Chapter 2 - Page 1 Infogem Institute of Technology CCNA Course TCP/IP Protocol Suite TCP/IP PROTOCOL SUITE Chapter 3 Sybex, Chapter 9 Exam Cram

Chapter 2 - Page 1

Infogem Institute of Technology CCNA Course

TCP/IP Protocol Suite

TCP/IP PROTOCOL SUITE

Chapter 3 Sybex, Chapter 9 Exam Cram

Chapter 2 - Page 2



TOPICS

• The TCP/IP and DOD Reference Model

• Process/Application Layer Protocols

• Host-to-Host Layer Protocols

• Internet Layer Protocols

• Network Access Layer Protocols

• IP Address Resolution

• Local Resolution

• The ARP Cache

• Remote Resolution

Chapter 2 - Page 3



THE DOD REFERENCE MODELLate 60’s – Department of Defense

Process/Application

Host-to-Host

Internet

NetworkAccess

Application

Presentation

Session

Transport

Network

Data Link

Physical

THE DOD REFERENCE MODEL AND TCP/IP 4 LAYER MODEL

Process/Application

Transport

Internet

NetworkAccess

Telnet

TCP

IP

Ethernet

FTP

FastEthernet

LPD

UDP

Token Ring

SNMP

FDDI

TFTP SMTP NFS X window

ICMP BootP ARP RARP

Application

Host-to-Host

Network

NetworkInterface

Chapter 2 - Page 4



PROCESS/APPLICATION LAYER PROTOCOLS

• Address the ability of one application to communicate with another, regardless of hardware platform, operating system, and other features of the two hosts

• Most applications written with TCP/IP protocols can be characterized as client/server applications

– Searches for information– Printing– E-mail– Application services– File transfers

PROCESS/APPLICATION LAYER PROTOCOLS

Telnet -Terminal emulation

FTP - (File Transfer Protocol) File transfer

TFTP- (Trivial File Transfer Protocol) Stripped-down version of FTP

SMTP - (Simple Mail Transfer Protocol) Uses a queued method of mail delivery

- Delivery Only

LPD - (Line Printer Daemon) Designed for printer sharing

- UNIX

SNMP - (Simple Network Management Protocol) Provides performance histories of the

network

NFS - (Network File Systems) Specializing in file sharing

- Sun Microsystems

X window - Defines a protocol for writing GUI-based client/server applications

- UNIX – Windows Emulation

Process/Application

Telnet FTP LPD SNMP

TFTP SMTP NFS X window

APPLICATION

PRESENTATION

SESSION

Chapter 2 - Page 5



TRANSPORT LAYER PROTOCOL

• Main purpose is to shield the upper-layer applications from the complexities of the network

• TCP – Connection-oriented, reliable protocol, Guaranteed Delivery– Segmentation– Error checking– Windowing– Slower

• UDP – Connectionless, unreliable protocol, No guaranteed Delivery– Segmentation– Send and Forget– Faster

Host-to-Host TCP

Fed EX

UDP

Canada Post

TCP (TRANSMISSION CONTROL PROTOCOL)

• TCP segments the data stream received from the upper layers and prepares it for the network layer

• TCP guarantees delivery using ACK

SourcePort

DestinationPort

SequenceNumber

AckNumber

Window Data

Chapter 2 - Page 6



PORT NUMBERS

• Port Numbers are used to keep track of different conversations crossing the network simultaneously• RFC 1700 discusses the well-known port• Numbers 0-255 are used for public applications• Numbers 256 – 1023 are assigned to companies to use in their applications• Numbers below 1024 are considered well known.• Numbers above 1024 – 64k are used by the upper layer applications to set up sessions with other host

PORT NUMBERS

• FTP also uses port 20 for receiving data

• Port 80 – WWW, HTTP

TCP UDP

FTP Telnet SMTP DNS TFTP SNMP

21 23 25 53 69 161

Port Numbers

Send

6 17

Chapter 2 - Page 7



UDP (USER DATAGRAM PROTOCOL)

• UDP is the scaled down version of TCO, AKA thin protocol

• UDP is a connectionless, unreliable protocol

• It does not acknowledge or sequence segments, not does it create a virtual circuit

SourcePort

DestinationPort

Length Checksum Data

UDP Segment Format

Chapter 2 - Page 8



NETWORK LAYER PROTOCOLS

• Two main reasons for the Internet layer’s existence:– Routing– Providing a single network interface to the upper layers

NETWORK (INTERNET) LAYER PROTOCOLS

• IP – receives segments from the Host-to-Host layer and fragments them into packets (Datagrams). Route Selection

• ICMP – management protocol and messaging service provider for IP.

PING, TRACE or (tracert).

