You are on page 1of 276

TCP/IP protocols

© Alcatel University - 8AS 90200 1124 VT ZZA Ed.02

1.1

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.1

Page intentionally left blank

2

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.2

Objective: analyse IP messages coming from different applications and locate these messages within a procedure . program: 1 Introduction

TCP/IP protocols Session presentation

2 Physical and link layers 3 ARP protocol 5 IP protocol 4 Repeaters, Bridges and Switches 6 ICMP protocol 8 UDP protocol 9 TCP protocol

7 Client-Server model
3

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.3

TCP/IP protocols Objectives By the end of this course, the participant will be able to : - Describe the Ethernet frame format - Describe the ARP protocol, analyse an ARP trace - Describe the operation of repeaters, bridges and switches - Describe IP addressing modes, handle the subnet masks - Describe the role of the various IP header fields - Analyze an ICMP message and explain the operation of the Ping and Trace_route programs - Describe the operation of the client/server model at the transport layer

• List the characteristics of UDP transport layers protocol • List the characteristics of TCP transport layer protocol

4

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.4

1 2 3 4 5 6 7 8 9

Introduction Physical and link layers ARP protocol Repeaters, Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol

© Alcatel University - 8AS 90200 1124 VT ZZA Ed.02

1.5

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.5

and large commercial backbones.02 Page 1.6 . EBONE in Europe. or internet. • Regional networks connecting. universities and colleges. © Alcatel University 8AS 90200 1124 VH ZZA Ed. for example. that provided universal communication services over heterogeneous physical networks. The Internet consists of the following groups of networks: • Backbones: Large networks that exist primarily to interconnect other networks. Currently the backbones are NSFNET in the US.1 Introduction Network interconnection LAN WAN TCP/IP network interconnection LAN LAN 6 The main design goal of TCP/IP was to build an interconnection of networks. referred to as an inter-network.

• Various Operating Systems DOS.Point-to-Point (leased lines. UNIX. .Virtual connections (Wide Area Networks).02 Page 1. LINUX. Some rules are essential for communications The protocols Some additional software’s are offered The services 7 To facilitate the user tasks : file transfer . …. mail exchanges .Point-to-multipoint (Local Area Networks). © Alcatel University 8AS 90200 1124 VH ZZA Ed. TCP/IP has been popular with developers and users alike because of its inherent openness and perpetual renewal. …. …) .7 . surf on the Net . PSTN.1 Introduction Communication needs • Many kinds of connections : .

they have not been widely deployed. The TCP/IP protocol suite has become the de facto standard for computer communications in today’s networked world. routers…) DNS: electronic directory book NFS: offers a direct access to remote file system HTTP: The hypertext transfer protocol is a protocol designed to allow the transfer of Hypertext Markup Language (HTML) documents. TCP/IP and the Internet were developing rapidly. The seven OSI layers are: Application Network applications such as terminal emulation and file transfer Presentation Formatting of data and encryption Session Establishment and maintenance of sessions Transport Provision of reliable and unreliable end-to-end delivery Network Packet delivery. using a formal committee process without requiring implementations. 8 Like most networking software. SMTP (simple mail transfer protocol) as an internet mailing system. OSI: In contrast to TCP/IP. © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 Token Ring 100Mb/s 4Mb/s 16 Mb/s FDDI. SNMP: allows the management of IP units (bridges. The OSI protocols developed slowly.1 Introduction The TCP/IP model Application Presentation Session Transport Network Link Physical 10 base 5 HTTP TELNET FTP SMTP DNS TCP IP IEEE 802. TFTP is an extremely simple protocol to transfer files. and because running the full protocol stack is resource intensive. FTP (file transfer protocol) for high-speed disk-to-disk file transfers. TCP/IP is modelled in layers. including routing Data Link Framing of units of information and error checking Physical Transmission of bits on the physical hardware TCP/IP: Internet protocols use a less formal engineering approach.2 (LLC) IEEE 802. with deployment occurring at a very high rate. where anybody can propose and implementations are required to verify feasibility.02 Page 1. the OSI approach started from a clean slate and defined standards. The mains services offered by TCP/IP are : TELNET for interactive terminal access to remote internet hosts..8 .. PPP .3 (CSMA/CD) 10 base 2 10 base T FOIRL TFTP UDP SNMP ICMP ARP IEEE 802. ATM.

was used to carry military traffic. the ARPANET was split into two components.e. 4.S. The fundamental technology that makes the Internet work is called packet switching. in fact. U. and the University of Utah. a new. based upon the Transmission Control Protocol (TCP) in 1978 a new design split responsibilities between a pair of protocols.25 service. In 1974. The initial design for the so-called ARPANET — named for the DoD's Advanced Research Projects Agency (ARPA) In September 1969. called MILNET. network communication resources appear to be dedicated to individual users but. the University of California at Santa Barbara (UCSB). 1967. That year also saw a huge boost in the popularity of TCP/IP with its inclusion in the communications kernel for the University of California s UNIX implementation. the first node of the ARPANET was installed at the University of California at Los Angeles (UCLA). by 1971 and had connections to Europe by 1973. Department of Defense (DoD) funded experiment to interconnect DoD-funded research sites. statistical multiplexing. One component.2BSD IPv6 9 © Alcatel University 8AS 90200 1124 VH ZZA Ed. more robust suite of communications protocols was proposed and implemented throughout the ARPANET. Because most data traffic is bursty in nature. circuit switching results in highly inefficient use of network resources. was used to interconnect research/development and academic sites.02 Page 1. in 1974. followed monthly with nodes at Stanford Research Institute (SRI).S.. In 1983. The original versions of both TCP and IP that are in common use today were written in September 1981. Telenet. host-to-gateway or gateway-to-gateway) and TCP for reliable.1 Introduction TCP/IP and Internet 1960 1967 new concept of packet switching ARPANET initial design ARPANET: first deployment (4 nodes. a commercial packet-switched data service. a part of Sprint's X. 50kb/s) 1969-1971 1973 1974 Connection to Europe ARPANET:First TCP implementation TELENET: New commercial packet network using X25 19781978-1981 1983 1986 1991 1995 ARPANET (600 nodes) splited into ARPANET and MILNET TCP/IP inclusion in UNIX BSD kernel NSFNET New TCP and IP protocols Commercial Internet backbone service Prior to the 1960s. the ARPANET spanned the continental U. end-to-end host communication. the new Internet Protocol (IP) for routing packets and device-to-device communication (i. One of the most lasting results of the ARPANET was X25. With four nodes by the end of 1969. what little computer communication existed comprised simple text and binary data. carried by circuit switching. the other. still called ARPANET.9 .

1 Introduction Internet growth 10 The ARPANET started with four nodes in 1969 and grew to just under 600 nodes before it was split in 1983. will make the numbers grow even more. The NSFNET also started with a modest number of sites in 1986. and has been for the last several years. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. It is estimated that the Internet is doubling in size every ten to twelve months.10 . traffic is doubling every 100 days (for 1000% annual growth). such as cable modem and asymmetrical digital subscriber line (ADSL) technologies. According to them. Internet growth between 1981 and 1991 is documented in "Internet Growth (1981-1991)" (RFC 1296). the Internet had nearly 30 million reachable hosts by January 1998 and over 50 million by January 1999. Other sources estimate that the actual number is much higher (I have heard estimates as high as 200 million!) and dedicated residential access methods. Network Wizard's distributes a semi-annual Internet Domain Survey. The Internet is growing at a rate of about a new network attachment every half-hour. the network has experienced literally exponential growth. interconnecting hundreds of thousands of networks. After that.

Its more than 150 organizations and 11.org/ ETF RFC Editor web site : http://www.Applications: (FTP extensions. and on the Internet Assigned Numbers Authority (IANA) for co-ordinating values shared among multiple protocols. protocol parameter assignment. IPsec …) . .icann.rfc-editor. …) ICANN The Internet Corporation for Assigned Names and Numbers was formed to assume responsibility for the IP address space allocation. You should be a member.S. The IAB itself relies on the Internet Engineering Task Force (IETF) for issuing new standards.html IAB web site : http://www. too. IPv6. PPP extensions. and root server system management functions previously performed under U.Transport (voice over IP. performances.1 Introduction Standardisation ISOC Internet Architecture Board Internet Corporation for Assigned Names and Numbers IAB IESG Internet Engineering Steering Group Area 1 WG Working Group WG Working Group Internet Engineering Task Force www.org Area 7 WG Working Group WG Working Group IANA www.Internet: (encapsulations over physical medium. non-governmental.. It is organized and managed by the Internet Architecture Board (IAB). HTTP..rfc-editor.Sub-IP (performances measurements.iab. aaa…) .ietf.ietf.Operation and management (SNMP evolution. ospf.html 11 RFC editor The Internet Society (ISOC) is a non-profit. international. mpls. domain name system management. IETF web site : http://www. …) .02 Page 1. …) . The IETF itself is governed by the Internet Engineering Steering Group (IESG) and is further organised in the form of Areas and Working Groups (http://www.11 .) .org/) . Fax over Internet…) .org/overview.Security (ciphering..org/rfcsearch. Government contract by IANA and other entities. L2TP extensions .iana. professional membership organization. ISOC serves as the standardizing body for the Internet community.Routing (rip.org Internet Assigned Numbers Authority http://www.000 individual members in over 180 nations world wide represent a veritable who's who of the Internet community. 13 members for a 2 year term.org © Alcatel University 8AS 90200 1124 VH ZZA Ed.

Substantial and widespread testing and comments are desired. The IAB is actively considering this protocol as a possible standard protocol. applicants have to submit that specification to the IESG where it will be discussed and reviewed for technical merit and feasibility and also published Internet draft document. Internet-Drafts are draft documents valid for a maximum of six months. Standard is characterized by a high degree of technical maturity and by a generally held belief that the specified protocol or service provides significant benefit to the Internet community. Draft standard A specification from which at least two independent and interoperable implementations from different code bases have been developed. Revision of the protocol is likely. (The largest source of IDs is the IETF) An Internet draft is recommended to the Internet Engineering Taskforce (IETF) for inclusion into the standards track and for publication as a Request for Comment. Other particular statuses of a RFC: Experimental A system should not implement an experimental protocol unless it is participating in the experiment and has co-ordinated its use of the protocol with the developer of the protocol. a contribution may advance in status : Proposed standard These are protocol proposals that may be considered by the IAB for standardisation in the future. Once published as an RFC. Historic A specification that has been superseded by a more recent specification © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. it is given the additional label "STDxxx".Introduction Process of standardization New specification IESG In t dr ern a f et t xxxxxxxxx xxxxxxx RFC yyyy •Standard RFC yyyy •Draft standard xxxxxxxxx xxxxxxx RFC xxxx •Proposed standard xxxxxxxxx xxxxxxx IETF 12 In order to have a new specification approved as a standard. but it keeps its RFC number and its place in the RFC series.When a specification has been adopted as an Internet Standard. and for which sufficient successful operational experience has been obtained. Informational Protocols developed by other standard organizations.12 . Implementations and testing by several groups are desirable.

ietf. Wimer Carnegie Mellon University October 1993 Clarifications and Extensions for the Bootstrap Protocol Network Working Group Request for Comments: 1542 Updates: 951 Obsoletes: 1532 Category: Standards Track W." being a revision of RFC 1532 and an amendment to RFC 951.13 .org/iesg/1rfc_index. RFC 1542 is therefore labelled like this: "Obsoletes RFC 1532. all revisions and replacements are published as new RFCs.txt © Alcatel University 8AS 90200 1124 VH ZZA Ed. Wimer Carnegie Mellon University October 1993 Clarifications and Extensions for the Bootstrap Protocol 13 Once an RFC has been published.02 Page 1. there is never any confusion over whether two people are referring to different versions of an RFC.Introduction RFC: Request For Comments Network Working Group Request for Comments: 951 Bill Croft (Stanford University) John Gilmore (Sun Microsystems) September 1985 BOOTSTRAP PROTOCOL (BOOTP) Network Working Group Request for Comments: 1532 Updates: 951 Category: Standards Track W. A new RFC which revises or replaces an existing RFC is said to "update" or to "obsolete" that RFC. which describes the BOOTP protocol." Consequently.html http://www. For example RFC 1542. since there is never more than one current version.rfc-editor.org/rfcsearch. The existing RFC is said to be "updated by" or "obsoleted by" the new one. is a "second edition. Updates RFC 951. To get : RFC : RFC index : http://www.

Token : a token travel the LAN given the authorisation to take the control of the LAN Examples: Token Ring. FDDI © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.14 .1 Introduction Main topologies Bus Star Ring Central 14 Topologies Bus Ring Star Tree main access methods : : Carrier Sense: example. Example: SNA IBM. collision detection) Polling : A master host gives the right to speak. CSMA/CD (listening the media.

is the interface to the actual network hardware. Network interface layer The network interface layer. © Alcatel University 8AS 90200 1124 VH ZZA Ed. flow control.15 . also called the link layer or the data-link layer. An application is a user process cooperating with another process usually on a different host Transport layer The transport layer provides the end-to-end data transfer by delivering data from an application to its remote peer. It is a connectionless protocol that doesn't assume reliability from lower layers.02 Page 1. Multiple applications can be supported simultaneously. Router Interconnects networks at the internetwork layer level and routes packets between them. These functions must be provided at a higher level. Internetwork layer Internet Protocol (IP) is the most important protocol in this layer. or error recovery. IP does not provide reliability.Host client data Transport Port sα→dβ data IP@ sa→db 1 Introduction The use of layers in a TCP/IP communication IP Network IP@ sa→db Phys@ s4→d15 Phys@ 7 Network @IPa IP@ sa→db Link Phys@ s1→d2 Phys@ s8→d7 Phys@ 2 Phys@ Phys@ 8 6 Phys@ s8→d7 Phys@: 1 Phys@ s1→d2 Phys@ 3 Phys@ Phys@: 15 4 Phys@ s4→d15 Phys@ 34 Network @IPb IP@ sa→db Link Phys@ s4→d15 Transport Port sα→dβ data Appli β Host server Appli Appli λ δ Phys@ 18 Host Phys @ 9 Phys @ 12 Host 15 Application layer The application layer is provided by the program that uses TCP/IP for communication.

Given these RFC header.What is first status given to a new RFC Standard 4. Mockapetris Request for Comments: 1034 ISI Obsoletes: RFCs 882.02 Page 1. 1035 April 1989 DNS Encoding of Network Names and Other Types 882 883 973 1034 1035 1101 16 © Alcatel University 8AS 90200 1124 VH ZZA Ed.Who is responsible for the number assignment in the Internet IESG ICANN IANA IAB IETF 3. which are level 4 protocols ? ICMP ARP UDP FTP IP LLC 1 Introduction Exercise TELNET TCP 2.Among these protocols.IMPLEMENTATION AND SPECIFICATION Network Working Group P. 973 November 1987 DOMAIN NAMES . 883. Mockapetris Request for Comments: 1101 ISI Updates: RFCs 1034. 883. Mockapetris Request for Comments: 1035 ISI Obsoletes: RFCs 882.CONCEPTS AND FACILITIES Proposed standard Draft standard Network Working Group P.16 .1. 973 November 1987 DOMAIN NAMES . which RFC have to be taken in account for a new DNS implementation ? Network Working Group P.

17 .02 Page 1. Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol © Alcatel University .17 © Alcatel University 8AS 90200 1124 VH ZZA Ed.1 2 3 4 5 6 7 8 9 Introduction Physical and link layers ARP protocol Repeaters.8AS 90200 1124 VT ZZA Ed.02 1.

18 .4 Frame Ethernet V2 2.2 Cabling 2.5 Frame IEEE 802.1 CSMA/CD 2.3 MAC Addressing 2.3 and associated protocols © Alcatel University .18 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.2 Physical and link layers 2.8AS 90200 1124 VT ZZA Ed.02 1.

then 8. then 4.2 Physical and link layers 2..19 . .6us © Alcatel University 8AS 90200 1124 VH ZZA Ed. Up to 216 Time between frame > 9.1 CSMA/CD CSMA/CD : Principle Transmission Yes Media monitoring free ? No « transmission» Yes Monitoring = transmission ? No Transmission OK Collision detection Jamming delay (Backoff) Failure > maxi Nb of retries < maxi 19 CSMA/CD: Carrier Sense Multiple Access / Collision Detection The waiting delay is exponential « Binary Exponential Backoff »: Selection of a number among 2.02 Page 1.

2 Physical and link layers 2. A second host located far from the first one could proceeds the same procedure. few microseconds later because the message of the first host has not yet reached the second host.? © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. This collision will be detected by the second host because it is listening its transmitted message but not by the first one if its message was short.20 . there will be a collision. it can start the transmission.1 CSMA/CD Multiple access Frame transmission + monitoring no collision detection!! Propagation time Frame transmission + monitoring Collision detection!! 20 Note : propagation speed over cable ≈ 2/3 light speed A host wishes to send a message on the cable has to listen to if there is any traffic. As a consequence. The media being free.

So.1 CSMA/CD Collision detection Minimum frame size Propagation time Collision domain Collision detection Propagation time Collision detection ƒ (distance) Mini transmission time of the frame = 2 x propagation time minimum frame size = mini transmission time x 10Mbps 21 The solution is to impose a minimum time of transmission for any host. a minimum frame length is mandatory.21 .02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Physical and link layers 2.

