3 Tcp Ip Model

8/3/2019 3 Tcp Ip Model

1/11

3

TCP/IP Model


2/11


3/11

-Crossover cables should be used when you connect a DTE device to another DTE device or a DCE to another

DCE.

Use a crossover cable for the following connection types

hub to another hub

switch to another switch

hub to a switchPC, router, or file server to another PC, router, or file server

3.1.2 Layer 1 Devices

1- RepeaterA repeater is an electronic device that receives a signal and

retransmits it at a higher level and/or higher power, or onto the

other side of an obstruction, so that the signal can cover longer

distances.

2- HUBA hub is a device for connecting multiple twisted pair or fiber

optic Ethernet devices together and making them act as a single

network segment. The device is a form ofmultiport repeater.
http://en.wikipedia.org/wiki/Electronicshttp://en.wikipedia.org/wiki/Signal_%28information_theory%29http://en.wikipedia.org/wiki/Retransmithttp://en.wikipedia.org/wiki/Ethernet_over_twisted_pairhttp://en.wikipedia.org/wiki/Optical_fiberhttp://en.wikipedia.org/wiki/Optical_fiberhttp://en.wikipedia.org/wiki/Ethernethttp://en.wikipedia.org/wiki/Network_segmenthttp://en.wikipedia.org/wiki/Multiport_repeaterhttp://en.wikipedia.org/wiki/Multiport_repeaterhttp://en.wikipedia.org/wiki/Network_segmenthttp://en.wikipedia.org/wiki/Ethernethttp://en.wikipedia.org/wiki/Optical_fiberhttp://en.wikipedia.org/wiki/Optical_fiberhttp://en.wikipedia.org/wiki/Ethernet_over_twisted_pairhttp://en.wikipedia.org/wiki/Retransmithttp://en.wikipedia.org/wiki/Signal_%28information_theory%29http://en.wikipedia.org/wiki/Electronics


4/11

3.2Layer 2: Data Link LayerThe data link layer provides reliable transit of data across a physical network link. Different data

link layer specifications define different network and protocol characteristics, including physical

addressing, network topology, error notification, sequencing of frames, and flow control. Physical

addressing (as opposed to network addressing) defines how devices are addressed at the data link

layer. Network topology consists of the data link layer specifications that often define how devices

are to be physically connected, such as in a bus or a ring topology. Error notification alerts upper-

layer protocols that a transmission error has occurred, and the sequencing of data framesreorders frames that are transmitted out of sequence. Finally, flow control moderates the

transmission of data so that the receiving device is not overwhelmed with more traffic than it can

handle at one time.

The Institute of Electrical and Electronics Engineers (IEEE) has subdivided the data link layer into two

sublayers: Logical Link Control (LLC) and Media Access Control (MAC).

The Data Link Layer Contains Two Sublayers

3.2.1 MAC AddressThe data link layer uses MAC, or hardware, addresses for communication. For LAN communications,each machine on the same network segment or topology needs a unique MAC address. A MAC addressis 48 bits in length and is represented as a hexadecimal number. Represented in hex, it is 12 characters

in length. To make it easier to read, the MAC address is represented in a dotted hexadecimal format,like this: FFFF.FFFF.FFFF. It is also common to see MAC addresses formatted in this way:FF:FF:FF:FF:FF:FF. Since the MAC address uses hexadecimal numbers, the values used range from 0to 9 and A to F, for a total of 16 values for a single digit.


5/11

3.2.2 Carrier Sense Multiple Access / Collision Detection (CSMA/CD)

- Main procedure1.Frame ready for transmission.2.Is medium idle? If not, wait until it becomes ready3.Start transmitting.4.Did a collision occur? If so, go to collision detected procedure.5.Reset retransmission counters and end frame transmission.

- Collision detected procedure1. Continue transmission until minimum packet time is reached

(jam signal) to ensure that all receivers detect the

collision.

2. Increment retransmission counter.

3. Was the maximum number of transmission

attempts reached? If so, abort transmission.

4. Calculate and wait random backoff period based

on number of collisions.

