pmTCPIP

8/11/2019 pmTCPIP

http://slidepdf.com/reader/full/pmtcpip 1/96

TCP/IP Refresher

Prabhaker Mateti

(ack: Many many sources …)

8/11/2019 pmTCPIP

Mateti, TCP/IP Refresher 2

TCP/IP ?

TCP = Transmission Control Protocol

IP = Internet Protocol

Almost always includes other protocols: – UDP, User (Unreliable) Datagram

– ICMP, Internet Control Message

– ARP, Address Resolution

8/11/2019 pmTCPIP

What’s a Protocol?

An agreed upon convention forcommunication.

Protocols must be formally definedand unambiguous

8/11/2019 pmTCPIP

ICMP other

IP layer IP layer IP layer IP layerPhysical Physical Physical Physical Physical Physical

Layers

The relative heights indicate the level of functionality.

8/11/2019 pmTCPIP

Unix is a Layered

System Applications

Libraries

System Calls

Kernel

8/11/2019 pmTCPIP

Layers

The routines/methods of Layer N willnot call Layer N+1.

The routines/methods of Layer Ntypically do call the same layermethods.

The routines/methods of Layer Ntypically do call Layer N-1 methods.

8/11/2019 pmTCPIP

DoD model: Four Layers

1. Network Access Layer: Delivery overphysical media in use.

2. Internet Layer: Delivery across differentphysical networks that connect source anddestination machines.

3. Host-to-Host Layer: Connection rendezvous,flow control, retransmission of lost data,

etc. TCP and UDP protocols are in this layer.4. Process Layer: User-level functions, such as

SMTP, FTP and rlogin.

8/11/2019 pmTCPIP

OSI Reference Model

Seven Layers

7. Application

6. Presentation5. Session

4. Transport

3. Network2. Data Link

1. Physical

8/11/2019 pmTCPIP

TCP/IP & OSI

In OSI reference model terminology -the TCP/IP protocol suite covers the

network and transport layers. TCP/IP can be used on many data-link

layers (can support many network

hardware implementations).

8/11/2019 pmTCPIP

TCP UDP

Process Layer

Transport Layer

Network Layer

Data-Link Layer

Process Process

ICMP, ARP

8/11/2019 pmTCPIP

Physical Layer

Responsibility:

– transmission of raw bits over a communication

channel. Issues:

– mechanical and electrical interfaces

– time per bit

– distances

8/11/2019 pmTCPIP

Data Link Layer -

Data Link Control Responsibility:

– provide an error-free communication link

Issues:

– framing (dividing data into chunks)

header & trailer bits

– addressing

10110110101 01100010011 10110000001

8/11/2019 pmTCPIP

The Data Link Layer -

The MAC sub layer Medium Access Control (MAC) -

needed by multi-access networks.

MAC provides DLC with “virtual wires”on multi-access networks.

8/11/2019 pmTCPIP

Ethernet: A Data-Link

Layer IEEE 802.3

Variety of physical layers.

Multi-access (shared medium). Interface has a unique 6-byte hardware

address. (E.g. 00-D0-09-E8-08-61)

The broadcast address is all 1’s. Addresses are assigned to vendors by a

central authority.

8/11/2019 pmTCPIP

Mateti, TCP/IP Refresher15

An Ethernet Frame

Preamble is a sequence of alternating1’s and 0’s used for synchronization.

CRC is Cyclic Redundancy Check

8 bytes 6 6 2 0-1500 4

PreambleDestination

Address

Source

AddressLen CRCDATA

8/11/2019 pmTCPIP

The Network Layer

Responsibilities:

– path selection between systems (routing).

– subnet flow control. – fragmentation & reassembly

– translation between different network types.

Issues:

– packet headers

– virtual circuits

8/11/2019 pmTCPIP

The Transport Layer

Responsibilities: – provides virtual end-to-end links

between peer processes. – end-to-end flow control

Issues: – headers

– error detection

– reliable communication

8/11/2019 pmTCPIP

The Session Layer

Responsibilities:

– establishes, manages, and terminates

sessions between applications. – service location lookup

Many protocol suites do not include asession layer.

8/11/2019 pmTCPIP

The Presentation Layer

Responsibilities:

– data encryption

– data compression

– data conversion

Many protocol suites do not include a

Presentation Layer.