2 Physical and link layers 2.1us 1 bit occupies 23 meters A short frame occupies 13.2µs x 10-6) x (10 x 106) = 512bits = 64 bytes 22 If the network length is long => the minimum size of the frame should be long.02 Page 1.22 . This involves the transmitter to make padding if its message is short.2 µs minimum frame size = (51.6µs mini transmission time of the frame = 51. Therefore. the minimum length frame should be 64 bytes. On Ethernet 10Mb/s : Time to transmit 1 bit : 0.5km 10 Mb/s minimum frame size Propagation time Propagation time 25.6µs Collision 25.5 km.1 CSMA/CD Minimum size of the frame 2. the maximum distance between 2 hosts is 2. On Ethernet.3km long © Alcatel University 8AS 90200 1124 VH ZZA Ed.

3 MAC Addressing 2.23 © Alcatel University 8AS 90200 1124 VH ZZA Ed.23 .1 CSMA/CD 2.2 Cabling 2.2 Physical and link layers 2.3 and associated protocols © Alcatel University .4 Frame Ethernet V2 2.8AS 90200 1124 VT ZZA Ed.02 Page 1.5 Frame IEEE 802.02 1.

2 Physical and link layers 2.2 Cabling 10 base 5 : LAN constitution repeater Segment 500m repeater 10 base 5 10 Mb/s Segment 500m Maxi size size of segment : 500m Segment 500m repeater ≤ 2.5m between 2 hosts © Alcatel University 8AS 90200 1124 VH ZZA Ed.2us) 100 hosts per segment minimum 2.02 Page 1.5m Segment 500m repeater Segment 500m ≤ 100 hosts per segment Cabling rules over 10 base 5 (yellow coaxial) : No more than 4 repeaters 24 maximum distance between 2 hosts : 2. Maximum size of a segment : 500m (maximum distance without repeater) No more than 4 repeaters (Round trip time = 49us. If 5 repeaters then 59.24 .5km Base band ≥ 2.5km.

CS1: unavailable transceiver © Alcatel University 8AS 90200 1124 VH ZZA Ed.. CS0: signal frequency = 1/2 bit frequency CS1: signal frequency = bit frequency Control Out shield 11 2-9: 1: 6 13 14 shield DC common shield + shield Control In Idle: (Available) available Transceiver. .2 Physical and link layers 2.05 volt Center wire Braided metal shield Polyethylene filler AUI: Attachment Unit Interface 25 10 base 5 or (yellow coaxial) : vampire connectors AUI cable pin-out (In: transceiver to host.5m Coaxial 50 Ω Manchester code 1 0 1 1 0 1 0 0 1 0 volt -2..2 Cabling 10 base 5 : Connection to medium 15 pins AUI cable Transceiver 15 pins Length ≤ 50m ≥ 2.02 Page 1. Out: host to transceiver) 3-10 DATA-OUT 11 DATA-OUT shield 5-12 DATA-IN 4 7-15 DATA-IN shield Control Out Idle: noise level.25 . CS0: (Signal Quality Error) error detection: collision.

Maximum size of a segment : 185m (maximum length without repeaters) 30 hosts per segment minimum 0.2 Cabling 10 base 2 : LAN constitution repeater Segment 185m repeater 10 base 2 10 Mb/s Segment 185m Maxi size size of segment : 200m Segment 185m repeater ≤ 925m Base band ≥ 0.26 .02 Page 1.5m between 2 hosts © Alcatel University 8AS 90200 1124 VH ZZA Ed.5m Segment 185m repeater Segment 185m ≤ 30 hosts per segment Cabling rules over 10Base2 (thin coaxial) : No more than 4 repeaters 26 maximum distance between 2 hosts : 925m.2 Physical and link layers 2.

2 Cabling 10 base 2 : Medium connection Center wire Braided metal shield Polyethylene filler Thin coaxial cable (5 mm) «T» Terminator 27 10Base2 (thin coaxial) : BNC connectors © Alcatel University 8AS 90200 1124 VH ZZA Ed.27 .02 Page 1.2 Physical and link layers 2.

Re-amplify the signals.28 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Cabling 10/100 base T : HUB purpose (1) hub R 1 T 2 HUB 4 ports 3 R T Connector RJ45 R T <100m R T HUB= multiport repeater 28 HUB: functions Assure the frame broadcast towards all hosts oat the same level and towards the upper level such as a bus.02 Page 1. Could make unavailable a defective port. Detects the collisions and informs all host. Supervises the status of the links (Link Test Pulse) thanks to the transmission of pulses (≈400ns) every 16ms when there is no traffic (idle).2 Physical and link layers 2.

29 .02 Page 1.2 Cabling 10/100 base T : HUB purpose (2) hub R T HUB 4 ports R 6 5 T 4 R T R T HUB= multiport repeater 29 © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Physical and link layers 2.

100BASE-T4 is the IEEE 802. Therefore. and fiberoptic. The cable normally has four pairs of copper wire. and 100BASE-FX. shielded twisted-pair. This grade of UTP is not common. and 5 unshielded twisted-pair. © Alcatel University 8AS 90200 1124 VH ZZA Ed. 4. allow Fast Ethernet to run on the most common Ethernet wiring. which include 100BASE-TX. 100BASE-T4. downlinks.2 Cabling 10/100 base T : cables 10 Mb/s 10 base T 100 base T Base band 100 Mb/s Telephone wire UTP category 5 STP category 5 RJ-45 UTP : Unshielded Twisted Pair STP : Shielded Twisted Pair 30 Cable categories : Unshielded Twisted Pair (UTP) and Shielded Twisted Pair (STP) category 3: Bp 16Mhz (not used anymore) cable and associated connecting hardware whose transmission characteristics are specified up to 16 MHz.3 specification for 100 Mbps Ethernet signaling with CSMA/CD over two pairs of Category 5 UTP or STP wire. 4. This physical layer standard was specifically defined to allow 100BASE-T to be deployed over the large installed base of Category 3 voice-grade UTP. Category 5 is the most popular cable used in new installations today. and 100BASE-TX installations.2 Physical and link layers 2. 100BASE-FX is used for transmissions over extended distances. It is used by 10BASE-T and 100BASE-T4 installations. 100BASE-TX designates the IEEE 802. Transmission requires four pairs of cable to reduce electrical emissions and meet FCC requirements. the same (Category 5 UTP or better) cable used for 10BASE-T can be used for 100BASE-TX with no change to cable termination. It is used by 10BASE-T and 100BASE-T4 installations category 4: Bp 20Mhz cable and associated connecting hardware whose transmission characteristics are specified up to 20 MHz.3 specification for 100 Mbps Ethernet signaling over two strands of multimode fiberoptic cable.3u specification for 100 Mbps Ethernet signaling over four pairs of Category 3 or better UTP cable. 100BASE-FX is the IEEE 802.02 Page 1. category 5: Bp 100Mhz cable and associated connecting hardware whose transmission characteristics are specified up to 100 MHz. 100BASE-T4 uses four-pair Category 3. 100BASE-T media specifications. The cable normally has four pairs of wire. The pairs of wires used for transmitting and receiving signals are the same as those used for 10BASE-T. or 5 UTP cable for distances of up to 100 meters. 100BASE-T4.30 . including Categories 3. and is especially useful in any environment subject to electrical interference. and backbones. It is used by 10BASE-T.

it acts at the electrical level: Amplifier media adapter 31 © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Physical and link layers 2.2 Cabling Repeater 10baseT 10base2 AUI (10base5) •Signal amplifier •media adaptation Repeater Segment Repeater: Located at the physical level.31 .02 Page 1.

the reception of data on the receive channel should cause the transmitter to defer any pending transmissions. Collision Detect function.02 Page 1. jam. and reschedule its transmission if it detects a receive signal while transmitting. which would normally cause the transmitter to abort.32 .2 Physical and link layers 2. © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Cabling 10/100 base T : Access control and collision detection Transmission Media monitoring Yes transmission free ? No Transmit Collision detection Loopback Yes Transmission OK Monitoring = transmission ? No Collision detection Receive 32 On a half duplex channel : Looping back of transmitted data onto the receiver input. That is. Carrier Sense function as it is normally used to defer transmissions. A normal (half duplex) Ethernet interface will withhold its own transmissions in order to avoid interfering with transmissions in progress under control of the carrier sense signal.

ter.33 .2 Cabling 10/100 base T : Connector RJ45 MDI DCE w itch) b. •Note: Hubs and Switches have usually one MDI (not crossed) port among their ports in order to allow a connection between hubs or switches. Transmission and reception pins are crossed.02 Page 1. …) PC 2 Physical and link layers 2. S -X u H ( MDI 2 1 4 3 5 6 8 7 2 1 4 3 5 6 8 7 (Transmission and reception are crossed) Pins 1 2 3 6 Function Data Transmission Tx + Data Transmission Tx Data Reception Rx + Data Reception Rx MDI : Media-dependent interface Pins 1 2 3 6 Function Data Reception Rx+ Data Reception Rx - Data Transmission Tx + Data Transmission Tx MDI-X : Media-dependent interface crossover 33 Connector RJ-45 • hardware aspect : connector RJ 45 (ISO 8877) with 8 pins • Two types of ports: •MDI (on DTE like routers et hosts) •MDI-X (on DCE like Hubs. u o (R DTE . switches). © Alcatel University 8AS 90200 1124 VH ZZA Ed.

02 Page 1.34 .2 Cabling 10/100 base T : Straight cable Port MDI host (DTE) 1 Tx Rx 1 2 Tx 3 6 Ports MDI-X 1 Rx 2 3 Tx 6 Port MDI Tx 1 2 3 Rx 6 host (DTE) 2 3 6 Rx (DCE) Hub/Switch Port MDI-X 6 3 2 1 Rx T x Straight cable (MDI-X to MDI) Rx T x Port MDI 6 3 2 1 Router (DTE) 34 Straight cables •connection between DTE and DCE •Usually between Hub (or switch) and host (or router) © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Physical and link layers 2.

35 .02 Page 1.2 Cabling 10/100 base T : Crossover cable host (DTE) Port MDI 1 Tx 2 3 6 Rx Port MDI Tx 1 2 3 Rx 6 Crossover (DTE to DTE) host (DTE) Router (DTE) Port MDI 1 Tx 2 3 6 Rx Port MDI Tx 1 2 3 Rx 6 Crossover(DTE to DTE) host (DTE) 35 Crossover cables •connection between two DTE’s without using Hub or Switch © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Physical and link layers 2.

36 .02 Page 1.6 “Rolled over” cable : used on Cisco in particular cases (console and auxiliary port).2 Physical and link layers 2. © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Cabling 10/100 base T : How to recognise the cable types Straight 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Crossover 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 Rolled over 7 8 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Tx+ Tx+ Rx+ TxTx- Tx+ Tx+ Rx+ TxTx- 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Tx+ Tx+ Rx+ TxTx- Tx+ Tx+ Rx+ TxTx- 1 2 3 4 5 7 8 1 2 3 4 5 6 7 8 8 7 6 5 4 3 2 1 36 RxRx- RxRx- RxRx- RxRx.

02 Page 1. Manchester Code © Alcatel University 8AS 90200 1124 VH ZZA Ed. 10 Mbauds.2 Physical and link layers 2. Tx) (UTP) category 3 or 5 4 HUBs at the maximum Maximum network diameter 500m Maximum segment length 100m Bw 20MHz.2 Cabling 10 base T : HUB connections 10baseT 100m m 1 0 0 m 1 0 0 HUB 100m 100 m 10baseT HUB 10baseT HUB 10 0m m 1 0 0 10baseT 1 0 0 m HUB ≤ 500m ≤ 4 repeaters 1 0 0 m m 100 100 m 10baseT 0 m 1 0 HUB 37 Ethernet 10 BaseT 2 unshielded twisted pairs (Rx.37 .

Therefore.2 Cabling 10/100 base T : Hub interconnection hub 1-2 3-6 1-2 3-6 Tx Rx Tx Rx Tx Rx Rx Tx Rx Tx Rx Tx Rx Tx Tx 1-2 1-2 3-6 Rx 3-6 hub 1-2 3-6 1-2 3-6 1-2 1-2 3-6 3-6 Port MDI-X Tx Rx Port MDI Rx 1-2 Tx 3-6 1-2 3-6 Straight cable Port MDI-X 1-2 3-6 Tx Rx Rx Tx 1-2 3-6 38 Usually.2 Physical and link layers 2. the connection between two Hubs can be made by means of a straight cable connected to a MDI port at one end and to a MDI-X port at the other end. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. Another possibility consists of connecting two MDI-X ports but by means of crossover cable.38 . a Hub has got at least one port MDI or a configurable port (MDI/MDI-X) by means of a switch.

2 Physical and link layers 2.2 Cabling 10/100 base T : HUB MDI-X or MDI port function of switch position MDI-X ports 39 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.39 .

02 Page 1.12µs How to solve this problem? If the bandwidth is multiplied per 10 (100Mb/s instead 10Mb/s) either : the minimum frame length should be multiply per 10 or.2 Cabling FastEthernet 100Mb/s : what problem? 5.2.12µs 64 bytes 100 Mb/s Propagation time 25.6µs Collision detection!! no collision detection!! Bandwidth = 100 Mb/s Duration of the minimum size frame transmission : 64 Bytes x 8 bits / 100 x 106 = 5.5km 2 Physical and link layers 2. the maximum distance between 2 hosts must be divided per 10 (<250m) That is the second solution which has been chosen. 40 © Alcatel University 8AS 90200 1124 VH ZZA Ed.40 .

the minimum length frame should be 64 bytes.3km long © Alcatel University 8AS 90200 1124 VH ZZA Ed.5µs 41 If the network length is long => the minimum size of the frame should be long. the maximum distance between 2 hosts is 2.02 Page 1.5 km.12µs Collision 2. This involves the transmitter to make padding if its message is short.2 Cabling FastEthernet 100Mb/s : LAN diameter reduction 250 m 100 Mb/s minimum frame size: 64 bytes Propagation time Propagation time 2. Therefore.5µs 5. On Ethernet.2 Physical and link layers 2. On Ethernet 10Mb/s : Time to transmit 1 bit : 0.41 .1us 1 bit occupies 23 meters A short frame occupies 13.

02 Page 1. 25 Mbauds .2 Cabling FastEthernet 100 base T : Hub interconnection 100 m 1 0 0 m 100 base T m 1 0 0 HUB 20m 1 0 0 m 10 0m ≤ 220m ≤ 2 repeaters 100 base T 10 0m HUB 100m Ethernet 100 Base T 2 shielded twisted pairs (Rx. 2 bi-directional ) category 3 per port Bp 20MHz. 4B/5T code or MLT3 (3 levels) or NRZI Ethernet 100 base T4 4 unshielded twisted pairs UTP (1 Rx. 8B/6T code or MLT3 (3 levels) or NRZI m 100 42 © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 Mbauds. 1 Tx. Tx) (STP) category 5 Maximum 2 consecutive HUBs 20 m from each other Maximum network diameter 220m Maximum segment length 100m Bp 30MHz.2 Physical and link layers 2.42 . 62.

field terminated only by prepolished/splice method. like most buildings and campuses.25 mm ferrule.3 specification for 100 Mbps Ethernet signaling over two strands of multimode fiber-optic cable. easily terminated with any adhesive.02 Page 1. Most ferrules are ceramic. 100BASE-FX is used for transmissions over extended distances. Multimode only. but some are metal or plastic. highly favored for singlemode. Otherwise. but make sure you have the key aligned in the slot properly before tightening. It's a snap-in connector that latches with a simple push-pull motion. you may occasionally see the FDDI and ESCON duplex connectors which mate to their specific networks. downlinks. but the rest of the network will have ST or SC connectors. It has a bayonet mount and a long cylindrical ferrule to hold the fiber. FC/PC has been one of the most popular singlemode connectors for many years. © Alcatel University 8AS 90200 1124 VH ZZA Ed. They are generally used to connect to the equipment from a wall outlet. It uses pins for alignment and has male and female versions. It's being replaced by SCs and LCs LC is a new connector that uses a 1. you have to make sure they are seated properly.43 . and is especially useful in any environment subject to electrical interference. It screws on firmly. SC is a snap-in connector that is widely used in singlemode systems for it's excellent performance. ST (an AT&T Trademark) is the most popular connector for multimode networks. it's a standard ceramic ferrule connector. Besides the SC Duplex. It is also available in a duplex configuration. MT-RJ is a duplex connector with both fibers in a single polymer ferrule. And because they are spring-loaded. Good performance.2 Physical and link layers 2.2 Cabling 100 base Fx : Optical fibers 100 base Fx 100 Mb/s Base band Fiber Connector SC Fiber Connector ST 43 100BASE-FX is the IEEE 802. half the size of the ST. and backbones.

2 Cabling 2.3 MAC Addressing 2.4 Frame Ethernet V2 2.1 CSMA/CD 2.44 .8AS 90200 1124 VT ZZA Ed.44 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.5 Frame IEEE 802.02 1.2 Physical and link layers 2.3 and associated protocols © Alcatel University .

it is essential to associate IP address and MAC address.45 . IP address is assigned to each port. So. the frames are exchanged by means of physical addresses (called MAC address). © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. MAC addresses are physical addresses At the Ethernet level.3 MAC addressing Logical address and physical address Alice IP @ = logical address xz Bob MAC @ = Physical address IP: Internet Protocol MAC: Medium Access Control 45 IP addresses are logical addresses.2 Physical and link layers 2. Therefore a host (especially routers) could get several IP addresses if it is connected to network(s) through several boards.