5. Re-enter main procedure at stage 1.

3.2.3 Ethernet Frame

1. Preamble : 8 bytes 10101010 (Bit Synchronization Clocking)

2. Destination : 6 bytes (Destination MAC)

3. Source : 6 bytes (Source MAC)

4. Length : 2 bytes (Length Of Frame)

5. Data : variable (LLC encapsulated data)

6. FCS : 4 bytes (Frame Check Sequence)

3.2.4 Layer 2 Devices

1- Bridge Bridges are similar to repeaters or network hubs, devices that connect network segments;

however, with bridging, traffic from one network is managed rather than simply rebroadcast to

adjacent network segments.

2- Switch It is a multiport Bridge.
http://en.wikipedia.org/wiki/Repeaterhttp://en.wikipedia.org/wiki/Network_hubhttp://en.wikipedia.org/wiki/Network_hubhttp://en.wikipedia.org/wiki/Repeater


6/11

3.3 Layer 3: The Network LayerThe Network Layer is responsible for routing packets delivery including routing through intermediate routers. The

Network Layer is responsible for routing packets delivery including routing through intermediate routers

3.2.1 IP AddressingThe Internet Protocol (IP) is a protocol used for communicating data across a packet-switched internetwork using

TCP/IP suit

An Internet Protocol (IP) address is a numerical label that is assigned to devices participating in a computer network

that uses the Internet Protocol for communication between its nodes.

An IP address serves two principal functions:

- host or network interface identification

- location addressingThe designers of TCP/IP defined an IP address as a 32-bit number and this system, known as Internet Protocol

Version 4 or IPv4, is still in use today. Although IP addresses are stored as binary numbers, they are usually displayed

in human-readable notations, such as 208.77.188.166 (for IPv4).

3.2.2 IP Classes

Class Leading

Bits

Size of Network

Number Bit field

Size of Rest

Bit field

Number

of Networks

Addresses

per Network

Start address End address

Class A 0 8 24 128 (27) 16,777,216 (2

24) 0.0.0.0 127.255.255.25

Class B 10 16 16 16,384 (214

) 65,536 (216

) 128.0.0.0 191.255.255.25

Class C 110 24 8 2,097,152 (221

) 256 (28) 192.0.0.0 127.255.255.25

Class D

(multicast)

1110 Not defined Not defined Not defined Not defined 224.0.0.0 239.255.255.25

Class E

(reserved)

1111 Not defined Not defined Not defined Not defined 240.0.0.0 255.255.255.25

3.2.3 Private IP Addresses

Class Private Networks Subnet Mask Address Range

A 10.0.0.0 255.0.0.0 10.0.0.0 - 10.255.255.255

B 172.16.0.0 - 172.31.0.0 255.240.0.0 172.16.0.0 - 172.31.255.255

C 192.168.0.0 255.255.0.0 192.168.0.0 - 192.168.255.255
http://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Routinghttp://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Routinghttp://en.wikipedia.org/wiki/Protocol_%28computing%29http://en.wikipedia.org/wiki/Packet-switchedhttp://en.wikipedia.org/wiki/Internetworkhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Identification_%28information%29http://en.wikipedia.org/wiki/Logical_addresshttp://en.wikipedia.org/wiki/32-bithttp://en.wikipedia.org/wiki/IPv4http://en.wikipedia.org/wiki/IPv4http://en.wikipedia.org/wiki/Binary_numberhttp://en.wikipedia.org/wiki/Human-readablehttp://en.wikipedia.org/wiki/IPv4http://en.wikipedia.org/wiki/IPv4http://en.wikipedia.org/wiki/Human-readablehttp://en.wikipedia.org/wiki/Binary_numberhttp://en.wikipedia.org/wiki/IPv4http://en.wikipedia.org/wiki/IPv4http://en.wikipedia.org/wiki/32-bithttp://en.wikipedia.org/wiki/Logical_addresshttp://en.wikipedia.org/wiki/Identification_%28information%29http://en.wikipedia.org/wiki/Internet_Protocolhttp://en.wikipedia.org/wiki/Computer_networkhttp://en.wikipedia.org/wiki/Internetworkhttp://en.wikipedia.org/wiki/Packet-switchedhttp://en.wikipedia.org/wiki/Protocol_%28computing%29http://en.wikipedia.org/wiki/Routinghttp://en.wikipedia.org/wiki/Packet_forwardinghttp://en.wikipedia.org/wiki/Routinghttp://en.wikipedia.org/wiki/Packet_forwarding


7/11

3.2.4 SubnettingThe process of subnetting involves the separation of the network and

subnet portion of an address from the host identifier. This is performed

by a bitwise AND operation between the IP address and the subnet prefix

or bit mask. The result yields the network address, and the remainder is

the host identifier.

