose methods. This is because headers are short, so they do not
compress well individually, and decompression requires all prior data to be re-
ceived. This will not be the case if a packet is lost.
Header compression obtains large gains by using knowledge of the protocol
format. One of the first schemes was designed by Van Jacobson (1990) for com-
pressing TCP/IP headers over slow serial links. It is able to compress a typical
TCP/IP header of 40 bytes down to an average of 3 bytes. The trick to this meth-
od is hinted at in Fig. 6-52. Many of the header fields do not change from packet
to packet. There is no need, for example, to send the same IP TTL or the same
TCP port numbers in each and every packet. They can be omitted on the sending
side of the link and filled in on the receiving side.
Similarly, other fields change in a predictable manner. For example, barring
loss, the TCP sequence number advances with the data. In these cases, the re-
ceiver can predict the likely value. The actual number only needs to be carried
when it differs from what is expected. Even then, it may be carried as a small
change from the previous value, as when the acknowledgement number increases
when new data is received in the reverse direction.
With header compression, it is possible to have simple headers in higher-layer
protocols and compact encodings over low bandwidth links. ROHC (RObust
Header Compression) is a modern version of header compression that is defined

SEC. 6.6 PERFORMANCE ISSUES 595
as a framework in RFC 5795. It is designed to tolerate the loss that can occur on
wireless links. There is a profile for each set of protocols to be compressed, such
as IP/UDP/RTP. Compressed headers are carried by referring to a context, which
is essentially a connection; header fields may easily be predicted for packets of
the same connection, but not for packets of different connections. In typical oper-
ation, ROHC reduces IP/UDP/RTP headers from 40 bytes to 1 to 3 bytes.
While header compression is mainly targeted at reducing bandwidth needs, it
can also be useful for reducing delay. Delay is comprised of propagation delay,
which is fixed given a network path, and transmission delay, which depends on
the bandwidth and amount of data to be sent. For example, a 1-Mbps link sends 1
bit in 1 μsec. In the case of media over wireless networks, the network is relative-
ly slow so transmission delay may be an important factor in overall delay and con-
sistently low delay is important for quality of service.
Header compression can help by reducing the amount of data that is sent, and
hence reducing transmission delay. The same effect can be achieved by sending
smaller packets. This will trade increased software overhead for decreased trans-
mission delay. Note that another potential source of delay is queueing delay to ac-
cess the wireless link. This can also be significant because wireless links are often
heavily used as the limited resource in a network. In this case, the wireless link
must have quality-of-service mechanisms that give low delay to real-time packets.
Header compression alone is not sufficient.
6.6.6 Protocols for Long Fat Networks
Since the 1990s, there have been gigabit networks that transmit data over
large distances. Because of the combination of a fast network, or ‘‘fat pipe,’’ and
long delay, these networks are called long fat networks. When these networks
arose, people’s first reaction was to use the existing protocols on them, but vari-
ous problems quickly arose. In this section, we will discuss some of the problems
with scaling up the speed and delay of network protocols.
The first problem is that many protocols use 32-bit sequence numbers. When
the Internet began, the lines between routers were mostly 56-kbps leased lines, so
a host blasting away at full speed took over 1 week to cycle through the sequence
numbers. To the TCP designers, 232 was a pretty decent approximation of infinity
because there was little danger of old packets still being around a week after they
were transmitted. With 10-Mbps Ethernet, the wrap time became 57 minutes,
much shorter, but still manageable. With a 1-Gbps Ethernet pouring data out onto
the Internet, the wrap time is about 34 seconds, well under the 120-sec maximum
packet lifetime on the Internet. All of a sudden, 232 is not nearly as good an
approximation to infinity since a fast sender can cycle through the sequence space
while old packets still exist.
The problem is that many protocol designers simply assumed, without stating
it, that the time required to use up the entire sequence space would greatly exceed

596 THE TRANSPORT LAYER CHAP. 6
the maximum packet lifetime. Consequently, there was no need to even worry
about the problem of old duplicates still existing when the sequence numbers
wrapped around. At gigabit speeds, that unstated assumption fails. Fortunately, it
proved possible to extend the effective sequence number by treating the time-
stamp that can be carried as an option in the TCP header of each packet as the
high-order bits. This mechanism is called PAWS (Protection Against Wrapped
Sequence numbers) and is described in RFC 1323.
A second problem is that the size of the flow control window must be greatly
increased. Consider, for example, sending a 64-KB burst of data from San Diego
to Boston in order to fill the receiver’s 64-KB buffer. Suppose that the link is 1
Gbps and the one-way speed-of-light-in-fiber delay is 20 msec. Initially, at t = 0,
the pipe is empty, as illustrated in Fig. 6-54(a). Only 500 μsec later, in Fig. 6-
54(b), all the segments are out on the fiber. The lead segment will now be some-
where in the vicinity of Brawley, still deep in Southern California. However, the
transmitter must stop until it gets a window update.
(a) (b)
(c) (d)
Data
Ackno
wledg
ement
s
Figure 6-54. The state of transmitting 1 Mbit from San Diego to Boston. (a) At
t = 0. (b) After 500 μsec. (c) After 20 msec. (d) After 40 msec.
After 20 msec, the lead segment hits Boston, as shown in Fig. 6-54(c), and is
acknowledged. Finally, 40 msec after starting, the first acknowledgement gets

SEC. 6.6 PERFORMANCE ISSUES 597
back to the sender and the second burst can be transmitted. Since the transmission
line was used for 1.25 msec out of 100, the efficiency is about 1.25%. This situa-
tion is typical of an older protocols running over gigabit lines.
A useful quantity to keep in mind when analyzing network performance is the
bandwidth-delay product. It is obtained by multiplying the bandwidth (in
bits/sec) by the round-trip delay time (in sec). The product is the capacity of the
pipe from the sender to the receiver and back (in bits).
For the example of Fig. 6-54, the bandwidth-delay product is 40 million bits.
In other words, the sender would have to transmit a burst of 40 million bits to be
able to keep going full speed until the first acknowledgement came back. It takes
this many bits to fill the pipe (in both directions). This is why a burst of half a
million bits only achieves a 1.25% efficiency: it is only 1.25% of the pipe’s capac-
ity.
The conclusion that can be drawn here is that for good performance, the re-
ceiver’s window must be at least as large as the bandwidth-delay product, and
preferably somewhat larger since the receiver may not respond instantly. For a
transcontinental gigabit line, at least 5 MB are required.
A third and related problem is that simple retransmission schemes, such as the
go-back-n protocol, perform poorly on lines with a large bandwidth-delay product.
Consider, the 1-Gbps transcontinental link with a round-trip transmission time of
40 msec. A sender can transmit 5 MB in one round trip. If an error is detected, it
will be 40 msec before the sender is told about it. If go-back-n is used, the sender
will have to retransmit not just the bad packet, but also the 5 MB worth of packets
that came afterward. Clearly, this is a massive waste of resources. More complex
protocols such as selective-repeat are needed.
A fourth problem is that gigabit lines are fundamentally different from mega-
bit lines in that long gigabit lines are delay limited rather than bandwidth limited.
In Fig. 6-55 we show the time it takes to transfer a 1-Mbit file 4000 km at various
transmission speeds. At speeds up to 1 Mbps, the transmission time is dominated
by the rate at which the bits can be sent. By 1 Gbps, the 40-msec round-trip delay
dominates the 1 msec it takes to put the bits on the fiber. Further increases in
bandwidth have hardly any effect at all.
Figure 6-55 has unfortunate implications for network protocols. It says that
stop-and-wait protocols, such as RPC, have an inherent upper bound on their per-
formance. This limit is dictated by the speed of light. No amount of technologi-
cal progress in optics will ever improve matters (new laws of physics would help,
though). Unless some other use can be found for a gigabit line while a host is
waiting for a reply, the gigabit line is no better than a megabit line, just more ex-
pensive.
A fifth problem is that communication speeds have improved faster than com-
puting speeds. (Note to computer engineers: go out and beat those communica-
tion engineers! We are counting on you.) In the 1970s, the ARPANET ran at 56
kbps and had computers that ran at about 1 MIPS. Compare these numbers to

598 THE TRANSPORT LAYER CHAP. 6
1000 sec
100 sec
10 sec
1 sec
100 msec
10 msec
1 msec
F
ile
tr
an
sf
er
tim
e
Data rate (bps)
103 104 105 106 107 108 109 1010 1011 1012
Figure 6-55. Time to transfer and acknowledge a 1-Mbit file over a 4000-km
line.
1000-MIPS computers exchanging packets over a 1-Gbps line. The number of in-
structions per byte has decreased by more than a factor of 10. The exact numbers
are debatable depending on dates and scenarios, but the conclusion is this: there is
less time available for protocol processing than there used to be, so protocols must
become simpler.
Let us now turn from the problems to ways of dealing with them. The basic
principle that all high-speed network designers should learn by heart is:
Design for speed, not for bandwidth optimization.
Old protocols were often designed to minimize the number of bits on the wire,
frequently by using small fields and packing them together into bytes and words.
This concern is still valid for wireless networks, but not for gigabit networks.
Protocol processing is the problem, so protocols should be designed to minimize
it. The IPv6 designers clearly understood this principle.
A tempting way to go fast is to build fast network interfaces in hardware. The
difficulty with this strategy is that unless the protocol is exceedingly simple, hard-
ware just means a plug-in board with a second CPU and its own program. To
make sure the network coprocessor is cheaper than the main CPU, it is often a
slower chip. The consequence of this design is that much of the time the main
(fast) CPU is idle waiting for the second (slow) CPU to do the critical work. It is
a myth to think that the main CPU has other work to do while waiting. Fur-
thermore, when two general-purpose CPUs communicate, race conditions can oc-
cur, so elaborate protocols are needed between the two processors to synchronize

SEC. 6.6 PERFORMANCE ISSUES 599
them correctly and avoid races. Usually, the best approach is to make the proto-
cols simple and have the main CPU do the work.
Packet layout is an important consideration in gigabit networks. The header
should contain as few fields as possible, to reduce processing time, and these
fields should be big enough to do the job and be word-aligned for fast processing.
In this context, ‘‘big enough’’ means that problems such as sequence numbers
wrapping around while old packets still exist, receivers being unable to advertise
enough window space because the window field is too small, etc. do not occur.
The maximum data size should be large, to reduce software overhead and per-
mit efficient operation. 1500 bytes is too small for high-speed networks, which is
why gigabit Ethernet supports jumbo frames of up to 9 KB and IPv6 supports
jumbogram packets in excess of 64 KB.
Let us now look at the issue of feedback in high-speed protocols. Due to the
(relatively) long delay loop, feedback should be avoided: it takes too long for the
receiver to signal the sender. One example of feedback is governing the transmis-
sion rate by using a sliding window protocol. Future protocols may switch to
rate-based protocols to avoid the (long) delays inherent in the receiver sending
window updates to the sender. In such a protocol, the sender can send all it wants
to, provided it does not send faster than some rate the sender and receiver have
agreed upon in advance.
A second example of feedback is Jacobson’s slow start algorithm. This algo-
rithm makes multiple probes to see how much the network can handle. With
high-speed networks, making half a dozen or so small probes to see how the net-
work responds wastes a huge amount of bandwidth. A more efficient scheme is to
have the sender, receiver, and network all reserve the necessary resources at con-
nection setup time. Reserving resources in advance also has the advantage of ma-
king it easier to reduce jitter. In short, going to high speeds inexorably pushes the
design toward connection-oriented operation, or something fairly close to it.
Another valuable feature is the ability to send a normal amount of data along
with the connection request. In this way, one round-trip time can be saved.
6.7 DELAY-TOLERANT NETWORKING
We will finish this chapter by describing a new kind of transport that may one
day be an important component of the Internet. TCP and most other transport pro-
tocols are based on the assumption that the sender and the receiver are continu-
ously connected by some working path, or else the protocol fails and data cannot
be delivered. In some networks there is often no end-to-end path. An example is a
space network as LEO (Low-Earth Orbit) satellites pass in and out of range of
ground stations. A given satellite may be able to communicate to a ground station
only at particular times, and two satellites may never be able to communicate with
each other at any time, even via a ground station, because one of the satellites

600 THE TRANSPORT LAYER CHAP. 6
may always be out of range. Other example networks involve submarines, buses,
mobile phones, and other devices with computers for which there is intermittent
connectivity due to mobility or extreme conditions.
In these occasionally connected networks, data can still be communicated by
storing them at nodes and forwarding them later when there is a working link.
This technique is called message switching. Eventually the data will be relayed
to the destination. A network whose architecture is based on this approach is call-
ed a DTN (Delay-Tolerant Network, or a Disruption-Tolerant Network).
Work on DTNs started in 2002 when IETF set up a research group on the
topic. The inspiration for DTNs came from an unlikely source: efforts to send
packets in space. Space networks must deal with intermittent communication and
very long delays. Kevin Fall observed that the ideas for these Interplanetary In-
ternets could be applied to networks on Earth in which intermittent connectivity
was the norm (Fall, 2003). This model gives a useful generalization of the Inter-
net in which storage and delays can occur during communication. Data delivery
is akin to delivery in the postal system, or electronic mail, rather than packet
switching at routers.
Since 2002, the DTN architecture has been refined, and the applications of the
DTN model have grown. As a mainstream application, consider large datasets of
many terabytes that are produced by scientific experiments, media events, or
Web-based services and need to be copied to datacenters at different locations
around the world. Operators would like to send this bulk traffic at off-peak times
to make use of bandwidth that has already been paid for but is not being used, and
are willing to tolerate some delay. It is like doing the backups at night when other
applications are not making heavy use of the network. The problem is that, for
global services, the off-peak times are different at locations around the world.
There may be little overlap in the times when datacenters in Boston and Perth
have off-peak network bandwidth because night for one city is day for the other.
However, DTN models allow for storage and delays during transfer. With
this model, it becomes possible to send the dataset from Boston to Amsterdam
using off-peak bandwidth, as the cities have time zones that are only 6 hours
apart. The dataset is then stored in Amsterdam until there is off-peak bandwidth
between Amsterdam and Perth. It is then sent to Perth to complete the transfer.
Laoutaris et al. (2009) have studied this model and find that it can provide sub-
stantial capacity at little cost, and that the use of a DTN model often doubles that
capacity compared with a traditional end-to-end model.
In what follows, we will describe the IETF DTN architecture and protocols.
6.7.1 DTN Architecture
The main assumption in the Internet that DTNs seek to relax is that an end-
to-end path between a source and a destination exists for the entire duration of a
communication session. When this is not the case, the normal Internet protocols

SEC. 6.7 DELAY-TOLERANT NETWORKING 601
fail. DTNs get around the lack of end-to-end connectivity with an architecture
that is based on message switching, as shown in Fig. 6-56. It is also intended to
tolerate links with low reliability and large delays. The architecture is specified in
RFC 4838.
Contact
(working link)
Stored
bundle
Source
Storage
Sent
bundle
DTN
node
Intermittent link
(not working)
Destination
Figure 6-56. Delay-tolerant networking architecture.
In DTN terminology, a message is called a bundle. DTN nodes are equipped
with storage, typically persistent storage such as a disk or flash memory. They
store bundles until links become available and then forward the bundles. The links
work intermittently. Fig. 6-56 shows five intermittent links that are not currently
working, and two links that are working. A working link is called a contact.
Fig. 6-56 also shows bundles stored at two DTN nodes awaiting contacts to send
the bundles onward. In this way, the bundles are relayed via contacts from the
source to their destination.
The storing and forwarding of bundles at DTN nodes sounds similar to the
queueing and forwarding of packets at routers, but there are qualitative dif-
ferences. In routers in the Internet, queueing occurs for milliseconds or at most
seconds. At DTN nodes, bundles may be stored for hours, until a bus arrives in
town, while an airplane completes a flight, until a sensor node harvests enough
solar energy to run, until a sleeping computer wakes up, and so forth. These ex-
amples also point to a second difference, which is that nodes may move (with a
bus or plane) while they hold stored data, and this movement may even be a key
part of data delivery. Routers in the Internet are not allowed to move. The whole
process of moving bundles might be better known as ‘‘store-carry-forward.’’
As an example, consider the scenario shown in Fig. 6-57 that was the first use
of DTN protocols in space (Wood et al., 2008). The source of bundles is an LEO
satellite that is recording Earth images as part of the Disaster Monitoring Constel-
lation of satellites. The images must be returned to the collection point. However,
the satellite has only intermittent contact with three ground stations as it orbits the
Earth. It comes into contact with each ground station in turn. Each of the satellite,
ground stations, and collection point act as a DTN node. At each contact, a

602 THE TRANSPORT LAYER CHAP. 6
bundle (or a portion of a bundle) is sent to a ground station. The bundles are then
sent over a backhaul terrestrial network to the collection point to complete the
transfer.
Intermittent link
(not working)
Storage at
DTN nodes
Satellite
Contact
(working link)Bundle
Ground
station
Collection point
Figure 6-57. Use of a DTN in space.
The primary advantage of the DTN architecture in this example is that it nat-
urally fits the situation of the satellite needing to store images because there is no
connectivity at the time the image is taken. There are two further advantages.
First, there may be no single contact long enough to send the images. However,
they can be spread across the contacts with three ground stations. Second, the use
of the link between the satellite and ground station is decoupled from the link over
the backhaul network. This means that the satellite download is not limited by a
slow terrestrial link. It can proceed at full speed, with the bundle stored at the
ground station until it can be relayed to the collection point.
An important issue that is not specified by the architecture is how to find good
routes via DTN nodes. A route in this path to use. Good routes depend on the
nature of the architecture describes when to send data, and also which contacts.
Some contacts are known ahead of time. A good example is the motion of
heavenly bodies in the space example. For the space experiment, it was known
ahead of time when contacts would occur, that the contact intervals ranged from 5
to 14 minutes per pass with each ground station, and that the downlink capacity
was 8.134 Mbps. Given this knowledge, the transport of a bundle of images can
be planned ahead of time.
In other cases, the contacts can be predicted, but with less certainty. Examples
include buses that make contact with each other in mostly regular ways, due to a
timetable, yet with some variation, and the times and amount of off-peak band-
width in ISP networks, which are predicted from past data. At the other extreme,
the contacts are occasional and random. One example is carrying data from user

SEC. 6.7 DELAY-TOLERANT NETWORKING 603
to user on mobile phones depending on which users make contact with each other
during the day. When there is unpredictability in contacts, one routing strategy is
to send copies of the bundle along different paths in the hope that one of the cop-
ies is delivered to the destination before the lifetime is reached.
6.7.2 The Bundle Protocol
To take a closer look at the operation of DTNs, we will now look at the IETF
protocols. DTNs are an emerging kind of network, and experimental DTNs have
used different protocols, as there is no requirement that the IETF protocols be
used. However, they are at least a good place to start and highlight many of the
key issues.
The DTN protocol stack is shown in Fig. 6-58. The key protocol is the Bun-
dle protocol, which is specified in RFC 5050. It is responsible for accepting mes-
sages from the application and sending them as one or more bundles via store-
carry-forward operations to the destination DTN node. It is also apparent from
Fig. 6-58 that the Bundle protocol runs above the level of TCP/IP. In other words,
TCP/IP may be used over each contact to move bundles between DTN nodes.
This positioning raises the issue of whether the Bundle protocol is a transport
layer protocol or an application layer protocol. Just as with RTP, we take the
position that, despite running over a transport protocol, the Bundle protocol is pro-
viding a transport service to many different applications, and so we cover DTNs
in this chapter.
Application
Bundle Protocol
Convergence layer
TCP/IP
Internet
. . . . Other
internet
Convergence layer
Upper
layers
DTN
layer
Lower
layers
Figure 6-58. Delay-tolerant networking protocol stack.
In Fig. 6-58, we see that the Bundle protocol may be run over other kinds of
protocols such as UDP, or even other kinds of internets. For example, in a space
network the links may have very long delays. The round-trip time between Earth
and Mars can easily be 20 minutes depending on the relative position of the
planets. Imagine how well TCP acknowledgements and retransmissions will work
over that link, especially for relatively short messages. Not well at all. Instead,

604 THE TRANSPORT LAYER CHAP. 6
another protocol that uses error-correcting codes might be used. Or in sensor net-
works that are very resource constrained, a more lightweight protocol than TCP
may be used.
Since the Bundle protocol is fixed, yet it is intended to run over a variety of
transports, there is must be a gap in functionality between the protocols. That gap
is the reason for the inclusion of a convergence layer in Fig. 6-58. The conver-
gence layer is just a glue layer that matches the interfaces of the protocols that it
joins. By definition there is a different convergence layer for each different lower
layer transport. Convergence layers are commonly found in standards to join new
and existing protocols.
The format of Bundle protocol messages is shown in Fig. 6-59. The different
fields in these messages tell us some of the key issues that are handled by the
Bundle protocol.
Bits
77
Type
Primary block Payload block Optional blocks
Length DataVer. Flags Dest. FlagsSource Report Custodian Creation Lifetime Dictionary
8variable
Status
report
Class of
service General
Bits
8
6
variable620
Figure 6-59. Bundle protocol message format.
Each message consists of a primary block, which can be thought of as a head-
er, a payload block for the data, and optionally other blocks, for example to carry
security parameters. The primary block begins with a Version field (currently 6)
followed by a Flags field. Among other functions, the flags encode a class of ser-
vice to let a source mark its bundles as higher or lower priority, and other han-
dling requests such as whether the destination should acknowledge the bundle.
Then come addresses, which highlight three interesting parts of the design. As
well as a Destination and Source identifier field, there is a Custodian identifier.
The custodian is the party responsible for seeing that the bundle is delivered. In
the Internet, the source node is usually the custodian, as it is the node that retrans-
mits if the data is not ultimately delivered to the destination. However, in a DTN,
the source node may not always be connected and may have no way of knowing
whether the data has been delivered. DTNs deal with this problem using the
notion of custody transfer, in which another node, closer to the destination, can
assume responsibility for seeing the data safely delivered. For example, if a bun-
dle is stored on an airplane for forwarding at a later time and location, the airplane
may become the custodian of the bundle.