53.39.d6. A unicast address identifies a single device or network interface.9f. The source address in transmitted frames (the identifier of the sender) is always unicast.08 46 Ethernet MAC address is 6 bytes length Unicast address Address assigned to only one Ethernet board over the world.80..32.cb .46 .c8 Dest : 00.6f. physical addresses. these terms are all synonymous.00.39.02 Page 1.02.35. or hardware addresses.66.92.d6.18.03 MAC 00.32.27. When frames are sent to an individual station on a LAN.35.2 Physical and link layers 2. the unicast identifier of the target is typically used as the destination address in all transmitted frames. © Alcatel University 8AS 90200 1124 VH ZZA Ed.0a 00.27.0a MAC 00.c8 …….02.0b. Unicast addresses are sometimes called individual addresses.08 MAC 00. MAC 00.53.02.3 MAC addressing “unicast” MAC 00.cb.32.a2.55.

ff.35.0a 00.0a MAC 00.27.d6.32.03 MAC 00.ff ff.d6.32.02 Page 1.08 MAC 00.cb.53.18.92.66.39. MAC 00.39.47 .6f.80.02.ff.cb . Note : This kind of frame never goes through a router © Alcatel University 8AS 90200 1124 VH ZZA Ed.9f. ff.3 MAC addressing “broadcast” MAC 00.55. This frame will be interpreted by all host connected to the LAN.35.c8 Dest : ff.ff.02. ff.00. ff.08 47 Broadcast A broadcast frame is a frame having the destination MAC address all “1’s”.2 Physical and link layers 2. ff.a2.0b.ff.

00.00.c8 Dest : 01.00. A multicast address identifies a group of logically-related devices.09 ……. this method is more efficient than broadcast because it does not disturb hosts which are not concerned by the data exchanged between routers.00.00.02.35.0a 00. Therefore a multicast address can be used as a destination address when a sender wants to send a frame to a group of receivers. (01-80-C2-xx-yy-zz) . Usually. Most of routing protocols use multicast addresses to exchange their database.5e. some hosts could get one or several multicast addresses because they belong to one or several groups.5e.08 01.. Some well-known examples include: .08 MAC 00.d6.cb .39. multicast addressing provides the means to send a frame to multiple destinations with a single transmission Multicast addresses are sometimes called group addresses or logical addresses.32.3 MAC addressing “Multicast” MAC 00.53.66. Multicast address is programmable.18.09 48 Multicast address In addition to unicast address.a2.5e.The Open Shortest-Path-First routing protocol (OSPF) uses a multicast address ( 5E-xx-yy-zz).39. Multicast addresses are assigned by an international organisation.0b.80.09 00.00.00.00.00.27. MAC 00.The Spanning Tree Protocol uses a multicast address to define the logical group of all bridges that implement the protocol.03 MAC 01. In this case. Most LAN technologies provide many-to-many connectivity among multiple stations on a shared communications channel.00.6f.2 Physical and link layers 2.0a MAC 00.35.92.48 .d6. © Alcatel University 8AS 90200 1124 VH ZZA Ed.55.cb.02.9f.32.02 Page 1.

ieee. How unicast Addresses are assigned Globally-unique unicast addresses are assigned by the manufacturer of the networking device. this address is burned into a read-only memory or the interface controller itself.g. local significant 0: Individual (or Unicast). The second bit of an address ( called the Global/Local or G/L bit in the standards16) indicates whether the identifier is globally-unique (G/L = 0) or unique only to the LAN on which the station resides (G/L = 1).02 Page 1.000 years to exhaust the address space.I.U. network interfaces). woman. 7 B . the company must first obtain an OUI from the IEEE.: Organizational Unit Identifier (Assigned by IEEE) Manufacturer Code (22 bits) U/L: Bit I/G: Bit Serial number (24 bits) 0: Universal. x x Alcatel : 0 0 . Device driver software can read this hardwired address and configure the interface controller appropriately. (Even you don't have that many computers on your desk!) Looked at another way.3 MAC addressing Details of the MAC address • 6 bytes (48 bits) O. Local Global Address : Locally unique addresses are manually assigned by a network administrator (Mainly used in Token Ring network). Is 48 bits the right number? A 48-bit address provides about 281 million million. Typically. associated to a set of equipment •hexadecimal representation (12 digits) • Examples : CISCO : 0 0 . if the industry produced 100 million LAN devices every day of the year (more than 500 times the current level of production). x x managed by manufacturer 49 The bits are presented in the order they are transmitted Universal / Global address Universal address : managed by international organisation (IETF).000 network-addressable devices for every man. Globally unique addresses are assigned by equipment manufacturers at the time a device is produced. x x ..org/ © Alcatel University 8AS 90200 1124 VH ZZA Ed. x x . and child on the planet. and further eliminating half of what is left for locally-unique assignments. unique address 1: Local. unique points in the address space. political considerations forced the adoption of a means to allow network administrators to manually assign addresses in a locally-unique manner. associated to only one equipment 1: Group (or Multicast). This is a relatively straightforward procedure involving the filling out of a simple form and an exchange of currency.2 Physical and link layers 2. there is still enough space for almost 12. When the Ethernet address scheme was incorporated into the IEEE LAN standards. x x .Information on obtaining OUIs can be found at http://standards. 9 F . Even allowing for half of these to be used for multicast addresses. x x . If a company builds devices that need globally-unique addresses assigned to them ( e. it would still take nearly 2. Unicast / Multicast address : Unicast address : identifies a single device or network interface Multicast address : address pointing to a group of host Written address conventions Addresses are normally written as a sequence of 12 hexadecimal digits separated by hyphens or colons. 1 0 .8 0 .49 .

Consequently when a MAC address has its first byte odd => it is a multicast address. that is the less significant bit which is sent first =>the first transmitted bit being U/L. Example : MAC@: 01-80-9F-D1-45-00 is a multicast address. this bit is in fact the less significant bit of the first byte of the MAC address.3 MAC addressing Transmission of the bits Bit multicast 10000111 11000000 10010011 01010010 00001111 01000001 Manufacturer code (22 bits) Serial number (24 bits) MAC address Hexadecimal representation 11100001 00000011 11001001 e 1 0 3 c 9 01001010 4 a 11110000 f0 10000010 82 1st byte odd => multicast address 50 For each byte.50 .02 Page 1.2 Physical and link layers 2. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

1 CSMA/CD 2.02 Page 1.02 1.4 Frame Ethernet V2 2.2 Physical and link layers 2.3 and associated protocols © Alcatel University .5 Frame IEEE 802.3 MAC Addressing 2.8AS 90200 1124 VT ZZA Ed.51 © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Cabling 2.51 .

2 Physical and link layers 2. Maximum traffic of short frames : 14880 frames/s Maximum traffic of long frames : 812 frames/s © Alcatel University 8AS 90200 1124 VH ZZA Ed.html Directory of General Assigned Numbers (replace RFC1700) The data field must not convey more than 1500 bytes. Intel. Xerox (DIX ethernet) The original release has been updated and the current version is « Eth V2 » The field “Ether types” allows the receiver to forward the frame contains to the correct protocol of the next layer. http://www. type Trame ethernet MAC @ src.02 Page 1. Therefore.org/numbers. At the opposite. size : 46 (possibly padding) MTU: Maximum Transmission Unit IP: Internet Protocol ARP: Address Resolution Protocol FCS: Frame Check Sequence 52 Ethernet protocol Designed by Digital. The type value is standardised and is always higher than 600 hexa or 1536déc The standardised values of “ether type” can be obtained from IANA the Internet Assigned Numbers Authority which is the central co-ordinator for the assignment of unique parameter values for Internet protocols.52 . data field must have 46 bytes at least in order to respect the minimum frame length for collision detection (64 bytes). Examples :IP: 0800 ARP: 0806 IPv6:086D Control Max Trans.4 Frame Ethernet V2 Bytes 7 1 6 6 1518 ≥ length ≥ 64 2 46 to 1500 4 Preamble 7 x ‘AA’ SFD MAC @ dest. >5DC Ether Data Padding FCS Synchronisation Start Frame Delimiter 10101011 Indicates the upper layer protocol Value > 5DCH or 1500D. ethernet protocol will sometimes have to make padding.iana. Unit (MTU): 1500 Mini.

4 Frame Ethernet V2 2.2 Cabling 2.1 CSMA/CD 2.02 Page 1.5 Frame IEEE 802.53 © Alcatel University 8AS 90200 1124 VH ZZA Ed.53 .8AS 90200 1124 VT ZZA Ed.3 and associated protocols © Alcatel University .2 Physical and link layers 1 2 2.02 1.3 MAC Addressing 2.

3 Ethernet et 802. an extension was made to the IEEE 802.2 Link connectionless+ack LLC type 3 MAC Connected mode LLC type 2 token Ring 802.2. IEEE decided to add a protocol capable of offering reliability: LLC sub protocol Purpose of LLC sub protocol : offers various services : LLC1. So. Token Ring.02 Page 1. But.with connection. IP being not reliable.1a LLC IEEE 802. © Alcatel University 8AS 90200 1124 VH ZZA Ed.connectionless without flow control neither acknowledgment (LAN 802. Note: IP use LLC1. SNA) LLC3. Purpose of the SNAP sub-protocol : Due to a growing number of applications using LLC (IEEE 802) as lower protocol layers.5 Shield twisted pairs connectionless LLC type 1 Ethernet ISO 802. In addition. …) in addition to the bus CSMA/CD.connectionless with acknowledgment (factory network) It is the role of the layer 3 to select the appropriate service.54 .3 and associated protocols Situation of the MAC 802. provides Services Access Point to the upper layers.5 Frame 802.3 sub-layer Network Other protocols Other protocols IP ARP LLC SNAP 802. for theses other topologies.2 protocol in the form of the Sub-Network Attachment Point (SNAP).3 10 Base T Ethernet V2 FDDI Physical Optical Fibre 10 Base 2 10 Base 5 LLC: Logical Link Control SNAP: Sub Network Attachment Point 54 When IP protocol was designed it was dedicated to operate over Ethernet which run over bus topology.5 Token Ring) LLC2. a field “frame length” should be present inside the frame header. acknowledgment … (TokenRing. the maximum frame length was variable.2 Physical and link layers . The IEEE wished use other topologies to convey IP (FDDI.

but is different for other transmission speeds.2. MAC @ src.3 Bytes 7 1 6 6 2 46 to 1500 4 Preamble 7 x ‘AA’ Flag MAC @ dest. the length of the data field is indicated in the 802.2 Physical and link layers . Ether Length Type ≤ 1500D >600 Data Padding FCS synchronisation End of preamble Indicates the data length (without padding) Value ≤1500 (dec).3 header (instead type of protocol) The length of the 802.3 MAC frame. Trans.3 data field is also limited to 1500 bytes for 10 Mbps networks. dec). Unit (MTU): 1500 mini size : 46 (possibly padding) 55 Standardised by IEEE In the 802.02 Page 1. ≤ 5DC (hexa) hexa) Control Max.3 and associated protocols Frame IEEE 802.55 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 Frame 802.

6 Length <5DC 2 Data 46 to 1500 Padding FCS 4 56 The field “type” of Eth.2. To overcome this limitation.2 The 802.3 uses a concept known as link service access point (LSAP). If the SAP is set equal to OxAA.2 LLC protocol. REJ. Control : type of frame I. an escape mechanism was built into the LLC SAP identifier. the 802. they can multiplex only among a maximum of 256 clients. © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 frame MAC @ dest. multicast) SAPs.. However. LLC SAPs (LSAPs11) are only 1 byte long. DM. the SAP space is further subdivided.3 and associated protocols IEEE 802.02 Page 1.56 . I 3 PID Data Bytes Bytes DSAP SSAP 1 1 Control 1 Data ≤ 1497 802. allowing for 64 publicly-administered.3.2 Logical Link Control (LLC) layer above IEEE 802. … (note: LLC1 uses only the value: 03= UI). as a result. Half of the space is reserved for group (Le. A problem arises with the use of LLC in its pure form.3 protocol forwards systematically the data field to the 802. leaving only 128 multiplexing points for most purposes. Bytes 6 MAC @ src.2 04 AA SNAP 802. this indicates that the SubNetwork Access Protocol (SNAP) is in use.V2 protocol having been lost in IEEE802.1a O. Numbers for these fields are assigned by an IEEE committee. DSAP/SSAP identifies the encapsulated protocol. it is also common practice to use the second bit of the SAP to divide the space further. U. globally-unique SAPs and only 64 identifiers that can be locally administered for private use. where DSAP and SSAP stand for destination and source service Access Point respectively. which uses a 3-byte header.5 Frame 802. RR. Even within this restricted space.OSI Protocol codes SNA 2 Physical and link layers . LLC protocol 802.2 LLC encapsulation other protocol codes using 2 bytes IP ARP 0806 2 0800 ≤ 1492 FE LLC 802.

57 . Example : 0800 IP. U. I 00 . 6 2 Length <5DC Data 46 to 1500 Padding FCS 57 SNAP (Sub Network Access Protocol) Allows to indicate the encapsulated protocol.1a SNAP 802. 6 MAC @ src.3 frame Bytes Bytes Bytes O.1a sub-layer PID:encapsulated protocol (809B= AppleTalk 0800= IP. OUI (Organisation Unit Id= vendor code ) : usually 000000 PID (Protocol Identifier) : the same values used in the Ethernet type field.02 Page 1.2 Physical and link layers . 00 . 00 SSAP (AA) 1 1 PID ≤ 1497 2 ≤ 1492 Data DSAP (AA) 1 Control (03) Data 4 MAC @ dest.2.3 and associated protocols SNAP 802.2 LLC 802.5 Frame 802. … ) 3 IP packet Organisational Unit Id 802. … © Alcatel University 8AS 90200 1124 VH ZZA Ed. 809B AppleTalk.

At the other end of the WAN no indication about the “type” of data. network Bridge MAC@ MAC@ Type dest.. ATM.2.3 and associated protocols Other advantages of SNAP Bridge FR.. 58 When Ethenet data have to cross a WAN. ? Data FCS Data Data Encapsulation FR. src. De-encapsulation FDDI.. .. ATM. (IP) Data FCS MAC@ MAC @ Type dest. ATM. the use of LLC/SNAP becomes crucial. src. .2 Physical and link layers . In this case... a new encapsulation has to be done and only data field will be encapsulated in the new protocol so. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. .58 . the type field has been lost.5 Frame 802.

3 AAL 5 ATM 5 48 oct.3 and associated protocols IP encapsulation into AAL5 (LLC/SNAP) Ethernet LLC 802.59 .a 1 Cntl 03 Length 2 46 . CRC 2 4 59 IP encapsulation into ATM LLC: SNAP DSAP et SSAP= AA AA => use of SNAP Ctl: 03= UI frame(Unnumbered Information) OUI:000000 ethertype PID= 0800: IP PID= 0806: ARP.Ligne ADSL Modem 2 Physical and link layers .02 Page 1.2 IEEE 802.1500 1 OUI 00 00 00 3 PID 0800 2 IP MAC MAC destination source 6 6 FCS 4 PAD Cellules ATM 0 à 47 UU CPI 1 1 Leng.2. © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 Frame 802. …. octets DSAP SSAP AA AA 1 SNAP 801.

2. V2 and IEEE 802 IP packet O.2 Physical and link layers .00 SNAP Bytes Bytes 3 PID 0800 1 2 ≤ 1492 Data ≤1497 Bytes 6 6 2 Eth V2 frame MAC @ dest.5 Frame 802. 802.02 Page 1.3 frame Leng. Ether type 0800 46 to 1500 Data LLC 4 DSAP (AA) 1 SSAP (AA) 1 Control (03) Data 46 to 1500 4 Bytes 6 6 2 Padding FCS MAC@ dest.3 : 1492 bytes © Alcatel University 8AS 90200 1124 VH ZZA Ed. I 00.3 and associated protocols Comparison between Eth.60 . U.00. MAC@ src. MAC @ src. <600 data Padding FCS 60 Note: the maximum size of IP packet depends on the lower layers : Eth V2 : 1500 bytes IEEE 802.

3 and associated protocols Protocol recognition Ethernet V2 or IEEE 802. Type /Leng Data Padding FCS ≤ 1500dec or ≤ 5DChex Length Field value: type / length ? >1500dec or > 5DChex Ether type 802.2 Physical and link layers . MAC @ src. This is done by using protocol type numbers (type field) greater than 1500 (decimal) in the Ethernet frame. © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 Ethernet V2 61 Both frame formats can coexist on the same physical coax.3 ? Bytes 7 1 6 6 2 46 to 1500 4 Preamble 7 x ‘AA’ Flag MAC @ dest.02 Page 1. However.5 Frame 802.61 . different device drivers are needed to handle each of these formats.2.

02 Page 1.62 .Objective: to be able to describe the Ethernet frame format 2 Physical and link layers Evaluation Thank you for answering the self-assessment of the objectives sheet 62 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

02 Page 1.63 © Alcatel University 8AS 90200 1124 VH ZZA Ed.1 2 3 4 5 6 7 8 9 Introduction Physical and link layers ARP protocol Repeaters.8AS 90200 1124 VT ZZA Ed. Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol © Alcatel University .02 1.63 .

