Unit 4: Network Layer (Layer 3)

What is the network layer?

The Network Layer is responsible for moving data across multiple networks so it can reach a destination that is not on the same LAN. Where Layer 2 handles delivery within one local network, Layer 3 handles end-to-end delivery across the internet, choosing the best path through routers and switches.

Unit of data: packet

Responsibilities

• Logical addressing — assigns globally unique IP addresses (IPv4 or IPv6).
• Routing — chooses the best path from source to destination across many networks.
• Packet forwarding — moves packets from one router to the next.
• Fragmentation and reassembly — splits large packets so they fit the smaller frame sizes of intermediate networks.
• Diagnostics — protocols like ICMP report errors (ping, traceroute).

Protocols and devices

• IP (Internet Protocol) — IPv4 (e.g. 142.250.190.46) and IPv6 (e.g. 2607:f8b0::1).
• ICMP — used by ping and traceroute.
• OSPF, RIP, EIGRP — interior routing protocols (within an organisation).
• BGP (Border Gateway Protocol) — the routing protocol of the entire internet.
• Routers and Layer-3 switches — devices that read IP headers and forward packets.

Example — sending a packet from Kathmandu to New York

You open https://example.com from your laptop in Kathmandu.

1. Your laptop wraps the request in an IP packet with destination 93.184.216.34.
2. It sends the packet to your home router.
3. The router forwards it to your ISP, which forwards it to its upstream provider.
4. Through BGP, the packet hops across maybe 10–15 routers spread across continents.
5. Each router only cares about the next hop, not the full path.
6. Eventually the packet arrives at the destination data center in the US.

The Network Layer is what makes the internet truly inter-network.

IP addressing in short

IPv4

A 32-bit address written in dotted decimal form: 192.168.1.10. There are roughly 4.3 billion possible addresses, which is why the world is moving to IPv6.

IPv6

A 128-bit address written in hexadecimal: 2001:0db8:85a3::8a2e:0370:7334. Provides ~340 undecillion addresses — enough for every device on Earth and beyond.

Public vs private

• Private ranges — 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 (used inside homes/offices, not routable on the public internet).
• Public addresses — globally unique, routable on the internet.

Real-world scenarios

Cloudflare’s 1.1.1.1 and Google’s 8.8.8.8 anycast DNS

Both companies announce the same IP address from hundreds of data centers around the world using a technique called anycast. When you query 1.1.1.1, BGP automatically routes your query to the nearest Cloudflare data center — whether that’s Singapore, Frankfurt, or São Paulo. This gives users very low latency and built-in DDoS resilience.

AWS Global Accelerator

AWS Global Accelerator gives you two static IP addresses that are advertised from over 100 AWS edge locations worldwide. Traffic enters AWS at the nearest edge and rides the AWS private backbone (not the public internet) to your application, dramatically reducing network jitter and routing instability.

BGP and the great Facebook outage

On October 4, 2021, Facebook withdrew its BGP routes by accident during a routine configuration change. Within minutes, the rest of the internet’s routers had no path to reach Facebook, Instagram, or WhatsApp — taking them offline for ~6 hours. This was a pure Layer 3 routing incident affecting billions of users.

CDNs and intelligent routing

Companies like Akamai, Fastly, and Cloudflare use sophisticated Layer 3 techniques (anycast + traffic engineering) to route every user’s request to the closest healthy server, often shaving hundreds of milliseconds off load times.

Common Layer 3 problems

• IP address conflicts on the same subnet.
• Wrong subnet mask or default gateway.
• Routing loops or misconfigured routes.
• BGP misannouncements (route hijacks).
• MTU mismatches causing fragmentation issues.