SEC. 6.7 DELAY-TOLERANT NETWORKING 605
The second interesting aspect is that these identifiers are not IP addresses. Be-
cause the Bundle protocol is intended to work across a variety of transports and
internets, it defines its own identifiers. These identifiers are really more like
high-level names, such as Web page URLs, than low-level addresses, such as IP
addresses. They give DTNs an aspect of application-level routing, such as email
delivery or the distribution of software updates.
The third interesting aspect is the way the identifiers are encoded. There is
also a Report identifier for diagnostic messages. All of the identifiers are encoded
as references to a variable length Dictionary field. This provides compression
when the custodian or report nodes are the same as the source or the destination.
In fact, much of the message format has been designed with both extensibility and
efficiency in mind by using a compact representation of variable length fields.
The compact representation is important for wireless links and resource-
constrained nodes such as in a sensor network.
Next comes a Creation field carrying the time at which the bundle was creat-
ed, along with a sequence number from the source for ordering, plus a Lifetime
field that tells the time at which the bundle data is no longer useful. These fields
exist because data may be stored for a long period at DTN nodes and there must
be some way to remove stale data from the network. Unlike the Internet, they re-
quire that DTN nodes have loosely synchronized clocks.
The primary block is completed with the Dictionary field. Then comes the
payload block. This block starts with a short Type field that identifies it as a pay-
load, followed by a small set of Flags that describe processing options. Then
comes the Data field, preceded by a Length field. Finally, there may be other, op-
tional blocks, such as a block that carries security parameters.
Many aspects of DTNs are being explored in the research community. Good
strategies for routing depend on the nature of the contacts, as was mentioned
above. Storing data inside the network raises other issues. Now congestion control
must consider storage at nodes as another kind of resource that can be depleted.
The lack of end-to-end communication also exacerbates security problems. Before
a DTN node takes custody of a bundle, it may want to know that the sender is
authorized to use the network and that the bundle is probably wanted by the desti-
nation. Solutions to these problems will depend on the kind of DTN, as space net-
works are different from sensor networks.
6.8 SUMMARY
The transport layer is the key to understanding layered protocols. It provides
various services, the most important of which is an end-to-end, reliable, con-
nection-oriented byte stream from sender to receiver. It is accessed through ser-
vice primitives that permit the establishment, use, and release of connections. A
common transport layer interface is the one provided by Berkeley sockets.

606 THE TRANSPORT LAYER CHAP. 6
Transport protocols must be able to do connection management over unre-
liable networks. Connection establishment is complicated by the existence of de-
layed duplicate packets that can reappear at inopportune moments. To deal with
them, three-way handshakes are needed to establish connections. Releasing a
connection is easier than establishing one but is still far from trivial due to the
two-army problem.
Even when the network layer is completely reliable, the transport layer has
plenty of work to do. It must handle all the service primitives, manage connec-
tions and timers, allocate bandwidth with congestion control, and run a variable-
sized sliding window for flow control.
Congestion control should allocate all of the available bandwidth between
competing flows fairly, and it should track changes in the usage of the network.
The AIMD control law converges to a fair and efficient allocation.
The Internet has two main transport protocols: UDP and TCP. UDP is a con-
nectionless protocol that is mainly a wrapper for IP packets with the additional
feature of multiplexing and demultiplexing multiple processes using a single IP
address. UDP can be used for client-server interactions, for example, using RPC.
It can also be used for building real-time protocols such as RTP.
The main Internet transport protocol is TCP. It provides a reliable, bidirec-
tional, congestion-controlled byte stream with a 20-byte header on all segments.
A great deal of work has gone into optimizing TCP performance, using algorithms
from Nagle, Clark, Jacobson, Karn, and others.
Network performance is typically dominated by protocol and segment proc-
essing overhead, and this situation gets worse at higher speeds. Protocols should
be designed to minimize the number of segments and work for large bandwidth-
delay paths. For gigabit networks, simple protocols and streamlined processing
are called for.
Delay-tolerant networking provides a delivery service across networks that
have occasional connectivity or long delays across links. Intermediate nodes
store, carry, and forward bundles of information so that it is eventually delivered,
even if there is no working path from sender to receiver at any time.
PROBLEMS
1. In our example transport primitives of Fig. 6-2, LISTEN is a blocking call. Is this
strictly necessary? If not, explain how a nonblocking primitive could be used. What
advantage would this have over the scheme described in the text?
2. Primitives of transport service assume asymmetry between the two end points during
connection establishment, one end (server) executes LISTEN while the other end
(client) executes CONNECT. However, in peer to peer applications such file sharing

CHAP. 6 PROBLEMS 607
systems, e.g. BitTorrent, all end points are peers. There is no server or client func-
tionality. How can transport service primitives may be used to build such peer to peer
applications?
3. In the underlying model of Fig. 6-4, it is assumed that packets may be lost by the net-
work layer and thus must be individually acknowledged. Suppose that the network
layer is 100 percent reliable and never loses packets. What changes, if any, are
needed to Fig. 6-4?
4. In both parts of Fig. 6-6, there is a comment that the value of SERVER PORT must be
the same in both client and server. Why is this so important?
5. In the Internet File Server example (Figure 6-6), can the connect( ) system call on the
client fail for any reason other than listen queue being full on the server? Assume that
the network is perfect.
6. One criteria for deciding whether to have a server active all the time or have it start on
demand using a process server is how frequently the service provided is used. Can
you think of any other criteria for making this decision?
7. Suppose that the clock-driven scheme for generating initial sequence numbers is used
with a 15-bit wide clock counter. The clock ticks once every 100 msec, and the max-
imum packet lifetime is 60 sec. How often need resynchronization take place
(a) in the worst case?
(b) when the data consumes 240 sequence numbers/min?
8. Why does the maximum packet lifetime, T, have to be large enough to ensure that not
only the packet but also its acknowledgements have vanished?
9. Imagine that a two-way handshake rather than a three-way handshake were used to set
up connections. In other words, the third message was not required. Are deadlocks
now possible? Give an example or show that none exist.
10. Imagine a generalized n-army problem, in which the agreement of any two of the blue
armies is sufficient for victory. Does a protocol exist that allows blue to win?
11. Consider the problem of recovering from host crashes (i.e., Fig. 6-18). If the interval
between writing and sending an acknowledgement, or vice versa, can be made rela-
tively small, what are the two best sender-receiver strategies for minimizing the
chance of a protocol failure?
12. In Figure 6-20, suppose a new flow E is added that takes a path from R1 to R2 to R6.
How does the max-min bandwidth allocation change for the five flows?
13. Discuss the advantages and disadvantages of credits versus sliding window protocols.
14. Some other policies for fairness in congestion control are Additive Increase Additive
Decrease (AIAD), Multiplicative Increase Additive Decrease (MIAD), and Multipli-
cative Increase Multiplicative Decrease (MIMD). Discuss these three policies in terms
of convergence and stability.
15. Why does UDP exist? Would it not have been enough to just let user processes send
raw IP packets?

608 THE TRANSPORT LAYER CHAP. 6
16. Consider a simple application-level protocol built on top of UDP that allows a client to
retrieve a file from a remote server residing at a well-known address. The client first
sends a request with a file name, and the server responds with a sequence of data
packets containing different parts of the requested file. To ensure reliability and
sequenced delivery, client and server use a stop-and-wait protocol. Ignoring the obvi-
ous performance issue, do you see a problem with this protocol? Think carefully
about the possibility of processes crashing.
17. A client sends a 128-byte request to a server located 100 km away over a 1-gigabit
optical fiber. What is the efficiency of the line during the remote procedure call?
18. Consider the situation of the previous problem again. Compute the minimum possible
response time both for the given 1-Gbps line and for a 1-Mbps line. What conclusion
can you draw?
19. Both UDP and TCP use port numbers to identify the destination entity when deliver-
ing a message. Give two reasons why these protocols invented a new abstract ID (port
numbers), instead of using process IDs, which already existed when these protocols
were designed.
20. Several RPC implementations provide an option to the client to use RPC implemented
over UDP or RPC implemented over TCP. Under what conditions will a client prefer
to use RPC over UDP and under what conditions will he prefer to use RPC over TCP?
21. Consider two networks, N 1 and N 2, that have the same average delay between a
source A and a destination D. In N 1, the delay experienced by different packets is
unformly distributed with maximum delay being 10 seconds, while in N 2, 99% of the
packets experience less than one second delay with no limit on maximum delay. Dis-
cuss how RTP may be used in these two cases to transmit live audio/video stream.
22. What is the total size of the minimum TCP MTU, including TCP and IP overhead but
not including data link layer overhead?
23. Datagram fragmentation and reassembly are handled by IP and are invisible to TCP.
Does this mean that TCP does not have to worry about data arriving in the wrong
order?
24. RTP is used to transmit CD-quality audio, which makes a pair of 16-bit samples
44,100 times/sec, one sample for each of the stereo channels. How many packets per
second must RTP transmit?
25. Would it be possible to place the RTP code in the operating system kernel, along with
the UDP code? Explain your answer.
26. A process on host 1 has been assigned port p, and a process on host 2 has been
assigned port q. Is it possible for there to be two or more TCP connections between
these two ports at the same time?
27. In Fig. 6-36 we saw that in addition to the 32-bit acknowledgement field, there is an
ACK bit in the fourth word. Does this really add anything? Why or why not?
28. The maximum payload of a TCP segment is 65,495 bytes. Why was such a strange
number chosen?

CHAP. 6 PROBLEMS 609
29. Describe two ways to get into the SYN RCVD state of Fig. 6-39.
30. Consider the effect of using slow start on a line with a 10-msec round-trip time and no
congestion. The receive window is 24 KB and the maximum segment size is 2 KB.
How long does it take before the first full window can be sent?
31. Suppose that the TCP congestion window is set to 18 KB and a timeout occurs. How
big will the window be if the next four transmission bursts are all successful? Assume
that the maximum segment size is 1 KB.
32. If the TCP round-trip time, RTT, is currently 30 msec and the following acknowledge-
ments come in after 26, 32, and 24 msec, respectively, what is the new RTT estimate
using the Jacobson algorithm? Use α = 0.9.
33. A TCP machine is sending full windows of 65,535 bytes over a 1-Gbps channel that
has a 10-msec one-way delay. What is the maximum throughput achievable? What is
the line efficiency?
34. What is the fastest line speed at which a host can blast out 1500-byte TCP payloads
with a 120-sec maximum packet lifetime without having the sequence numbers wrap
around? Take TCP, IP, and Ethernet overhead into consideration. Assume that Ether-
net frames may be sent continuously.
35. To address the limitations of IP version 4, a major effort had to be undertaken via
IETF that resulted in the design of IP version 6 and there are still is significant reluc-
tance in the adoption of this new version. However, no such major effort is needed to
address the limitations of TCP. Explain why this is the case.
36. In a network whose max segment is 128 bytes, max segment lifetime is 30 sec, and
has 8-bit sequence numbers, what is the maximum data rate per connection?
37. Suppose that you are measuring the time to receive a segment. When an interrupt
occurs, you read out the system clock in milliseconds. When the segment is fully pro-
cessed, you read out the clock again. You measure 0 msec 270,000 times and 1 msec
730,000 times. How long does it take to receive a segment?
38. A CPU executes instructions at the rate of 1000 MIPS. Data can be copied 64 bits at a
time, with each word copied costing 10 instructions. If an coming packet has to be
copied four times, can this system handle a 1-Gbps line? For simplicity, assume that
all instructions, even those instructions that read or write memory, run at the full
1000-MIPS rate.
39. To get around the problem of sequence numbers wrapping around while old packets
still exist, one could use 64-bit sequence numbers. However, theoretically, an optical
fiber can run at 75 Tbps. What maximum packet lifetime is required to make sure that
future 75-Tbps networks do not have wraparound problems even with 64-bit sequence
numbers? Assume that each byte has its own sequence number, as TCP does.
40. In Sec. 6.6.5, we calculated that a gigabit line dumps 80,000 packets/sec on the host,
giving it only 6250 instructions to process it and leaving half the CPU time for appli-
cations. This calculation assumed a 1500-byte packet. Redo the calculation for an
ARPANET-sized packet (128 bytes). In both cases, assume that the packet sizes
given include all overhead.

610 THE TRANSPORT LAYER CHAP. 6
41. For a 1-Gbps network operating over 4000 km, the delay is the limiting factor, not the
bandwidth. Consider a MAN with the average source and destination 20 km apart. At
what data rate does the round-trip delay due to the speed of light equal the transmis-
sion delay for a 1-KB packet?
42. Calculate the bandwidth-delay product for the following networks: (1) T1 (1.5 Mbps),
(2) Ethernet (10 Mbps), (3) T3 (45 Mbps), and (4) STS-3 (155 Mbps). Assume an
RTT of 100 msec. Recall that a TCP header has 16 bits reserved for Window Size.
What are its implications in light of your calculations?
43. What is the bandwidth-delay product for a 50-Mbps channel on a geostationary satel-
lite? If the packets are all 1500 bytes (including overhead), how big should the win-
dow be in packets?
44. The file server of Fig. 6-6 is far from perfect and could use a few improvements.
Make the following modifications.
(a) Give the client a third argument that specifies a byte range.
(b) Add a client flag –w that allows the file to be written to the server.
45. One common function that all network protocols need is to manipulate messages.
Recall that protocols manipulate messages by adding/striping headers. Some protocols
may break a single message into multiple fragments, and later join these multiple frag-
ments back into a single message. To this end, design and implement a message
management library that provides support for creating a new message, attaching a
header to a message, stripping a header from a message, breaking a message into two
messages, combining two messages into a single message, and saving a copy of a mes-
sage. Your implementation must minimize data copying from one buffer to another as
much as possible. It is critical that the operations that manipulate messages do not
touch the data in a message, but rather, only manipulate pointers.
46. Design and implement a chat system that allows multiple groups of users to chat. A
chat coordinator resides at a well-known network address, uses UDP for communica-
tion with chat clients, sets up chat servers for each chat session, and maintains a chat
session directory. There is one chat server per chat session. A chat server uses TCP
for communication with clients. A chat client allows users to start, join, and leave a
chat session. Design and implement the coordinator, server, and client code.

7
THE APPLICATION LAYER
Having finished all the preliminaries, we now come to the layer where all the
applications are found. The layers below the application layer are there to provide
transport services, but they do not do real work for users. In this chapter, we will
study some real network applications.
However, even in the application layer there is a need for support protocols, to
allow the applications to function. Accordingly, we will look at an important one
of these before starting with the applications themselves. The item in question is
DNS, which handles naming within the Internet. After that, we will examine
three real applications: electronic mail, the World Wide Web, and multimedia.
We will finish the chapter by saying more about content distribution, including by
peer-to-peer networks.
7.1 DNS—THE DOMAIN NAME SYSTEM
Although programs theoretically could refer to Web pages, mailboxes, and
other resources by using the network (e.g., IP) addresses of the computers on
which they are stored, these addresses are hard for people to remember. Also,
browsing a company’s Web pages from 128.111.24.41 means that if the company
moves the Web server to a different machine with a different IP address, everyone
needs to be told the new IP address. Consequently, high-level, readable names
were introduced in order to decouple machine names from machine addresses. In
611

612 THE APPLICATION LAYER CHAP. 7
this way, the company’s Web server might be known as www.cs.washington.edu
regardless of its IP address. Nevertheless, since the network itself understands
only numerical addresses, some mechanism is required to convert the names to
network addresses. In the following sections, we will study how this mapping is
accomplished in the Internet.
Way back in the ARPANET days, there was simply a file, hosts.txt, that listed
all the computer names and their IP addresses. Every night, all the hosts would
fetch it from the site at which it was maintained. For a network of a few hundred
large timesharing machines, this approach worked reasonably well.
However, well before many millions of PCs were connected to the Internet,
everyone involved with it realized that this approach could not continue to work
forever. For one thing, the size of the file would become too large. However,
even more importantly, host name conflicts would occur constantly unless names
were centrally managed, something unthinkable in a huge international network
due to the load and latency. To solve these problems, DNS (Domain Name Sys-
tem) was invented in 1983. It has been a key part of the Internet ever since.
The essence of DNS is the invention of a hierarchical, domain-based naming
scheme and a distributed database system for implementing this naming scheme.
It is primarily used for mapping host names to IP addresses but can also be used
for other purposes. DNS is defined in RFCs 1034, 1035, 2181, and further ela-
borated in many others.
Very briefly, the way DNS is used is as follows. To map a name onto an IP
address, an application program calls a library procedure called the resolver, pas-
sing it the name as a parameter. We saw an example of a resolver, gethost-
byname, in Fig. 6-6. The resolver sends a query containing the name to a local
DNS server, which looks up the name and returns a response containing the IP ad-
dress to the resolver, which then returns it to the caller. The query and response
messages are sent as UDP packets. Armed with the IP address, the program can
then establish a TCP connection with the host or send it UDP packets.
7.1.1 The DNS Name Space
Managing a large and constantly changing set of names is a nontrivial prob-
lem. In the postal system, name management is done by requiring letters to speci-
fy (implicitly or explicitly) the country, state or province, city, street address, and
name of the addressee. Using this kind of hierarchical addressing ensures that
there is no confusion between the Marvin Anderson on Main St. in White Plains,
N.Y. and the Marvin Anderson on Main St. in Austin, Texas. DNS works the
same way.
For the Internet, the top of the naming hierarchy is managed by an organiza-
tion called ICANN (Internet Corporation for Assigned Names and Numbers).
ICANN was created for this purpose in 1998, as part of the maturing of the Inter-
net to a worldwide, economic concern. Conceptually, the Internet is divided into

www.cs.washington.edu

SEC. 7.1 DNS—THE DOMAIN NAME SYSTEM 613
over 250 top-level domains, where each domain covers many hosts. Each do-
main is partitioned into subdomains, and these are further partitioned, and so on.
All these domains can be represented by a tree, as shown in Fig. 7-1. The leaves
of the tree represent domains that have no subdomains (but do contain machines,
of course). A leaf domain may contain a single host, or it may represent a com-
pany and contain thousands of hosts.
. . .
eng
cisco ieeeacm
eng
washington
cs
robot
jilljack
coac
csl
nec
cs
keiouwa
edu ocevu
lawcs
edu museumaero com gov org jp usnet au uk nl
Generic Countries
. . .
fluitfilts
Figure 7-1. A portion of the Internet domain name space.
The top-level domains come in two flavors: generic and countries. The gen-
eric domains, listed in Fig. 7-2, include original domains from the 1980s and do-
mains introduced via applications to ICANN. Other generic top-level domains
will be added in the future.
The country domains include one entry for every country, as defined in ISO
3166. Internationalized country domain names that use non-Latin alphabets were
introduced in 2010. These domains let people name hosts in Arabic, Cyrillic,
Chinese, or other languages.
Getting a second-level domain, such as name-of-company.com, is easy. The
top-level domains are run by registrars appointed by ICANN. Getting a name
merely requires going to a corresponding registrar (for com in this case) to check
if the desired name is available and not somebody else’s trademark. If there are
no problems, the requester pays the registrar a small annual fee and gets the name.
However, as the Internet has become more commercial and more internation-
al, it has also become more contentious, especially in matters related to naming.
This controversy includes ICANN itself. For example, the creation of the xxx do-
main took several years and court cases to resolve. Is voluntarily placing adult
content in its own domain a good or a bad thing? (Some people did not want adult
content available at all on the Internet while others wanted to put it all in one do-
main so nanny filters could easily find and block it from children). Some of the
domains self-organize, while others have restrictions on who can obtain a name,
as noted in Fig. 7-2. But what restrictions are appropriate? Take the pro domain,

614 THE APPLICATION LAYER CHAP. 7
Domain Intended use Start date Restricted?
com Commercial 1985 No
edu Educational institutions 1985 Yes
gov Government 1985 Yes
int International organizations 1988 Yes
mil Military 1985 Yes
net Network providers 1985 No
org Non-profit organizations 1985 No
aero Air transport 2001 Yes
biz Businesses 2001 No
coop Cooperatives 2001 Yes
info Informational 2002 No
museum Museums 2002 Yes
name People 2002 No
pro Professionals 2002 Yes
cat Catalan 2005 Yes
jobs Employment 2005 Yes
mobi Mobile devices 2005 Yes
tel Contact details 2005 Yes
travel Travel industry 2005 Yes
xxx Sex industry 2010 No
Figure 7-2. Generic top-level domains.
for example. It is for qualified professionals. But who is a professional? Doctors
and lawyers clearly are professionals. But what about freelance photographers,
piano teachers, magicians, plumbers, barbers, exterminators, tattoo artists, mer-
cenaries, and prostitutes? Are these occupations eligible? According to whom?
There is also money in names. Tuvalu (the country) sold a lease on its tv do-
main for $50 million, all because the country code is well-suited to advertising
television sites. Virtually every common (English) word has been taken in the
com domain, along with the most common misspellings. Try household articles,
animals, plants, body parts, etc. The practice of registering a domain only to turn
around and sell it off to an interested party at a much higher price even has a
name. It is called cybersquatting . Many companies that were slow off the mark
when the Internet era began found their obvious domain names already taken
when they tried to acquire them. In general, as long as no trademarks are being
violated and no fraud is involved, it is first-come, first-served with names. Never-
theless, policies to resolve naming disputes are still being refined.