2 token Ring Shield twisted pair Ethernet ISO 802. It is described in RFC 826. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.3 ARP protocol ARP protocol location Network IP ARP LLC Link MAC Physical FDDI SNAP LLC 802.64 .3 10 Base T Ethernet V2 Optical fibre 10 Base 2 10 Base 5 64 The address resolution protocol is responsible for converting the higher level protocol addresses (IP addresses) to physical network addresses.

with a special format called the ARP request.3 ARP protocol ARP protocol : @IP / @MAC association IP protocol IP@:1.1. 6.All the hosts connected on the LAN have to decode the ethernet frame because it is broadcasted. 3. 2. All subsequent datagrams to this destination IP address can now be translated to a physical address.2 Data ARP Reply FCS @IPdest: 1. 4.ff 102030 65 A module (ARP) is provided that will translate the IP address to the physical address of the destination host.1.The response is memorised in the cache memory © Alcatel University 8AS 90200 1124 VH ZZA Ed.1.A host (IP@=ZIPO. The reply will contain the physical hardware address of the host and source route information (if the packet has crossed bridges on its path). answers.1. (Broadcast) fff.1.1 @MACdest: 102030 ARP Response 5 IP @ : 1.1.1.1.1.2 908070 IP @ :1.This information not being in its cache memory. conveying the MAC@ of Yaca. When the address is not found in the ARP cache. If one of the machines on the network recognises its own IP address in the request.1.1..ARP protocol broadcast an ARP Request over the LAN.2 Search MAC@ of 1. a broadcast is sent out on the network. MAC@=1234) which would like to send an IP packet to IP@=Yaka as to find out the corresponding MAC@.02 Page 1.1 IP @ :1.1. @IPsrc: 1.1.1.65 .1.. 5.1. src. it will send an ARP reply back to the requesting host. It uses a lookup table (sometimes referred to as the ARP cache) to perform this translation.1.1 0806 @MACsrc: 102030 (ARP) @IPdest: 1.The ARP Response in sent back to unicast MAC@=1234. Principle: 1. which is used by the device driver to send out the datagram on the network. Both this address and the source route information are stored in the ARP cache of the requesting host.1 MAC @: 102030 ARP Request @MACsrc: 908070 102030 908070 0806 (ARP) MAC@ MAC@ Type dest.2 1 2 ARP cache MAC @ IP @ 6 ? 1.2 @MACdest: ???????? FCS 4 3 MAC@ MAC@ Type dest.1.1.1. src. But only the host having got the IP@= Yaca.2 MAC @ : 908070 Data ARP Request @IPsrc: 1.

1.1.1 IP @ :1.1. © Alcatel University 8AS 90200 1124 VH ZZA Ed.1.3 ARP protocol Transmission of IP packet IP protocol IP@:1.1.1. src.1 MAC @ : 102030 8 MAC@ MAC@ Type dest.1.1 →@IPdest : 1.The host having the MAC@=9876 receives the ethernet frame. the IP packet conveying the message can be transmitted to Yaka.1. MAC @ : 908070 Data IP Packet FCS IP @ : 1.1.66 .02 Page 1.2 IP @ :1.2 7 ARP cache MAC @ IP @ ? 908070 9 1.1.To achieved that.2 66 7-Only now. the IP packet is encapsulated into an Ethernet frame with the unicast destination MAC@ (=9876) 9.1.1.1.2 908070 102030 (IP) 0800 @IPsrc: 1. 8.1.

src. © Alcatel University 8AS 90200 1124 VH ZZA Ed. 123 456 @IPsrc: Y @MACsrc: 456 0806 @IPdest: Z (ARP) @MACdest: 123 Data ARP Reply FCS 67 Whenever an ARP Request is sent over the LAN.3 ARP protocol Cache updating ARP cache IP @ MAC @ Data MAC@ MAC@ Type ARP Request dest.02 Page 1.. @IPsrc: Z @MACsrc: 123 123 0806 fff.67 ..ff (ARP) @IPdest: Y (Broadcast) @MACdest: ???????? 1 FCS Z 123 2’ MAC @ : 123 IP @ :Z ARP cache IP @ MAC @ Y 456 ? 5 MAC @ : 456 IP @ : Y 4 IP @ : X MAC @ : 1 3 ARP cache IP @ MAC @ Z 123 2 MAC@ MAC@ Type dest. src. all hosts connected to this LAN can update their ARP cache memory (IP@ <=> MAC) because the destination of the frame is a broadcast address.

the MAC@ changes.When an Ethernet board has to be replaced in a host therefore. the ARP entries are deleted if they are not used for a time (configurable). For instance. 2.Another host wishing send an IP packet to Z and having in its ARP cache a MAC@ (but the previous one) corresponding to this IP@ wil not perform an ARP procedure. the Ethernet frame with the now wrong destination address will never reach the desired host So. in Cisco router.02 Page 1. 123 456 0800 (I P) Data IP Packet IP Y→ Z 5 FCS MAC @ : 123 888 IP @ : Z 1 IP @ : X MAC @ : 1 MAC @ : 456 IP @ : Y 2 123 888 4 ARP cache IP @ MAC @ Z 123 3 IP Y→ Z 68 Time to live of an ARP entry 1. Note: a host could get the suppression of an entry (the oldest one) if there is no enough place in its ARP cache memory © Alcatel University 8AS 90200 1124 VH ZZA Ed. to solve this problem. src.Consequently.68 . 3. the default ARP TTL is 4 hours while it is only some seconds in PC.3 ARP protocol Time to live of ARP entry ARP cache IP @ MAC @ Z 123 6 MAC@ MAC@ Type dest.

.3 ARP protocol Gratuitous ARP ARP cache IP @ MAC @ Z 888 123 3’ 4’ MAC@ MAC@ Type dest.02 Page 1. This particular ARP Request has got to objectives : To update the ARP cache memory of the other hosts on the LAN To detect whether there is another host having the same IP@ (normally no one host should answer to this request). (Broadcast) fff. © Alcatel University 8AS 90200 1124 VH ZZA Ed.ff 3 888 Data ARP Request @IPsrc: Z 0806 @MACsrc: 888 (ARP) @IPdest: Z @MACdest: ???????? FCS MAC @: 123 888 IP @ : Z 1 IP @ : X MAC @ : 1 MAC @ : 456 IP @ : Y 2 123 888 ARP cache IP @ MAC @ Z 123 888 4 69 ARP gratuitous An ARP gratuitous is an ARP Request having as destination IP@ its own IP@.. src.69 .

V2 @MAC Dest @MAC Src 70 © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 ARP protocol Various encapsulations of ARP ARP Message SNAP ARP in SNAP/LLC 802.2 LLC 802.70 .02 Page 1.3 @MAC Dest @MAC Src ARP in Eth V2 ARP Message Eth.

5 this will be 6.3 these are 48-bit addresses. • Operation code: Specifies whether this is an ARP request (1) or reply (2). same as the EtherType field in the IEEE 802 header (IP or ARP). For IEEE 802.3 ARP protocol ARP format and encapsulation in Ethernet V2 1:Ethernet 6:Token Ring. For TCP/IP these are the 32-bit IP addresses. examples are Ethernet or Packet Radio Net. 4 0001:ARP Request 0002:ARP Response ARP Hardwar Protocol MAC @ IP @ Message type length length 2 2 1 1 Byte Eth V2 frame MAC @ MAC @ Dest. • Source/target hardware address: Contains the physical network hardware addresses.. • Hardware address length: Specifies the length (in bytes) of the hardware addresses in this packet.02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 and IEEE 802.71 . For IEEE 802.. For IP this will be 4. • Protocol address length: Specifies the length (in bytes) of the protocol addresses in this packet. Source source 4 6 2 6 IP @ dest. • Source/target protocol address: Contains the protocol addresses. Note: « MAC address destination » is set to 0 in any ARP request. • Protocol address space: Specifies the type of protocol. 0800 (IP) 6 4 Operation MAC @ IP @ MAC @ Dest. Source 6 6 Type 2 ARP Message FCS 4 0806:ARP 71 ARP message format Hardware address space: Specifies the type of hardware.

21.21.02 Page 1.72 .21.10.10.21.21.2 IP @ :192.10.10.21.21.2 3 72 Details of ARP Protocol © Alcatel University 8AS 90200 1124 VH ZZA Ed.10.1 Target hw address: 0:0:c0:6f:6d:40 Target protocol address:192.3 ARP protocol The various fields @MAC dest:ff:ff:ff:ff:ff:ff (Broadcast) Hardware type:1(Ethernet) Protocol: 800 (IP) Hw address length: 6 Protocol address length: 4 Operation: 1 (request) Sender’s hw address:0:0:c0:6f:6d:40 Sender’s protocol address:192.1 0:0:c0:c2:9b:26 ? 5 ARP Response 4 IP @ 192.10.10.2 @MAC dest 0:0:c0:6f:6d:40 @MAC src:0:0:c0:c2:9b:26 Type:0806 (ARP) Hardware type:1(Ethernet) Protocol: 800 (IP) Hw address length: 6 Protocol address length: 4 Operation: 2 (response) Sender’s hw address: 0:0:c0:c2:9b:26 Sender’s protocol address:192.1 Target hw address:0:0:0:0:0:0 Target protocol address:192.10.1 MAC @ :0:0:c0:c2:9b:26 @MAC src:0:0:c0:6f:6d:40 Type:0806 (ARP) ARP Request 1 IP @ :192.21.2 MAC @ :0:0:c0:6f:6d:40 2 MAC @ ? 0:0:c0:6f:6d:40 MAC @ IP @ 192.

indicate the name of various fields and their value ARP Message Hw type 2 0001 Type type 0800 2 Length @MAC 06 1 length @IP 04 1 Operation 0001 2 @MAC src 00600856F4E5 6 0A00008C 4 @IP src @MAC dest 000000000000 6 0A00008A 4 @IP dest Eth frame ffffffffffff 6 @MAC dest @MAC src 00600856F4E5 6 Protocol 2 2) Which Ethernet protocol is it (IEEE802.3 or Ethernet V2)? 3) Which kind of operation is it? EthV2 Request 0806 4 73 © Alcatel University 8AS 90200 1124 VH ZZA Ed. 0000: 0010: 0020: Hex.3 ARP protocol Exercise :Trace of ARP protocol Given the following trace : Addr.73 .045 FF FF FF FF FF FF 00 60 08 56 F4 E5 08 06 00 01 08 00 06 04 00 01 00 60 08 56 F4 E5 0A 00 00 8C 00 00 00 00 00 00 0A 00 00 8A 1) Below.02 Page 1. Data Time:07:33:06.

0.045 FF FF FF FF FF FF 00 60 08 56 F4 E5 08 06 00 01 08 00 06 04 00 01 00 60 08 56 F4 E5 0A 00 00 8C 00 00 00 00 00 00 0A 00 00 8A Hexadecimal Trace Ethernet header Eth. Data Time:07:33:06.138 The analyzer can decode the OUI code i.74 .0.140 0020:0025 Destination HW Address: 000000000000 0026:0029 Destination IP Address: 10.3 ARP protocol ARP protocole trace (Request) Addr. V2 [0000:000D] 0000:0005 Destination Address: FFFFFFFFFFFF (Broadcast) 0006:000B Source Address: 00600856F4E5 (3Com56F4E5) 000C:000D Ethernet Type: Address Resolution Protocol (ARP) ARP [000E:0029] 000E:000F Hardware Type: Ethernet (10Mbps) 0010:0011 Protocol Type: DOD Internet Protocol (IP) 0012:0012 Hardware Address Length: 6 0013:0013 Protocol Address Length: 4 0014:0015 Opcode: Request 0016:001B Source HW Address: 00600856F4E5 001C:001F Source IP Address: 10.02 Page 1.0. vendor code Decoded ARP message 0 in the request 74 © Alcatel University 8AS 90200 1124 VH ZZA Ed.0. 0000: 0010: 0020: Hex.e.

0000: 0010: 0020: 0030: Hex.75 .V2 [0000:000D] 0000:0005 Destination Address: 00600856F4E5 (3Com56F4E5) 0006:000B Source Address: 00809F2132A9 (Alcatel2132A9) 000C:000D Ethernet Type: Address Resolution Protocol (ARP) ARP [000E:0029] 000E:000F Hardware Type: Ethernet (10Mbps) 0010:0011 Protocol Type: DOD Internet Protocol (IP) 0012:0012 Hardware Address Length: 6 0013:0013 Protocol Address Length: 4 0014:0015 Opcode: Reply Expected MAC address 0016:001B Source HW Address: 00809F2132A9 001C:001F Source IP Address: 10.02 Page 1.3 ARP protocol ARP protocol trace (Reply) Addr.138 0020:0025 Destination HW Address: 00600856F4E5 0026:0029 Destination IP Address: 10.0.140 75 © Alcatel University 8AS 90200 1124 VH ZZA Ed.059 32 A9 08 06 00 01 32 A9 0A 00 00 8A 00 8A 00 8A 00 8A 00 8A F9 EF C6 D8 Eth.0.0. Data 00 60 08 56 08 00 06 04 00 60 08 56 00 8A 00 8A F4 00 F4 00 E5 02 E5 8A 00 00 0A 00 80 80 00 8A 9F 9F 00 00 21 21 8C 8A Time:07:33:06.0.

02 Page 1.76 .Objective: to be able to describe the ARP protocol and analyze an ARP trace 3 ARP protocol Evaluation Thank you for answering the self-assessment of the objectives sheet 76 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

77 .02 1.77 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.1 2 3 4 5 6 7 8 9 Introduction Physical and link layers ARP protocol Repeaters.8AS 90200 1124 VT ZZA Ed. Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol © Alcatel University .

Bridges and Switches Repeater 10baseT 10base2 AUI (10base5) •Media adaptation •Signal amplifier Repeater Segment Repeater: Located at the physical level. it acts at the electrical level: Amplifier media adapter It does not interprets addresses Segment 78 © Alcatel University 8AS 90200 1124 VH ZZA Ed.4 Repeaters.78 .02 Page 1.

79 . it sends the datagram directly to the host and the datagram "crosses" the bridge without the sending IP host being aware of it.4 Repeaters. A bridge is said to be transparent to IP. That is. and is independent of any higher layer protocol (including the logical link protocol). A bridge performs the function of a MAC relay. © Alcatel University 8AS 90200 1124 VH ZZA Ed. when an IP host sends an IP datagram to another host on a network connected by a bridge. if required. Bridges and Switches Bridge principle Bridge LAN 1 •Filtering on MAC addresses LAN 2 79 Bridge Interconnects LAN segments at the network interface layer level and forwards frames between them.02 Page 1. It provides MAC protocol conversion.

increase the reliability ( a fault is not forwarded) ensure the topology adaptation.(Ethernet. Token-Ring.…) © Alcatel University 8AS 90200 1124 VH ZZA Ed.80 .02 Page 1. Bridges and Switches Bridge architecture •Media adaptation •Filtering on MAC addresses Bridge Address filtering MAC MAC Physique Physique MAC Physical MAC Physical Transceiver Transceiver HUB COAXIAL 80 It acts at the level 2 Advantages increase the bandwidth thanks to the filtering.4 Repeaters.

Bridges and Switches Manual filtering b d LAN 2 a e c c→a c→f Eth0 MAC@ Eth 1 f Bridge a b c d e f eth0 eth0 eth0 eth1 eth1 eth1 Port 81 © Alcatel University 8AS 90200 1124 VH ZZA Ed.LAN 1 4 Repeaters.81 .02 Page 1.

PSTN. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1... X25.82 . . Bridges and Switches Remote bridge d LAN 2 a b (any WAN : FR. Virtual Connection (ATM).…) Eth 0 ATM Eth 0 e c f MAC@ 1/2 bridge a b c d e f eth0 eth0 eth0 S0S0-1/32 S0S0-1/32 S0S0-1/32 Port Serial 0 VPI/VCI 1/32 Serial 1 VPI/VCI 8/45 MAC@ 1/2 bridge a b c d e f S1S1-8/45 S1S1-8/45 S1S1-8/45 eth0 eth0 eth0 Port 82 1/2 bridges : Have to maintain the relationship between : @Mac <=> Virtual Channel number (X25) or Telephone number (PSTN) or DLCI (Frame Relay) or.LAN 1 4 Repeaters.

learning Bridge 3 MAC @ : a filter @MAC Port a 1 b 1 Self.4 Repeaters. a bridge must know the location of the MAC@.learning Bridge 2 a 2 b a b MAC @ : b a a a 1 b b a b 2 filter @MAC Port a 2 a b 83 In order to perform a filtering. it forwards the frame on all its ports (except the reception port) © Alcatel University 8AS 90200 1124 VH ZZA Ed. otherwise. it stores in its cache memory the MAC@ and the reception port then. Bridges and Switches Self learning transparently bridge (1) « a » sends a frame to « b » a b Self. by means of the self learning or the spanning tree protocol. If it knows this MAC@. Automatically.learning Bridge 1 2 1 filter @MAC Port a 1 a b a b Self. Principle of the self learning bridge : When a bridge receives a frame. examines the MAC@ destination.83 . Two possibilities : Manually. MAC addresses are introduced by the administrator.02 Page 1. it forwards the Ethernet frame only on corresponding port if it is not the reception port.

4 Repeaters.: 10mn).02 Page 1. Bridges and Switches Self learning transparently bridge(2) « b » answers to « a » Self.learning Bridge 1 filter MAC@ Port a b 1 2 MAC @ : a b a 1 2 filter MAC@ Port a b 1 2 b a 1 Self. (e.84 . Note : If a host stay quiet for a long time. the bridge table enhance. the entry is removed from the bridge table © Alcatel University 8AS 90200 1124 VH ZZA Ed.learning Bridge 3 1 @MAC: C filter MAC @ Port a b 2 2 84 As one goes along of the exchanges.g.learning Bridge 2 2 b a MAC @ : b 2 Self.