8/11/2019 pmTCPIP

The Application Layer

Responsibilities:

– anything not provided by any of the other

layers

Issues:

– application level protocols

– appropriate selection of “type of service”

8/11/2019 pmTCPIP

Layering & Headers

Each layer needs to add controlinformation.

Typically prefixed to the data beforepassing on to the lower layer.

8/11/2019 pmTCPIP

Headers

Process

Transport

Network

DataLink

Process

Transport

Network

Data Link

8/11/2019 pmTCPIP

Example Headers

Physical: no header

Data Link:

– address of the receiving endpoints

– address of the sending endpoint

– length of the data

– checksum

8/11/2019 pmTCPIP

Network layer header -

examples protocol suite

version

type of service length of the data

packet identifier

fragment number time to live

protocol

header checksum

source networkaddress

destination network

address

8/11/2019 pmTCPIP

Connecting Networks

Repeater: physical layer

Bridge: data link layer

Router: network layer

Gateway: network layer and above.

8/11/2019 pmTCPIP

Repeater

Copies bits from one network toanother

Does not look at any bits

Allows the extension of a networkbeyond physical length limitations

REPEATER

8/11/2019 pmTCPIP

Bridge

Copies frames from one network to another

Can operate selectively - does not copy all

frames (looks at data-link headers). Extends the network beyond physical length

limitations.

BRIDGE

8/11/2019 pmTCPIP

Router

Copies packets from one network toanother.

Makes decisions about what route apacket should take (looks at networkheaders).

ROUTER

8/11/2019 pmTCPIP

Gateway

Operates as a router

Data conversions above the network layer.

Conversions: – encapsulation - use an intermediate network

– translation - connect different applicationprotocols

– encryption - could be done by a gateway

8/11/2019 pmTCPIP

Mateti, TCP/IP Refresher

Encapsulation Example

Gateway Gateway

Provides service connectivity

even though intermediatenetwork does not supportprotocols.

8/11/2019 pmTCPIP

Translation

Translate from green protocol to brownprotocol

Gateway

8/11/2019 pmTCPIP

Encryption gateway

SecureNetwork

SecureNetworkEncryption/Decryption

Gateways

GW GW ? ?

?Insecure Network

8/11/2019 pmTCPIP

Hardware v. Software

Repeaters are typically hardware devices.

Bridges can be implemented in hardware or

software. Routers and gateways are typically

implemented in software so that they canbe extended to handle new protocols.

Many workstations can operate as routers orgateways.

8/11/2019 pmTCPIP

Modes of Service

connection-oriented vs. connectionless

sequencing

error-control

flow-control

byte stream vs. message based

full-duplex vs. half-duplex.

8/11/2019 pmTCPIP

Connection-Oriented

Service establishment of a logical connection

between two processes.

transfer data

terminate connection.

8/11/2019 pmTCPIP

Connectionless Service

Sends independent messages.

8/11/2019 pmTCPIP

Sequencing

Sequencing provides support for anorder to communications.

A service that includes sequencingrequires that messages (or bytes) arereceived in the same order they are

8/11/2019 pmTCPIP

Error Control

Some services require error detection.

Checksums provide a simple error

detection mechanism.

Error control sometimes involvesnotification and retransmission.

8/11/2019 pmTCPIP

Flow Control

Flow control prevents the sendingprocess from overwhelming the

receiving process. Flow control can be handled in a

variety of ways.

8/11/2019 pmTCPIP

Byte Stream vs. Message

Byte stream implies an orderedsequence of bytes with no message

boundaries. Message oriented services provide

communication service to chunks of

data called datagrams .

8/11/2019 pmTCPIP

Full- v. Half-Duplex

Full-Duplex services support thetransfer of data in both directions.

Half-Duplex services support thetransfer of data in one direction.

8/11/2019 pmTCPIP

End-to-End v. Hop-to-Hop

Service modes, flow control and errorcontrol can be

Either between endpoints of thecommunication.

Or between consecutive nodes on the

path between the endpoints.

8/11/2019 pmTCPIP

Hop-by-Hop

Process A

Process B

8/11/2019 pmTCPIP

Buffering

Buffering can provide more efficientcommunications.

Buffering is most useful for bytestream services.