SEC. 7.1 DNS—THE DOMAIN NAME SYSTEM 615
Each domain is named by the path upward from it to the (unnamed) root. The
components are separated by periods (pronounced ‘‘dot’’). Thus, the engineering
department at Cisco might be eng.cisco.com., rather than a UNIX-style name such
as /com/cisco/eng. Notice that this hierarchical naming means that eng.cisco.com.
does not conflict with a potential use of eng in eng.washington.edu., which might
be used by the English department at the University of Washington.
Domain names can be either absolute or relative. An absolute domain name
always ends with a period (e.g., eng.cisco.com.), whereas a relative one does not.
Relative names have to be interpreted in some context to uniquely determine their
true meaning. In both cases, a named domain refers to a specific node in the tree
and all the nodes under it.
Domain names are case-insensitive, so edu, Edu, and EDU mean the same
thing. Component names can be up to 63 characters long, and full path names
must not exceed 255 characters.
In principle, domains can be inserted into the tree in either generic or country
domains. For example, cs.washington.edu could equally well be listed under the
us country domain as cs.washington.wa.us. In practice, however, most organiza-
tions in the United States are under generic domains, and most outside the United
States are under the domain of their country. There is no rule against registering
under multiple top-level domains. Large companies often do so (e.g., sony.com,
sony.net, and sony.nl).
Each domain controls how it allocates the domains under it. For example,
Japan has domains ac.jp and co.jp that mirror edu and com. The Netherlands does
not make this distinction and puts all organizations directly under nl. Thus, all
three of the following are university computer science departments:
1. cs.washington.edu (University of Washington, in the U.S.).
2. cs.vu.nl (Vrije Universiteit, in The Netherlands).
3. cs.keio.ac.jp (Keio University, in Japan).
To create a new domain, permission is required of the domain in which it will
be included. For example, if a VLSI group is started at the University of Wash-
ington and wants to be known as vlsi.cs.washington.edu, it has to get permission
from whoever manages cs.washington.edu. Similarly, if a new university is char-
tered, say, the University of Northern South Dakota, it must ask the manager of
the edu domain to assign it unsd.edu (if that is still available). In this way, name
conflicts are avoided and each domain can keep track of all its subdomains. Once
a new domain has been created and registered, it can create subdomains, such as
cs.unsd.edu, without getting permission from anybody higher up the tree.
Naming follows organizational boundaries, not physical networks. For ex-
ample, if the computer science and electrical engineering departments are located
in the same building and share the same LAN, they can nevertheless have distinct

616 THE APPLICATION LAYER CHAP. 7
domains. Similarly, even if computer science is split over Babbage Hall and Tur-
ing Hall, the hosts in both buildings will normally belong to the same domain.
7.1.2 Domain Resource Records
Every domain, whether it is a single host or a top-level domain, can have a set
of resource records associated with it. These records are the DNS database. For
a single host, the most common resource record is just its IP address, but many
other kinds of resource records also exist. When a resolver gives a domain name
to DNS, what it gets back are the resource records associated with that
name. Thus, the primary function of DNS is to map domain names onto resource
records.
A resource record is a five-tuple. Although they are encoded in binary for ef-
ficiency, in most expositions resource records are presented as ASCII text, one
line per resource record. The format we will use is as follows:
Domain name Time to live Class Type Value
The Domain name tells the domain to which this record applies. Normally, many
records exist for each domain and each copy of the database holds information
about multiple domains. This field is thus the primary search key used to satisfy
queries. The order of the records in the database is not significant.
The Time to live field gives an indication of how stable the record is. Infor-
mation that is highly stable is assigned a large value, such as 86400 (the number
of seconds in 1 day). Information that is highly volatile is assigned a small value,
such as 60 (1 minute). We will come back to this point later when we have dis-
cussed caching.
The third field of every resource record is the Class. For Internet information,
it is always IN. For non-Internet information, other codes can be used, but in
practice these are rarely seen.
The Type field tells what kind of record this is. There are many kinds of DNS
records. The important types are listed in Fig. 7-3.
An SOA record provides the name of the primary source of information about
the name server’s zone (described below), the email address of its administrator, a
unique serial number, and various flags and timeouts.
The most important record type is the A (Address) record. It holds a 32-bit
IPv4 address of an interface for some host. The corresponding AAAA, or ‘‘quad
A,’’ record holds a 128-bit IPv6 address. Every Internet host must have at least
one IP address so that other machines can communicate with it. Some hosts have
two or more network interfaces, in which case they will have two or more type A
or AAAA resource records. Consequently, DNS can return multiple addresses for
a single name.
A common record type is the MX record. It specifies the name of the host
prepared to accept email for the specified domain. It is used because not every

SEC. 7.1 DNS—THE DOMAIN NAME SYSTEM 617
Type Meaning Value
SOA Start of authority Parameters for this zone
A IPv4 address of a host 32-Bit integer
AAAA IPv6 address of a host 128-Bit integer
MX Mail exchange Priority, domain willing to accept email
NS Name server Name of a server for this domain
CNAME Canonical name Domain name
PTR Pointer Alias for an IP address
SPF Sender policy framework Text encoding of mail sending policy
SRV Service Host that provides it
TXT Text Descriptive ASCII text
Figure 7-3. The principal DNS resource record types.
machine is prepared to accept email. If someone wants to send email to, for ex-
ample, bill@microsoft.com, the sending host needs to find some mail server loca-
ted at microsoft.com that is willing to accept email. The MX record can provide
this information.
Another important record type is the NS record. It specifies a name server for
the domain or subdomain. This is a host that has a copy of the database for a do-
main. It is used as part of the process to look up names, which we will describe
shortly.
CNAME records allow aliases to be created. For example, a person familiar
with Internet naming in general and wanting to send a message to user paul in the
computer science department at M.I.T. might guess that paul@cs.mit.edu will
work. Actually, this address will not work, because the domain for M.I.T.’s com-
puter science department is csail.mit.edu. However, as a service to people who do
not know this, M.I.T. could create a CNAME entry to point people and programs
in the right direction. An entry like this one might do the job:
cs.mit.edu 86400 IN CNAME csail.mit.edu
Like CNAME, PTR points to another name. However, unlike CNAME, which
is really just a macro definition (i.e., a mechanism to replace one string by anoth-
er), PTR is a regular DNS data type whose interpretation depends on the context
in which it is found. In practice, it is nearly always used to associate a name with
an IP address to allow lookups of the IP address and return the name of the corres-
ponding machine. These are called reverse lookups.
SRV is a newer type of record that allows a host to be identified for a given
service in a domain. For example, the Web server for cs.washington.edu could be
identified as cockatoo.cs.washington.edu . This record generalizes the MX record
that performs the same task but it is just for mail servers.

618 THE APPLICATION LAYER CHAP. 7
SPF is also a newer type of record. It lets a domain encode information about
what machines in the domain will send mail to the rest of the Internet. This helps
receiving machines check that mail is valid. If mail is being received from a ma-
chine that calls itself dodgy but the domain records say that mail will only be sent
out of the domain by a machine called smtp, chances are that the mail is forged
junk mail.
Last on the list, TXT records were originally provided to allow domains to
identify themselves in arbitrary ways. Nowadays, they usually encode machine-
readable information, typically the SPF information.
Finally, we have the Value field. This field can be a number, a domain name,
or an ASCII string. The semantics depend on the record type. A short description
of the Value fields for each of the principal record types is given in Fig. 7-3.
For an example of the kind of information one might find in the DNS database
of a domain, see Fig. 7-4. This figure depicts part of a (hypothetical) database for
the cs.vu.nl domain shown in Fig. 7-1. The database contains seven types of re-
source records.
; Authoritative data for cs.vu.nl
cs.vu.nl. 86400 IN SOA star boss (9527,7200,7200,241920,86400)
cs.vu.nl. 86400 IN MX 1 zephyr
cs.vu.nl. 86400 IN MX 2 top
cs.vu.nl. 86400 IN NS star
star 86400 IN A 130.37.56.205
zephyr 86400 IN A 130.37.20.10
top 86400 IN A 130.37.20.11
www 86400 IN CNAME star.cs.vu.nl
ftp 86400 IN CNAME zephyr.cs.vu.nl
flits 86400 IN A 130.37.16.112
flits 86400 IN A 192.31.231.165
flits 86400 IN MX 1 flits
flits 86400 IN MX 2 zephyr
flits 86400 IN MX 3 top
rowboat IN A 130.37.56.201
IN MX 1 rowboat
IN MX 2 zephyr
little-sister IN A 130.37.62.23
laserjet IN A 192.31.231.216
Figure 7-4. A portion of a possible DNS database for cs.vu.nl.
The first noncomment line of Fig. 7-4 gives some basic information about the
domain, which will not concern us further. Then come two entries giving the first

SEC. 7.1 DNS—THE DOMAIN NAME SYSTEM 619
and second places to try to deliver email sent to person@cs.vu.nl. The zephyr (a
specific machine) should be tried first. If that fails, the top should be tried as the
next choice. The next line identifies the name server for the domain as star.
After the blank line (added for readability) come lines giving the IP addresses
for the star, zephyr, and top. These are followed by an alias, www.cs.vu.nl, so that
this address can be used without designating a specific machine. Creating this
alias allows cs.vu.nl to change its World Wide Web server without invalidating
the address people use to get to it. A similar argument holds for ftp.cs.vu.nl.
The section for the machine flits lists two IP addresses and three choices are
given for handling email sent to flits.cs.vu.nl. First choice is naturally the flits it-
self, but if it is down, the zephyr and top are the second and third choices.
The next three lines contain a typical entry for a computer, in this case,
rowboat.cs.vu.nl. The information provided contains the IP address and the pri-
mary and secondary mail drops. Then comes an entry for a computer that is not
capable of receiving mail itself, followed by an entry that is likely for a printer
that is connected to the Internet.
7.1.3 Name Servers
In theory at least, a single name server could contain the entire DNS database
and respond to all queries about it. In practice, this server would be so overloaded
as to be useless. Furthermore, if it ever went down, the entire Internet would be
crippled.
To avoid the problems associated with having only a single source of infor-
mation, the DNS name space is divided into nonoverlapping zones. One possible
way to divide the name space of Fig. 7-1 is shown in Fig. 7-5. Each circled zone
contains some part of the tree.
. . .
eng
cisco ieeeacm
eng
washington
cs
robot
jilljack
coac
csl
nec
cs
keiouwa
edu ocevu
lawcs
edu museumaero com gov org jp usnet au uk nl
Generic Countries
. . .
fluitflits
Figure 7-5. Part of the DNS name space divided into zones (which are circled).

www.cs.vu.nl

620 THE APPLICATION LAYER CHAP. 7
Where the zone boundaries are placed within a zone is up to that zone’s ad-
ministrator. This decision is made in large part based on how many name servers
are desired, and where. For example, in Fig. 7-5, the University of Washington
has a zone for washington.edu that handles eng.washington.edu but does not han-
dle cs.washington.edu. That is a separate zone with its own name servers. Such a
decision might be made when a department such as English does not wish to run
its own name server, but a department such as Computer Science does.
Each zone is also associated with one or more name servers. These are hosts
that hold the database for the zone. Normally, a zone will have one primary name
server, which gets its information from a file on its disk, and one or more sec-
ondary name servers, which get their information from the primary name server.
To improve reliability, some of the name servers can be located outside the zone.
The process of looking up a name and finding an address is called name reso-
lution. When a resolver has a query about a domain name, it passes the query to a
local name server. If the domain being sought falls under the jurisdiction of the
name server, such as top.cs.vu.nl falling under cs.vu.nl, it returns the authoritative
resource records. An authoritative record is one that comes from the authority
that manages the record and is thus always correct. Authoritative records are in
contrast to cached records, which may be out of date.
What happens when the domain is remote, such as when flits.cs.vu.nl wants to
find the IP address of robot.cs.washington.edu at UW (University of Washing-
ton)? In this case, and if there is no cached information about the domain avail-
able locally, the name server begins a remote query. This query follows the proc-
ess shown in Fig. 7-6. Step 1 shows the query that is sent to the local name ser-
ver. The query contains the domain name sought, the type (A), and the class(IN).
10: robot.cs.washington.edu
1: query
2: q
uer
y
3: e
du
5: was
hingto
n.edu
4: que
ry
6: query
7: cs.washington.edu9: robot.cs.washington.edu
8: query
Local
(cs.vu.nl)
name server
UWCS
name server
UW
name server
Edu name server
(a.edu-servers.net)
Root name server
(a.root-servers.net)
filts.cs.vu.nl
Originator
Figure 7-6. Example of a resolver looking up a remote name in 10 steps.
The next step is to start at the top of the name hierarchy by asking one of the
root name servers. These name servers have information about each top-level

SEC. 7.1 DNS—THE DOMAIN NAME SYSTEM 621
domain. This is shown as step 2 in Fig. 7-6. To contact a root server, each name
server must have information about one or more root name servers. This infor-
mation is normally present in a system configuration file that is loaded into the
DNS cache when the DNS server is started. It is simply a list of NS records for the
root and the corresponding A records.
There are 13 root DNS servers, unimaginatively called a-root-servers.net
through m.root-servers.net . Each root server could logically be a single computer.
However, since the entire Internet depends on the root servers, they are powerful
and heavily replicated computers. Most of the servers are present in multiple geo-
graphical locations and reached using anycast routing, in which a packet is deliv-
ered to the nearest instance of a destination address; we described anycast in
Chap. 5 The replication improves reliability and performance.
The root name server is unlikely to know the address of a machine at UW,
and probably does not know the name server for UW either. But it must know the
name server for the edu domain, in which cs.washington.edu is located. It returns
the name and IP address for that part of the answer in step 3.
The local name server then continues its quest. It sends the entire query to the
edu name server (a.edu-servers.net). That name server returns the name server
for UW. This is shown in steps 4 and 5. Closer now, the local name server sends
the query to the UW name server (step 6). If the domain name being sought was
in the English department, the answer would be found, as the UW zone includes
the English department. But the Computer Science department has chosen to run
its own name server. The query returns the name and IP address of the UW Com-
puter Science name server (step 7).
Finally, the local name server queries the UW Computer Science name server
(step 8). This server is authoritative for the domain cs.washington.edu, so it must
have the answer. It returns the final answer (step 9), which the local name server
forwards as a response to flits.cs.vu.nl (step 10). The name has been resolved.
You can explore this process using standard tools such as the dig program that
is installed on most UNIX systems. For example, typing
dig@a.edu-servers.net robot.cs.washington.edu
will send a query for robot.cs.washington.edu to the a.edu-servers.net name ser-
ver and print out the result. This will show you the information obtained in step 4
in the example above, and you will learn the name and IP address of the UW
name servers.
There are three technical points to discuss about this long scenario. First, two
different query mechanisms are at work in Fig. 7-6. When the host flits.cs.vu.nl
sends its query to the local name server, that name server handles the resolution
on behalf of flits until it has the desired answer to return. It does not return partial
answers. They might be helpful, but they are not what the query was seeking. This
mechanism is called a recursive query.

622 THE APPLICATION LAYER CHAP. 7
On the other hand, the root name server (and each subsequent name server)
does not recursively continue the query for the local name server. It just returns a
partial answer and moves on to the next query. The local name server is responsi-
ble for continuing the resolution by issuing further queries. This mechanism is
called an iterative query.
One name resolution can involve both mechanisms, as this example showed.
A recursive query may always seem preferable, but many name servers (especial-
ly the root) will not handle them. They are too busy. Iterative queries put the bur-
den on the originator. The rationale for the local name server supporting a recur-
sive query is that it is providing a service to hosts in its domain. Those hosts do
not have to be configured to run a full name server, just to reach the local one.
The second point is caching. All of the answers, including all the partial
answers returned, are cached. In this way, if another cs.vu.nl host queries for
robot.cs.washington.edu the answer will already be known. Even better, if a host
queries for a different host in the same domain, say galah.cs.washington.edu, the
query can be sent directly to the authoritative name server. Similarly, queries for
other domains in washington.edu can start directly from the washington.edu name
server. Using cached answers greatly reduces the steps in a query and improves
performance. The original scenario we sketched is in fact the worst case that oc-
curs when no useful information is cached.
However, cached answers are not authoritative, since changes made at
cs.washington.edu will not be propagated to all the caches in the world that may
know about it. For this reason, cache entries should not live too long. This is the
reason that the Time to live field is included in each resource record. It tells re-
mote name servers how long to cache records. If a certain machine has had the
same IP address for years, it may be safe to cache that information for 1 day. For
more volatile information, it might be safer to purge the records after a few sec-
onds or a minute.
The third issue is the transport protocol that is used for the queries and re-
sponses. It is UDP. DNS messages are sent in UDP packets with a simple format
for queries, answers, and name servers that can be used to continue the resolution.
We will not go into the details of this format. If no response arrives within a short
time, the DNS client repeats the query, trying another server for the domain after
a small number of retries. This process is designed to handle the case of the ser-
ver being down as well as the query or response packet getting lost. A 16-bit
identifier is included in each query and copied to the response so that a name ser-
ver can match answers to the corresponding query, even if multiple queries are
outstanding at the same time.
Even though its purpose is simple, it should be clear that DNS is a large and
complex distributed system that is comprised of millions of name servers that
work together. It forms a key link between human-readable domain names and
the IP addresses of machines. It includes replication and caching for performance
and reliability and is designed to be highly robust.