The solution is to use the protocol : « Spanning Tree »: © Alcatel University 8AS 90200 1124 VH ZZA Ed. Bridges and Switches Self learning transparently bridge and loops « a » sends a frame to « b » a b filter MAC @ Port a 1 2 filter MAC @ Port a 2 2 1 filter MAC @ Port a !!! b 2/1? MAC @ : a 2 a b filter MAC @ Port a 2 2 1 a a 1 b b 2 filter MAC @ Port a !!! a b MAC @: b a 2/1? 1 1 a b 85 Self learning bridge limitation : Self learning bridge cannot work correctly if their is a loop made by bridges.4 Repeaters.85 .02 Page 1.

and ultimately leaves. the tree encompasses all of its leaves. you will find that there is one. Bridges and Switches Spanning Tree Tree representation Root 109 Loop Loop 447 492 492 562 109 562 175 447 234 114 elimination 86 In order to solve the problem of loop in a bridged network. If you trace a path from any leaf to any other leaf.1D Tree topology There is a root. a hierarchy of progressively smaller branches). a protocol has been designed: Spanning Tree Protocol (STP) the standard is IEEE802. there are no disconnected parts that are still considered part of the tree. Loop © Alcatel University 8AS 90200 1124 VH ZZA Ed. and only one. In addition. possible path. there are no loops in a tree.02 Page 1. On a given tree.Topology 175 234 114 4 Repeaters.86 . plus branches (actually. that is.

Bridges and Switches Switch : Principle Switch 4 ports R T 1 1’ Simultaneous communication R T R T Switch 4 ports => The traffic could reach 2 x 10 Mb/s R T 87 A bridge analyze the MAC@ destination to forward the frame to the correct outgoing port.02 Page 1. During the 1990 ’s ASIC. A switch is a bridge (the distinction between bridge and switch is a marketing distinction) © Alcatel University 8AS 90200 1124 VH ZZA Ed.4 Repeaters.87 . Early LAN bridges rarely had more than 2 ports. memory technology advanced to the point where it was feasible to built LAN bridges with large numbers of ports capable of forwarding frames at wire-speed on all ports. microprocessors.

© Alcatel University 8AS 90200 1124 VH ZZA Ed. a switch ca be used to interconnect single end stations . Bridges and Switches Switch : LAN segmentation hub Micro-segment Port 1 Port 4 Micro-segment SWITCH Port 2 Port 5 Micro-segment Port 6 Port 3 hub Micro-segment Segment 88 A switch can be used to segment traditional shared LANs Alternatively.Segment 4 Repeaters. A microsegmentated environment has a number of interesting characteristics that we will study later. This is refferd to as microsegmentation.02 Page 1.88 .

© Alcatel University 8AS 90200 1124 VH ZZA Ed. The operation mode is half duplex because under normal operation only one end station can transmit at one time. mechanisms have to be implemented to get the control of the medium detect a possibly collision and take the appropriate decision.02 Page 1. Bridges and Switches Switch : Half duplex operation on switch HUB Switch Collision Receive Loopback Transmit Collision detection Loopback Receive Buffer Collision detection Buffer Transmit Transmit Collision detection Loopback Receive 89 When a LAN is shared by several stations.4 Repeaters.89 .

Just providing a full duplex-capable media and topology is not sufficient to achieve full duplex operation. We need to: Disable the Carrier Sense function as it is normally used to defer transmissions. the reception of data on the receive channel should not cause the transmitter to defer any pending transmissions. Unless we also modify the behavior of the LAN interfaces in the switch and the attached devices. and reschedule its transmission if it detects a receive signal while transmitting. © Alcatel University 8AS 90200 1124 VH ZZA Ed. A normal (half duplex) Ethernet interface will withhold its own transmissions in order to avoid interfering with transmissions in progress under control of the carrier sense signal. we cannot use the channel in any manner other than the normal shared-LAN mode. jam. avoiding the need for collision detection. Disable the Collision Detect function. That is.4 Repeaters. stations can both transmit and receive simultaneously Note: the two parties must have the same operation mode otherwise. we can operate the LAN in full duplex mode.90 .02 Page 1. which would normally cause the transmitter to abort. We can modify the behavior of the Ethernet MAC controller in both the switch and the attached devices to take advantage of their unique situation. This is because the LAN interface does not know that the channel is now dedicated for its private use. Neither end of the link needs to defer to received traffic. Bridges and Switches Switch : Full duplex operation Switch Transmit Collision detection Loopback Receive Loopback Buffer Collision detection Buffer Receive Transmit 90 10 Base Tx provides two ways for communication : one pair for Tx and another pair for reception. In this environment. Disable the looping back of transmitted data onto the receiver input. We must essentially disable the access control mechanism inherent in the LAN interface. as is done on a half duplex channel. the device operating in half duplex will detect collision if it sends a frame at the same time the other device sends another in the other direction. nor is there any interference between transmissions and receptions. backoff. and retry.

a switch with n ports constitutes n LANs. In a shared Ethernet LAN. Bridges and Switches Switch : Collision domains hub Port 4 Port 1 SWITCH Port 2 Port 5 Port 3 Port 6 hub 91 A switching hub (unlike a repeater) has a MAC entity for each of its ports. one for each switch port. with access to each LAN arbitrated independently of all others. Architecturally. each of the connections to the switching hub constitutes a distinct LAN . The set of stations contending for access to a shared Ethernet LAN is known as a collision domain. © Alcatel University 8AS 90200 1124 VH ZZA Ed.4 Repeaters.91 .02 Page 1. A switch separates the access domains of each port. the CSMA/CD algorithm is used to arbitrate for use of the shared channel. A repeater with n ports constitutes a single LAN.

independent channel to the other device. Each device has a private. we can see that it appears exactly the same (architecturally) as the simple RS-422 connection. with a switching hub each of the attached devices has a dedicated channel between itself and the hub.92 . In the case of a micro segmented switched LAN . Bridges and Switches Switch : Full and half duplex Switch Receive Transmit Buffer Buffer Transmit Collision detection Loopback Receive Transmit Collision detection Loopback Receive Loopback Buffer Collision detection Buffer Receive Transmit Half duplex 92 Whereas with a repeater all of the devices connecting to the hub share the available channel and have to arbitrate for access.02 Page 1. If we consider that two-station LAN in isolation.HUB Full duplex Transmit Receive 4 Repeaters. © Alcatel University 8AS 90200 1124 VH ZZA Ed. there is no possibility of contention for the use of the underlying communications channel. each port comprises a two-station network composed of the attached device and the switch port itself.

Allow variaous data rate for each station © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 km distance limit available. Bridges and Switches Switch : Advantages of full duplex operation Micro-segmentation Switch Indedendent rate of each station 100 Mb/s 10 Mb/s Switch 10 Mb/s 100 Mb/s Shared bandwidth Half-duplex Access contention Is medium free no Extended distance limitations No need access contention Is medium free Collision detection Transmission = reception no delay No need collision detection Transmission = reception no delay 93 Full-duplex Full bandwidth Implication of full duplex operation The use of microsegmentation associated to full duplex mode have a number of important implications: eliminate the link length restrictions of CSMA/CD.Segmentation hub 10 Mb/s 4 Repeaters. A shared ethernet LAN operating at 10 Mb/s has the full 2. This is especially important for technologie such as FastEthernet (length ≤ 250 m) and Gigabit Ethernet increase the aggregate channel capacity. In the best case the the aggregate capacity of a switch will equal the sum of the data rate of all attached ports. increase the potential load on a switch.02 Page 1. The transmission is not delayed because there is no access contention neither collision.93 .

Bridges and Switches Switch : The need for flow control SWITCH Buffer SERVER Buffer Buffer Buffer Buffer 94 The need for flow control If the ports connected to a switch are operating in half duplex mode.023 slot times for later collisions. a switch can use the underlying access control method to throttle stations on the shared LAN and forestall incoming traffic. It is likely that switch input buffers will become available during this very long time. The station will select a time. . As long as the station sees that the channel is busy (i. as the switch will be emptying its queue onto the output ports in the meantime.94 . Even though the queue is so emptied. Force collisions with incoming frames. This uses the deferral mechanism rather than the collision backoff mechanism of the Ethernet MAC.. there are some tricks to control the flow : Backpressure.Make it appear as if the channel is busy. the channel will remain idle until the backoff timer expires.02 Page 1. It seems a shame to waste bandwidth solely due to an inefficient backpressure algorithm. © Alcatel University 8AS 90200 1124 VH ZZA Ed. This effectively gives the switch priority over other traffic sources on its output ports.4 Repeaters. Aggressive transmission policy. On the output side. a switch can empty its transmit queue in an expedited manner by using an access control algorithm more aggressive than that permitted by the standard. To prevent buffer overflow from traffic arriving on its input ports.e. but increasing to 0 to 1. Carrier Sense is asserted) it will defer transmission. The disadvantage of this method is the collision will cause the end station to calculate an exponentially-increasing backoff. initially in the range of 0 to 1 slot Tirnes. but it imposes no additional backoft delay.

02 Page 1. multicast) will be systematically broadcasted to all Hub ports. © Alcatel University 8AS 90200 1124 VH ZZA Ed.4 Repeaters.95 . Bridges and Switches Cabling with HUB HUB 1 Cabling 2 Communication HUB Sell s R& D Fi na n ce s 2 s el l s o rt en t p Im a r mt d ep o rt en t p x e a r mt p e d R& D Fi na n ce s 95 Any frame sent by a host through a Hub and whatever the MAC@ type (unicast. broadcast.

A frame sent by a host to another host located on the same LAN will not be broadcasted.02 Page 1. Nevertheless. © Alcatel University 8AS 90200 1124 VH ZZA Ed. all hosts connected to this LAN segment will be disturbed. Bridges and Switches Cabling with HUB and LAN segmentation (1) HUB Filtering Bridge HUB Sell s R& D Fi na n ce s s el l s o rt en t p Im a r mt d ep o rt en t p x e a r mt p e d R& D Fi na n ce s 96 LAN segmentation can be made by adding Bridge unit.4 Repeaters.96 . The bridge performing filtering.

4 Repeaters. any communication between two hosts located on two LAN segments will lead to a monopolisation of the two LAN segments.02 Page 1. Bridges and Switches Cabling with HUB and LAN segmentation (2) HUB Bridge HUB Sell s R& D Fi na n ce s s el l s o rt en t p Im a r mt d ep o rt en t p x e a r mt p e d R& D Fi na n ce s 97 In spite of the presence of a bridge.97 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.

Bridges and Switches Cabling with Switch and operation 1 Cabling 2 Communication Sell s R& D Fina n ces 2 p o Im a r mt d ep rt n t e Sell s R& D Switch Fina n ces o rt n t e x p mt e a r d ep Micro-segmentation 98 Switch allows micro-segmentation ( ≡ a bridge between each host) A switch receiving a unicast frame from a host will forward that frame to only the involved port.98 .4 Repeaters. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

02 Page 1. a protocol analyser should function properly when attached to any port of the hub.99 .4 Repeaters. As a result. © Alcatel University 8AS 90200 1124 VH ZZA Ed. all of the traffic appears on every port of the hub. Bridges and Switches Protocol analysis over a Hub hub R T HUB 4 ports R T Pr ot oc ol an alyz e r R T R T HUB= multiport repeater 99 On a shared bandwidth hub.

100 ./ © Alcatel University 8AS 90200 1124 VH ZZA Ed. Bridges and Switches Protocol analysis over a switch (port & switch mirroring) Pr ot oc ol an alyz e r Port mirroring Mirror port : 1 Monitored port: 6 Craft Port 1 Copy Port 4 Port 2 Port 5 SWITCH Port 3 Traffic Port 6 hub 100 When a LAN switch is used in place of hub. multicast and broadcast destinations as well as unknown unicast destinations). some switches provide the capability of mirroring all of the traffic being forwarded by the switch. Switch mirroring.4 Repeaters. it is possible for a switch to replicate the traffic from any single port onto another port. devices connected to a given port will see only that traffic destined to them (known unicast destinations. Alternatives are commonly used to solve this problem: Port mirroring. some switches allow a network administrator to configure the mirror port to reflect a subset of the ports on the switch. Thus. as a result of normal operation. it is no longer possible to monitor all of the traffic by attaching a protocol analyser to a single port.02 Page 1. As a variation of switch mirroring.

bridges and switches 4 Repeaters.02 Page 1.101 . Bridges and Switches Evaluation Thank you for answering the self-assessment of the objectives sheet 101 © Alcatel University 8AS 90200 1124 VH ZZA Ed.Objective: To be able to describe the operation of repeaters.

102 .Page intentionally left blank 102 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

1 2 3 4 5 6 7 8 9 Introduction Physical and link layers ARP protocol Repeaters. Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol © Alcatel University .02 1.8AS 90200 1124 VT ZZA Ed.02 Page 1.103 .103 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

02 1.8AS 90200 1124 VT ZZA Ed.104 .02 Page 1.104 © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 IP header © Alcatel University .5 IP protocol 5.1 IP addressing 5.2 IP routing 5.

105 . 3 or 4 digits. So. this class is dedicated for very large network where many many hosts can be connected to. Class B is suitable for a medium size of networks Class C is suitable for small networks.1 IP Addressing Analogy between PSTN numbering and IP numbering Finnish PSTN Country Code = 358 Russian PSTN Country Code = 7 Border Telephone number : Country code Designation number Class A networks Large IP Large IP Network Large IP Network Network IP numbering Class B networks medium IP medium IP Network medium medium IPIP Network Network Network Class C networks Border ƒ (class) IP address : Network ID Analogy between PSTN numbering and IP numbering Host ID Small IP Network 105 Public Switched Telephone Network On telephone networks the number of digits assigned to Country Code is variable. Class A has a short Net ID leaving a longer part for Host ID.02 Page 1. address is composed of 2 parts : Network Identifier Host Identifier The Net Id length is function of the “class”.French PSTN Country Code = 33 Barbados PSTN Country Code = 1246 Telephone numbering 5 IP protocol 5. others 2. Some Country have a country code of 1 digit. © Alcatel University 8AS 90200 1124 VH ZZA Ed. IP Network On IP networks.

5. it is called multi-homed and has one IP address for each network interface.1 IP Addressing IP address classes Class A 0 1 Net ID (7bits) 8 9 16 17 Host Id (24 bits) 24 25 32 Class B 1 0 Net ID (14bits) Host Id (16 bits) Class C 1 1 0 Class D 1 1 1 0 Class E 1 1 1 1 0 Net ID (21bits) Host Id (8 bits) Multicast group id (28 bits) Reserved for future use (27 bits) 106 Generalities IP@ is more an interface address rather than a host address. For example.9 is a valid IP address There are five classes of IP addresses. IP@ is usually expressed in a dotted decimal format.106 .167. A Class A address is suitable for networks with an extremely large number of hosts. An IP@ is composed of 2 parts: Network Identifier Host Identifier IP addresses are structured into classes. An address is composed of 32 bits. Class C addresses are suitable for networks with a small number of hosts. 145.02 Page 1.5 IP protocol 5. When the host is attached to more than one network. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

0.0.967. whereas a class C network. 32 bits seems a suitable length to cover all IP devices over the world. Nearly all of the new networks assigned in the late 1980s were Class B. and in 1990 it became apparent that if this trend continued.5 IP protocol 5.0.0 to 126.0. but very few for which 254 hosts would be an adequate limit.0. most of the class B networks being assigned were small ones.255. with a maximum of 254 hosts. The reason for this trend was that most potential users found a Class B network to be large enough for their anticipated needs. since it accommodates up to 65534 hosts.107 .0 Number of Networks :16 384 Number of Hosts :65 534 Net Id from : 128.0 to 191. There are relatively few networks that would need as many as 65.0 to 223.0. the last Class B network number would be assigned during 1994.1 IP Addressing Network sizes 0 Net ID (7bits) Host Id (24bits) 8 9 16 17 24 25 32 Class A Network 1 Number of Networks :126 Number of Hosts :16 777 214 Net Id from : 1.296 possible addresses.255.0.534 host addresses. © Alcatel University 8AS 90200 1124 VH ZZA Ed.294.0 Net ID (14bits) Class B Network 10 Host Id (16bits) Class C Network 110 Number of Networks :2 097 152 Number of Hosts :254 Net Id from : 192. severely restricts the potential growth of even a small initial network.0.255.0 107 Net ID (21bits) Host Id (8bits) Some Net ID and Host ID are reserved The IP address exhaustion problem 32 bits of IP address give 4.02 Page 1. Furthermore.0.

0 108 Broadcast limited to the network Can be uesd only as a destination IP address.108 .255.0.255.1→ 255. 255 .245.245.1 IP Addressing Special IP @ : Limited broadcast on the network Destination IP@ 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 255 IP .02 Page 1. This broadcast does not go trough routers. A broadcast at IP level leads to a broadcast at the Ethernet level © Alcatel University 8AS 90200 1124 VH ZZA Ed. 255 data FCS A broadcast at the IP level involves a broadcast at Ethernet level IP src IP dest 172.5 IP protocol 5.0.255 MAC@dest ff: ff:ff: ff:ff: ff:ff: ff:ff: ff:ff MAC@src Type 01:00:2a:01:22:11 0800 MAC Network 172. 255 .

