* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Document
Wireless security wikipedia , lookup
IEEE 802.1aq wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
Dynamic Host Configuration Protocol wikipedia , lookup
Multiprotocol Label Switching wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Network tap wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer network wikipedia , lookup
Deep packet inspection wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Airborne Networking wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Internet protocol suite wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Departamento de Tecnología Electrónica Some of these slides are copyrighted by: Chapter 3 The Network Layer. Associated Protocols Computer Networking: A Top Down Approach 5th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009. The Network Layer. Associated Protocols 1 Chapter 3: Network Layer. Associated Protocols Chapter goals: understand advanced principles behind network layer services: network layer error control IPv4 address dynamic configuration routing (path selection) address translation IP security advanced topics: IPv6. The Network Layer. Associated Protocols 2 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 3 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 4 ICMP: Internet Control Message Protocol used by hosts & routers to communicate network-level information error reporting: unreachable host, network, port, protocol warnings from routers or receivers network-layer above IP: ICMP msgs carried in IP datagrams all the nodes using IP must have ICMP implemented ICMP msgs are only created for the first IP fragment The Network Layer. Associated Protocols 5 ICMP: Internet Control Message Protocol Message format ICMP msgs carried in IP datagrams • Protocol field = 1 in IP header • Source IP addr = host sending ICMP msg Type 0 3 3 3 3 5 8 11 Code 0 0 1 2 3 0 0 0 description echo reply (ping) dest. network unreachable dest host unreachable dest protocol unreachable dest port unreachable ICMP redirect echo request (ping) TTL expired The Network Layer. Associated Protocols 6 ICMP: Internet Control Message Protocol Ping Sends data pkt and waits for a response Based on Type 8 and Type 0 ICMP messages Functions: • Check host connectivity • Ping sends pkts with unique seq numbers – Detection ofduplicate, reordered and eliminated pkts • Ping use cheksums in every pkt – Detection of corrupted pkts • Ping allows RTT (Round Trip Time) calculation • Ping allows the detection of other ICMP messages. The Network Layer. Associated Protocols 7 ICMP: Internet Control Message Protocol Ping Echo request and echo reply 1 byte 1 byte 2 bytes +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Id | Sequence number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type: 8 (Echo request) or 0 (Echo reply) Code: 0 Id: number of identificación (optional) Sequence number (optional) The Network Layer. Associated Protocols 8 ICMP: Internet Control Message Protocol Ping Syntax ping [options] destination_host Options -w timeout Timeout in milliseconds to wait for each reply. -i TTL Time To Live. -v TOS Type Of Service. -a Resolve addresses to hostnames. -n count Number of echo requests to send. -t Ping the destination host until interrupted. To see statistics and continue type Control-Break; To stop type Control-C. -l size Send buffer size. -f Set Don't Fragment flag in packet (IPv4-only). -r count Record route for count hops (IPv4-only). -s count Timestamp for count hops (IPv4-only). -j host_list Loose source route along host_list (IPv4-only). -k host_list Strict source route along host_list (IPv4-only). destination_host The name of the remote host -R Use routing header to test reverse route also (IPv6-only). -S srcaddr Source address to use (IPv6-only). -4 Force using IPv4. -6 Force using IPv6 The Network Layer. Associated Protocols 9 ICMP: Internet Control Message Protocol Tracert (Trace route) Source sends echo requests to dest • First has TTL =1 • Second has TTL=2, etc. When nth datagram arrives to nth router: • Router discards datagram • And sends to source an ICMP message (type 11, code 0) • Message includes name of router& IP address Stopping criterion Echo request eventually arrives at destination host Destination returns echo reply When source gets this ICMP, stops. Tracert does this 3 times per router The Network Layer. Associated Protocols 10 ICMP: Internet Control Message Protocol Tracert (Trace route) Echo request TTL = 3 Echo request TTL = 2 Echo request TTL = 1 Echo request TTL = 2 Echo request TTL = 1 X X Echo request TTL = 4 Echo request TTL = 3 ICMP message TTL exceeded (type 11) ICMP message ICMP message TTL exceeded (type 11) TTL exceeded (type 11) Echo request TTL = 1 X Echo request TTL = 2 Echo request TTL = 1 Echo reply The Network Layer. Associated Protocols 11 ICMP: Internet Control Message Protocol Destination unreachable (type 3) Most usual code values (causes) • Code 1: host unreachable • Code 3: port unreachable • Code 4: fragmentation needed The Network Layer. Associated Protocols 12 ICMP: Internet Control Message Protocol ICMP Redirect (type 5) useful when there are some possible gateways Steps RED A Router A (2) (1) Router B Packet is sent to default gateway Default gateway sends packet to router B Default gateway sends ICMP redirect to host (3) RED B The Network Layer. Associated Protocols 13 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 14 Dynamic Address Configuration Address configuration static dynamic: automatic and more efficient Dynamic Address Configuration Protocols RARP: Reverse Address Resolution Protocol BootP: Bootstrap Protocol DHCP: Dynamic Host Configuration Protocol The Network Layer. Associated Protocols 15 Dynamic Address Configuration RARP RARP: Reverse Address Resolution Protocol Given a MAC, an IP address is assigned Messages have the same structure as ARP ones RARP is limited and, thus, obsolete. The Network Layer. Associated Protocols 16 Dynamic Address Configuration BootP BootP Protocol: Bootstrap Protocol Used to obtain IP automatically (generally in boot process) Not usually utilized for Dynamic Address Configuration, as DHCP is an improved version of BootP. BootP process Host determines its own MAC Host sends its IP to server’s port 67 (0.0.0.0 if doesn’t know its IP and 255.255.255.255 if doesn’t’ know the server’s one) Server searches host’s MAC in a configuration file Server fills server’s and host’s IPs in UDP datagram Host saves its IP and boots The Network Layer. Associated Protocols 17 Dynamic Address Configuration BootP message Code: BootPRequest & BootPReply Transaction id HW address: e.g. MAC Server host name (server does not need to be in the same broadcast domain) Boot file name Vendor specific area • Magic cookie: shows the kind of optional info below • A critical field for DHCP The Network Layer. Associated Protocols 18 Dynamic Address Configuration DHCP Dynamic Host Configuration Protocol (DHCP) – RFC 2131: Capable of automatically assign reusable (IP address leasing) Based on BootP, standardizing Vendor Specific Area field in BootP PDU (312 bytes). 3 mechanisms for the assignment of IP addresses: • Automatic assignment: – DHCP assigns a permanent IP address to the host. • Dynamic assigment: – DHCP assigns an IP address for a limited period of time -> automatic reuse of nonneccessary IP addresses • Static assignment: – IP address assigned by network administrator The Network Layer. Associated Protocols 19 Dynamic Address Configuration DHCP message Same as BootP message except options field (312 bytes) instead of Vendor Specific Area • First four bytes: magic cookie -> 99.130.83.99 (means DHCP). • Different options. Most important below – 50: requested IP address – 51: IP address lease time – 53: type of DHCP message The Network Layer. Associated Protocols 20 Dynamic Address Configuration DHCP cycle Besides: 1. DHCP DISCOVER: tries to find a DHCP Server. 2. DHCP OFFER: the server/s offers an IP address 3. DHCP REQUEST: the client requests some parameters (generally the ones oferred by the server) 4. DHCP ACK: server ACK • DHCP RELEASE: releases IP address • DHCP DECLINE. The offered IP is in use • DHCP INFORM: requests some configuration parameters • DHCP NAK: if server does not accept request 1 2 3 4 DHCP Client DHCP Server The Network Layer. Associated Protocols 21 Dynamic Address Configuration Other DHCP features A router may be a DHCP server BootP Relay: when the server is not in the same client’s broadcast domain Gratuitous ARP: ARP request by the client of its own IP. Checks if the assigned IP is busy. Option 50: client requests a fixed IP Option 51: IP address lease time Maximum DHCP message size: 576 bytes The Network Layer. Associated Protocols 22 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 23 Routing in the internet Network layer functions Addressing Routing Routing: finding the BEST route Which route? Best route depends on different criteria: # of hops, transfer rate, load of a link, cost, reliability… Different routes • Link breakage • Slow links The Network Layer. Associated Protocols 24 Routing in the internet Two approaches Virtual circuit • Route is established in connection start Datagram • Rcvr addr is inside every packet Which route? The Network Layer. Associated Protocols 25 Virtual circuit vs. Datagram Virtual circuit Error & flow control; order maintenance Connection oriented Datagram Each packet is an