SEC. 7.1 DNS—THE DOMAIN NAME SYSTEM 623
We have not covered security, but as you might imagine, the ability to change
the name-to-address mapping can have devastating consequences if done mali-
ciously. For that reason, security extensions called DNSSEC have been developed
for DNS. We will describe them in Chap. 8.
There is also application demand to use names in more flexible ways, for ex-
ample, by naming content and resolving to the IP address of a nearby host that has
the content. This fits the model of searching for and downloading a movie. It is
the movie that matters, not the computer that has a copy of it, so all that is wanted
is the IP address of any nearby computer that has a copy of the movie. Content
distribution networks are one way to accomplish this mapping. We will describe
how they build on the DNS later in this chapter, in Sec. 7.5.
7.2 ELECTRONIC MAIL
Electronic mail, or more commonly email, has been around for over three
decades. Faster and cheaper than paper mail, email has been a popular applica-
tion since the early days of the Internet. Before 1990, it was mostly used in
academia. During the 1990s, it became known to the public at large and grew
exponentially, to the point where the number of emails sent per day now is vastly
more than the number of snail mail (i.e., paper) letters. Other forms of network
communication, such as instant messaging and voice-over-IP calls have expanded
greatly in use over the past decade, but email remains the workhorse of Internet
communication. It is widely used within industry for intracompany communica-
tion, for example, to allow far-flung employees all over the world to cooperate on
complex projects. Unfortunately, like paper mail, the majority of email—some 9
out of 10 messages—is junk mail or spam (McAfee, 2010).
Email, like most other forms of communication, has developed its own con-
ventions and styles. It is very informal and has a low threshold of use. People
who would never dream of calling up or even writing a letter to a Very Important
Person do not hesitate for a second to send a sloppily written email to him or her.
By eliminating most cues associated with rank, age, and gender, email debates
often focus on content, not status. With email, a brilliant idea from a summer stu-
dent can have more impact than a dumb one from an executive vice president.
Email is full of jargon such as BTW (By The Way), ROTFL (Rolling On The
Floor Laughing), and IMHO (In My Humble Opinion). Many people also use lit-
tle ASCII symbols called smileys, starting with the ubiquitous ‘‘:-)’’. Rotate the
book 90 degrees clockwise if this symbol is unfamiliar. This symbol and other
emoticons help to convey the tone of the message. They have spread to other
terse forms of communication, such as instant messaging.
The email protocols have evolved during the period of their use, too. The first
email systems simply consisted of file transfer protocols, with the convention that
the first line of each message (i.e., file) contained the recipient’s address. As time

624 THE APPLICATION LAYER CHAP. 7
went on, email diverged from file transfer and many features were added, such as
the ability to send one message to a list of recipients. Multimedia capabilities
became important in the 1990s to send messages with images and other non-text
material. Programs for reading email became much more sophisticated too, shift-
ing from text-based to graphical user interfaces and adding the ability for users to
access their mail from their laptops wherever they happen to be. Finally, with the
prevalence of spam, mail readers and the mail transfer protocols must now pay
attention to finding and removing unwanted email.
In our description of email, we will focus on the way that mail messages are
moved between users, rather than the look and feel of mail reader programs.
Nevertheless, after describing the overall architecture, we will begin with the
user-facing part of the email system, as it is familiar to most readers.
7.2.1 Architecture and Services
In this section, we will provide an overview of how email systems are organ-
ized and what they can do. The architecture of the email system is shown in
Fig. 7-7. It consists of two kinds of subsystems: the user agents, which allow
people to read and send email, and the message transfer agents, which move the
messages from the source to the destination. We will also refer to message trans-
fer agents informally as mail servers.
Message
Transfer Agent
Message
Transfer Agent
SMTP
Sender
User Agent
Mailbox
Receiver
User Agent
Email
1: Mail
submission
2: Message
transfer
3: Final
delivery
Figure 7-7. Architecture of the email system.
The user agent is a program that provides a graphical interface, or sometimes
a text- and command-based interface that lets users interact with the email system.
It includes a means to compose messages and replies to messages, display incom-
ing messages, and organize messages by filing, searching, and discarding them.
The act of sending new messages into the mail system for delivery is called mail
submission.
Some of the user agent processing may be done automatically, anticipating
what the user wants. For example, incoming mail may be filtered to extract or

SEC. 7.2 ELECTRONIC MAIL 625
deprioritize messages that are likely spam. Some user agents include advanced
features, such as arranging for automatic email responses (‘‘I’m having a wonder-
ful vacation and it will be a while before I get back to you’’). A user agent runs
on the same computer on which a user reads her mail. It is just another program
and may be run only some of the time.
The message transfer agents are typically system processes. They run in the
background on mail server machines and are intended to be always available.
Their job is to automatically move email through the system from the originator to
the recipient with SMTP (Simple Mail Transfer Protocol). This is the message
transfer step.
SMTP was originally specified as RFC 821 and revised to become the current
RFC 5321. It sends mail over connections and reports back the delivery status
and any errors. Numerous applications exist in which confirmation of delivery is
important and may even have legal significance (‘‘Well, Your Honor, my email
system is just not very reliable, so I guess the electronic subpoena just got lost
somewhere’’).
Message transfer agents also implement mailing lists, in which an identical
copy of a message is delivered to everyone on a list of email addresses. Other ad-
vanced features are carbon copies, blind carbon copies, high-priority email, secret
(i.e., encrypted) email, alternative recipients if the primary one is not currently
available, and the ability for assistants to read and answer their bosses’ email.
Linking user agents and message transfer agents are the concepts of mail-
boxes and a standard format for email messages. Mailboxes store the email that
is received for a user. They are maintained by mail servers. User agents simply
present users with a view of the contents of their mailboxes. To do this, the user
agents send the mail servers commands to manipulate the mailboxes, inspecting
their contents, deleting messages, and so on. The retrieval of mail is the final de-
livery (step 3) in Fig. 7-7. With this architecture, one user may use different user
agents on multiple computers to access one mailbox.
Mail is sent between message transfer agents in a standard format. The origi-
nal format, RFC 822, has been revised to the current RFC 5322 and extended with
support for multimedia content and international text. This scheme is called
MIME and will be discussed later. People still refer to Internet email as RFC 822,
though.
A key idea in the message format is the distinction between the envelope and
its contents. The envelope encapsulates the message. It contains all the infor-
mation needed for transporting the message, such as the destination address, prior-
ity, and security level, all of which are distinct from the message itself. The mes-
sage transport agents use the envelope for routing, just as the post office does.
The message inside the envelope consists of two separate parts: the header
and the body. The header contains control information for the user agents. The
body is entirely for the human recipient. None of the agents care much about it.
Envelopes and messages are illustrated in Fig. 7-8.

626 THE APPLICATION LAYER CHAP. 7
Mr. Daniel Dumkopf
18 Willow Lane
White Plains, NY 10604
United Gizmo
180 Main St
Boston, MA 02120
Sept. 1, 2010
Yours truly
United Gizmo
Yours truly
United Gizmo
Subject: Invoice 1081
Dear Mr. Dumkopf,
Our computer records
show that you still have
not paid the above invoice
of $0.00. Please send us a
check for $0.00 promptly.
Dear Mr. Dumkopf,
Our computer records
show that you still have
not paid the above invoice
of $0.00. Please send us a
check for $0.00 promptly.
Name: Mr. Daniel Dumkopf
Street: 18 Willow Lane
City: White Plains
State: NY
Zip code: 10604
Priority: Urgent
Encryption: None
From: United Gizmo
Address: 180 Main St.
Location: Boston, MA 02120
Date: Sept. 1, 2010
Subject: Invoice 1081
Envelope
Message
(a) (b)
B
od
y
H
ea
de
r
E
nv
el
op
e
44¢
Figure 7-8. Envelopes and messages. (a) Paper mail. (b) Electronic mail.
We will examine the pieces of this architecture in more detail by looking at
the steps that are involved in sending email from one user to another. This journey
starts with the user agent.
7.2.2 The User Agent
A user agent is a program (sometimes called an email reader) that accepts a
variety of commands for composing, receiving, and replying to messages, as well
as for manipulating mailboxes. There are many popular user agents, including
Google gmail, Microsoft Outlook, Mozilla Thunderbird, and Apple Mail. They
can vary greatly in their appearance. Most user agents have a menu- or icon-
driven graphical interface that requires a mouse, or a touch interface on smaller
mobile devices. Older user agents, such as Elm, mh, and Pine, provide text-based
interfaces and expect one-character commands from the keyboard. Functionally,
these are the same, at least for text messages.
The typical elements of a user agent interface are shown in Fig. 7-9. Your
mail reader is likely to be much flashier, but probably has equivalent functions.

SEC. 7.2 ELECTRONIC MAIL 627
When a user agent is started, it will usually present a summary of the messages in
the user’s mailbox. Often, the summary will have one line for each message in
some sorted order. It highlights key fields of the message that are extracted from
the message envelope or header.
Mail Folders
All items
Inbox
Networks
Travel
Junk Mail
Message summary
From
trudy
Andy
djw
Amy N. Wong
guido
lazowska
lazowska
. . .
. . . . . .
. . . . . .
Subject
Not all Trudys are nasty
Material on RFID privacy
Have you seen this?
Request for information
Re: Paper acceptance
More on that
New report out
Received
Today
Today
Mar 4
Mar 3
Mar 3
Mar 2
Mar 2
Mailbox search
!
A. Student
Dear Professor,
I recently completed my undergraduate studies with
distinction at an excellent university. I will be visiting your
Message folders
Search Graduate studies? Mar 1
Message
Figure 7-9. Typical elements of the user agent interface.
Seven summary lines are shown in the example of Fig. 7-9. The lines use the
From, Subject, and Received fields, in that order, to display who sent the message,
what it is about, and when it was received. All the information is formatted in a
user-friendly way rather than displaying the literal contents of the message fields,
but it is based on the message fields. Thus, people who fail to include a Subject
field often discover that responses to their emails tend not to get the highest prior-
ity.
Many other fields or indications are possible. The icons next to the message
subjects in Fig. 7-9 might indicate, for example, unread mail (the envelope), at-
tached material (the paperclip), and important mail, at least as judged by the send-
er (the exclamation point).
Many sorting orders are also possible. The most common is to order messages
based on the time that they were received, most recent first, with some indication
as to whether the message is new or has already been read by the user. The fields
in the summary and the sort order can be customized by the user according to her
preferences.
User agents must also be able to display incoming messages as needed so that
people can read their email. Often a short preview of a message is provided, as in
Fig. 7-9, to help users decide when to read further. Previews may use small icons
or images to describe the contents of the message. Other presentation processing

628 THE APPLICATION LAYER CHAP. 7
includes reformatting messages to fit the display, and translating or converting
contents to more convenient formats (e.g., digitized speech to recognized text).
After a message has been read, the user can decide what to do with it. This is
called message disposition. Options include deleting the message, sending a
reply, forwarding the message to another user, and keeping the message for later
reference. Most user agents can manage one mailbox for incoming mail with
multiple folders for saved mail. The folders allow the user to save message
according to sender, topic, or some other category.
Filing can be done automatically by the user agent as well, before the user
reads the messages. A common example is that the fields and contents of mes-
sages are inspected and used, along with feedback from the user about previous
messages, to determine if a message is likely to be spam. Many ISPs and com-
panies run software that labels mail as important or spam so that the user agent
can file it in the corresponding mailbox. The ISP and company have the advan-
tage of seeing mail for many users and may have lists of known spammers. If hun-
dreds of users have just received a similar message, it is probably spam. By
presorting incoming mail as ‘‘probably legitimate’’ and ‘‘probably spam,’’ the user
agent can save users a fair amount of work separating the good stuff from the
junk.
And the most popular spam? It is generated by collections of compromised
computers called botnets and its content depends on where you live. Fake diplo-
mas are topical in Asia, and cheap drugs and other dubious product offers are top-
ical in the U.S. Unclaimed Nigerian bank accounts still abound. Pills for enlarging
various body parts are common everywhere.
Other filing rules can be constructed by users. Each rule specifies a condition
and an action. For example, a rule could say that any message received from the
boss goes to one folder for immediate reading and any message from a particular
mailing list goes to another folder for later reading. Several folders are shown in
Fig. 7-9. The most important folders are the Inbox, for incoming mail not filed
elsewhere, and Junk Mail, for messages that are thought to be spam.
As well as explicit constructs like folders, user agents now provide rich capa-
bilities to search the mailbox. This feature is also shown in Fig. 7-9. Search capa-
bilities let users find messages quickly, such as the message about ‘‘where to buy
Vegemite’’ that someone sent in the last month.
Email has come a long way from the days when it was just file transfer. Pro-
viders now routinely support mailboxes with up to 1 GB of stored mail that details
a user’s interactions over a long period of time. The sophisticated mail handling
of user agents with search and automatic forms of processing is what makes it
possible to manage these large volumes of email. For people who send and re-
ceive thousands of messages a year, these tools are invaluable.
Another useful feature is the ability to automatically respond to messages in
some way. One response is to forward incoming email to a different address, for
example, a computer operated by a commercial paging service that pages the user

SEC. 7.2 ELECTRONIC MAIL 629
by using radio or satellite and displays the Subject: line on his pager. These auto-
responders must run in the mail server because the user agent may not run all the
time and may only occasionally retrieve email. Because of these factors, the user
agent cannot provide a true automatic response. However, the interface for
automatic responses is usually presented by the user agent.
A different example of an automatic response is a vacation agent. This is a
program that examines each incoming message and sends the sender an insipid
reply such as: ‘‘Hi. I’m on vacation. I’ll be back on the 24th of August. Talk to
you then.’’ Such replies can also specify how to handle urgent matters in the
interim, other people to contact for specific problems, etc. Most vacation agents
keep track of whom they have sent canned replies to and refrain from sending the
same person a second reply. There are pitfalls with these agents, however. For
example, it is not advisable to send a canned reply to a large mailing list.
Let us now turn to the scenario of one user sending a message to another user.
One of the basic features user agents support that we have not yet discussed is
mail composition. It involves creating messages and answers to messages and
sending these messages into the rest of the mail system for delivery. Although
any text editor can be used to create the body of the message, editors are usually
integrated with the user agent so that it can provide assistance with addressing and
the numerous header fields attached to each message. For example, when answer-
ing a message, the email system can extract the originator’s address from the in-
coming email and automatically insert it into the proper place in the reply. Other
common features are appending a signature block to the bottom of a message,
correcting spelling, and computing digital signatures that show the message is
valid.
Messages that are sent into the mail system have a standard format that must
be created from the information supplied to the user agent. The most important
part of the message for transfer is the envelope, and the most important part of the
envelope is the destination address. This address must be in a format that the
message transfer agents can deal with.
The expected form of an address is user@dns-address. Since we studied
DNS earlier in this chapter, we will not repeat that material here. However, it is
worth noting that other forms of addressing exist. In particular, X.400 addresses
look radically different from DNS addresses.
X.400 is an ISO standard for message-handling systems that was at one time a
competitor to SMTP. SMTP won out handily, though X.400 systems are still used,
mostly outside of the U.S. X.400 addresses are composed of attribute=value
pairs separated by slashes, for example,
/C=US/ST=MASSACHUSETTS/L=CAMBRIDGE/PA=360 MEMORIAL DR./CN=KEN SMITH/
This address specifies a country, state, locality, personal address, and common
name (Ken Smith). Many other attributes are possible, so you can send email to

630 THE APPLICATION LAYER CHAP. 7
someone whose exact email address you do not know, provided you know enough
other attributes (e.g., company and job title).
Although X.400 names are considerably less convenient than DNS names, the
issue is moot for user agents because they have user-friendly aliases (sometimes
called nicknames) that allow users to enter or select a person’s name and get the
correct email address. Consequently, it is usually not necessary to actually type in
these strange strings.
A final point we will touch on for sending mail is mailing lists, which let users
send the same message to a list of people with a single command. There are two
choices for how the mailing list is maintained. It might be maintained locally, by
the user agent. In this case, the user agent can just send a separate message to
each intended recipient.
Alternatively, the list may be maintained remotely at a message transfer
agent. Messages will then be expanded in the message transfer system, which has
the effect of allowing multiple users to send to the list. For example, if a group of
bird watchers has a mailing list called birders installed on the transfer agent
meadowlark.arizona.edu, any message sent to birders@meadowlark.arizona.edu
will be routed to the University of Arizona and expanded into individual messages
to all the mailing list members, wherever in the world they may be. Users of this
mailing list cannot tell that it is a mailing list. It could just as well be the personal
mailbox of Prof. Gabriel O. Birders.
7.2.3 Message Formats
Now we turn from the user interface to the format of the email messages
themselves. Messages sent by the user agent must be placed in a standard format
to be handled by the message transfer agents. First we will look at basic ASCII
email using RFC 5322, which is the latest revision of the original Internet mes-
sage format as described in RFC 822. After that, we will look at multimedia ex-
tensions to the basic format.
RFC 5322—The Internet Message Format
Messages consist of a primitive envelope (described as part of SMTP in RFC
5321), some number of header fields, a blank line, and then the message body.
Each header field (logically) consists of a single line of ASCII text containing the
field name, a colon, and, for most fields, a value. The original RFC 822 was de-
signed decades ago and did not clearly distinguish the envelope fields from the
header fields. Although it has been revised to RFC 5322, completely redoing it
was not possible due to its widespread usage. In normal usage, the user agent
builds a message and passes it to the message transfer agent, which then uses
some of the header fields to construct the actual envelope, a somewhat old-
fashioned mixing of message and envelope.

SEC. 7.2 ELECTRONIC MAIL 631
The principal header fields related to message transport are listed in Fig. 7-10.
The To: field gives the DNS address of the primary recipient. Having multiple re-
cipients is also allowed. The Cc: field gives the addresses of any secondary recip-
ients. In terms of delivery, there is no distinction between the primary and sec-
ondary recipients. It is entirely a psychological difference that may be important
to the people involved but is not important to the mail system. The term Cc: (Car-
bon copy) is a bit dated, since computers do not use carbon paper, but it is well es-
tablished. The Bcc: (Blind carbon copy) field is like the Cc: field, except that this
line is deleted from all the copies sent to the primary and secondary recipients.
This feature allows people to send copies to third parties without the primary and
secondary recipients knowing this.
Header Meaning
To: Email address(es) of primary recipient(s)
Cc: Email address(es) of secondary recipient(s)
Bcc: Email address(es) for blind carbon copies
From: Person or people who created the message
Sender: Email address of the actual sender
Received: Line added by each transfer agent along the route
Return-Path: Can be used to identify a path back to the sender
Figure 7-10. RFC 5322 header fields related to message transport.
The next two fields, From: and Sender:, tell who wrote and sent the message,
respectively. These need not be the same. For example, a business executive
may write a message, but her assistant may be the one who actually transmits it.
In this case, the executive would be listed in the From: field and the assistant in
the Sender: field. The From: field is required, but the Sender: field may be omit-
ted if it is the same as the From: field. These fields are needed in case the mes-
sage is undeliverable and must be returned to the sender.
A line containing Received: is added by each message transfer agent along the
way. The line contains the agent’s identity, the date and time the message was re-
ceived, and other information that can be used for debugging the routing system.
The Return-Path: field is added by the final message transfer agent and was
intended to tell how to get back to the sender. In theory, this information can be
gathered from all the Received: headers (except for the name of the sender’s mail-
box), but it is rarely filled in as such and typically just contains the sender’s ad-
dress.
In addition to the fields of Fig. 7-10, RFC 5322 messages may also contain a
variety of header fields used by the user agents or human recipients. The most
common ones are listed in Fig. 7-11. Most of these are self-explanatory, so we
will not go into all of them in much detail.