245.0.1→ 138.5.0.255 Network 138.1 Network 172.245. 0 0 0 0 0 1 0 1 5 .255.5. 1 1 1 1 1 1 1 1 255 Broadcast directed towards all hosts of this network data .1 IP Addressing Special IP @ : Directed broadcast to a network Destination 1 0 IP@ Example class B Net id (14bits) Host id (16bits) 1 0 0 0 1 0 1 0 138 . Most of network administrator configure their router to prevent this kind of directed broadcast because its an easy way for a hacker to perturb a network.5 IP protocol 5.0 109 This is called a directed broadcast address because it contains both a valid <network address> and a broadcast <host address>.0.0 .109 .02 Page 1. 1 1 1 1 1 1 1 1 255 IP src IP dest 172.0. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

0.0. _. © Alcatel University 8AS 90200 1124 VH ZZA Ed.1 IP @ :Z this address is not sent over the network IP @ : Y 110 Loopback: The class A network 127.110 .1 IP Addressing Special IP @ : (loopback) The IP @ : 127.0.0. Addresses from that network are assigned to interfaces that process data within the local system. These loopback interfaces do not access a physical network.0 is defined as the loopback network._ allows a communication between 2 applications Application 2 Application 1 IP protocol @IP:Z @IP:127.02 Page 1._.5 IP protocol 5.

111 .02 Page 1.0.0→ 255.0 can be used at the host start-up in order to get an IP @ from BOOTP or DHCP server.0 is used by a host which has no IP address.0.255.0.5 IP protocol 5. 111 Source IP@]= 0.0.255.255 IP dest DHCP: IP@ Request FCS MAC: 01:00:2a:01:22:11 4 MAC@dest ff: ff:ff: ff:ff: ff:ff: ff:ff: ff:ff MAC@src Type 01:00:2a:01:22:11 0800 5 @ pool DHCP Server (Server of IP@) •IP@=0. © Alcatel University 8AS 90200 1124 VH ZZA Ed.0.0.1 IP Addressing Special IP @ : unknown IP @ source 1 IP@= ? IP 3 MAC 2 IP src 0.

17.1 IP Addressing NetID 200.3 200.98.76.17.98.76.98.1 192.17.2 200.112 .98.1 200.98.100.3 Router interface has also an IP@ eth0 eth1 5 IP protocol 5.02 Page 1.100.253 Classe C network => maximum of 254 hosts 112 192.2 192.100.254 Hub 192.76.0 192.76.17.100.76.Each network has got an unique NetID 200.17.254 192.98.0 200.76 Hub 200.253 © Alcatel University 8AS 90200 1124 VH ZZA Ed.98.100.17.100.76.

0 IP @ : 10.6. They should neither externally advertise routes to private addresses nor forward IP datagrams containing private addresses to external routers. are expected to quietly discard all routing information regarding these addresses.0 •Address ranges reserved by ICANN •Can be used several times Private IP@ 113 Public IP@ A Public IP@ is an Internet IP@ assigned by ICANN (Internet Corporation for Assigned Names and Numbers) which is the organisation in charge of IP@ allocation on Internet. Any organization can use any address in these ranges.1.113 .22.Private addresses Public IP@ IP @ : 195. because these addresses are not globally unique.8 Private network 10.0.2.02 Page 1. Private IP@ ICANN reserved some ranges of IP@ which are not assigned to any Host connected to Internet.33 5 IP protocol 5.1 IP Addressing Public addresses .3 Internet •assigned by IANA •unique over the world •Cannot travel Internet IP @ : 10. Routers in networks not using private addresses.51.IP @ : 154.11.8 Private network 10.1 IP @ : 9. particularly those operated by Internet service providers. However.63.0.0.7. © Alcatel University 8AS 90200 1124 VH ZZA Ed.0. they are not defined to any external routers.7.6. Routers in an organization using private addresses are expected to limit all references to private addresses to internal links.

31. Typically these networks are administered by a single organization.0.255. Three ranges of addresses have been reserved for this purpose: • 10.16.31.0.private IP @ Private Net. 5 IP protocol 5.168.0: 16 contiguous Class B networks • 192.0 to 192.0.1 IP Addressing Private address ranges class A : 10.255.255 (16 classes) Private Networks class C: 192.255.0.0.02 Page 1.0 to 10.0.0: 256 contiguous Class C networks © Alcatel University 8AS 90200 1124 VH ZZA Ed.255.255.0 through 172.168.0.0.0: A single Class A network • 172.16.0 through 192.0 to 172.168.255 (256 classes) 114 Internet reserves part of the global address space for use in networks that do not require connectivity to the Internet.0.114 .168.255 (1 class) Private Networks public IP @ Internet class B : 172.

1 Private IP@ IP @ : 154.22.5 IP protocol 5.1 IP @ : 9.0 @IP: 154.33 Public IP@ IP @ : 195.1.51.02 Page 1.11.63.1 IP Addressing Other private addresses IP @ : 154. © Alcatel University 8AS 90200 1124 VH ZZA Ed.12.11.11. These type of addresses can be used inside a private network.3 Internet IP @ : 154.115 .22. They cannot travel Internet.0.2.33 IP@ not assigned by IANA Private network 154.11.63.13 115 Private IP@ Is also considered as “Private IP address” any IP address not assigned by ICANN.11.

3.10.1 IP Addressing Private IP networks and Internet connections 10.10.8 Intranet 1 194.12 NetID: 10.5 IP protocol 5.5.02 Page 1.8 data 1 IP@ : 10.12 Private IP addresses 116 A private IP@ cannot travel Internet.3.5.10.10.10. © Alcatel University 8AS 90200 1124 VH ZZA Ed.10.116 .0 Discard packet 2 Internet 194.

3 .21 Private IP@ 212.3.22.22. 6 .22 212.21 212. It knows the other party by only the public IP@. The IP packet contains a private IP@ as a source IP@ and cannot travel Internet 2 .4 .17.10.5.117 .5.4 IPsrc: 212. such as a router.12 IPdest : 10.3.10.5. to act as agent between the Internet (or "public network") and a local (or "private") network.17.10.17. 5 . 1 .5 IP protocol 5.12 IPdest:212.10.02 Page 1.4 IPdest: 194.5.3.10.22.1 Private Network 10.The Internet gateway router translates the source private IP@ into a public IP@ and forwards the packet to Internet.21 212. The private router connected to Internet must be configured with NAT function and one or several Public IP@.4 .A computer of the private network send an IP packet to a server connected to Internet.The IP packet can travel Internet because the IP addresses are valid.10.22.17.17.The NAT router operates the inverse translation before forwarding the packet to the private network.The Internet gateway router keeps in its memory the assaciation privateIP@ and public IP@.The server can answer.0 .2 1 IPsrc: 10.22.12 IPsrc: 194. Network Address Translation allows a single device. This means that only a single unique IP address is required to represent an entire group of computers to anything outside their network. © Alcatel University 8AS 90200 1124 VH ZZA Ed.3. 4 .21 IPdest: 194.12 4 6 5 117 Basically.22.1 IP Addressing NAT : Network Address Translation 2 10.3 .10.12 IPsrc: 194.3.17.10.23 Public IP@ 3 NAT Internet 194.5.

0 Virtual Private Network Private net.20.10.20.20.10.1 IP Addressing VPN: Virtual Private Network Private network Private net. To achieve that a tunnel has to be created between the private networks. This concept is called “Virtual Private Network”.0 IP@ : 10.10.5 IP protocol 5.10.4 Internet NetID: 10.10.0 118 A private network expended over several distant sites has to use very expensive leased lines.10. …).10. NetID: 10.10.118 .8 Tunneling Private net. © Alcatel University 8AS 90200 1124 VH ZZA Ed. the infrastructure of Internet can be used while keeping the advantages of a private network (security.4 Private net. IP@ : 10.20.10.10.10. To reduce the cost.10.0 Leased line IP@ : 10. NetID: 10.8 NetID: 10. IP@ : 10.02 Page 1.

10.the border router encapsulates in this packet the original IP packet as a data 4.10.1 2 Encapsulation 3 Internet 4 10.0 Intranet 1 NetID: 10.10.2 IP@ : 198.6.4 198. 2.10.10.2 De-encapsulation 5 10.10.3.2.10.8 data 10.7.4 198.6.2.20.4 NetID: 10.10.10.0 Intranet 2 6 IP@ : 194.119 . 6.8 10.10.the original IP packet using private IP addresses is sent to the border router.02 Page 1.6.the border router makes an IP packet using public IP addresses known by INET 3.10.20. it submits the destination IP address to its routing table.10.2.the Intranet 2 access router examines the received IP packet and because the destination is its own address.2 119 The solution consists of encapsulating the original IP packet into another IP packet.4 10.the original IP packet can travel the Intranet up to the destination.Internet can convey the IP packet towards the border router of the remote Intranet because it examine the header and not the data.10.10.20. This data being an IP packet.8 data 194.1 20.4 IP@ : 10.3.10. © Alcatel University 8AS 90200 1124 VH ZZA Ed. it extracts the data.8 data 1 IP@ : 10.1 IP Addressing VPN: Tunneling principle 10.7.5 IP protocol 5.8 194.1 data 10.10. 1.20.10.20.3.20.7. 5.10.

Middle East. protocol parameter assignment. South America.ripe. The network number portion of the IP address is administered by one of three Regional Internet Registries (RIR): • American Registry for Internet Numbers (ARIN): This registry is responsible for the administration and registration of Internet Protocol (IP) numbers for North America.1 IP Addressing IP address allocation Internet Corporation for Assigned Names and Numbers Internet Assigned Numbers Authority American Registry for Internet Numbers Asia Pacific Network Information Centre Réseaux IP Européens Network Coordination Centre www.org 5 IP protocol 5.icann. Domain Name System management ICANN replaces IANA which was an US organisation. • Asia Pacific Network Information Centre (APNIC): This registry is responsible for the administration and registration of Internet Protocol (IP) numbers within the Asia Pacific region. © Alcatel University 8AS 90200 1124 VH ZZA Ed. the Caribbean and subSaharan Africa.02 Page 1.iana. • Réseaux IP Européens (RIPE): This registry is responsible for the administration and registration of Internet Protocol (IP) numbers for Europe.www.net 120 ICANN: Responsible for : IP address assignment.org www.120 . parts of Africa.

121 .5 IP protocol 5.02 Page 1.1 IP Addressing Regional coverage ARIN RIPE NCC APNIC 121 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

255.0.0.254 •Private addresses of the class A : 10.0.0.0 to Net Id (7bits) 0 •With 24 bits for Host Id.122 .255. what is the maximum number of 16 777 216 combinations ? 0 .1 n.1 IP Addressing Exercise : IP class A Host Id (24bits) 2-Network number from : 1-Number of networks : •With 7 bits for Net Id.class A 0 5 IP protocol 5.255 •What are the reserved Host Id? 3-Number of hosts : 126.0 (1 class) Class A addresses: These addresses use 7 bits for the <network> and 24 bits for the <host> portion of the IP address.0.0 16 777 214 4-Host number from : to n.0. a total of over 2 billion addresses.0. 122 © Alcatel University 8AS 90200 1124 VH ZZA Ed.0.02 Page 1.255.255. This allows for 2 7 -2 (126) networks each with 2 24 -2 (16777214) hosts. what is the maximum number of 128 combinaisons ? 127 (loopback) •What are the reserved Net Id? 126 1.

5 IP protocol 5. Class E addresses: These addresses are reserved for future use.1 IP Addressing IP addresses of the class D and E class D 1 1 1 0 Multicast group id (28bits) Group Id from 224. © Alcatel University 8AS 90200 1124 VH ZZA Ed.255 123 Class D addresses: These addresses are reserved for multicasting (a sort of broadcasting.0 to 239.255.255.0. and only to hosts using the same class D address).02 Page 1.123 .0 to 247. but in a limited area.0.255.255 class E 1 1 1 1 0 Reserved for future use (27bits) de 240.255.0.0.

There are multicasting applications that a only sporadically and whose logical grouping changes with each inv good example would be a network video conferencing application.0a MACM=01.6f. nor do use a single multicast address for all possible conferences. We would like to be able to use multicast techniques to distribute voice and video among a group of conference members (all of whom are running the cooperating conference application).0a . but the particular multicast address used for conference would be dynamically assigned at the time the application is invoked. The pool range would likely be assigned by the design conference application.The RIPv2 uses a MAC multicast address : 01-00-5E-00-00-09 . 66.0.d6.9 00:46:a5:e7:02:3c Routing table data FCS MAC@dest 01:00:5e: 00:00:09 MAC@src Type 0800 MACU= 00.02 Page 1.46 .09 5e.02.e7.254→ 224.32. Of course.0.a5.The Open Shortest-Path-First routing protocol (OSPF) uses a MAC multicast address (01-00-5E.b7. 5e.92.00 .39. One solution is conference server.1D standard.a2.02. create the conference. Some well-known examples include: .5e. 00.09 MACU= 00.c8 MACM=01. In the case of the Spanning Tree Protocol done through the publication of the IEEE 802.b7.ee.00. When the conference is over. © Alcatel University 8AS 90200 1124 VH ZZA Ed.35 . Thus.254 MACU= 00.0.18.1 IP Addressing Multicast in IP protocol and MAC protocol RIP2 (Routing Protocol) IP MAC IP src IP dest 172.00. It is also possible to have a multicast address assigned dynamically at the time an application is invoked.00.30.0b.a6.00.01 MACU= 00.27. not on a physical basis. If an application needs the ability to communicate with a group of devices running an identical ( or cooperating) application. the address can go back into the pool.00.cb.32.0.5e. upon request from the conference application. connect all of the parties.39.09 MACU= 00. and assign a unique multicast address for this particular conference from a pool of addresses available to the conference application.53.124 . There is no easy way to pre-ordain the multicast be used by any arbitrary group of conference attendees. it can assign a multicast address for that purpose.09 RIP2 RIP2 124 How Multicast addresses are assigned Multicast addresses are assigned by higher-layer protocols or applications.01 00.08 MACM=01.245.08 MACU= 00. but the parties involved will surely change from conference-to-conference.cb .30. which can.245.00-0005 and 01-00-5E-00-00-06 ). multicast groups define a logical grouping of devices on an application basis.ee .00.3c IP@=172 .a6.5 IP protocol 5. if the designer wants the application to interoperate with implementations built by others.55.00.d6. 00.00. then any such address selection must be made public knowledge.

6 OSPFIGP OSPFIGP Designated Routers 224.0. .10 IGRP Router 224.1. a multicast at the IP level leads to a multicast at the Ethernet level.1.0.5 OSPFIGP OSPFIGP All Routers 224.0.0.8 ST Hosts 224.02 Page 1.125 .0.0.1 IP Addressing Multicast : impact on frame level Address translation IP Multicast address 224 to 239.1.14 IETF-2-AUDIO 224.0.15 IETF-2-VIDEO 224.11 IETF-1-AUDIO 224.0.12 IETF-1-VIDEO 224.0.0.1.12-224.1.0.7 ST Routers 224.0. 1110xxxx xyyyyyyyyyyyyyyyyyyyyyyy class D Group address 00000001 00000000 010111100 yyyyyyyyyyyyyyyyyyyyyyy Multicast MAC address 01 - 00 - 5E - - - 125 Multicast : Like broadcast at IP level leads to a broadcast at the Ethernet level.0.0.0. .0.0.5 IP protocol 5.0.0.1.16 MUSIC-SERVICE © Alcatel University 8AS 90200 1124 VH ZZA Ed.9 RIP2 Routers 224.0.0. This is achieved by a copy of 23 less significant bits of the IP multicast address into the 23 bits of the MAC address.11 Mobile-Agents 224.13 IETF-2-LOW-AUDIO 224.10 IETF-1-LOW-AUDIO 224.1.0.0.255 Unassigned 224.0. The most significant bits taking the hexadecimal value 01:00:5E Some IP multicast @ : 224.0.

.18 195.5 IP protocol 5. 126 © Alcatel University 8AS 90200 1124 VH ZZA Ed. .134 145.3 class _ B _ _ _ _ Net Id 131.10 159. .32.10. .90.Exercise ( 1) Fill in this table : @IP 131.6.02 Page 1. .78. . .0 . .83. .126 .185. . .0.1 IP Addressing Classes and Net ID .108 . .2. . .219 125.108.173.