independent unit • Dest addr in every packet • Packets may arrive disordered to dest • No error or flow control • Three phases: establishment, transfer & termination Advantages • Efficiency • QoS Advantages • More simple • No connection -> better for short-time tx • More reliable • Better for heterogeneous networks The Network Layer. Associated Protocols 26 Packet flow Unicast Broadcast Multicast The Network Layer. Associated Protocols 27 Unicast Individual flows: one tx, one rx A 4 flows 2 flows B C D E F The Network Layer. Associated Protocols 28 Broadcast one tx, everyone rx A 1 flow 1 flow B C D E F The Network Layer. Associated Protocols 29 Multicast one flow, only desired rx A 1 flow 1 flow B C D E F The Network Layer. Associated Protocols 30 Unicast routing Objective Carry pkts from sender to receiver Network-layer routing Hierarchic addressing: first finds network & the host Routing algorithm Router calculates the way of routing Routing algorithm features Correct Simple Robust Fair Optimum The Network Layer. Associated Protocols 31 Routing algorithms Router Network device that interconnects networks & implements routing algorithm Routing algorithm decides which interface is correct Routing Engine Routing Table Input gateways Router Output gateways The Network Layer. Associated Protocols 32 Routing algorithms Classification Static routing Adaptive routing • Centralized • Isolated • Distributed: most used on the internet (RIP/OSPF) The Network Layer. Associated Protocols 33 Static Routing Does not consider current network condition Routes are determined before starting network service Advantages Simple Good results for constant traffic and network topology Disadvantages Not suitable for networks with changing topology Not suitable for big networks -> not scalable The Network Layer. Associated Protocols 34 Adaptive Routing Decisions based on Current topology Network condition (congested links) Better than static routing but more difficult to implement Three subgroups Centralized Adaptive Routing Isolated Adaptive Routing Distributed Adaptive Routing The Network Layer. Associated Protocols 35 Centralized Adaptive Routing Routing Control Center (RCC) Nodes (routers) send info about their condition to RCC List of neighbour nodes Queue length Use of links RCC Receives the information Calculates optimum route for every two nodes Calculates routing table for every node Distributes tables to nodes Disadvantages RCC & links to RCC -> bottlenecks Inaccurate calculation The Network Layer. Associated Protocols 36 Isolated Adaptive Routing No info interchange between nodes Decisions based only on local info -> simple Example Flooding The Network Layer. Associated Protocols 37 Distributed Adaptive Routing Used on the internet Two subgroups Distance vector algorithms • Decisions based on the information received from neighbour nodes • E.g. RIP (Routing Information Protocol) Link state algorithms • All the nodes know the state of the network • Some time to propagate changes • E.g. OSPF (Open Short Path First) The Network Layer. Associated Protocols 38 RIP: Routing Information Protocol Routing Information Protocol (RIP) – RFC 1058 (RIP), RFC 1723 (RIPv2): Routing Protocol (applicationlayer protocol over UDP – port 520 -) RIPv2 is identical to RIP, but with two extensions: Allows CIDR Authentication mechanism Metric: hop counts Maximum number of hops -> 15 Better for homogeneous networks Routing table distance vector-based Routing table updates: Periodic updates: via broadcast (in RIPv2: multicast to 224.0.0.9) Updates when network topology changes The Network Layer. Associated Protocols 39 RIP: Routing Information Protocol RIP functioning Update from neighbour N arrives to a router R: Networks known by N, and not by R, are included in R’s routing table. If N knows a better route for a network known by both, R’s routing table is updated Metric (# of hops) is increased by one Update messages tx to neighbours. Two ways • Not using split horizon technique: Updates are sent to all the neighbours. • Using split horizon technique. Updates sent to all the neighbours, except to those who informed about the best route. The Network Layer. Associated Protocols 40 RIP: Routing Information Protocol RIP timers Routing-update timer: 30 seconds – random time Route-timeout timer: after timeout -> invalid route Route-flush timer: after timeout -> deletes route from enrouting table The Network Layer. Associated Protocols 41 RIP: Routing Information Protocol RIP message Command Request (1) Response (2): most common (updates) Version: v1 or v2 RIP version 2: most important field -> subnet mask -> allows CIDR (subnetting) The Network Layer. Associated Protocols 42 OSPF: Open Short Path First Autonomous System (AS) AS: IP networks with a common routing management Open Short Path First (OSPF) Used for interior routing inside an AS Larger networks than RIP (usually) Open protocol (RFC 2328) The Network Layer. Associated Protocols 43 OSPF: Basic Foundations Open Short Path First (OSPF) Open Short Path First (OSPF) Link state routing protocol Updates disseminated to entire Dijkstra algorithm to find the BEST route A router builds a graph Graph weights are configured by the network administrator All equal to 1 (similar to RIP) Inversely proportional to BW (usual criterium) Any criteria may be fixed AS (via flooding) Changes in topology Periodically (once every 30 min, at least) carried in OSPF messages directly over IP (rather than TCP or UDP) -> protocol field: 89 Link connectivity is checked by HELLO msgs for neighbours The Network Layer. Associated Protocols 44 OSPF advanced features (not in RIP) security: all OSPF messages authenticated For each link, multiple cost metrics for different TOS integrated unicast and multicast support: Multicast OSPF (MOSPF) hierarchical OSPF in large domains. The Network Layer. Associated Protocols 45 OSPF header Checksum: error control Authentication Value Type 1 HELLO 2 Database description 3 Link state request 4 Link state update 5 Link state ACK The Network Layer. Associated Protocols 46 BGP: Border Gateway Protocol Problem: Different IP networks do not have to use same routing protocol Two types of protocols IGP (Interior Gateway Protocols): define routing inside an AS. (RIP, OSPF…) EGP (Exterior Gateway Protocols): define routing between different AS. BGP (Border Gateway Protocol): most common EGP (RFC 4271) The Network Layer. Associated Protocols 47 BGP: Main features BGP provides each AS means to: 1. Obtain subnet reachability information from neighboring ASs. 2. Propagate reachability information to all ASinternal routers. allows subnet to advertise its existence to rest of Internet The Network Layer. Associated Protocols 48 BGP: Main features Every AS: ASN = Autonomous System Number) Inside every AS -> AS routing protocol Outside AS -> “border router”: border routers in different AS exchange their routing tables BGP works over TCP (port 179) The Network Layer. Associated Protocols 49 BGP: Example The Network Layer. Associated Protocols 50 Multiprotocol routing IP is not the only network-layer protocol (IPX, DecNET, Apple Talk…) Only hosts using the same network-layer protocol can communicate with each other Multiprotocol routers prevent from using different routers for every protocol Host Y IP Host A IPX Router Host B IP The Network Layer. Associated Protocols Host Z IPX 51 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 52 Address Translation: NAT Problem: limited number of IP addr. Solutions o Subnetting o Private IP addr • 10.0.0.0/8 • 172.16.0.0/12 • 192.168.0.0/16 • 169.254.0.0/16 The Network Layer. Associated Protocols 53 Address Translation: NAT Private IP addr: how can the dest know whose is the private IP addr? Solution: NAT (Network Address Translation) o Mechanism used to modify the IP addr inside pkts o Allows private IP addr (inside networks) communication with public IP addr (outside networks) o NAT routers must keep a NAT table with translation in both directions The Network Layer. Associated Protocols 54 NAT basic functioning NAT Router has one or more IP addr for NAT -> for translating private IP into public IP NAT Router modifies “Source IP addr” field in the IP header & stores matching public & pvt addr in the NAT Table Dest responds to modified addr NAT Router searches on its NAT Table & matches public & pvt addr, sending the pkt to the pvt IP Source addr 192.168.1.10 Dest addr 150.214.141.20 Source addr Dest addr 150.214.141.2 150.214.141.20 IP packet IP packet Inside network Outside network NAT Router 192.168.1.1 150.214.141.1 NAT Table Host A 192.168.1.10 Source addr 150.214.141.20 Dest addr Host Z 150.214.141.20 150.214.141.2 IP packet The Network Layer. Associated Protocols 55 Types of NAT Dynamic NAT Static NAT NAPT (Network Address Port Translation) The Network Layer. Associated Protocols 56 Dynamic NAT Translation is unidirectional Traffic comes from the inside network Translation is temporary Once public IP addr is not in use, it is deleted from NAT Table Source addr 192.168.1.10 Dest addr 150.214.141.20 Source addr Dest addr 150.214.141.2 150.214.141.20 IP packet IP packet Inside network Outside network NAT Router 192.168.1.1 150.214.141.1 NAT Table Private IP 192.168.1.10 Public IP 150.214.141.2 Host A 192.168.1.10 Source addr 150.214.141.20 Host Z 150.214.141.20 Dest addr 150.214.141.2 IP packet Source addr 150.214.141.20 Dest addr 150.214.141.2 IP packet The Network Layer. Associated Protocols 57 