632 THE APPLICATION LAYER CHAP. 7
Header Meaning
Date: The date and time the message was sent
Reply-To: Email address to which replies should be sent
Message-Id: Unique number for referencing this message later
In-Reply-To: Message-Id of the message to which this is a reply
References: Other relevant Message-Ids
Keywords: User-chosen keywords
Subject: Short summary of the message for the one-line display
Figure 7-11. Some fields used in the RFC 5322 message header.
The Reply-To: field is sometimes used when neither the person composing the
message nor the person sending the message wants to see the reply. For example,
a marketing manager may write an email message telling customers about a new
product. The message is sent by an assistant, but the Reply-To: field lists the head
of the sales department, who can answer questions and take orders. This field is
also useful when the sender has two email accounts and wants the reply to go to
the other one.
The Message-Id: is an automatically generated number that is used to link
messages together (e.g., when used in the In-Reply-To: field) and to prevent dupli-
cate delivery.
The RFC 5322 document explicitly says that users are allowed to invent op-
tional headers for their own private use. By convention since RFC 822, these
headers start with the string X-. It is guaranteed that no future headers will use
names starting with X-, to avoid conflicts between official and private headers.
Sometimes wiseguy undergraduates make up fields like X-Fruit-of-the-Day: or
X-Disease-of-the-Week:, which are legal, although not always illuminating.
After the headers comes the message body. Users can put whatever they want
here. Some people terminate their messages with elaborate signatures, including
quotations from greater and lesser authorities, political statements, and disclai-
mers of all kinds (e.g., The XYZ Corporation is not responsible for my opinions;
in fact, it cannot even comprehend them).
MIME—The Multipurpose Internet Mail Extensions
In the early days of the ARPANET, email consisted exclusively of text mes-
sages written in English and expressed in ASCII. For this environment, the early
RFC 822 format did the job completely: it specified the headers but left the con-
tent entirely up to the users. In the 1990s, the worldwide use of the Internet and
demand to send richer content through the mail system meant that this approach
was no longer adequate. The problems included sending and receiving messages

SEC. 7.2 ELECTRONIC MAIL 633
in languages with accents (e.g., French and German), non-Latin alphabets (e.g.,
Hebrew and Russian), or no alphabets (e.g., Chinese and Japanese), as well as
sending messages not containing text at all (e.g., audio, images, or binary docu-
ments and programs).
The solution was the development of MIME (Multipurpose Internet Mail
Extensions). It is widely used for mail messages that are sent across the Internet,
as well as to describe content for other applications such as Web browsing.
MIME is described in RFCs 2045–2047, 4288, 4289, and 2049.
The basic idea of MIME is to continue to use the RFC 822 format (the precur-
sor to RFC 5322 the time MIME was proposed) but to add structure to the mes-
sage body and define encoding rules for the transfer of non-ASCII messages. Not
deviating from RFC 822 allowed MIME messages to be sent using the existing
mail transfer agents and protocols (based on RFC 821 then, and RFC 5321 now).
All that had to be changed were the sending and receiving programs, which users
could do for themselves.
MIME defines five new message headers, as shown in Fig. 7-12. The first of
these simply tells the user agent receiving the message that it is dealing with a
MIME message, and which version of MIME it uses. Any message not con-
taining a MIME-Version: header is assumed to be an English plaintext message
(or at least one using only ASCII characters) and is processed as such.
Header Meaning
MIME-Version: Identifies the MIME version
Content-Description: Human-readable string telling what is in the message
Content-Id: Unique identifier
Content-Transfer-Encoding: How the body is wrapped for transmission
Content-Type: Type and format of the content
Figure 7-12. Message headers added by MIME.
The Content-Description: header is an ASCII string telling what is in the mes-
sage. This header is needed so the recipient will know whether it is worth decod-
ing and reading the message. If the string says ‘‘Photo of Barbara’s hamster’’ and
the person getting the message is not a big hamster fan, the message will probably
be discarded rather than decoded into a high-resolution color photograph.
The Content-Id: header identifies the content. It uses the same format as the
standard Message-Id: header.
The Content-Transfer-Encoding: tells how the body is wrapped for transmis-
sion through the network. A key problem at the time MIME was developed was
that the mail transfer (SMTP) protocols expected ASCII messages in which no
line exceeded 1000 characters. ASCII characters use 7 bits out of each 8-bit byte.
Binary data such as executable programs and images use all 8 bits of each byte, as

634 THE APPLICATION LAYER CHAP. 7
do extended character sets. There was no guarantee this data would be transferred
safely. Hence, some method of carrying binary data that made it look like a regu-
lar ASCII mail message was needed. Extensions to SMTP since the development
of MIME do allow 8-bit binary data to be transferred, though even today binary
data may not always go through the mail system correctly if unencoded.
MIME provides five transfer encoding schemes, plus an escape to new
schemes—just in case. The simplest scheme is just ASCII text messages. ASCII
characters use 7 bits and can be carried directly by the email protocol, provided
that no line exceeds 1000 characters.
The next simplest scheme is the same thing, but using 8-bit characters, that is,
all values from 0 up to and including 255 are allowed. Messages using the 8-bit
encoding must still adhere to the standard maximum line length.
Then there are messages that use a true binary encoding. These are arbitrary
binary files that not only use all 8 bits but also do not adhere to the 1000-character
line limit. Executable programs fall into this category. Nowadays, mail servers
can negotiate to send data in binary (or 8-bit) encoding, falling back to ASCII if
both ends do not support the extension.
The ASCII encoding of binary data is called base64 encoding. In this
scheme, groups of 24 bits are broken up into four 6-bit units, with each unit being
sent as a legal ASCII character. The coding is ‘‘A’’ for 0, ‘‘B’’ for 1, and so on,
followed by the 26 lowercase letters, the 10 digits, and finally + and / for 62 and
63, respectively. The == and = sequences indicate that the last group contained
only 8 or 16 bits, respectively. Carriage returns and line feeds are ignored, so
they can be inserted at will in the encoded character stream to keep the lines short
enough. Arbitrary binary text can be sent safely using this scheme, albeit ineffi-
ciently. This encoding was very popular before binary-capable mail servers were
widely deployed. It is still commonly seen.
For messages that are almost entirely ASCII but with a few non-ASCII char-
acters, base64 encoding is somewhat inefficient. Instead, an encoding known as
quoted-printable encoding is used. This is just 7-bit ASCII, with all the charac-
ters above 127 encoded as an equals sign followed by the character’s value as two
hexadecimal digits. Control characters, some punctuation marks and math symb-
ols, as well as trailing spaces are also so encoded.
Finally, when there are valid reasons not to use one of these schemes, it is
possible to specify a user-defined encoding in the Content-Transfer-Encoding:
header.
The last header shown in Fig. 7-12 is really the most interesting one. It speci-
fies the nature of the message body and has had an impact well beyond email. For
instance, content downloaded from the Web is labeled with MIME types so that
the browser knows how to present it. So is content sent over streaming media and
real-time transports such as voice over IP.
Initially, seven MIME types were defined in RFC 1521. Each type has one or
more available subtypes. The type and subtype are separated by a slash, as in

SEC. 7.2 ELECTRONIC MAIL 635
‘‘Content-Type: video/mpeg’’. Since then, hundreds of subtypes have been added,
along with another type. Additional entries are being added all the time as new
types of content are developed. The list of assigned types and subtypes is main-
tained online by IANA at www.iana.org/assignments/media-types.
The types, along with examples of commonly used subtypes, are given in
Fig. 7-13. Let us briefly go through them, starting with text. The text/plain com-
bination is for ordinary messages that can be displayed as received, with no en-
coding and no further processing. This option allows ordinary messages to be
transported in MIME with only a few extra headers. The text/html subtype was
added when the Web became popular (in RFC 2854) to allow Web pages to be
sent in RFC 822 email. A subtype for the eXtensible Markup Language, text/xml,
is defined in RFC 3023. XML documents have proliferated with the development
of the Web. We will study HTML and XML in Sec. 7.3.
Type Example subtypes Description
text plain, html, xml, css Text in various formats
image gif, jpeg, tiff Pictures
audio basic, mpeg, mp4 Sounds
video mpeg, mp4, quicktime Movies
model vrml 3D model
application octet-stream, pdf, javascript, zip Data produced by applications
message http, rfc822 Encapsulated message
multipart mixed, alternative, parallel, digest Combination of multiple types
Figure 7-13. MIME content types and example subtypes.
The next MIME type is image, which is used to transmit still pictures. Many
formats are widely used for storing and transmitting images nowadays, both with
and without compression. Several of these, including GIF, JPEG, and TIFF, are
built into nearly all browsers. Many other formats and corresponding subtypes
exist as well.
The audio and video types are for sound and moving pictures, respectively.
Please note that video may include only the visual information, not the sound. If
a movie with sound is to be transmitted, the video and audio portions may have to
be transmitted separately, depending on the encoding system used. The first video
format defined was the one devised by the modestly named Moving Picture
Experts Group (MPEG), but others have been added since. In addition to
audio/basic, a new audio type, audio/mpeg, was added in RFC 3003 to allow peo-
ple to email MP3 audio files. The video/mp4 and audio/mp4 types signal video
and audio data that are stored in the newer MPEG 4 format.
The model type was added after the other content types. It is intended for
describing 3D model data. However, it has not been widely used to date.

www.iana.org/assignments/media-types

636 THE APPLICATION LAYER CHAP. 7
The application type is a catchall for formats that are not covered by one of
the other types and that require an application to interpret the data. We have lis-
ted the subtypes pdf, javascript, and zip as examples for PDF documents, Java-
Script programs, and Zip archives, respectively. User agents that receive this con-
tent use a third-party library or external program to display the content; the dis-
play may or may not appear to be integrated with the user agent.
By using MIME types, user agents gain the extensibility to handle new types
of application content as it is developed. This is a significant benefit. On the other
hand, many of the new forms of content are executed or interpreted by applica-
tions, which presents some dangers. Obviously, running an arbitrary executable
program that has arrived via the mail system from ‘‘friends’’ poses a security haz-
ard. The program may do all sorts of nasty damage to the parts of the computer to
which it has access, especially if it can read and write files and use the network.
Less obviously, document formats can pose the same hazards. This is because
formats such as PDF are full-blown programming languages in disguise. While
they are interpreted and restricted in scope, bugs in the interpreter often allow
devious documents to escape the restrictions.
Besides these examples, there are many more application subtypes because
there are many more applications. As a fallback to be used when no other subtype
is known to be more fitting, the octet-stream subtype denotes a sequence of unin-
terpreted bytes. Upon receiving such a stream, it is likely that a user agent will
display it by suggesting to the user that it be copied to a file. Subsequent proc-
essing is then up to the user, who presumably knows what kind of content it is.
The last two types are useful for composing and manipulating messages them-
selves. The message type allows one message to be fully encapsulated inside an-
other. This scheme is useful for forwarding email, for example. When a com-
plete RFC 822 message is encapsulated inside an outer message, the rfc822 sub-
type should be used. Similarly, it is common for HTML documents to be encap-
sulated. And the partial subtype makes it possible to break an encapsulated mes-
sage into pieces and send them separately (for example, if the encapsulated mes-
sage is too long). Parameters make it possible to reassemble all the parts at the
destination in the correct order.
Finally, the multipart type allows a message to contain more than one part,
with the beginning and end of each part being clearly delimited. The mixed sub-
type allows each part to be a different type, with no additional structure imposed.
Many email programs allow the user to provide one or more attachments to a text
message. These attachments are sent using the multipart type.
In contrast to mixed, the alternative subtype allows the same message to be
included multiple times but expressed in two or more different media. For ex-
ample, a message could be sent in plain ASCII, in HMTL, and in PDF. A properly
designed user agent getting such a message would display it according to user
preferences. Likely PDF would be the first choice, if that is possible. The second
choice would be HTML. If neither of these were possible, then the flat ASCII

SEC. 7.2 ELECTRONIC MAIL 637
text would be displayed. The parts should be ordered from simplest to most com-
plex to help recipients with pre-MIME user agents make some sense of the mes-
sage (e.g., even a pre-MIME user can read flat ASCII text).
The alternative subtype can also be used for multiple languages. In this con-
text, the Rosetta Stone can be thought of as an early multipart/alternative mes-
sage.
Of the other two example subtypes, the parallel subtype is used when all parts
must be ‘‘viewed’’ simultaneously. For example, movies often have an audio
channel and a video channel. Movies are more effective if these two channels are
played back in parallel, instead of consecutively. The digest subtype is used when
multiple messages are packed together into a composite message. For example,
some discussion groups on the Internet collect messages from subscribers and
then send them out to the group periodically as a single multipart/digest message.
As an example of how MIME types may be used for email messages, a multi-
media message is shown in Fig. 7-14. Here, a birthday greeting is transmitted in
alternative forms as HTML and as an audio file. Assuming the receiver has audio
capability, the user agent there will play the sound file. In this example, the sound
is carried by reference as a message/external-body subtype, so first the user agent
must fetch the sound file birthday.snd using FTP. If the user agent has no audio
capability, the lyrics are displayed on the screen in stony silence. The two parts
are delimited by two hyphens followed by a (software-generated) string specified
in the boundary parameter.
Note that the Content-Type header occurs in three positions within this ex-
ample. At the top level, it indicates that the message has multiple parts. Within
each part, it gives the type and subtype of that part. Finally, within the body of
the second part, it is required to tell the user agent what kind of external file it is
to fetch. To indicate this slight difference in usage, we have used lowercase let-
ters here, although all headers are case insensitive. The Content-Transfer-En-
coding is similarly required for any external body that is not encoded as 7-bit
ASCII.
7.2.4 Message Transfer
Now that we have described user agents and mail messages, we are ready to
look at how the message transfer agents relay messages from the originator to the
recipient. The mail transfer is done with the SMTP protocol.
The simplest way to move messages is to establish a transport connection
from the source machine to the destination machine and then just transfer the mes-
sage. This is how SMTP originally worked. Over the years, however, two dif-
ferent uses of SMTP have been differentiated. The first use is mail submission,
step 1 in the email architecture of Fig. 7-7. This is the means by which user
agents send messages into the mail system for delivery. The second use is to
transfer messages between message transfer agents (step 2 in Fig. 7-7). This

638 THE APPLICATION LAYER CHAP. 7
From: alice@cs.washington.edu
To: bob@ee.uwa.edu.au
MIME-Version: 1.0
Message-Id: <0704760941.AA00747@cs.washington.edu>
Content-Type: multipart/alternative; boundary=qwertyuiopasdfghjklzxcvbnm
Subject: Earth orbits sun integral number of times
This is the preamble. The user agent ignores it. Have a nice day.
–qwertyuiopasdfghjklzxcvbnm
Content-Type: text/html

Happy birthday to you
Happy birthday to you
Happy birthday dear Bob
Happy birthday to you

–qwertyuiopasdfghjklzxcvbnm
Content-Type: message/external-body;
access-type=”anon-ftp”;
site=”bicycle.cs.washington.edu”;
directory=”pub”;
name=”birthday.snd”
content-type: audio/basic
content-transfer-encoding: base64
–qwertyuiopasdfghjklzxcvbnm–
Figure 7-14. A multipart message containing HTML and audio alternatives.
sequence delivers mail all the way from the sending to the receiving message
transfer agent in one hop. Final delivery is accomplished with different protocols
that we will describe in the next section.
In this section, we will describe the basics of the SMTP protocol and its ex-
tension mechanism. Then we will discuss how it is used differently for mail sub-
mission and message transfer.
SMTP (Simple Mail Transfer Protocol) and Extensions
Within the Internet, email is delivered by having the sending computer estab-
lish a TCP connection to port 25 of the receiving computer. Listening to this port
is a mail server that speaks SMTP (Simple Mail Transfer Protocol). This ser-
ver accepts incoming connections, subject to some security checks, and accepts
messages for delivery. If a message cannot be delivered, an error report con-
taining the first part of the undeliverable message is returned to the sender.
SMTP is a simple ASCII protocol. This is not a weakness but a feature.
Using ASCII text makes protocols easy to develop, test, and debug. They can be

SEC. 7.2 ELECTRONIC MAIL 639
tested by sending commands manually, and records of the messages are easy to
read. Most application-level Internet protocols now work this way (e.g., HTTP).
We will walk through a simple message transfer between mail servers that de-
livers a message. After establishing the TCP connection to port 25, the sending
machine, operating as the client, waits for the receiving machine, operating as the
server, to talk first. The server starts by sending a line of text giving its identity
and telling whether it is prepared to receive mail. If it is not, the client releases
the connection and tries again later.
If the server is willing to accept email, the client announces whom the email
is coming from and whom it is going to. If such a recipient exists at the destina-
tion, the server gives the client the go-ahead to send the message. Then the client
sends the message and the server acknowledges it. No checksums are needed be-
cause TCP provides a reliable byte stream. If there is more email, that is now
sent. When all the email has been exchanged in both directions, the connection is
released. A sample dialog for sending the message of Fig. 7-14, including the
numerical codes used by SMTP, is shown in Fig. 7-15. The lines sent by the cli-
ent (i.e., the sender) are marked C:. Those sent by the server (i.e., the receiver)
are marked S:.
The first command from the client is indeed meant to be HELO. Of the vari-
ous four-character abbreviations for HELLO, this one has numerous advantages
over its biggest competitor. Why all the commands had to be four characters has
been lost in the mists of time.
In Fig. 7-15, the message is sent to only one recipient, so only one RCPT
command is used. Such commands are allowed to send a single message to multi-
ple receivers. Each one is individually acknowledged or rejected. Even if some
recipients are rejected (because they do not exist at the destination), the message
can be sent to the other ones.
Finally, although the syntax of the four-character commands from the client is
rigidly specified, the syntax of the replies is less rigid. Only the numerical code
really counts. Each implementation can put whatever string it wants after the
code.
The basic SMTP works well, but it is limited in several respects. It does not
include authentication. This means that the FROM command in the example could
give any sender address that it pleases. This is quite useful for sending spam. An-
other limitation is that SMTP transfers ASCII messages, not binary data. This is
why the base64 MIME content transfer encoding was needed. However, with that
encoding the mail transmission uses bandwidth inefficiently, which is an issue for
large messages. A third limitation is that SMTP sends messages in the clear. It
has no encryption to provide a measure of privacy against prying eyes.
To allow these and many other problems related to message processing to be
addressed, SMTP was revised to have an extension mechanism. This mechanism
is a mandatory part of the RFC 5321 standard. The use of SMTP with extensions
is called ESMTP (Extended SMTP).

640 THE APPLICATION LAYER CHAP. 7
S: 220 ee.uwa.edu.au SMTP service ready
C: HELO abcd.com
S: 250 cs.washington.edu says hello to ee.uwa.edu.au
C: MAIL FROM:
S: 250 sender ok
C: RCPT TO:
S: 250 recipient ok
C: DATA
S: 354 Send mail; end with “.” on a line by itself
C: From: alice@cs.washington.edu
C: To: bob@ee.uwa.edu.au
C: MIME-Version: 1.0
C: Message-Id: <0704760941.AA00747@ee.uwa.edu.au>
C: Content-Type: multipart/alternative; boundary=qwertyuiopasdfghjklzxcvbnm
C: Subject: Earth orbits sun integral number of times
C:
C: This is the preamble. The user agent ignores it. Have a nice day.
C:
C: –qwertyuiopasdfghjklzxcvbnm
C: Content-Type: text/html
C:
C:

Happy birthday to you
C: Happy birthday to you
C: Happy birthday dear Bob
C: Happy birthday to you
C:
C: –qwertyuiopasdfghjklzxcvbnm
C: Content-Type: message/external-body;
C: access-type=”anon-ftp”;
C: site=”bicycle.cs.washington.edu”;
C: directory=”pub”;
C: name=”birthday.snd”
C:
C: content-type: audio/basic
C: content-transfer-encoding: base64
C: –qwertyuiopasdfghjklzxcvbnm
C: .
S: 250 message accepted
C: QUIT
S: 221 ee.uwa.edu.au closing connection
Figure 7-15. Sending a message from alice@cs.washington.edu to bob@ee.uwa.edu.au.
Clients wanting to use an extension send an EHLO message instead of HELO
initially. If this is rejected, the server is a regular SMTP server, and the client
should proceed in the usual way. If the EHLO is accepted, the server replies with
the extensions that it supports. The client may then use any of these extensions.
Several common extensions are shown in Fig. 7-16. The figure gives the keyword

SEC. 7.2 ELECTRONIC MAIL 641
as used in the extension mechanism, along with a description of the new func-
tionality. We will not go into extensions in further detail.
Keyword Description
AUTH Client authentication
BINARYMIME Server accepts binary messages
CHUNKING Server accepts large messages in chunks
SIZE Check message size before trying to send
STARTTLS Switch to secure transport (TLS; see Chap. 8)
UTF8SMTP Internationalized addresses
Figure 7-16. Some SMTP extensions.
To get a better feel for how SMTP and some of the other protocols described
in this chapter work, try them out. In all cases, first go to a machine connected to
the Internet. On a UNIX (or Linux) system, in a shell, type
telnet mail.isp.com 25
substituting the DNS name of your ISP’s mail server for mail.isp.com. On a Win-
dows XP system, click on Start, then Run, and type the command in the dialog
box. On a Vista or Windows 7 machine, you may have to first install the telnet
program (or equivalent) and then start it yourself. This command will establish a
telnet (i.e., TCP) connection to port 25 on that machine. Port 25 is the SMTP
port; see Fig. 6-34 for the ports for other common protocols. You will probably
get a response something like this:
Trying 192.30.200.66…
Connected to mail.isp.com
Escape character is ’ˆ]’.
220 mail.isp.com Smail #74 ready at Thu, 25 Sept 2002 13:26 +0200
The first three lines are from telnet, telling you what it is doing. The last line is
from the SMTP server on the remote machine, announcing its willingness to talk
to you and accept email. To find out what commands it accepts, type
HELP
From this point on, a command sequence such as the one in Fig. 7-16 is possible if
the server is willing to accept mail from you.
Mail Submission
Originally, user agents ran on the same computer as the sending message
transfer agent. In this setting, all that is required to send a message is for the user
agent to talk to the local mail server, using the dialog that we have just described.
However, this setting is no longer the usual case.