5. 2 within local net ? No 5 IP protocol 5.0. first it must transmit the IP packet to a router. 9.1 dest.254 MAC@: 908070 8 5 4 MAC@:405060 IP@:1. the terms gateway and router are used interchangeably. any host should know the IP@ of a router on its network (default gateway). © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 Yes IP dest.0.127 .0. 4.2 127 The transmission of an IP packet to a host located in another network cannot only use the ARP procedure because the ARP request is a broadcast frame which does not go through any router.It carries out an ARP procedure 7.@IPsrc: 1.0.0.If the destination IP@ is out.1 1 @IPdest : 2.0.Then.2 Default gateway =@IP: 1. Normally.1 MAC@: 102030 ARP Request IP @ : 1.0. 6. That is the role of the sender to determine if the destination IP@ is in or out of the local network.0.2 405060 ?????? 7 3 1. 0.0.0.0.0.254 Default gateway: Data FCS MAC@ MAC@ Type @IPsrc: 1. the router will consult its routing table to know on which outgoing interface it has to forward this IP packet and what is the next router leading to the destination. it is capable of transmitting the IP packet encapsulated into an Ethernet frame leading to the router. 8.0. If the destination IP@ is out of the sender network. The only way to reach the destination is via one or more IP gateways.To update its ARP cache memory.02 Page 1.0.0.0. src.254 Other network 9 Router ARP cache IP @ MAC @ 1. The process (3-8) is carried out between this router and the next one and so on up to the final destination.If the host does not know the MAC@ corresponding to the IP@ of the router. the sender has to forward the IP packet to a router. It knows the IP@ of at least one router (configuration parameter of the host).0. 2.254 908070 IP@: 1.0.A packet has to be transmitted to a host out of the local network.0. 3.1 IP Addressing Default gateway (1) IP level IP@ : 2. (Note that in TCP/IP terminology.2 6 ARP Response MAC@ : 908070 IP@:1.0.Now.0.0.0. 1. 0800 908070 102030 (IP) @IPdest : 2.

1 IP Addressing PC-NT configuration 6 4 7 8 2 3 1 C:\ ipconfig /all 9 128 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.128 .5 5 IP protocol 5.

4. This is called direct delivery and is referred to as direct routing.26. IP datagrams can be directly exchanged.5.2 908070 128.15. Type Data @IPsrc: 128.5 2 Host IP@: 128.5.1 IP Addressing ‘is destination IP@ “in” or “out” of the LAN ? ’ (1) Default gateway :128. the destination IP@ is located on the same network than the transmitter.2 IP @ MAC@ 128. How to determine if a destination IP@ is in or out the local network? The transmitter compares the NetID of its IP@ with the NetID of the destination IP@.1 7 MAC@ dest. In this picture.15.5.26.2 C S IP@: 128.5.2 MAC@:102030 IP@ :128.5 129 If the destination host is attached to the same physical network as the source host.26.1 1 Host configuration IP@ dest: 128.1 F @Ipdest: 128.5 405060 4 class B 3 Same = network 5 ARP cache 6 MAC @:908070 MAC@ src.15.26.5.5 IP protocol 5.4.5. 0800 908070 102030 (IP) Internet MAC@: 405060 IP@: 128.129 .5.02 Page 1.5. The transmitter can know the border between NetID and HostID by examining the IP@ class of its own address.4. This is done by encapsulating the IP datagram in the physical network frame.5.5. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

(Note that in TCP/IP terminology.5 130 Indirect routing occurs when the destination host is not connected to a network directly attached to the source host. The only way to reach the destination is via one or more IP gateways.6. 0800 F C S MAC@:405060 IP@: 128.4. when a host sends an IP datagram to another host on a network connected by a router.15.6.02 Page 1.5. Routers are able to select the best transmission paths and optimal packet sizes.6. The basic routing function is implemented in the IP protocol of the TCP/IP protocol stack." The term gateway isnow normally used for connections at a higher layer than the internetwork layer." is often used." "Internet gateway. ther.6 IP @ MAC@ 128. So.5. in theory and also with most of today's TCP/IP implementations." and "gateway.1 8 405060 102030 (IP) Internet MAC@ dest. Router Interconnects networks at the internetwork layer level and routes packets between them. © Alcatel University 8AS 90200 1124 VH ZZA Ed.130 .1 ≠ 5 1 Host configuration 6 IP@ dest: 128.4. That is. to forward packets.2 908070 128. A router is said to be visible to IP.5 405060 4 class B 3 Other network ARP cache 7 MAC@ src. dedicated routers provide much more sophisticated routing than the minimum functions implemented by IP.15. the IP packet will be sent towards the default gateway.5 2 Host IP@: 128. This describes a system that performs the duties of a router.26. or how.2 MAC@:102030 IP@ :128.6 MAC @:908070 IP@: 128.) In this picture. the term "IP router.26. the terms gateway and router are used interchangeably. The router must understand the addressing structure associated with the networking protocols it supports and take decisions on whether. the destination IP@ is located out of the transmitter network. Because IP provides this basic routing function.5 IP protocol 5.1 @Ipdest: 128.5. However.5.5.5.15.6. forward IP datagrams.5.1 IP Addressing ‘is destination IP@ “in” or “out” of the LAN ? ’ (2) Default gateway :128.5. so any host or workhost running TCP/IP over more than one interface could. Type Data @IPsrc: 128. it sends the datagram to the router so that it can forward it to the target host. older terms for router are "IP gateway.4.

8. The entire network still appears as one IP network to the outside world.4.0 128.8.4.3 128.1 128.8.4.8.02 Page 1.5. To avoid having to request additional IP network addresses.8.5.4 131 Subnetting: Due to the explosive growth of the Internet.5. the concept of IP subnetting was introduced in 1984. • Growing distances require splitting a network into smaller networks.5. The host number part of the IP address is subdivided into a second network number and a host number. This second network is termed a subnetwork or subnet.4.4.5 Internet 128.5.5 IP protocol 5.5.0.5. Those changes might occur when: • A new type of physical network is installed at a location.5. The assignment of subnets is done locally.0 128.0 Network 128.1 IP Addressing Sub-network 128.5.2 128.5.2 128.1 S/Net 128.5 128. with gateways between them. • Growth of the number of hosts requires splitting the local network into two or more separate networks. © Alcatel University 8AS 90200 1124 VH ZZA Ed.8.4.5. The main network now consists of a number of subnets.5.131 .4 128.3 S/Net 128.5. the principle of assigned IP addresses became too inflexible to allow easy changes to local network configurations.

0.0 1 0 0 0 0 0 0 0 Net Id . Divided into sub-networks 128 0 0 0 0 0 1 0 1 5 0 0 0 0 0 0 0 Host Id (16bits) 0 .5 IP protocol 5.5. 5 254 sub-nets 8 bits Sub-Net Id of 254 hosts each 8 bits Host Id Example of Host IP address 1 0 0 0 0 0 0 0 128 . © Alcatel University 8AS 90200 1124 VH ZZA Ed. 0 0 0 0 0 1 0 1 5 0 0 0 0 0 1 0 0 4 . Any bits in the local portion can be used to form the subnet The subnets all bits 0 and all bits A are not valid.132 .02 Page 1. 0 0 0 0 0 0 0 0 128 Net Id (14bits) .1 IP Addressing Sub-net addressing example Net ID (class B) : 128. 0 0 0 0 0 1 0 1 5 Net ID Host ID 132 The division of the local part of the IP address into a subnet number and host number is chosen by the local administrator.

5.5.4.4 102030 (ARP) MAC@ : ?????? F C S IP@: 128.8.5. 0806 IPdest : 128. it carries out an ARP procedure 5.1 How a host can know the border between NetID and HostID? 1.0 IP@: 128.The ARP request will stay without any response because it is not forwarded to the other network (a broadcast does not go through a router.This host believes the remote Host is in the same network 4 IP @ MAC@ 128.5 708090 128. 6 ARP cache = Default gateway :128.4.5.8.5.5 Mac@: 708090 304050 128.5.4.It consults its ARP cache memory 4.02 Page 1. if the host take in account only the address class to know whether the destination is in or out its network.1 IP Addressing Sub-net addressing : class problem 2 IP@ dest: 128.1 304050 ? 5 128.5.4.5.thus.8.5.4 3 class B An ARP request does not go through router fff.1 Sub-net 128.0 Sub-net 128..4.5.133 .8.3 Mac@:102030 MAC@ Type ARP Request src.1 Host IP@: 128. © Alcatel University 8AS 90200 1124 VH ZZA Ed. it believes that the host destination is in its local network 3.5.5.5.4.For a destination IP@.8.3 1 PC configuration 5 IP protocol 5.fff Mac@: IP@: IP@:128. 2.4 7 MAC@ dest.4 Mac@: aabbcc 133 IP@: 128.because the cache memory does not know the MAC@ corresponding the destination IP@.5.8.4.4.

1 IP @ : 128.3 1 @IPdest : 128.3 MAC@ : 102030 Mac@: 304050 IP@: 128.5.4.4 Other network IP level Routeur IP@ : 128.5 134 The border between HostID and NetID being now variable a new concept has been addedto the IP@: “NETMASK” © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol 5.5.8.5. 2 within local net ? No Default gateway =@IP: 128.5.1 IP Addressing The Subnet Mask The “Subnet Mask” indicates the length of the network address part @IPsrc: 128.134 .4.4.5.02 Page 1.4.5.1 MAC@:708090 IP@:128.8.4 Yes IP dest.4.5.

5 IP protocol 5. it is normal to use a contiguous block of bits at the beginning of the local address part for the subnet number. 16 252 . 5 .1 IP Addressing Netmask operation IP@src : 138 . Bits with a value of one indicate positions ascribed to the subnet number. Therefore. 37 1 0 0 0 1 0 1 0 0 0 0 0 0 1 0 1 0 0 0 1 0 0 1 1 0 0 1 0 0 1 0 1 24 23 22 21 20 Net Id : Mask : 138 255 .135 . 5 0 0 0 0 0 1 0 1 1 0 0 0 1 0 1 0 0 0 0 0 0 1 0 1 0 0 0 1 0 0 0 1 IP@dest : 138 . Any bits in the local portion can be used to form the subnet. The division of the local part of the IP address into a subnet number and host number is chosen by the local administrator. When assigning the subnet part of the local address. the objective is to assign a number of bits to the subnet number and the remainder to the local address. in addition to the IP@. 17 . © Alcatel University 8AS 90200 1124 VH ZZA Ed. The division is done using a 32-bit subnet mask. .02 Page 1. 19 . 5 255 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 Now. 5 . . 0 0 135 . a Net mask is provided to any host This mask will be applied on both source IP@ and destination IP@ in order to compare the NETID of these 2 addresses and determine if they are located on the same network. Bits with a value of zero bits in the subnet mask indicate positions ascribed to the host number.

02 Page 1.1 IP Addressing IP @ notation and netmask IP @ : 138 Netmask : 255 “Dotted decimal “notation 5 255 19 252 37 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 “prefix” notation @ IP : 138 5 19 37 22 136 © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol 5.136 .

02 Page 1. 0800 IPdest : 128.137 .1 304050 ARP cache Default gateway :128.8. © Alcatel University 8AS 90200 1124 VH ZZA Ed. the sender can know where is the border between NetID and HostID. the cache memory already knows the MAC@ of the router (otherwise it should achieve an ARP procedure) 4.5 Mac@: 708090 304050 128.3 1 Subnet Mask: 255.5.5.5.4 Mac@: aabbcc 137 IP@: 128.5 708090 128.1 IP Addressing Router searching 4 ≠ 304050 Mac@: IP@: MAC@ dest.5.4.0 2 IP@ dest: 128.5.4.5. 8 .8.4 3 PC configuration 5 IP protocol 5.5.5.1 IP@ in or out the sub-network : 1. 4 .5.4.5.1 Host IP@: 128.4.8.4 102030 (IP) IPsrc : 128.5 IP @ MAC@ 128.255. 2.5.8. .0 IP@: 128.Thanks to netmask. 6 IP@:128. 5 . 5 .4. it uses the default gateway parameter to get the next hop 3.4.255.4.0 Sub-net 128.1 Sub-net 128.in this example.3 F C S IP@: 128.3 Mac@:102030 MAC@ Type IP Packet src.4.5.Because the sender determined that the destination IP@ is out of the local network.The IP packet is encapsulated in an Ethernet frame pointing to the MAC@ of the router which is the next hop.

138 .the Subnet Mask expressed in dotted decimal 2. bits for sub-net 3 .185. 138 © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol 5.Exercise ( 2) Attempt to find out: 1. . Subnet Mask .02 Page 1.the Net ID expressed in dotted decimal @IP 145. .18 .1 IP Addressing Subnet Mask and Net ID . Net Id .78.

255 . 1 0 1 1 1 0 0 1 185 . (128 + 32) 160 . 78 .02 Page 1.@ IP : 1 0 0 1 0 0 0 1 145 . 0 0 0 1 0 0 1 0 18 Net ID : 1 0 0 1 0 0 0 1 0 1 0 0 1 1 1 0 1 0 1 1 1 0 0 1 145 . 0 1 0 0 1 1 1 0 78 5 IP protocol 5. 0 0 0 1 0 0 1 0 0 Subnet Mask : class B network Sub-net 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 255 .139 . 0 139 © Alcatel University 8AS 90200 1124 VH ZZA Ed.1 IP Addressing Exercise (2) solving demonstration . 224 .

90. . .255. . .219 Sub-net Mask 255.6. .02 Page 1. .32. .5 IP protocol 5. .Exercise (3) Fill in this table : @IP 159. .10 195. . .255.173.140 . .128 255.34 131.90.134 159.255. . .108.1 IP Addressing Subnet Mask and Net ID .255.173. . .128 .2. bits for sub-net _ _ 8 5 Net Id . 140 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

0 Sub-net Broadcast After at least 5 minutes.5 IP protocol 5.78. see next for the demonstration→ 141 © Alcatel University 8AS 90200 1124 VH ZZA Ed.Exercise (4) Internet 145.1 IP Addressing Net broadcast and Subnet broadcast Mask .255.160.02 Page 1.0/19 S/Net 145.78.78.18 S/Net 145.192. 185.0/16 Attempt to fill in : Network Broadcast Net mask 255.0/19 Network 145.224.78.0.141 .

1 IP Addressing Exercise (4) solving demonstration . 1 0 1 1 1 11 01 01 11 Host Id 191 .02 Page 1.@ IPsrc : Network directed broadcast : Sub-net directed broadcast : Sub-net Mask : 1 0 0 1 0 0 0 1 145 . 255 . 0 0 0 1 0 0 1 0 18 Class B 1 0 0 1 0 0 0 1 145 . 0 1 0 0 1 1 1 0 78 . 0 1 0 0 1 1 1 0 78 5 IP protocol 5. 11 01 1 11 1 1 0 1 0 1 1 0 10 1 11 0 0 1 1 0 1 11 1 10 Host Id 255 . 0 1 0 0 1 1 1 0 78 . 255 1 0 0 1 0 0 0 1 Net Id 145 .142 . 0 142 © Alcatel University 8AS 90200 1124 VH ZZA Ed. 1 0 1 1 1 0 0 1 185 . 0 11 01 1 0 1 01 1 10 10 1 255 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 255 . 224 .

. . . .255.143 .219 Network Broadcast . .128 255. . . . .134 159.34 131.173.255. . .248 Sub-net Broadcast . .5 IP protocol 5.255.255. . .173. Net mask 255.10 195.255.255.108.2. . . .90.Exercise (5) Fill in this table : @IP 159.128 255.6.32. . .0 255.02 Page 1. . . 143 © Alcatel University 8AS 90200 1124 VH ZZA Ed.90.255.1 IP Addressing Net broadcast and Subnet broadcast Mask . .255.

.5 IP protocol 5.32. 3. theoretically. what is the max number of hosts ? ….How many bits remain for HostID? ….1 IP Addressing Static subnetting .0/24 1-Host Id being on 8 bits. Static subnetting Static subnetting implies that all subnets obtained from the same network use the same subnet mask. While this is simple to implement and easy to maintain.What will be the maximum number of hosts /Subnet ? ….02 Page 1.Exercise 7 Answer the questions : 164. Department a 50 hosts Department b 50 hosts Department c 50 hosts Department d 50 hosts 144 © Alcatel University 8AS 90200 1124 VH ZZA Ed.Four subnets have to be created. 4.. 2.144 .213. How many bits are required for Subnet ID?…. it may waste address space in small networks.

.Fill in this diagram NetID Netmask ? NetID 1 ? NetID 2 ? NetID 3 ? NetID 4 ? 164 ___ ___ ___ ___ ___ . .Exercise 7 (continued) 5. . . . . . . . . . .02 Page 1.1 IP Addressing Static subnetting . 32 ___ ___ ___ ___ ___ . . . 145 © Alcatel University 8AS 90200 1124 VH ZZA Ed. .5 IP protocol 5. . . . . . . . . 213 ___ ___ ___ ___ ___ NetID 1 : NetID 2 : NetID 3 : NetID 4 : . . .145 . ___ ___ ___ ___ ___ . .

com/software/utilities_for_windows_32_bit.htm Freeware : 3CIPCalc Enter an IP address 5 IP protocol 5. •number of subnets or. •subnet mask or. •hosts per subnets.3com.02 Page 1.1 IP Addressing IP calculator Example Select some parameters •Bits in mask or.146 . 146 © Alcatel University 8AS 90200 1124 VH ZZA Ed.http://support.

147 .What will be the maximum __ number of hosts /Subnet ? …. theoretically.02 Page 1. While this is simple to implement and easy to maintain. 164. 3 2.Host Id being on 8 bits.213. Answer the questions: 1.Static Static subnetting 5 IP protocol 5. 210 hosts will be connected. How many bits are _ required for Subnet ID?…. the max number of hosts is 254. 3..32.1 IP Addressing Limits of static subnetting Department a 50 hosts Department b 50 hosts Department c 50 hosts Department d 30 hosts Department e 30 hosts 147 Static subnetting implies that all subnets obtained from the same network use the same subnet mask.0/24 In this network.How many bits remain for _ 5 HostID? ….Five subnets have to be created.30 ______________ Subnetting 4. In this example : either 4 subnets with a maximum of 62 hosts or 8 subnets with a maximum of 30 hosts © Alcatel University 8AS 90200 1124 VH ZZA Ed. it may waste address space in small networks.What is the problem ? ….