• BootP – used by a workstation to discover its IP address. DHCP

• ARP – used to map an IP address (have) to a MAC address (need).

Address Resolution Protocol

• RARP – provides a method for finding IP addresses (need) based on MAC addresses

(have)

Reverse Address Resolution Protocol

InternetIP

ICMP BootP ARP RARP

Chapter 2 - Page 9



IP (NETWORK PROTOCOL)

Protocol identifies either TCP (6) or UDP (17)

Internet Control Message Protocol (ICMP)

• ICMP is a management protocol and messaging service for IP.• Some common events and messages that ICMP relates to:

– Ping – Packet internet groper uses ICMP echo messages to check the connectivity of computers on a network.– Destination Unreachable – If a router can not send an IP datagram any further it uses ICMP to send a message back to sender.– Traceroute – Using ICMP timeouts, traceroute is used to find the path a packet takes through a network.– Buffer Full – if a router’s buffer is full, it will use ICMP to send out this message.

VersionFrag

OffsetTTL Protocol

SourceIP Address

DestinationIP Address

Data

Chapter 2 - Page 10



ICMP TESTING

• Ping Command generates these results

• Ping Command generates an ICMP unreachable or timeout condition

ICMP Echo Request

ICMP Echo Reply

Is Y Reachable?

Yes, I’mReachable.

X Y

ICMP TESTING

• Destination unreachable

• Host or port unreachable

• Network unreachable

Destination Unreachable

To A

Send data to A

I don’t know how to get to A Send ICMP Reply

Chapter 2 - Page 11



DATA LINK (NETWORK ACCESS) LAYER PROTOCOLS

• Receiving an IP datagram and framing it into a stream of bits for physical transmission

• Placing the MAC address into the frame

• Error Checking (CRC)

• Specifying access method: Contention, token passing, polling

• Specifying the physical media, connectors, electrical signaling and timing rules

NetworkAccess

EthernetFast

EthernetToken Ring FDDI

Chapter 2 - Page 12



LOGICAL & PHYSICAL ADDRESSING

• Physical (hardware)(MAC) addressing is a unique address that is burned into each NIC by the manufacturer

– 48 bits expressed in 6 bytes• 3 bytes for the Organizational Unique Identifier• 3 bytes for the serial number of the card

– Organization Identifier is assigned by IEEE

• Logical Addressing or Virtual addressing contains both network and host address– IP address: 150.50.5.1

• Four octets

– IPX address: 1001.0000.0c12.3456• 80 bit address, 32 bit for network & 48 bit Mac or host.

– AppleTalk address: 1001.56

Chapter 2 - Page 13



IP ADDRESS RESOLUTION - LOCAL

• IP address resolution is the linking of an IP address to a hardware address. ARP is responsible for IP address to Physical address association

• Local Resolution1) Is the destination IP on the local network? (Route (default gateway) or short (broadcast)

– If yes, check cache

2) If not in cache, send broadcast requesting the MAC address

3) The reply message is sent directly to the hardware address of the requesting machine

4) Upon receipt, the requesting machine will add the address to its ARP cache

Chapter 2 - Page 14



IP ADDRESS RESOLUTION - REMOTE

• Remote Resolution1. Is the destination IP on the local network?

– If no, …

2. Send broadcast requesting the MAC of Default Gateway (router)

3. The source host will use IMCP to issue an echo request back to the router but addressed to the destination host

4. The destination host will respond to the ARP request with an ARP reply

ARP - ADDRESS RESOLUTION PROTOCOL

Resolve MAC address from IP address

192.168.3.46 192.168.3.44

I want the MAC address of

192.168.3.44

This broadcast is for me. Here is my

MAC address

Source IP: 192.168.3.46Source MAC: 0800.0020.1234Dest. IP: 192.168.3.44Dest. MAC: ffff.ffff.ffff

Source IP: 192.168.3.44Source MAC: 0800.0020.3456Dest. IP: 192.168.3.46Dest. MAC: 0800.0020.1234

X Y

Chapter 2 - Page 15



THE ARP CACHE

• ARP cache is a table used to store both IP addresses and their corresponding MAC addresses

• Old ARP entries are released early when the ARP cache becomes full

• Router# show arp– Displays the contents of arp cache

REVERSE ARP

Resolve IP address from MAC address

What is my IP Address?

I understand the broadcast.

Your IP address is 192.168.3.44

Ethernet: 0800.0020.3456IP:

Ethernet: 0800.0020.3456IP: 192.168.3.44

Documents

Chapter 2 - Page 1 Infogem Institute of Technology CCNA Course TCP/IP Protocol Suite TCP/IP PROTOCOL SUITE Chapter 3 Sybex, Chapter 9 Exam Cram