642 THE APPLICATION LAYER CHAP. 7
User agents often run on laptops, home PCs, and mobile phones. They are not
always connected to the Internet. Mail transfer agents run on ISP and company
servers. They are always connected to the Internet. This difference means that a
user agent in Boston may need to contact its regular mail server in Seattle to send
a mail message because the user is traveling.
By itself, this remote communication poses no problem. It is exactly what the
TCP/IP protocols are designed to support. However, an ISP or company usually
does not want any remote user to be able to submit messages to its mail server to
be delivered elsewhere. The ISP or company is not running the server as a public
service. In addition, this kind of open mail relay attracts spammers. This is be-
cause it provides a way to launder the original sender and thus make the message
more difficult to identify as spam.
Given these considerations, SMTP is normally used for mail submission with
the AUTH extension. This extension lets the server check the credentials (user-
name and password) of the client to confirm that the server should be providing
mail service.
There are several other differences in the way SMTP is used for mail submis-
sion. For example, port 587 is used in preference to port 25 and the SMTP server
can check and correct the format of the messages sent by the user agent. For
more information about the restricted use of SMTP for mail submission, please
see RFC 4409.
Message Transfer
Once the sending mail transfer agent receives a message from the user agent,
it will deliver it to the receiving mail transfer agent using SMTP. To do this, the
sender uses the destination address. Consider the message in Fig. 7-15, addressed
to bob@ee.uwa.edu.au. To what mail server should the message be delivered?
To determine the correct mail server to contact, DNS is consulted. In the pre-
vious section, we described how DNS contains multiple types of records, includ-
ing the MX, or mail exchanger, record. In this case, a DNS query is made for the
MX records of the domain ee.uwa.edu.au. This query returns an ordered list of the
names and IP addresses of one or more mail servers.
The sending mail transfer agent then makes a TCP connection on port 25 to
the IP address of the mail server to reach the receiving mail transfer agent, and
uses SMTP to relay the message. The receiving mail transfer agent will then place
mail for the user bob in the correct mailbox for Bob to read it at a later time. This
local delivery step may involve moving the message among computers if there is
a large mail infrastructure.
With this delivery process, mail travels from the initial to the final mail trans-
fer agent in a single hop. There are no intermediate servers in the message transfer
stage. It is possible, however, for this delivery process to occur multiple times.
One example that we have described already is when a message transfer agent

SEC. 7.2 ELECTRONIC MAIL 643
implements a mailing list. In this case, a message is received for the list. It is then
expanded as a message to each member of the list that is sent to the individual
member addresses.
As another example of relaying, Bob may have graduated from M.I.T. and
also be reachable via the address bob@alum.mit.edu. Rather than reading mail on
multiple accounts, Bob can arrange for mail sent to this address to be forwarded to
bob@ee.uwa.edu. In this case, mail sent to bob@alum.mit.edu will undergo two
deliveries. First, it will be sent to the mail server for alum.mit.edu. Then, it will be
sent to the mail server for ee.uwa.edu.au. Each of these legs is a complete and
separate delivery as far as the mail transfer agents are concerned.
Another consideration nowadays is spam. Nine out of ten messages sent today
are spam (McAfee, 2010). Few people want more spam, but it is hard to avoid
because it masquerades as regular mail. Before accepting a message, additional
checks may be made to reduce the opportunities for spam. The message for Bob
was sent from alice@cs.washington.edu . The receiving mail transfer agent can
look up the sending mail transfer agent in DNS. This lets it check that the IP ad-
dress of the other end of the TCP connection matches the DNS name. More gen-
erally, the receiving agent may look up the sending domain in DNS to see if it has
a mail sending policy. This information is often given in the TXT and SPF
records. It may indicate that other checks can be made. For example, mail sent
from cs.washington.edu may always be sent from the host june.cs.washington.edu.
If the sending mail transfer agent is not june, there is a problem.
If any of these checks fail, the mail is probably being forged with a fake send-
ing address. In this case, it is discarded. However, passing these checks does not
imply that mail is not spam. The checks merely ensure that the mail seems to be
coming from the region of the network that it purports to come from. The idea is
that spammers should be forced to use the correct sending address when they send
mail. This makes spam easier to recognize and delete when it is unwanted.
7.2.5 Final Delivery
Our mail message is almost delivered. It has arrived at Bob’s mailbox. All
that remains is to transfer a copy of the message to Bob’s user agent for display.
This is step 3 in the architecture of Fig. 7-7. This task was straightforward in the
early Internet, when the user agent and mail transfer agent ran on the same ma-
chine as different processes. The mail transfer agent simply wrote new messages
to the end of the mailbox file, and the user agent simply checked the mailbox file
for new mail.
Nowadays, the user agent on a PC, laptop, or mobile, is likely to be on a dif-
ferent machine than the ISP or company mail server. Users want to be able to ac-
cess their mail remotely, from wherever they are. They want to access email from
work, from their home PCs, from their laptops when on business trips, and from
cybercafes when on so-called vacation. They also want to be able to work offline,

644 THE APPLICATION LAYER CHAP. 7
then reconnect to receive incoming mail and send outgoing mail. Moreover, each
user may run several user agents depending on what computer it is convenient to
use at the moment. Several user agents may even be running at the same time.
In this setting, the job of the user agent is to present a view of the contents of
the mailbox, and to allow the mailbox to be remotely manipulated. Several dif-
ferent protocols can be used for this purpose, but SMTP is not one of them. SMTP
is a push-based protocol. It takes a message and connects to a remote server to
transfer the message. Final delivery cannot be achieved in this manner both be-
cause the mailbox must continue to be stored on the mail transfer agent and be-
cause the user agent may not be connected to the Internet at the moment that
SMTP attempts to relay messages.
IMAP—The Internet Message Access Protocol
One of the main protocols that is used for final delivery is IMAP (Internet
Message Access Protocol). Version 4 of the protocol is defined in RFC 3501.
To use IMAP, the mail server runs an IMAP server that listens to port 143. The
user agent runs an IMAP client. The client connects to the server and begins to
issue commands from those listed in Fig. 7-17.
First, the client will start a secure transport if one is to be used (in order to
keep the messages and commands confidential), and then log in or otherwise
authenticate itself to the server. Once logged in, there are many commands to list
folders and messages, fetch messages or even parts of messages, mark messages
with flags for later deletion, and organize messages into folders. To avoid confu-
sion, please note that we use the term ‘‘folder’’ here to be consistent with the rest
of the material in this section, in which a user has a single mailbox made up of
multiple folders. However, in the IMAP specification, the term mailbox is used
instead. One user thus has many IMAP mailboxes, each of which is typically pres-
ented to the user as a folder.
IMAP has many other features, too. It has the ability to address mail not by
message number, but by using attributes (e.g., give me the first message from
Alice). Searches can be performed on the server to find the messages that satisfy
certain criteria so that only those messages are fetched by the client.
IMAP is an improvement over an earlier final delivery protocol, POP3 (Post
Office Protocol, version 3), which is specified in RFC 1939. POP3 is a simpler
protocol but supports fewer features and is less secure in typical usage. Mail is
usually downloaded to the user agent computer, instead of remaining on the mail
server. This makes life easier on the server, but harder on the user. It is not easy to
read mail on multiple computers, plus if the user agent computer breaks, all email
may be lost permanently. Nonetheless, you will still find POP3 in use.
Proprietary protocols can also be used because the protocol runs between a
mail server and user agent that can be supplied by the same company. Microsoft
Exchange is a mail system with a proprietary protocol.

SEC. 7.2 ELECTRONIC MAIL 645
Command Description
CAPABILITY List server capabilities
STARTTLS Start secure transport (TLS; see Chap. 8)
LOGIN Log on to server
AUTHENTICATE Log on with other method
SELECT Select a folder
EXAMINE Select a read-only folder
CREATE Create a folder
DELETE Delete a folder
RENAME Rename a folder
SUBSCRIBE Add folder to active set
UNSUBSCRIBE Remove folder from active set
LIST List the available folders
LSUB List the active folders
STATUS Get the status of a folder
APPEND Add a message to a folder
CHECK Get a checkpoint of a folder
FETCH Get messages from a folder
SEARCH Find messages in a folder
STORE Alter message flags
COPY Make a copy of a message in a folder
EXPUNGE Remove messages flagged for deletion
UID Issue commands using unique identifiers
NOOP Do nothing
CLOSE Remove flagged messages and close folder
LOGOUT Log out and close connection
Figure 7-17. IMAP (version 4) commands.
Webmail
An increasingly popular alternative to IMAP and SMTP for providing email
service is to use the Web as an interface for sending and receiving mail. Widely
used Webmail systems include Google Gmail, Microsoft Hotmail and Yahoo!
Mail. Webmail is one example of software (in this case, a mail user agent) that is
provided as a service using the Web.
In this architecture, the provider runs mail servers as usual to accept messages
for users with SMTP on port 25. However, the user agent is different. Instead of

646 THE APPLICATION LAYER CHAP. 7
being a standalone program, it is a user interface that is provided via Web pages.
This means that users can use any browser they like to access their mail and send
new messages.
We have not yet studied the Web, but a brief description that you might come
back to is as follows. When the user goes to the email Web page of the provider, a
form is presented in which the user is asked for a login name and password. The
login name and password are sent to the server, which then validates them. If the
login is successful, the server finds the user’s mailbox and builds a Web page list-
ing the contents of the mailbox on the fly. The Web page is then sent to the brow-
ser for display.
Many of the items on the page showing the mailbox are clickable, so mes-
sages can be read, deleted, and so on. To make the interface responsive, the Web
pages will often include JavaScript programs. These programs are run locally on
the client in response to local events (e.g., mouse clicks) and can also download
and upload messages in the background, to prepare the next message for display
or a new message for submission. In this model, mail submission happens using
the normal Web protocols by posting data to a URL. The Web server takes care of
injecting messages into the traditional mail delivery system that we have de-
scribed. For security, the standard Web protocols can be used as well. These pro-
tocols concern themselves with encrypting Web pages, not whether the content of
the Web page is a mail message.
7.3 THE WORLD WIDE WEB
The Web, as the World Wide Web is popularly known, is an architectural
framework for accessing linked content spread out over millions of machines all
over the Internet. In 10 years it went from being a way to coordinate the design of
high-energy physics experiments in Switzerland to the application that millions of
people think of as being ‘‘The Internet.’’ Its enormous popularity stems from the
fact that it is easy for beginners to use and provides access with a rich graphical
interface to an enormous wealth of information on almost every conceivable sub-
ject, from aardvarks to Zulus.
The Web began in 1989 at CERN, the European Center for Nuclear Research.
The initial idea was to help large teams, often with members in half a dozen or
more countries and time zones, collaborate using a constantly changing collection
of reports, blueprints, drawings, photos, and other documents produced by experi-
ments in particle physics. The proposal for a web of linked documents came from
CERN physicist Tim Berners-Lee. The first (text-based) prototype was opera-
tional 18 months later. A public demonstration given at the Hypertext ’91 confer-
ence caught the attention of other researchers, which led Marc Andreessen at the
University of Illinois to develop the first graphical browser. It was called Mosaic
and released in February 1993.

SEC. 7.3 THE WORLD WIDE WEB 647
The rest, as they say, is now history. Mosaic was so popular that a year later
Andreessen left to form a company, Netscape Communications Corp., whose goal
was to develop Web software. For the next three years, Netscape Navigator and
Microsoft’s Internet Explorer engaged in a ‘‘browser war,’’ each one trying to
capture a larger share of the new market by frantically adding more features (and
thus more bugs) than the other one.
Through the 1990s and 2000s, Web sites and Web pages, as Web content is
called, grew exponentially until there were millions of sites and billions of pages.
A small number of these sites became tremendously popular. Those sites and the
companies behind them largely define the Web as people experience it today. Ex-
amples include: a bookstore (Amazon, started in 1994, market capitalization $50
billion), a flea market (eBay, 1995, $30B), search (Google, 1998, $150B), and
social networking (Facebook, 2004, private company valued at more than $15B).
The period through 2000, when many Web companies became worth hundreds of
millions of dollars overnight, only to go bust practically the next day when they
turned out to be hype, even has a name. It is called the dot com era. New ideas
are still striking it rich on the Web. Many of them come from students. For ex-
ample, Mark Zuckerberg was a Harvard student when he started Facebook, and
Sergey Brin and Larry Page were students at Stanford when they started Google.
Perhaps you will come up with the next big thing.
In 1994, CERN and M.I.T. signed an agreement setting up the W3C (World
Wide Web Consortium), an organization devoted to further developing the Web,
standardizing protocols, and encouraging interoperability between sites. Berners-
Lee became the director. Since then, several hundred universities and companies
have joined the consortium. Although there are now more books about the Web
than you can shake a stick at, the best place to get up-to-date information about
the Web is (naturally) on the Web itself. The consortium’s home page is at
www.w3.org. Interested readers are referred there for links to pages covering all
of the consortium’s numerous documents and activities.
7.3.1 Architectural Overview
From the users’ point of view, the Web consists of a vast, worldwide collec-
tion of content in the form of Web pages, often just called pages for short. Each
page may contain links to other pages anywhere in the world. Users can follow a
link by clicking on it, which then takes them to the page pointed to. This process
can be repeated indefinitely. The idea of having one page point to another, now
called hypertext, was invented by a visionary M.I.T. professor of electrical en-
gineering, Vannevar Bush, in 1945 (Bush, 1945). This was long before the Inter-
net was invented. In fact, it was before commercial computers existed although
several universities had produced crude prototypes that filled large rooms and had
less power than a modern pocket calculator.

www.w3.org

648 THE APPLICATION LAYER CHAP. 7
Pages are generally viewed with a program called a browser. Firefox, Inter-
net Explorer, and Chrome are examples of popular browsers. The browser fetches
the page requested, interprets the content, and displays the page, properly for-
matted, on the screen. The content itself may be a mix of text, images, and for-
matting commands, in the manner of a traditional document, or other forms of
content such as video or programs that produce a graphical interface with which
users can interact.
A picture of a page is shown on the top-left side of Fig. 7-18. It is the page
for the Computer Science & Engineering department at the University of Wash-
ington. This page shows text and graphical elements (that are mostly too small to
read). Some parts of the page are associated with links to other pages. A piece of
text, icon, image, and so on associated with another page is called a hyperlink.
To follow a link, the user places the mouse cursor on the linked portion of the
page area (which causes the cursor to change shape) and clicks. Following a link
is simply a way of telling the browser to fetch another page. In the early days of
the Web, links were highlighted with underlining and colored text so that they
would stand out. Nowadays, the creators of Web pages have ways to control the
look of linked regions, so a link might appear as an icon or change its appearance
when the mouse passes over it. It is up to the creators of the page to make the
links visually distinct, to provide a usable interface.
HTTP Request
Database
Web page
Hyperlink
Web
browser
Document
www.cs.washington.edu
Program
HTTP Response
Web server
youtube.com
google-analytics.com
Figure 7-18. Architecture of the Web.

www.cs.washington.edu

SEC. 7.3 THE WORLD WIDE WEB 649
Students in the department can learn more by following a link to a page with
information especially for them. This link is accessed by clicking in the circled
area. The browser then fetches the new page and displays it, as partially shown in
the bottom left of Fig. 7-18. Dozens of other pages are linked off the first page
besides this example. Every other page can be comprised of content on the same
machine(s) as the first page, or on machines halfway around the globe. The user
cannot tell. Page fetching is done by the browser, without any help from the user.
Thus, moving between machines while viewing content is seamless.
The basic model behind the display of pages is also shown in Fig. 7-18. The
browser is displaying a Web page on the client machine. Each page is fetched by
sending a request to one or more servers, which respond with the contents of the
page. The request-response protocol for fetching pages is a simple text-based pro-
tocol that runs over TCP, just as was the case for SMTP. It is called HTTP
(HyperText Transfer Protocol). The content may simply be a document that is
read off a disk, or the result of a database query and program execution. The page
is a static page if it is a document that is the same every time it is displayed. In
contrast, if it was generated on demand by a program or contains a program it is a
dynamic page.
A dynamic page may present itself differently each time it is displayed. For
example, the front page for an electronic store may be different for each visitor.
If a bookstore customer has bought mystery novels in the past, upon visiting the
store’s main page, the customer is likely to see new thrillers prominently display-
ed, whereas a more culinary-minded customer might be greeted with new cook-
books. How the Web site keeps track of who likes what is a story to be told short-
ly. But briefly, the answer involves cookies (even for culinarily challenged visi-
tors).
In the figure, the browser contacts three servers to fetch the two pages,
cs.washington.edu, youtube.com, and google-analytics.com. The content from
these different servers is integrated for display by the browser. Display entails a
range of processing that depends on the kind of content. Besides rendering text
and graphics, it may involve playing a video or running a script that presents its
own user interface as part of the page. In this case, the cs.washington.edu server
supplies the main page, the youtube.com server supplies an embedded video, and
the google-analytics.com server supplies nothing that the user can see but tracks
visitors to the site. We will have more to say about trackers later.
The Client Side
Let us now examine the Web browser side in Fig. 7-18 in more detail. In
essence, a browser is a program that can display a Web page and catch mouse
clicks to items on the displayed page. When an item is selected, the browser fol-
lows the hyperlink and fetches the page selected.

650 THE APPLICATION LAYER CHAP. 7
When the Web was first created, it was immediately apparent that having one
page point to another Web page required mechanisms for naming and locating
pages. In particular, three questions had to be answered before a selected page
could be displayed:
1. What is the page called?
2. Where is the page located?
3. How can the page be accessed?
If every page were somehow assigned a unique name, there would not be any
ambiguity in identifying pages. Nevertheless, the problem would not be solved.
Consider a parallel between people and pages. In the United States, almost every-
one has a social security number, which is a unique identifier, as no two people
are supposed to have the same one. Nevertheless, if you are armed only with a
social security number, there is no way to find the owner’s address, and certainly
no way to tell whether you should write to the person in English, Spanish, or
Chinese. The Web has basically the same problems.
The solution chosen identifies pages in a way that solves all three problems at
once. Each page is assigned a URL (Uniform Resource Locator) that ef-
fectively serves as the page’s worldwide name. URLs have three parts: the proto-
col (also known as the scheme), the DNS name of the machine on which the page
is located, and the path uniquely indicating the specific page (a file to read or pro-
gram to run on the machine). In the general case, the path has a hierarchical name
that models a file directory structure. However, the interpretation of the path is up
to the server; it may or may not reflect the actual directory structure.
As an example, the URL of the page shown in Fig. 7-18 is
http://www.cs.washington.edu/index.html
This URL consists of three parts: the protocol (http), the DNS name of the host
(www.cs.washington.edu), and the path name (index.html).
When a user clicks on a hyperlink, the browser carries out a series of steps in
order to fetch the page pointed to. Let us trace the steps that occur when our ex-
ample link is selected:
1. The browser determines the URL (by seeing what was selected).
2. The browser asks DNS for the IP address of the server
www.cs.washington.edu.
3. DNS replies with 128.208.3.88.
4. The browser makes a TCP connection to 128.208.3.88 on port 80, the
well-known port for the HTTP protocol.
5. It sends over an HTTP request asking for the page /index.html.

http://www.cs.washington.edu/index.html

www.cs.washington.edu

SEC. 7.3 THE WORLD WIDE WEB 651
6. The www.cs.washington.edu server sends the page as an HTTP re-
sponse, for example, by sending the file /index.html.
7. If the page includes URLs that are needed for display, the browser
fetches the other URLs using the same process. In this case, the
URLs include multiple embedded images also fetched from
www.cs.washington.edu, an embedded video from youtube.com, and
a script from google-analytics.com.
8. The browser displays the page /index.html as it appears in Fig. 7-18.
9. The TCP connections are released if there are no other requests to
the same servers for a short period.
Many browsers display which step they are currently executing in a status line
at the bottom of the screen. In this way, when the performance is poor, the user
can see if it is due to DNS not responding, a server not responding, or simply page
transmission over a slow or congested network.
The URL design is open-ended in the sense that it is straightforward to have
browsers use multiple protocols to get at different kinds of resources. In fact,
URLs for various other protocols have been defined. Slightly simplified forms of
the common ones are listed in Fig. 7-19.
Name Used for Example
http Hypertext (HTML) http://www.ee.uwa.edu/~rob/
https Hypertext with security https://www.bank.com/accounts/
ftp FTP ftp://ftp.cs.vu.nl/pub/minix/README
file Local file file:///usr/suzanne/prog.c
mailto Sending email mailto:JohnUser@acm.org
rtsp Streaming media rtsp://youtube.com/montypython.mpg
sip Multimedia calls sip:eve@adversary.com
about Browser information about:plugins
Figure 7-19. Some common URL schemes.
Let us briefly go over the list. The http protocol is the Web’s native language,
the one spoken by Web servers. HTTP stands for HyperText Transfer Proto-
col. We will examine it in more detail later in this section.
The ftp protocol is used to access files by FTP, the Internet’s file transfer pro-
tocol. FTP predates the Web and has been in use for more than three decades.
The Web makes it easy to obtain files placed on numerous FTP servers
throughout the world by providing a simple, clickable interface instead of a com-
mand-line interface. This improved access to information is one reason for the
spectacular growth of the Web.

http://www.ee.uwa.edu/~rob/

https://www.bank.com/accounts/

www.cs.washington.edu

652 THE APPLICATION LAYER CHAP. 7
It is possible to access a local file as a Web page by using the file protocol, or
more simply, by just naming it. This approach does not require having a server.
Of course, it works only for local files, not remote ones.
The mailto protocol does not really have the flavor of fetching Web pages, but
is useful anyway. It allows users to send email from a Web browser. Most brow-
sers will respond when a mailto link is followed by starting the user’s mail agent
to compose a message with the address field already filled in.
The rtsp and sip protocols are for establishing streaming media sessions and
audio and video calls.
Finally, the about protocol is a convention that provides information about the
browser. For example, following the about:plugins link will cause most browsers
to show a page that lists the MIME types that they handle with browser extensions
called plug-ins.
In short, the URLs have been designed not only to allow users to navigate the
Web, but to run older protocols such as FTP and email as well as newer protocols
for audio and video, and to provide convenient access to local files and browser
information. This approach makes all the specialized user interface programs for
those other services unnecessary and integrates nearly all Internet access into a
single program: the Web browser. If it were not for the fact that this idea was
thought of by a British physicist working a research lab in Switzerland, it could
easily pass for a plan dreamed up by some software company’s advertising depart-
ment.
Despite all these nice properties, the growing use of the Web has turned up an
inherent weakness in the URL scheme. A URL points to one specific host, but
sometimes it is useful to reference a page without simultaneously telling where it
is. For example, for pages that are heavily referenced, it is desirable to have mul-
tiple copies far apart, to reduce the network traffic. There is no way to say: ‘‘I
want page xyz, but I do not care where you get it.’’
To solve this kind of problem, URLs have been generalized into URIs (Uni-
form Resource Identifiers). Some URIs tell how to locate a resource. These are
the URLs. Other URIs tell the name of a resource but not where to find it. These
URIs are called URNs (Uniform Resource Names). The rules for writing URIs
are given in RFC 3986, while the different URI schemes in use are tracked by
IANA. There are many different kinds of URIs besides the schemes listed in
Fig. 7-19, but those schemes dominate the Web as it is used today.
MIME Types
To be able to display the new page (or any page), the browser has to under-
stand its format. To allow all browsers to understand all Web pages, Web pages
are written in a standardized language called HTML. It is the lingua franca of the
Web (for now). We will discuss it in detail later in this chapter.