In order to subnet a network, extend the natural mask using some of the bits from the host ID portion of the

address to create a subnetwork ID. For example, given a Class C network of 204.17.5.0 which has a natural maskof 255.255.255.0

204.17.5.0 - 11001100.00010001.00000101.00000000

255.255.255.224 - 11111111.11111111.11111111.11100000

--------------------------|sub|----

By extending the mask to be 255.255.255.224, you have taken three bits (indicated by "sub") from the original

host portion of the address and used them to make subnets. With these three bits, it is possible to create eight

subnets. With the remaining five host ID bits, each subnet can have up to 32 host addresses, 30 of which can

actually be assigned to a device since host ids of all zeros or all ones are not allowed (it is very important to

remember this). So, with this in mind, these subnets have been created.

204.17.5.0 255.255.255.224 host address range 1 to 30








3.2.5 Dynamic Host Configuration Protocol (DHCP)DHCP allows devices to acquire their addressing information dynamically. DHCP provides the following advantages:-

It reduces the amount of configuration on devices.

It reduces the likelihood of configuration errors on devices acquiring address information.

It gives you more administrative control by centralizing IP addressing information and management.

3.2.6 Domain Name System (DNS)DNS resolves known name to unkown IP

3.2.7 Internet Control Message Protocol (ICMP)ICMP is used to send error and control information between TCP/IP devices at the Internet layer. ICMP includesmany different messages that devices can generate or respond to.

Here is a brief list of these messages:

Address Reply Destination Unreachable Echo Echo Reply

Address Request Information Reply Information Request Parameter Problem

Redirect Subnet Mask Request Time Exceeded Timestamp
http://en.wikipedia.org/wiki/Binary_andhttp://en.wikipedia.org/wiki/Binary_and


8/11

3.2.8 The Address Resolution Protocol (ARP)ARP resolves known IP to unkown MAC

3.2.9 Reverse The Address Resolution Protocol (RARP)RARP is sort of the reverse of an ARP. In an ARP, the device knows the layer 3 address, but not the data link layer

address. With a RARP, the device doesnt have an IP address and wants to acquire one. The only address that

this device has is a MAC address. Common protocols that use RARP are BOOTP and DHCP.

3.2.10 Ping CommandThe Windows ping command is used to test layer 3 connectivity between two devices. Asource generates an ICMP echo

request. If the destination is available, it will respond back with an echo reply

Here is an example of using the ping command:

C:\ > ping 4.2.2.2Pinging 4.2.2.2 with 32 bytes of data:

Request timed out.

Reply from 4.2.2.2: bytes=32 time=20ms TTL=53



Ping statistics for 4.2.2.2:

Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),

Approximate round trip times in milli-seconds:

Minimum = 20ms, Maximum = 25ms, Average = 21ms

Notice that the first echo request message timed out, but the following three were successfulthis is probably

because this PC, as well as intermediate routers, had to perform ARPs to find the next hop layer 3 devices MAC

address, causing the time to exceed 2 seconds. In the successful echo replies, you can see the time it took for

the round-trip between the source and destination; for example, the last echo request and reply took 20milliseconds to complete.


9/11

3.2.11 Traceroute (Tracert) CommandOne limitation of ping is that this command will not tell you, between you and the destination device, where layer 3

connectivity is broken. The Windows tracert command, on the other hand, will list each router along the way, including

the final destination. Therefore, if a layer 3 connection problem exists, with traceroute, youll know at least where the

problem begins.

- 1st packet (echo request) will have TTL (Time To Leave) = 1

- Every router receive a packet will decrement TTL by 1

- If router recive packet TTL=1mwill return Time Exceeded error

Here is an example of the use of the tracert command:-C:\ > tracert 4.2.2.2Tracing route to 4.2.2.2 over a maximum of 30 hops

1 1 ms 1 ms 1 ms 192.168.1.1

2 8 ms 7 ms 9 ms 10.122.208.1

3 10 ms 20 ms 12 ms 24.95.231.65

.

.

.

8 27 ms 26 ms 20 ms 4.68.103.68

9 21 ms 20 ms 24 ms 4.2.2.2

Trace complete.