Dynamic NAT Advantage Saves public IP addr Disadvantage Traffic always initiated from the inside network -> does not allow servers Source addr 192.168.1.10 Dest addr 150.214.141.20 Source addr Dest addr 150.214.141.2 150.214.141.20 IP packet IP packet Inside network Outside network NAT Router 192.168.1.1 150.214.141.1 NAT Table Private IP 192.168.1.10 Public IP 150.214.141.2 Host A 192.168.1.10 Source addr 150.214.141.20 Host Z 150.214.141.20 Dest addr 150.214.141.2 IP packet Source addr 150.214.141.20 Dest addr 150.214.141.2 IP packet The Network Layer. Associated Protocols 58 Static NAT Translations are in the NAT Table since routers are configured Communication may be initiated by both the inside & the outside networks Public IP addr must be known (via DNS) by the hosts in the outside network Source addr 192.168.1.10 Dest addr 150.214.141.20 Source addr Dest addr 150.214.141.2 150.214.141.20 IP packet IP packet Outside network Inside network NAT Router 192.168.1.1 150.214.141.1 NAT Table Private IP 192.168.1.10 Public IP 150.214.141.2 static Host A 192.168.1.10 Source addr 150.214.141.20 Host Z 150.214.141.20 Dest addr 150.214.141.2 IP packet Source addr 150.214.141.20 Dest addr 150.214.141.2 IP packet The Network Layer. Associated Protocols 59 Static NAT Advantage Allows servers Disadvantage One public IP addr per pvt IP addr… but both dynamic & static NAT may be used together Source addr 192.168.1.10 Dest addr 150.214.141.20 Source addr Dest addr 150.214.141.2 150.214.141.20 IP packet IP packet Outside network Inside network NAT Router 192.168.1.1 150.214.141.1 NAT Table Private IP 192.168.1.10 Public IP 150.214.141.2 static Host A 192.168.1.10 Source addr 150.214.141.20 Host Z 150.214.141.20 Dest addr 150.214.141.2 IP packet Source addr 150.214.141.20 Dest addr 150.214.141.2 IP packet The Network Layer. Associated Protocols 60 NAPT Transport-Layer Port Identifiers are used Several pvt IP addr may be translated into a unique public IP addr Source addr Source port Host A 192.168.1.11 192.168.1.11 1576 Dest addr Dest port 150.214.141.19 80 Source addr Source port 150.214.141.2 IP packet 1576 Dest addr 150.214.141.19 Dest port Host Y 150.214.141.19 80 IP packet NAPT Router 192.168.1.1 150.214.141.1 Inside network Outside network NAPT Table Host B 192.168.1.12 Source addr Source port 192.168.1.12 1576 IP packet Private IP local 192.168.1.11:1576 local 192.168.1.12:1576 Public IP global 150.214.141.2:1576 global 150.214.141.2:1577 Dest addr Source addr Source port 150.214.141.20 Dest port 21 150.214.141.2 1577 Dest addr 150.214.141.20 Host Z 150.214.141.20 Dest port 21 IP packet The Network Layer. Associated Protocols 61 About NAT Not every app work properly when going through a NAT router (e.g, BOOTP) Difficult to follow the traffic that goes through several NAT routers NAT increases router processing time NAPT is a type of NAT -> there are also dynamic NAPT & static NAPT. Both may also be used together The Network Layer. Associated Protocols 62 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 63 IPv6 Initial motivation: 32-bit address space completely allocated. Basic changes: 128-bit address space • E.g: 2002:96d6:8ddc::96dc:6301 (the bits remaining are zeros) header format helps speed processing/forwarding 40-byte header (fixed size) Other changes based on previous experience on IPv4 The Network Layer. Associated Protocols 64 IPv6 header Version: 6 Priority: identify priority among datagrams in flow Flow Label: identify datagrams in same “flow.” (concept of“flow” not well defined). Payload length: data field length Next header: identify upper layer protocol for data Hop limit: analog to IPv4 TTL field Src & Dest addr: 128 bytes The Network Layer. Associated Protocols 65 Changes from IPv4 Checksum: removed entirely to reduce processing time at each hop Fragmentation: removed from IPv6, also to reduce processing time Options: allowed, but outside of header, indicated by “Next Header” field ICMPv6: new version of ICMP additional message types, e.g. “Packet Too Big” The Network Layer. Associated Protocols 66 Transition from IPv4 to IPv6 Not all routers can be upgraded simultaneous no D Day How will the network operate with mixed IPv4 and IPv6 routers? Tunneling: IPv6 carried as payload in IPv4 datagram among IPv4 routers The Network Layer. Associated Protocols 67 Chapter 3: Network Layer. Associated Protocols 3.1 IPv4 error control: ICMP 3.2 IPv4 address dynamic configuration: DHCP 3.3 Routing in the Internet 3.4 Address Translation: NAT 3.5 IP version 6 3.6 IP security: IPsec RIP OSPF BGP Multiprotocol routing The Network Layer. Associated Protocols 68 IPsec Security in Network layer We will see in the next chapter: security The Network Layer. Associated Protocols 69