SEC. 7.3 THE WORLD WIDE WEB 653
Although a browser is basically an HTML interpreter, most browsers have
numerous buttons and features to make it easier to navigate the Web. Most have a
button for going back to the previous page, a button for going forward to the next
page (only operative after the user has gone back from it), and a button for going
straight to the user’s preferred start page. Most browsers have a button or menu
item to set a bookmark on a given page and another one to display the list of
bookmarks, making it possible to revisit any of them with only a few mouse
clicks.
As our example shows, HTML pages can contain rich content elements and
not simply text and hypertext. For added generality, not all pages need contain
HTML. A page may consist of a video in MPEG format, a document in PDF for-
mat, a photograph in JPEG format, a song in MP3 format, or any one of hundreds
of other file types. Since standard HTML pages may link to any of these, the
browser has a problem when it hits a page it does not know how to interpret.
Rather than making the browsers larger and larger by building in interpreters
for a rapidly growing collection of file types, most browsers have chosen a more
general solution. When a server returns a page, it also returns some additional
information about the page. This information includes the MIME type of the page
(see Fig. 7-13). Pages of type text/html are just displayed directly, as are pages in
a few other built-in types. If the MIME type is not one of the built-in ones, the
browser consults its table of MIME types to determine how to display the page.
This table associates MIME types with viewers.
There are two possibilities: plug-ins and helper applications. A plug-in is a
third-party code module that is installed as an extension to the browser, as illus-
trated in Fig. 7-20(a). Common examples are plug-ins for PDF, Flash, and Quick-
time to render documents and play audio and video. Because plug-ins run inside
the browser, they have access to the current page and can modify its appearance.
Process
Helper
applicationBrowserBrowser Plug-in
Process Process
(b)(a)
Figure 7-20. (a) A browser plug-in. (b) A helper application.
Each browser has a set of procedures that all plug-ins must implement so the
browser can call the plug-ins. For example, there is typically a procedure the

654 THE APPLICATION LAYER CHAP. 7
browser’s base code calls to supply the plug-in with data to display. This set of
procedures is the plug-in’s interface and is browser specific.
In addition, the browser makes a set of its own procedures available to the
plug-in, to provide services to plug-ins. Typical procedures in the browser inter-
face are for allocating and freeing memory, displaying a message on the browser’s
status line, and querying the browser about parameters.
Before a plug-in can be used, it must be installed. The usual installation pro-
cedure is for the user to go to the plug-in’s Web site and download an installation
file. Executing the installation file unpacks the plug-in and makes the appropriate
calls to register the plug-in’s MIME type with the browser and associate the
plug-in with it. Browsers usually come preloaded with popular plug-ins.
The other way to extend a browser is make use of a helper application. This
is a complete program, running as a separate process. It is illustrated in Fig. 7-
20(b). Since the helper is a separate program, the interface is at arm’s length from
the browser. It usually just accepts the name of a scratch file where the content
file has been stored, opens the file, and displays the contents. Typically, helpers
are large programs that exist independently of the browser, for example, Micro-
soft Word or PowerPoint.
Many helper applications use the MIME type application. As a consequence,
a considerable number of subtypes have been defined for them to use, for exam-
ple, application/vnd.ms-powerpoint for PowerPoint files. vnd denotes vendor-spe-
cific formats. In this way, a URL can point directly to a PowerPoint file, and
when the user clicks on it, PowerPoint is automatically started and handed the
content to be displayed. Helper applications are not restricted to using the appli-
cation MIME type.. Adobe Photoshop uses image/x-photoshop, for example.
Consequently, browsers can be configured to handle a virtually unlimited
number of document types with no changes to themselves. Modern Web servers
are often configured with hundreds of type/subtype combinations and new ones
are often added every time a new program is installed.
A source of conflicts is that multiple plug-ins and helper applications are
available for some subtypes, such as video/mpeg. What happens is that the last
one to register overwrites the existing association with the MIME type, capturing
the type for itself. As a consequence, installing a new program may change the
way a browser handles existing types.
Browsers can also open local files, with no network in sight, rather than fetch-
ing them from remote Web servers. However, the browser needs some way to de-
termine the MIME type of the file. The standard method is for the operating sys-
tem to associate a file extension with a MIME type. In a typical configuration,
opening foo will open it in the browser using an application/pdf plug-in and
opening bar will open it in Word as the application/msword helper.
Here, too, conflicts can arise, since many programs are willing—no, make
that eager—to handle, say, mpg. During installation, programs intended for
sophisticated users often display checkboxes for the MIME types and extensions

SEC. 7.3 THE WORLD WIDE WEB 655
they are prepared to handle to allow the user to select the appropriate ones and
thus not overwrite existing associations by accident. Programs aimed at the con-
sumer market assume that the user does not have a clue what a MIME type is and
simply grab everything they can without regard to what previously installed pro-
grams have done.
The ability to extend the browser with a large number of new types is con-
venient but can also lead to trouble. When a browser on a Windows PC fetches a
file with the extension exe, it realizes that this file is an executable program and
therefore has no helper. The obvious action is to run the program. However, this
could be an enormous security hole. All a malicious Web site has to do is pro-
duce a Web page with pictures of, say, movie stars or sports heroes, all of which
are linked to a virus. A single click on a picture then causes an unknown and po-
tentially hostile executable program to be fetched and run on the user’s machine.
To prevent unwanted guests like this, Firefox and other browsers come configured
to be cautious about running unknown programs automatically, but not all users
understand what choices are safe rather than convenient.
The Server Side
So much for the client side. Now let us take a look at the server side. As we
saw above, when the user types in a URL or clicks on a line of hypertext, the
browser parses the URL and interprets the part between http:// and the next slash
as a DNS name to look up. Armed with the IP address of the server, the browser
establishes a TCP connection to port 80 on that server. Then it sends over a com-
mand containing the rest of the URL, which is the path to the page on that server.
The server then returns the page for the browser to display.
To a first approximation, a simple Web server is similar to the server of
Fig. 6-6. That server is given the name of a file to look up and return via the net-
work. In both cases, the steps that the server performs in its main loop are:
1. Accept a TCP connection from a client (a browser).
2. Get the path to the page, which is the name of the file requested.
3. Get the file (from disk).
4. Send the contents of the file to the client.
5. Release the TCP connection.
Modern Web servers have more features, but in essence, this is what a Web server
does for the simple case of content that is contained in a file. For dynamic con-
tent, the third step may be replaced by the execution of a program (determined
from the path) that returns the contents.
However, Web servers are implemented with a different design to serve many
requests per second. One problem with the simple design is that accessing files is

656 THE APPLICATION LAYER CHAP. 7
often the bottleneck. Disk reads are very slow compared to program execution,
and the same files may be read repeatedly from disk using operating system calls.
Another problem is that only one request is processed at a time. The file may be
large, and other requests will be blocked while it is transferred.
One obvious improvement (used by all Web servers) is to maintain a cache in
memory of the n most recently read files or a certain number of gigabytes of con-
tent. Before going to disk to get a file, the server checks the cache. If the file is
there, it can be served directly from memory, thus eliminating the disk access.
Although effective caching requires a large amount of main memory and some
extra processing time to check the cache and manage its contents, the savings in
time are nearly always worth the overhead and expense.
To tackle the problem of serving a single request at a time, one strategy is to
make the server multithreaded . In one design, the server consists of a front-end
module that accepts all incoming requests and k processing modules, as shown in
Fig. 7-21. The k + 1 threads all belong to the same process, so the processing
modules all have access to the cache within the process’ address space. When a
request comes in, the front end accepts it and builds a short record describing it.
It then hands the record to one of the processing modules.
Processing
module
(thread)
CacheFront end
Disk
Request
ResponseClient
Server
Figure 7-21. A multithreaded Web server with a front end and processing modules.
The processing module first checks the cache to see if the file needed is there.
If so, it updates the record to include a pointer to the file in the record. If it is not
there, the processing module starts a disk operation to read it into the cache (pos-
sibly discarding some other cached file(s) to make room for it). When the file
comes in from the disk, it is put in the cache and also sent back to the client.
The advantage of this scheme is that while one or more processing modules
are blocked waiting for a disk or network operation to complete (and thus con-
suming no CPU time), other modules can be actively working on other requests.
With k processing modules, the throughput can be as much as k times higher than
with a single-threaded server. Of course, when the disk or network is the limiting

SEC. 7.3 THE WORLD WIDE WEB 657
factor, it is necessary to have multiple disks or a faster network to get any real im-
provement over the single-threaded model.
Modern Web servers do more than just accept path names and return files. In
fact, the actual processing of each request can get quite complicated. For this rea-
son, in many servers each processing module performs a series of steps. The front
end passes each incoming request to the first available module, which then carries
it out using some subset of the following steps, depending on which ones are
needed for that particular request. These steps occur after the TCP connection
and any secure transport mechanism (such as SSL/TLS, which will be described
in Chap. 8) have been established.
1. Resolve the name of the Web page requested.
2. Perform access control on the Web page.
3. Check the cache.
4. Fetch the requested page from disk or run a program to build it.
5. Determine the rest of the response (e.g., the MIME type to send).
6. Return the response to the client.
7. Make an entry in the server log.
Step 1 is needed because the incoming request may not contain the actual name of
a file or program as a literal string. It may contain built-in shortcuts that need to
be translated. As a simple example, the URL http://www.cs.vu.nl/ has an empty
file name. It has to be expanded to some default file name that is usually
index.html. Another common rule is to map ~user/ onto user’s Web directory.
These rules can be used together. Thus, the home page of one of the authors
(AST) can be reached at
http://www.cs.vu.nl/~ast/
even though the actual file name is index.html in a certain default directory.
Also, modern browsers can specify configuration information such as the
browser software and the user’s default language (e.g., Italian or English). This
makes it possible for the server to select a Web page with small pictures for a
mobile device and in the preferred language, if available. In general, name expan-
sion is not quite so trivial as it might at first appear, due to a variety of conven-
tions about how to map paths to the file directory and programs.
Step 2 checks to see if any access restrictions associated with the page are
met. Not all pages are available to the general public. Determining whether a cli-
ent can fetch a page may depend on the identity of the client (e.g., as given by
usernames and passwords) or the location of the client in the DNS or IP space.
For example, a page may be restricted to users inside a company. How this is

http://www.cs.vu.nl/

http://www.cs.vu.nl/~ast/

658 THE APPLICATION LAYER CHAP. 7
accomplished depends on the design of the server. For the popular Apache server,
for instance, the convention is to place a file called .htaccess that lists the access
restrictions in the directory where the restricted page is located.
Steps 3 and 4 involve getting the page. Whether it can be taken from the
cache depends on processing rules. For example, pages that are created by run-
ning programs cannot always be cached because they might produce a different
result each time they are run. Even files should occasionally be checked to see if
their contents have changed so that the old contents can be removed from the
cache. If the page requires a program to be run, there is also the issue of setting
the program parameters or input. These data come from the path or other parts of
the request.
Step 5 is about determining other parts of the response that accompany the
contents of the page. The MIME type is one example. It may come from the file
extension, the first few words of the file or program output, a configuration file,
and possibly other sources.
Step 6 is returning the page across the network. To increase performance, a
single TCP connection may be used by a client and server for multiple page
fetches. This reuse means that some logic is needed to map a request to a shared
connection and to return each response so that it is associated with the correct re-
quest.
Step 7 makes an entry in the system log for administrative purposes, along
with keeping any other important statistics. Such logs can later be mined for valu-
able information about user behavior, for example, the order in which people ac-
cess the pages.
Cookies
Navigating the Web as we have described it so far involves a series of inde-
pendent page fetches. There is no concept of a login session. The browser sends
a request to a server and gets back a file. Then the server forgets that it has ever
seen that particular client.
This model is perfectly adequate for retrieving publicly available documents,
and it worked well when the Web was first created. However, it is not suited for
returning different pages to different users depending on what they have already
done with the server. This behavior is needed for many ongoing interactions with
Web sites. For example, some Web sites (e.g., newspapers) require clients to reg-
ister (and possibly pay money) to use them. This raises the question of how ser-
vers can distinguish between requests from users who have previously registered
and everyone else. A second example is from e-commerce. If a user wanders
around an electronic store, tossing items into her virtual shopping cart from time
to time, how does the server keep track of the contents of the cart? A third ex-
ample is customized Web portals such as Yahoo!. Users can set up a personalized

SEC. 7.3 THE WORLD WIDE WEB 659
detailed initial page with only the information they want (e.g., their stocks and
their favorite sports teams), but how can the server display the correct page if it
does not know who the user is?
At first glance, one might think that servers could track users by observing
their IP addresses. However, this idea does not work. Many users share com-
puters, especially at home, and the IP address merely identifies the computer, not
the user. Even worse, many companies use NAT, so that outgoing packets bear
the same IP address for all users. That is, all of the computers behind the NAT
box look the same to the server. And many ISPs assign IP addresses to customers
with DHCP. The IP addresses change over time, so to a server you might sudden-
ly look like your neighbor. For all of these reasons, the server cannot use IP ad-
dresses to track users.
This problem is solved with an oft-critized mechanism called cookies. The
name derives from ancient programmer slang in which a program calls a proce-
dure and gets something back that it may need to present later to get some work
done. In this sense, a UNIX file descriptor or a Windows object handle can be
considered to be a cookie. Cookies were first implemented in the Netscape brow-
ser in 1994 and are now specified in RFC 2109.
When a client requests a Web page, the server can supply additional infor-
mation in the form of a cookie along with the requested page. The cookie is a
rather small, named string (of at most 4 KB) that the server can associate with a
browser. This association is not the same thing as a user, but it is much closer and
more useful than an IP address. Browsers store the offered cookies for an inter-
val, usually in a cookie directory on the client’s disk so that the cookies persist a-
cross browser invocations, unless the user has disabled cookies. Cookies are just
strings, not executable programs. In principle, a cookie could contain a virus, but
since cookies are treated as data, there is no official way for the virus to actually
run and do damage. However, it is always possible for some hacker to exploit a
browser bug to cause activation.
A cookie may contain up to five fields, as shown in Fig. 7-22. The Domain
tells where the cookie came from. Browsers are supposed to check that servers
are not lying about their domain. Each domain should store no more than 20
cookies per client. The Path is a path in the server’s directory structure that iden-
tifies which parts of the server’s file tree may use the cookie. It is often /, which
means the whole tree.
The Content field takes the form name = value. Both name and value can be
anything the server wants. This field is where the cookie’s content is stored.
The Expires field specifies when the cookie expires. If this field is absent, the
browser discards the cookie when it exits. Such a cookie is called a nonper-
sistent cookie. If a time and date are supplied, the cookie is said to be a per-
sistent cookie and is kept until it expires. Expiration times are given in
Greenwich Mean Time. To remove a cookie from a client’s hard disk, a server
just sends it again, but with an expiration time in the past.

660 THE APPLICATION LAYER CHAP. 7
Domain Path Content Expires Secure
toms-casino.com / CustomerID=297793521 15-10-10 17:00 Yes
jills-store.com / Cart=1-00501;1-07031;2-13721 11-1-11 14:22 No
aportal.com / Prefs=Stk:CSCO+ORCL;Spt:Jets 31-12-20 23:59 No
sneaky.com / UserID=4627239101 31-12-19 23:59 No
Figure 7-22. Some examples of cookies.
Finally, the Secure field can be set to indicate that the browser may only re-
turn the cookie to a server using a secure transport, namely SSL/TLS (which we
will describe in Chap. 8). This feature is used for e-commerce, banking, and other
secure applications.
We have now seen how cookies are acquired, but how are they used? Just be-
fore a browser sends a request for a page to some Web site, it checks its cookie di-
rectory to see if any cookies there were placed by the domain the request is going
to. If so, all the cookies placed by that domain, and only that domain, are in-
cluded in the request message. When the server gets them, it can interpret them
any way it wants to.
Let us examine some possible uses for cookies. In Fig. 7-22, the first cookie
was set by toms-casino.com and is used to identify the customer. When the client
returns next week to throw away some more money, the browser sends over the
cookie so the server knows who it is. Armed with the customer ID, the server can
look up the customer’s record in a database and use this information to build an
appropriate Web page to display. Depending on the customer’s known gambling
habits, this page might consist of a poker hand, a listing of today’s horse races, or
a slot machine.
The second cookie came from jills-store.com. The scenario here is that the
client is wandering around the store, looking for good things to buy. When she
finds a bargain and clicks on it, the server adds it to her shopping cart (maintained
on the server) and also builds a cookie containing the product code of the item and
sends the cookie back to the client. As the client continues to wander around the
store by clicking on new pages, the cookie is returned to the server on every new
page request. As more purchases accumulate, the server adds them to the cookie.
Finally, when the client clicks on PROCEED TO CHECKOUT, the cookie, now con-
taining the full list of purchases, is sent along with the request. In this way, the
server knows exactly what the customer wants to buy.
The third cookie is for a Web portal. When the customer clicks on a link to
the portal, the browser sends over the cookie. This tells the portal to build a page
containing the stock prices for Cisco and Oracle, and the New York Jets’ football
results. Since a cookie can be up to 4 KB, there is plenty of room for more detail-
ed preferences concerning newspaper headlines, local weather, special offers, etc.