Process A Process B

Buffer

8/11/2019 pmTCPIP

The IP in TCP/IP

IP is the network layer

packet delivery service (host-to-host).

translation between different data-linkprotocols.

8/11/2019 pmTCPIP

IP Datagrams

IP provides connectionless, unreliabledelivery of IP datagrams.

Connectionless: each datagram isindependent of all others.

Unreliable: there is no guarantee that

datagrams are delivered correctly or atall.

8/11/2019 pmTCPIP

IP Addresses

The address must includeinformation about what network the

receiving host is on. This makesrouting feasible.

IP addresses are not the same as the

underlying data-link (MAC)addresses.

8/11/2019 pmTCPIP

IP Addresses

Includes a network ID and a host ID.

A Network ID is assigned to an

organization by a global authority(http://www.iana.org/ )

Host IDs are assigned locally by a

system administrator.

8/11/2019 pmTCPIP

Subnet Addresses

An organization can subdivide it’s host addressspace into groups called subnets.

The subnet ID is generally used to group hosts

based on the physical network topology. It is possible to have a single wire network with

multiple subnets.

NetID SubnetID HostID

8/11/2019 pmTCPIP

IP4 Addresses

0 NetID

110 NetID

1110 Multicast Address

HostID

NetID HostID

HostID

D8 bits 8 bits 8 bits8 bits

8/11/2019 pmTCPIP

IP Addresses

An IP broadcast address has a host-ID of all 1’s.

An IP address that has a host ID of all0’s is called a network address andrefers to an entire network.

8/11/2019 pmTCPIP

IPv6 addresses

Address is 128 bits long (16 bytes)

Addresses are written in hexadecimal

Addresses can be abbreviated

3FFE:0B00:0000:0000:0000:0000:0000:00013FFE:0B00::0001

3FFE:B00::1

There is no broadcast addresses, only multicast.

Loopback address is ::1

Addresses are scoped – Link-local, site-local, global

8/11/2019 pmTCPIP

IP6 Address

16 bits

3FFE: 0B00: 1234: 0000: 0000: 0000: 0000: 0001

128 bits

8/11/2019 pmTCPIP

IP4-Compatible IP6 Address

0000 . . . 0000 IP4 Address0000

80 bits 32 bits16 bits

80 bits of 0s followed by 16 bits of 0s,

followed by a 32 bit IP4 Address:

8/11/2019 pmTCPIP

Services provided by IP

Connectionless Delivery (eachdatagram is treated individually).

Unreliable (delivery is notguaranteed).

Fragmentation / Reassembly (based

on hardware MTU). Routing.

Error detection.

8/11/2019 pmTCPIP

IP Datagram

VERS HL

Fragment Offset

Fragment LengthService

Datagram ID FLAGTTL Protocol Header Checksum

Source IP Address

Destination IP Address

Options (if any)

(TCP) Data

1 byte1 byte 1 byte 1 byte

IP D t

8/11/2019 pmTCPIP

IP DatagramFragmentation

Fragmentation can happen when datagramsare forwarded through a network for whichthey are too big.

IP specifies that datagram reassembly isdone only at the destination (not on a hop-by-hop basis).

If any of the fragments are lost the entiredatagram is discarded (and an ICMPmessage is sent to the sender).

ICMP (Internet Control

8/11/2019 pmTCPIP

ICMP (Internet ControlMessage Protocol)

ping www.yahoo.com

ICMP uses IP to deliver messages.

ICMP messages are usually generatedand processed by the IP layer, not theuser process.

8/11/2019 pmTCPIP

UDP (U D t

8/11/2019 pmTCPIP

UDP (User DatagramProtocol)

UDP is a transport protocol

Uses IP to deliver datagrams

Connectionless, Unreliable, Minimal

UDP uses ports to providecommunication services to individual

processes.

8/11/2019 pmTCPIP

Port : an abstract destination point.

Ports are identified by a positive 16-bit

integer. Operating systems provide some

mechanism that processes use to

specify a port.

8/11/2019 pmTCPIP

Host A Host B

Process

8/11/2019 pmTCPIP

UDP Datagram Format

Source Port Destination Port

Length Checksum

8/11/2019 pmTCPIP

Sockets

8/11/2019 pmTCPIP

Sockets

An active socket is connected to aremote active socket. Closing the

connection destroys the active socketsat each endpoint.