3.3 Layer 4: The Transport LayerThe TCP/IP transport layer is responsible for providing a logicalconnection between two hosts and can provide

these functions:

Flow control (through the use of windowing)

Reliable connections (through the use of sequence numbers and acknowledgments)

Session multiplexing (through the use of port numbers and IP addresses)

Segmentation (through the use of segment protocol data units, or PDUs)

3.3.1 Flow ControlAnother function of the transport layer is to provide optional flow control. Flow control is used to ensure that

networking components dont send too much information to the destination, overflowing its receiving buffer space and

causing it to drop some of the transmitted information. Overflow is not good because the source will have to resend all

the information that was dropped.

The transport layer can use two basic flow control methods:

Ready/not ready signals

Windowing


10/11

WindowingWindowing is a much more sophisticated method of flow control

than using ready/not ready signals. With windowing, a window

size is defined that specifies how much data (commonly called

segments at the transport layer) can be sent before the source

has to wait for an acknowledgment (ACK) from the destination.

Once the ACK is received, the source can send the next batch of

data (up to the maximum defined in the window size).

Windowing accomplishes two things:

- First, flow control is enforced, based on the window

size. In many protocol implementations, the window

size is dynamically negotiated up front and can be

renegotiated during the lifetime of the connection.

This ensures that the most optimal window size is

used to send data without having the destination

drop anything.

- Second, through the windowing process, the

destination tells the source what was received. Thisindicates to the source whether any data was lost

along the way to the destination and allows the

source to resend any missing information. The

window size chosen for a connection impacts its

efficiency and throughput in defining how many

segments (or bytes) can be sent before the source has

to wait for an ACK.

3.3.2 ReliabilityWhen implementing a reliable connection, sequence numbers and

acknowledgments (ACKs) are commonly used. For example, when information

is sent to a destination, the destination will acknowledge to the source what

information was received. The destination can examine sequence numbers in

the transmitted data segments to determine whether anything was missing

(dropped along the way) as well as put the data back in the correct order, if it

arrived out of order, before passing it on to the upper-layer application. If a

segment is missing, the destination can request that the source resend the

missing information. With some protocol stacks, the destination might have

the source resend all of the information or parts of the information, including

the missing parts. Some reliable connection protocols might also go through ahandshake process when initially building a connection. This handshake

process determines whether the two networking devices can build the

connection and negotiates parameters that should be used to provide a reliable connection. With TCP, this is called the

threeway handshake.

When reliability is necessary, it should cover these four items:

Recognizing lost packets and having them re-sent

Recognizing packets that arrive out of order and reordering them

Detecting duplicate packets and dropping the extra ones

Avoiding congestion


11/11

3.3.3 TCP and UDP ApplicationsOne main difference between the OSI Reference Model and TCP/IPs model is that TCP/IP lumps together the

application, presentation, and session layers into one layer, called the application layer. Hundreds and hundredsof

TCP/IP applications are available. The most common ones are used to share information, such as file transfers, e-mail

communications, and web browsing. Here are some common TCP/IP applications, Cisco devices, such as routers and

switches, support: domain name service (DNS), HTTP and HTTPS, Simple Network Management Protocol (SNMP), telnet,

Secure Shell (SSH), File Transfer Protocol (FTP), and Trivial File Transfer Protocol (TFTP).

3.3.4 MultiplexingMultiplexing is the ability of a single host to have multiple

concurrent sessions open to one or many other hosts. A

session occurs when the source opens a connection by

sending one or more PDUs and typically, but not always,

receives a reply from the destination. A session can be

reliable or unreliable and may or may not involve flow

control. To handle multiplexing, a transport layer protocolmust be able to distinguish between each session to each

destination host. Some protocols assign a number to the

session, called a session number, to identify the session

uniquely. TCP/ IP uses a more complicated process that

accomplishes basically the same thing.

3.3.5 SegmentationSegmentation is the process of breaking up data into smaller, identifiable PDUs at the

transport layer. In TCP/IP, the transport layer packages application layer data into

segments to send to a destination device. The remote destination is responsible for

taking the data from these segments and directing it to the correct application. One

component of the segment must contain information that will help the destination

in the forwarding process, such as specifying the application that is supposed to

process the encapsulated data.

Application Protocol Port NumberHTTP TCP 80

HTTPS TCP 443FTP TCP 21,20

Telnet TCP 23SMTP TCP and UDP 53DHCP UDP 67TFTP UDP 69

SNMP UDP 161

Documents

3 Tcp Ip Model