SEC. 7.3 THE WORLD WIDE WEB 661
A more controversial use of cookies is to track the online behavior of users.
This lets Web site operators understand how users navigate their sites, and
advertisers build up profiles of the ads or sites a particular user has viewed. The
controversy is that users are typically unaware that their activity is being tracked,
even with detailed profiles and across seemingly unrelated Web sites. Nonethe-
less, Web tracking is big business. DoubleClick, which provides and tracks ads,
is ranked among the 100 busiest Web sites in the world by the Web monitoring
company Alexa. Google Analytics, which tracks site usage for operators, is used
by more than half of the busiest 100,000 sites on the Web.
It is easy for a server to track user activity with cookies. Suppose a server
wants to keep track of how many unique visitors it has had and how many pages
each visitor looked at before leaving the site. When the first request comes in,
there will be no accompanying cookie, so the server sends back a cookie con-
taining Counter = 1. Subsequent page views on that site will send the cookie
back to the server. Each time the counter is incremented and sent back to the cli-
ent. By keeping track of the counters, the server can see how many people give
up after seeing the first page, how many look at two pages, and so on.
Tracking the browsing behavior of users across sites is only slightly more
complicated. It works like this. An advertising agency, say, Sneaky Ads, con-
tacts major Web sites and places ads for its clients’ products on their pages, for
which it pays the site owners a fee. Instead, of giving the sites the ad as a GIF file
to place on each page, it gives them a URL to add to each page. Each URL it
hands out contains a unique number in the path, such as
http://www.sneaky.com/382674902342.gif
When a user first visits a page, P, containing such an ad, the browser fetches
the HTML file. Then the browser inspects the HTML file and sees the link to the
image file at www.sneaky.com, so it sends a request there for the image. A GIF
file containing an ad is returned, along with a cookie containing a unique user ID,
4627239101 in Fig. 7-22. Sneaky records the fact that the user with this ID
visited page P. This is easy to do since the path requested (382674902342.gif) is
referenced only on page P. Of course, the actual ad may appear on thousands of
pages, but each time with a different name. Sneaky probably collects a fraction of
a penny from the product manufacturer each time it ships out the ad.
Later, when the user visits another Web page containing any of Sneaky’s ads,
the browser first fetches the HTML file from the server. Then it sees the link to,
say, http://www.sneaky.com/193654919923.gif on the page and requests that file.
Since it already has a cookie from the domain sneaky.com, the browser includes
Sneaky’s cookie containing the user’s ID. Sneaky now knows a second page the
user has visited.
In due course, Sneaky can build up a detailed profile of the user’s browsing
habits, even though the user has never clicked on any of the ads. Of course, it
does not yet have the user’s name (although it does have his IP address, which

http://www.sneaky.com/382674902342.gif

http://www.sneaky.com/193654919923.gif

www.sneaky.com

662 THE APPLICATION LAYER CHAP. 7
may be enough to deduce the name from other databases). However, if the user
ever supplies his name to any site cooperating with Sneaky, a complete profile
along with a name will be available for sale to anyone who wants to buy it. The
sale of this information may be profitable enough for Sneaky to place more ads on
more Web sites and thus collect more information.
And if Sneaky wants to be supersneaky, the ad need not be a classical banner
ad. An ‘‘ad’’ consisting of a single pixel in the background color (and thus invisi-
ble) has exactly the same effect as a banner ad: it requires the browser to go fetch
the 1 × 1-pixel GIF image and send it all cookies originating at the pixel’s do-
main.
Cookies have become a focal point for the debate over online privacy because
of tracking behavior like the above. The most insidious part of the whole business
is that many users are completely unaware of this information collection and may
even think they are safe because they do not click on any of the ads. For this rea-
son, cookies that track users across sites are considered by many to be spyware.
Have a look at the cookies that are already stored by your browser. Most brow-
sers will display this information along with the current privacy preferences. You
might be surprised to find names, email addresses, or passwords as well as opaque
identifiers. Hopefully, you will not find credit card numbers, but the potential for
abuse is clear.
To maintain a semblance of privacy, some users configure their browsers to
reject all cookies. However, this can cause problems because many Web sites
will not work properly without cookies. Alternatively, most browsers let users
block third-party cookies. A third-party cookie is one from a different site than
the main page that is being fetched, for example, the sneaky.com cookie that is
used when interacting with page P on a completely different Web site. Blocking
these cookies helps to prevent tracking across Web sites. Browser extensions can
also be installed to provide fine-grained control over how cookies are used (or,
rather, not used). As the debate continues, many companies are developing priva-
cy policies that limit how they will share information to prevent abuse. Of course,
the policies are simply how the companies say they will handle information. For
example: ‘‘We may use the information collected from you in the conduct of our
business’’—which might be selling the information.
7.3.2 Static Web Pages
The basis of the Web is transferring Web pages from server to client. In the
simplest form, Web pages are static. That is, they are just files sitting on some
server that present themselves in the same way each time they are fetched and
viewed. Just because they are static does not mean that the pages are inert at the
browser, however. A page containing a video can be a static Web page.
As mentioned earlier, the lingua franca of the Web, in which most pages are
written, is HTML. The home pages of teachers are usually static HTML pages.

SEC. 7.3 THE WORLD WIDE WEB 663
The home pages of companies are usually dynamic pages put together by a Web
design company. In this section, we will take a brief look at static HTML pages
as a foundation for later material. Readers already familiar with HTML can skip
ahead to the next section, where we describe dynamic content and Web services.
HTML—The HyperText Markup Language
HTML (HyperText Markup Language) was introduced with the Web. It
allows users to produce Web pages that include text, graphics, video, pointers to
other Web pages, and more. HTML is a markup language, or language for
describing how documents are to be formatted. The term ‘‘markup’’ comes from
the old days when copyeditors actually marked up documents to tell the printer—
in those days, a human being—which fonts to use, and so on. Markup languages
thus contain explicit commands for formatting. For example, in HTML,
means start boldface mode, and means leave boldface mode. LaTeX and
TeX are other examples of markup languages that are well known to most
academic authors.
The key advantage of a markup language over one with no explicit markup is
that it separates content from how it should be presented. Writing a browser is
then straightforward: the browser simply has to understand the markup commands
and apply them to the content. Embedding all the markup commands within each
HTML file and standardizing them makes it possible for any Web browser to read
and reformat any Web page. That is crucial because a page may have been pro-
duced in a 1600 × 1200 window with 24-bit color on a high-end computer but may
have to be displayed in a 640 × 320 window on a mobile phone.
While it is certainly possible to write documents like this with any plain text
editor, and many people do, it is also possible to use word processors or special
HTML editors that do most of the work (but correspondingly give the user less
direct control over the details of the final result).
A simple Web page written in HTML and its presentation in a browser are
given in Fig. 7-23. A Web page consists of a head and a body, each enclosed by
and tags (formatting commands), although most browsers do not
complain if these tags are missing. As can be seen in Fig. 7-23(a), the head is
bracketed by the and tags and the body is bracketed by the
and tags. The strings inside the tags are called directives. Most,
but not all, HTML tags have this format. That is, they use to mark
the beginning of something and to mark its end.
Tags can be in either lowercase or uppercase. Thus, and
mean the same thing, but lower case is best for compatibility. Actual layout of the
HTML document is irrelevant. HTML parsers ignore extra spaces and carriage
returns since they have to reformat the text to make it fit the current display area.
Consequently, white space can be added at will to make HTML documents more

664 THE APPLICATION LAYER CHAP. 7
readable, something most of them are badly in need of. As another consequence,
blank lines cannot be used to separate paragraphs, as they are simply ignored. An
explicit tag is required.
Some tags have (named) parameters, called attributes. For example, the
tag in Fig. 7-23 is used for including an image inline with the text. It has
two attributes, src and alt. The first attribute gives the URL for the image. The
HTML standard does not specify which image formats are permitted. In practice,
all browsers support GIF and JPEG files. Browsers are free to support other for-
mats, but this extension is a two-edged sword. If a user is accustomed to a brow-
ser that supports, say, TIFF files, he may include these in his Web pages and later
be surprised when other browsers just ignore all of his wonderful art.
The second attribute gives alternate text to use if the image cannot be dis-
played. For each tag, the HTML standard gives a list of what the permitted pa-
rameters, if any, are, and what they mean. Because each parameter is named, the
order in which the parameters are given is not significant.
Technically, HTML documents are written in the ISO 8859-1 Latin-1 charac-
ter set, but for users whose keyboards support only ASCII, escape sequences are
present for the special characters, such as è. The list of special characters is given
in the standard. All of them begin with an ampersand and end with a semicolon.
For example, produces a space, è produces è and é pro-
duces é. Since <, >, and & have special meanings, they can be expressed only
with their escape sequences, <, >, and &, respectively.
The main item in the head is the title, delimited by and . Certain
kinds of metainformation may also be present, though none are present in our ex-
ample. The title itself is not displayed on the page. Some browsers use it to label
the page’s window.
Several headings are used in Fig. 7-23. Each heading is generated by an
tag, where n is a digit in the range 1 to 6. Thus,

is the most important head-
ing;

is the least important one. It is up to the browser to render these ap-
propriately on the screen. Typically, the lower-numbered headings will be dis-
played in a larger and heavier font. The browser may also choose to use different
colors for each level of heading. Usually,

headings are large and boldface
with at least one blank line above and below. In contrast,

headings are in a
smaller font with less space above and below.
The tags and are used to enter boldface and italics mode, respectively.
The

tag forces a break and draws a horizontal line across the display.
The

tag starts a paragraph. The browser might display this by inserting a
blank line and some indentation, for example. Interestingly, the

tag that
exists to mark the end of a paragraph is often omitted by lazy HTML pro-
grammers.
HTML provides various mechanisms for making lists, including nested lists.
Unordered lists, like the ones in Fig. 7-23 are started with

, with

used to
mark the start of items. There is also an

tag to starts an ordered list. The

SEC. 7.3 THE WORLD WIDE WEB 665

AMALGAMATED WIDGET, INC.

Welcome to AWI’s Home Page

We are so happy that you have chosen to visit Amalgamated Widget’s
home page. We hope you will find all the information you need here.

Below we have links to information about our many fine products.
You can order electronically (by WWW), by telephone, or by email.

Product information

Big widgets

Little widgets

Contact information

By telephone: 1-800-WIDGETS

By email: info@amalgamated-widget.com

(a)
Welcome to AWI’s Home Page
We are so happy that you have chosen to visit Amalgamated Widget’s home page. We hope
you will find all the information you need here.
Below we have links to information about our many fine products. You can order electronically
(by WWW), by telephone, or by email.
Product Information. Big widgets. Little widgets
Contact information. By telephone: 1-800-WIDGETS. By email: info@amalgamated-widget.com
(b)
Figure 7-23. (a) The HTML for a sample Web page. (b) The formatted page.

666 THE APPLICATION LAYER CHAP. 7
individual items in unordered lists often appear with bullets ( ) in front of them.
Items in ordered lists are numbered by the browser.
Finally, we come to hyperlinks. Examples of these are seen in Fig. 7-23 using
the (anchor) and tags. The tag has various parameters, the most im-
portant of which is href the linked URL. The text between the and is dis-
played. If it is selected, the hyperlink is followed to a new page. It is also permit-
ted to link other elements. For example, an image can be given between the
and tags using . In this case, the image is displayed and clicking on it
activates the hyperlink.
There are many other HTML tags and attributes that we have not seen in this
simple example. For instance, the tag can take a parameter name to plant a
hyperlink, allowing a hyperlink to point to the middle of a page. This is useful,
for example, for Web pages that start out with a clickable table of contents. By
clicking on an item in the table of contents, the user jumps to the corresponding
section of the same page. An example of a different tag is
. It forces the
browser to break and start a new line.
Probably the best way to understand tags is to look at them in action. To do
this, you can pick a Web page and look at the HTML in your browser to see how
the page was put together. Most browsers have a VIEW SOURCE menu item (or
something similar). Selecting this item displays the current page’s HTML source,
instead of its formatted output.
We have sketched the tags that have existed from the early Web. HTML
keeps evolving. Fig. 7-24 shows some of the features that have been added with
successive versions of HTML. HTML 1.0 refers to the version of HTML used
with the introduction of the Web. HTML versions 2.0, 3.0, and 4.0 appeared in
rapid succession in the space of only a few years as the Web exploded. After
HTML 4.0, a period of almost ten years passed before the path to standarization
of the next major version, HTML 5.0, became clear. Because it is a major upgrade
that consolidates the ways that browsers handle rich content, the HTML 5.0 effort
is ongoing and not expected to produce a standard before 2012 at the earliest.
Standards notwithstanding, the major browsers already support HTML 5.0 func-
tionality.
The progression through HTML versions is all about adding new features that
people wanted but had to handle in nonstandard ways (e.g., plug-ins) until they
became standard. For example, HTML 1.0 and HTML 2.0 did not have tables.
They were added in HTML 3.0. An HTML table consists of one or more rows,
each consisting of one or more table cells that can contain a wide range of mater-
ial (e.g., text, images, other tables). Before HTML 3.0, authors needing a table
had to resort to ad hoc methods, such as including an image showing the table.
In HTML 4.0, more new features were added. These included accessibility
features for handicapped users, object embedding (a generalization of the
tag so other objects can also be embedded in pages), support for scripting lan-
guages (to allow dynamic content), and more.

SEC. 7.3 THE WORLD WIDE WEB 667
Item HTML 1.0 HTML 2.0 HTML 3.0 HTML 4.0 HTML 5.0
Hyperlinks x x x x x
Images x x x x x
Lists x x x x x
Active maps & images x x x x
Forms x x x x
Equations x x x
Toolbars x x x
Tables x x x
Accessibility features x x
Object embedding x x
Style sheets x x
Scripting x x
Video and audio x
Inline vector graphics x
XML representation x
Background threads x
Browser storage x
Drawing canvas x
Figure 7-24. Some differences between HTML versions.
HTML 5.0 includes many features to handle the rich media that are now rou-
tinely used on the Web. Video and audio can be included in pages and played by
the browser without requiring the user to install plug-ins. Drawings can be built
up in the browser as vector graphics, rather than using bitmap image formats (like
JPEG and GIF) There is also more support for running scripts in browsers, such as
background threads of computation and access to storage. All of these features
help to support Web pages that are more like traditional applications with a user
interface than documents. This is the direction the Web is heading.
Input and Forms
There is one important capability that we have not discussed yet: input.
HTML 1.0 was basically one-way. Users could fetch pages from information pro-
viders, but it was difficult to send information back the other way. It quickly
became apparent that there was a need for two-way traffic to allow orders for
products to be placed via Web pages, registration cards to be filled out online,
search terms to be entered, and much, much more.

668 THE APPLICATION LAYER CHAP. 7
Sending input from the user to the server (via the browser) requires two kinds
of support. First, it requires that HTTP be able to carry data in that direction. We
describe how this is done in a later section; it uses the POST method. The second
requirement is to be able to present user interface elements that gather and pack-
age up the input. Forms were included with this functionality in HTML 2.0.
Forms contain boxes or buttons that allow users to fill in information or make
choices and then send the information back to the page’s owner. Forms are writ-
ten just like other parts of HTML, as seen in the example of Fig. 7-25. Note that
forms are still static content. They exhibit the same behavior regardless of who is
using them. Dynamic content, which we will cover later, provides more sophisti-
cated ways to gather input by sending a program whose behavior may depend on
the browser environment.
Like all forms, this one is enclosed between the

and

tags. The
attributes of this tag tell what to do with the data that are input, in this case using
the POST method to send the data to the specified URL. Text not enclosed in a
tag is just displayed. All the usual tags (e.g., ) are allowed in a form to let the
author of the page control the look of the form on the screen.
Three kinds of input boxes are used in this form, each of which uses the
tag. It has a variety of parameters for determining the size, nature, and
usage of the box displayed. The most common forms are blank fields for ac-
cepting user text, boxes that can be checked, and submit buttons that cause the
data to be returned to the server.
The first kind of input box is a text box that follows the text ‘‘Name’’. The
box is 46 characters wide and expects the user to type in a string, which is then
stored in the variable customer.
The next line of the form asks for the user’s street address, 40 characters
wide. Then comes a line asking for the city, state, and country. Since no

tags
are used between these fields, the browser displays them all on one line (instead
of as separate paragraphs) if they will fit. As far as the browser is concerned, the
one paragraph contains just six items: three strings alternating with three boxes.
The next line asks for the credit card number and expiration date. Transmitting
credit card numbers over the Internet should only be done when adequate security
measures have been taken. We will discuss some of these in Chap. 8.
Following the expiration date, we encounter a new feature: radio buttons.
These are used when a choice must be made among two or more alternatives. The
intellectual model here is a car radio with half a dozen buttons for choosing sta-
tions. Clicking on one button turns off all the other ones in the same group. The
visual presentation is up to the browser. Widget size also uses two radio buttons.
The two groups are distinguished by their name parameter, not by static scoping
using something like … .
The value parameters are used to indicate which radio button was pushed.
For example, depending on which credit card options the user has chosen, the
variable cc will be set to either the string ‘‘mastercard’’ or the string ‘‘visacard’’.

SEC. 7.3 THE WORLD WIDE WEB 669

AWI CUSTOMER ORDERING FORM

Widget Order Form

Name

Street address

City State
Country

Credit card #
Expires
M/C
VISA

Widget size Big
Little
Ship by express courier

Thank you for ordering an AWI widget, the best widget money can buy!

(a)
Widget Order Form
Name
Street address
City
Credit card #
Widget size Big
Thank you for ordering an AWI widget, the best widget money can buy!
Little Ship by express courier
Expires M/C Visa
State Country
Submit order
(b)
Figure 7-25. (a) The HTML for an order form. (b) The formatted page.
After the two sets of radio buttons, we come to the shipping option, repres-
ented by a box of type checkbox. It can be either on or off. Unlike radio buttons,
where exactly one out of the set must be chosen, each box of type checkbox can
be on or off, independently of all the others.

670 THE APPLICATION LAYER CHAP. 7
Finally, we come to the submit button. The value string is the label on the
button and is displayed. When the user clicks the submit button, the browser
packages the collected information into a single long line and sends it back to the
server to the URL provided as part of the

tag. A simple encoding is used.
The & is used to separate fields and + is used to represent space. For our example
form, the line might look like the contents of Fig. 7-26.
customer=John+Doe&address=100+Main+St.&city=White+Plains&
state=NY&country=USA&cardno=1234567890&expires=6/14&cc=mastercard&
product=cheap&express=on
Figure 7-26. A possible response from the browser to the server with infor-
mation filled in by the user.
The string is sent back to the server as one line. (It is broken into three lines here
because the page is not wide enough.) It is up to the server to make sense of this
string, most likely by passing the information to a program that will process it.
We will discuss how this can be done in the next section.
There are also other types of input that are not shown in this simple example.
Two other types are password and textarea. A password box is the same as a text
box (the default type that need not be named), except that the characters are not
displayed as they are typed. A textarea box is also the same as a text box, except
that it can contain multiple lines.
For long lists from which a choice must be made, the
tags are provided to bracket a list of alternatives. This list is often rendered as a
drop-down menu. The semantics are those of radio buttons unless the multiple pa-
rameter is given, in which case the semantics are those of checkboxes.
Finally, there are ways to indicate default or initial values that the user can
change. For example, if a text box is given a value field, the contents are dis-
played in the form for the user to edit or erase.
CSS—Cascading Style Sheets
The original goal of HTML was to specify the structure of the document, not
its appearance. For example,

Deborah’s Photos

instructs the browser to emphasize the heading, but does not say anything about
the typeface, point size, or color. That is left up to the browser, which knows the
properties of the display (e.g., how many pixels it has). However, many Web
page designers wanted absolute control over how their pages appeared, so new
tags were added to HTML to control appearance, such as
Deborah’s Photos

SEC. 7.3 THE WORLD WIDE WEB 671
Also, ways were added to control positioning on the screen accurately. The trou-
ble with this approach is that it is tedious and produces bloated HTML that is not
portable. Although a page may render perfectly in the browser it is developed on,
it may be a complete mess in another browser or another release of the same
browser or at a different screen resolution.
A better alternative is the use of style sheets. Style sheets in text editors allow
authors to associate text with a logical style instead of a physical style, for ex-
ample, ‘‘initial paragraph’’ instead of ‘‘italic text.’’ The appearance of each style
is defined separately. In this way, if the author decides to change the initial para-
graphs from 14-point italics in blue to 18-point boldface in shocking pink, all it re-
quires is changing one definition to convert the entire document.
CSS (Cascading Style Sheets) introduced style sheets to the Web with
HTML 4.0, though widespread use and browser support did not take off until
2000. CSS defines a simple language for describing rules that control the appear-
ance of tagged content. Let us look at an example. Suppose that AWI wants
snazzy Web pages with navy text in the Arial font on an off-white background,
and level headings that are an extra 100% and 50% larger than the text for each
level, respectively. The CSS definition in Fig. 7-27 gives these rules.
body {background-color:linen; color:navy; font-family:Arial;}
h1 {font-size:200%;}
h2 {font-size:150%;}
Figure 7-27. CSS example.
As can be seen, the style definitions can be compact. Each line selects an ele-
ment to which it applies and gives the values of properties. The properties of an
element apply as defaults to all other HTML elements that it contains. Thus, the
style for body sets the style for paragraphs of text in the body. There are also con-
venient shorthands for color names (e.g., red). Any style parameters that are not
defined are filled with defaults by the browser. This behavior makes style sheet
definitions optional; some reasonable presentation will occur without them.
Style sheets can be placed in an HTML file (e.g., using the

Network for courseworkhero.co.uk

is the most important head- ing;

is the least important one. It is up to the browser to render these ap- propriately on the screen. Typically, the lower-numbered headings will be dis- played in a larger and heavier font. The browser may also choose to use different colors for each level of heading. Usually,

headings are large and boldface with at least one blank line above and below. In contrast,

Welcome to AWI’s Home Page

Product information

Contact information

Widget Order Form

Deborah’s Photos

is the most important head-
ing;

is the least important one. It is up to the browser to render these ap-
propriately on the screen. Typically, the lower-numbered headings will be dis-
played in a larger and heavier font. The browser may also choose to use different
colors for each level of heading. Usually,

headings are large and boldface
with at least one blank line above and below. In contrast,