A passive socket is not connected, but

rather awaits an incoming connection,which will spawn a new active socket.

8/11/2019 pmTCPIP

Sockets v. Ports

A socket is not a port. A socket isassociated with a port. This is a many-

to-one relationship. Each port can have a single passive

socket, awaiting incoming connections,

and multiple active sockets, eachcorresponding to an open connectionon the port.

8/11/2019 pmTCPIP

Transmission Control Protocol :

Connection-oriented

Reliable

Full-duplex

Byte-Stream

8/11/2019 pmTCPIP

Connection

Four Numbers: Source IP Address,Source Port, Destination IP Address,

Destination Port “connection is established”: Operating

Systems of both source and

destination hosts are maintaining “state information” re the connection.

8/11/2019 pmTCPIP

Connection-Oriented

Connection oriented means that avirtual connection is established before

any payload data is transferred. If the connection cannot be

established the user program is

notified. If the connection is ever interrupted

the user program is notified.

8/11/2019 pmTCPIP

Connection establishment

Connection establishment phase isrequired

Ensures that the receiving processis available and to synchronizesequence numbers, etc.

8/11/2019 pmTCPIP

Reliable

Every transmission of data isacknowledged by the receiver.

If the sender does not receive ACKwithin a specified amount of time, thesender retransmits the data.

ACK can be piggybacked on data.

8/11/2019 pmTCPIP

Byte Stream

Stream means that the connection istreated as a stream of bytes.

The user application does not need topackage data in individual datagrams(as with UDP).

8/11/2019 pmTCPIP

Buffering

TCP is responsible for buffering dataand determining when it is time to

send a datagram. It is possible for an application to tell

TCP to send the data it has buffered

without waiting for a buffer to fill up.

8/11/2019 pmTCPIP

TCP/UDP Ports

Reserved Ports less than 1024: Only rootcan bind to these ports.

Local Port of a process that requested the

connection. Usually a random number, 0-65535. Remote Port: What application accepted

the connection. Usually a known number. /etc/services. E.g.,

– 80 for HTTP – 143 for IMAP – 443 for HTTP/SSL

8/11/2019 pmTCPIP

TCP Segment Format

Destination Port

Options (if any)

1 byte 1 byte

Source Port

Sequence NumberRequest Number

1 byte 1 byte

offset Res Control Window

Checksum Urgent Pointer

8/11/2019 pmTCPIP

Sequence Number

The “positional” number of the firstdata byte in this segment, except

when SYN control flag is 1. If SYN is 1 the sequence number is

the initial sequence number (ISN).

32 bit unsigned integer

8/11/2019 pmTCPIP

Acknowledgment Number

If the ACK control bit is set, this fieldcontains the value of the next

sequence number the sender of thesegment is expecting to receive. Oncea connection is established this isalways included.

8/11/2019 pmTCPIP

TCP v. UDP

Q: Which protocol is better ? A: It depends on the application.

TCP provides a connection-oriented,reliable byte stream service (lots ofoverhead).

UDP offers minimal datagram deliveryservice (as little overhead as possible).

8/11/2019 pmTCPIP

TCP three-way handshake

Establishes a connection.

1. A: “I would like to talk to you B.”

A sends a SYN packet to B2. B: “Ok, let's talk.”

B sends a SYN-ACK packet to A

3. A: “Thanks for agreeing.”

A sends ACK to B

8/11/2019 pmTCPIP

TCP three-way handshake

Flags src dst seq ack

SYN 1037 80 102723769 0

SYN-ACK 80 1037 1527857206 102723770

ACK 1037 80 102723770 1527857207

8/11/2019 pmTCPIP

Four-Way Handshake

The Four-Way Handshake terminatesa previously established connection:

1. A to B: FIN2. B to A: ACK

3. B to A: FIN

4. A to B: ACK

8/11/2019 pmTCPIP

Connection Resetting

Host X sends an RST packet resettingthe connection if: – Y requested a connection to a non-

existent port P on host X, or

– For whatever reason (idle for a long time,or an abnormal condition, ...), the host X(client or the sever) wishes to close theconnection.

Resetting is unilateral.

pmTCPIP

Documents