The ability to assign subnet masks according to the needs of the individual subnets helps conserve network addresses. 213 255 . 1 1 1 1 1 1 1 1 1 1 0 1 0 1 0 1 213 255 1 1 1 1 1 1 1 1 . Mask 1 1 1 1 1 1 1 1 1 1 0 1 0 1 0 1 213 . A subnet with many hosts requires a different subnet mask.5 IP protocol 5. 128 192 . Mask 1 1 1 1 1 1 1 1 255 1 0 1 0 0 1 0 0 164 . 192 224 192 30 hosts 30 hosts Mask 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 255 255 0 0 1 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 255 224 148 164 . Mask 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 255 0 0 1 0 0 0 0 0 1 1 0 1 1 1 1 1 11 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 164 .1 IP Addressing VLSM : Variable Length Subnet Mask 1 0 1 0 0 1 0 0 255 164 . allocated subnets within the same network can use different subnet masks. 1 1 1 1 1 1 1 1 0 0 1 0 0 0 0 0 32 . 213 255 1 1 1 1 1 1 1 1 0 0 1 0 0 0 0 0 32 255 0 1 1 1 0 0 0 0 0 0 1 0 1 1 0 0 0 0 0 0 64 192 62 hosts 62 hosts . 1 1 1 1 1 1 1 1 0 0 1 0 0 0 0 0 32 255 0 0 1 1 0 0 0 0 0 0 0 62 hosts . A small subnet with only a few hosts can use a mask that accommodates this need. 224 VLSM When variable length subnetting is used. SubnetID Mask 1 0 1 0 0 1 0 0 255 164 . © Alcatel University 8AS 90200 1124 VH ZZA Ed. 1 1 1 1 1 1 1 1 1 1 0 1 0 1 0 1 213 255 1 1 1 1 1 1 1 1 . Variable length subnetting divides the network so that each subnet contains sufficient addresses to support the required number of hosts. 32 255 .148 .02 Page 1. 32 255 .

149 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.1 IP Addressing Serial link and sub-network Question : How many network are there ? RNIS.5 IP protocol 5. Frame Relay One serial link = one subnetwork 149 A serial link is considered as a network having only 2 hosts connected to.

1.192.1 IP Addressing Serial link : one IP@ to each end 192.1.0 252 unusable IP addresses 150 If a complete class C is assigned to a network made of a serial link.1.0/24 1SDN 192.192.192.192.200.0/24 An IP address to each end of the serial link Two IP addresses used in the class C sub-net 192.192.02 Page 1.1. many host IP@ will be wasted © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol 5.150 .0/24 R1 192.100.2 R2 192.1 192.192.

1.1.R1 192.192. 1 .0/30 ISDN 5 IP protocol 5.1 IP Addressing Serial link and sub-net mask R2 This network needs 2 IP@ Question : How many bits for Host Id are requested to get 2 IP@ ? NetID HostID are invalid 192.192.1.1 192.192. 192 . 1 192 . 1 .2 1 bit for Host Id seems correct but. 255 255 255 HostID =0 HostID =1 252 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 1 1 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 151 192 . © Alcatel University 8AS 90200 1124 VH ZZA Ed. 192 Net ID .151 .02 Page 1. 2 The best way is to assigned a 30 bits netmask.

152 .Objective: to be able to describe IP addressing modes. handle the subnet masks 5 IP protocol 5.1 IP Addressing Evaluation Thank you for answering the self-assessment of the objectives sheet 152 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

02 1.2 IP routing 5.5 IP protocol 5.1 IP addressing 5.8AS 90200 1124 VT ZZA Ed.153 .02 Page 1.153 © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 IP header © Alcatel University .

0 192.92.76.0.0.0 204.0 204. © Alcatel University 8AS 90200 1124 VH ZZA Ed. This provides the basic mechanism for routers to interconnect different physical networks.0.0 Network 255.201.76.92.0 .255.2 IP routing Routing table : principle 204.0 204.76. The router only has information about various kinds of destinations: • networks that are directly attached to one of the physical networks to which the router is attached.92.75.255.92.1 204.0(default) .0 204.255.1 192.0 192.168.76.1 204.2 e1 R2 R1 e0 .255.154 .77.1 e1 e0 e1 If 154 An important function of the IP protocol is IP routing.2 e0 .0.92. • Hosts or networks for which the router has been given explicit definitions.02 Page 1.5 IP protocol 5.168.201.92.75.201.77.0 e1 e2 .168.0 255.0 0.92.0 Mask Next hop 204.92.0 0.

92.0/24 204.255.77.92.75.255.0 255.76.0.0 0.2 e1 R2 R1 e0 .76.2 IP routing Routing table .0/24 .5 IP protocol 5.0.0/24 e1 e2 .168.1 e1 e0 e1 If Next hop If 155 © Alcatel University 8AS 90200 1124 VH ZZA Ed.92.0/24 192.76.02 Page 1.255.0 192.1 192.92.92.2 e0 .76.201.168.0 Mask Next hop 204.0/24 Network Fill-in this table Network Mask 255.75.0/24 204.168.92.1 204.77.1 204.155 .0.0(default) .255.Exercise 8 204.0/24 204.92.201.92.0/24 204.0 0.201.0.

92.1 204.201.0 0.76.1 e1 e0 e1 If Network Mask Next hop If e0 e1 e2 e0 156 © Alcatel University 8AS 90200 1124 VH ZZA Ed.0 204.0.75.0/24 .0 255.92.92.1 192.0/24 e1 e2 .92.92.0.0 Mask Next hop 204.0/24 204.92.77.76.0 255.0 204.201.255.92.0.2 e0 .5 IP protocol 5.0/24 204.255.0 204.76.75.255.2 e1 R2 R1 e0 .0 204.168.92.2 255.02 Page 1.255.255.0 255.0/24 204.92.255.255.201.1 204.75.77.0 192.Exercise 8 (answer) 204.168.255.255.0/24 192.77.156 .0/24 204.201.76.76.0 192.0 0.255.92.92.0(default) .168.255.92.0.76.2 IP routing Routing table .255.0/24 Network Answer 255.168.0 255.

0.76.1 204.0 e1 e2 .255.92.02 Page 1.Default route What will be the path of this IP packet ? 204.1 e1 e0 e1 If e0 e1 e2 e0 Note : Avoid loops with default routes ! 157 © Alcatel University 8AS 90200 1124 VH ZZA Ed.75.0 Mask Next hop 204.8.92.2 IP routing Routing table .0 192.0 .2 Mask Next hop If 204.0(default) Network 255.92.0.76.201.3 @IPdest : 128.255.76.0.0 .0(default) Network 255.76.255.255.92.255.3 1 204.92.1 4 2 .77.255.2 e0 .2 3 e1 e0 .@IPsrc: 204.77.76.77.75.75.0 0.0 204.92.0 204.0 255.0 192.0 204.0.0 R2 R1 204.201.0 0.92.5.0 0.92.255.92.76.92.0 255.255.201.168.0 204.0.92.0 255.1 192.0.255.255.0.0.157 .0 204.168.92.0 204.4 5 IP protocol 5.168.92.75.0 0.

92.0 255.255.5 IP protocol 5.201.1 Network Mask Next hop e1 e0 e1 e2 e1 e2 If metric 0 0 1 0 1 1 158 The metrics provide indication about cost of a route to a destination.92.77.201.02 Page 1.76.255.0 204.0 204.2 IP routing Routing table : the metric 204.255.92.1 e1 e2 R1 e0 .0 .0 204.92.1 Secondary route Primary route 255.168.0 204.0 255.0 .92.92.. the delay.255.255.1 204..0 204.0 192.77.75.76.76.1 204.0 .92.0 204.0 255.2 R2 e1 .0 255. the bandwidth.255.255.92.1 204.92.92.0 255.75. Metrics are based on : the number of hops.0 204.255.158 .255.255.92.77.255.75. .168.2 e2 e0 .77. © Alcatel University 8AS 90200 1124 VH ZZA Ed.2 192.255.76.

These functions must be provided at a higher level. © Alcatel University 8AS 90200 1124 VH ZZA Ed. Router Interconnects networks at the internetwork layer level and routes packets between them. Multiple applications can be supported simultaneously.Application Transport Host IP@a 5 IP protocol 5. also called the link layer or the data-link layer.159 . An application is a user process cooperating with another process usually on a different host Transport layer The transport layer provides the end-to-end data transfer by delivering data from an application to its remote peer. flow control.2 IP routing IP packet transfer synthesis IP@b IP Network IP@ sa→db Phys@ 2 Phys@ Phys@ 8 6 Phys@ s8→d7 IP@ sa→db Phys@ 7 Application Host Transport Network IP@ sa→db Link Phys@ s4→d15 Network IP@ sa→db Link Phys@ s1→d2 Phys@: 1 Phys@ s1→d2 Phys@ 3 Phys@ Phys@: 15 4 Phys@ s4→d15 Phys@ 34 Host Phys @ 9 Phys @ 12 Host 159 Application layer The application layer is provided by the program that uses TCP/IP for communication. Network interface layer The network interface layer.02 Page 1. is the interface to the actual network hardware. It is a connectionless protocol that doesn't assume reliability from lower layers. IP does not provide reliability. Internetwork layer Internet Protocol (IP) is the most important protocol in this layer. or error recovery.

3 IP header © Alcatel University .160 .5 IP protocol 5.8AS 90200 1124 VT ZZA Ed.2 IP routing 5.02 Page 1.1 IP addressing 5.02 1.160 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

All IP hosts must support 576 bytes datagrams without fragmentation.5 IP protocol 5. It consists of an IP header and data relevant to higher level protocols.02 Page 1.161 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.535 bytes. The size of the IP header is between 20 bytes 60 bytes.3 IP header IP datagramme format byte byte byte byte Version Header length Flag Datagram offset Identification TTL Protocol Checksum Type Of Service Datagram length Source IP address Destination IP address Options Data 161 The unit of transfer in an IP network is called an IP datagram. The maximum length of an IP datagram is 65.

6 is the version for IPv6 © Alcatel University 8AS 90200 1124 VH ZZA Ed. 5 is an experimental version.5 IP protocol 5.02 Page 1.162 .3 IP header Version byte byte byte byte 4 = IPv4 6 = IPv6 Version Header length TTL Identification Type Of Service Protocol Checksum Source IP address Destination IP address Options Data Flag Datagram length Datagram Offset 162 Version The field contains the IP protocol version. The current version is 4.

Value between 5 and 15 © Alcatel University 8AS 90200 1124 VH ZZA Ed.163 . This does not include the data field.02 Page 1.5 IP protocol 5.3 IP header Header length byte byte byte byte Version Header length Flag Identification TTL Protocol Type Of Service Datagram length Datagram Offset Source IP address Destination IP address Options Data Checksum •The unit is the word of 4 bytes 163 Header length The length of the IP header counted in word (=32-bit quantities).

535 bytes.02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol 5.3 IP header Packet length Version Header length Type Of Service TTL Identification Protocol Checksum Source IP address Destination IP address Options Data Flag Datagram length Datagram Offset •The unit is the byte •Maximum value = 65535 164 Total Length The total length of the datagram. header and data.164 . Expressed in bytes The maximum length of an IP datagram is 65.

165 . the network to be used for the next hop.3 IP header Type of Service •Informs crossed networks about the desired Quality of Service byte byte byte byte Version Identification TTL Protocol Header length Type Of Service Flag Datagram length Datagram Offset Source IP address Destination IP address Options 4 Delay 3 Checksum Bits 0 Precedence RFC 791 1 2 Through Reliability -put RFC 1349 5 Cost 6 0 7 DSCP (RFC 2474) 165 Service Type: The service type is an indication of the quality of service requested for this IP datagram The Type of Service is used to indicate the quality of the service desired.5 IP protocol 5. This type of service indication is to be used by gateways to select the actual transmission parameters for a particular network. © Alcatel University 8AS 90200 1124 VH ZZA Ed. or the next gateway when routing an internet datagram.02 Page 1. The type of service is an abstract or generalized set of parameters which characterize the service choices provided in the networks that make up the internet.

166 .02 Page 1.3 IP header ToS : Precedence (rfc791) Precedence 1 Bits 0 2 3 4 5 6 7 Indicates the priority of the datagram: 000 : Routine 001 : Priority 010 : Immediate 011 : Flash 100 : Flash override 101 : not used 110 : Inter-network control 111 : Network control 166 Precedence: is intended to denote the importance or priority of the datagram.5 IP protocol 5. This field specifies the nature and priority of the datagram: • 000: Routine • 001: Priority • 010: Immediate • 011: Flash • 100: Flash override • 101: Critical • 110: Internetwork control • 111: Network control © Alcatel University 8AS 90200 1124 VH ZZA Ed.

167 .5 IP protocol 5.02 Page 1.3 IP header ToS : Precedence management Router Prec 4 Prec 3 Prec 2 Prec 1 Prec 0 Congestion IP network 167 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

5 IP protocol 5.3 IP header ToS : (rfc1349)

Bits

0

1

2

Delay 3

Through put

Reliability

4

5

Cost 6

0

7

0= normal 1= low

0= normal 1= high

0= normal 1= low 0= normal 1= high

168
- TOS: Specifies the type of service value: • 1000: Minimize delay • 0100: Maximize throughput • 0010: Maximize reliability • 0001: Minimize monetary cost • 0000: Normal service

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.168

5 IP protocol 5.3 IP header ToS : rfc1349 suggested values Application
Telnet/Rlogin FTP control data TFTP SMTP control data

Minimise Maximise Maximise Minimise the delay the throughput the reliability the cost
1 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 1 0 1 1 0 1 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1
169

DNS UDP dns request TCP dns request zone transfer ICMP Error request IGP SNMP BOOTP NNTP

Suggested TOS values for various applications

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.169

5 IP protocol 5.3 IP header Differentiated Services Code Point (rfc-2474)
Version Type Of Header length Service Identification Protocol Flag Datagram length Checksum Datagram Offset

TTL

Destination IP address Options

Source IP address

DSCP (Differentiated Services Code Point)
Bits 0 1 2 3 4 5
Code point pool

Unused 6 7

Class Selector Code Points

0: standard 1: experimental or local use
Differentiated Services New IETF definition of the IPv4 Type of Service (ToS) byte in the IP packet-header by utilising the Differentiated Services Code Point (DSCP) field to classify packets into classes. To preserve backward-compatibility with any IP Precedence scheme currently in use on the network, DiffServ has defined the three left bits as “Class-Selector Code Points”. Packets can be marked with an arbitrary DSCP value. 6 bits allow to select up to 64 PHP « Per Hop Behavior » Packets with the same PHB and sent in a particular direction follow the same packet scheduling, queuing, policing, or shaping behaviour of a node The packets are classified IETF-defined per-hop behaviors (PHBs) including assured forwarding (AF) expedited forwarding (EF) and Best effort Traffic that is characterised as EF will receive the lowest latency, jitter and assured bandwidth services which is suitable for applications such as VoIP. AF allows carving out the bandwidth between multiple classes in a network according to desired policies. The default PHB essentially specifies that a packet marked with a DSCP value of 000000 receives the traditional best-effort service

170

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.170

5 IP protocol 5.3 IP header Diffserv mechanism Traffic conditioning
(Meter, Marker, Dropper)
EF AF2

Link utilisation ratio 65/100 20/100 10/100 5/100

Input Classifier

AF1 BE

Output

Scheduler

Queue management
171
Classifier: Packets which have to be classified according to the traffic class (conversational, streaming, interactive, background). Traffic conditioning: includes mechanisms for: traffic metering (verification of the traffic contract) Dropper (discarding packets) Queue management : allows to prevent congestion Scheduler : assign a specific rate to each class

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.171

5 IP protocol 5.3 IP header Time To Live
Version Header Type Of length Service Identification Protocol Datagram length Flag Datagram Offset Checksum 1 TTL=64 2 TTL=63 TTL=62 3

TTL

Destination IP address Options Data

Source IP address

4

TTL=61

5 TTL=60

1

TTL=32

TTL=0 3

2

172
Time to Live: This field specifies the time (in seconds) the datagram is allowed to travel. Theoretically, each router processing this datagram is supposed to subtract its processing time from this field. In practise, a router processes the datagram in less than 1 second. Thus the router subtracts one from the value in this field. The TTL becomes a hop-count metric rather than a time metric. When the value reaches zero, it is assumed that this datagram has been travelling in a closed loop and is discarded. The initial value should be set by the higher level protocol that creates the datagram.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.172

17: User Datagram Protocol (UDP) .173 .0: Reserved .51: Authentication Header for IPv6 (AH) .2: Internet Group Management Protocol (IGMP) . Type 0800 (IP) Data FCS 173 Protocol Number: This field indicates the higher level protocol to which IP should deliver the data in this datagram. These include: .5 IP protocol 5.5: Stream .3: Gateway-to-Gateway Protocol (GGP) .50: Encap Security Payload for IPv6 (ESP) . @MAC src.3 IP header Encapsulated protocol ICMP Upper protocols IP protocol 1 Version Header length Identification TTL ToS Data TCP 17 Flag Datagram length Checksum Datagram Offset UDP 6 Protocol Destination IP address Options Data Source IP address MAC @MAC dest.02 Page 1.1: Internet Control Message Protocol (ICMP) .41: IP Version 6 (IPv6) .9: Private Interior Routing Protocol .8: Exterior Gateway Protocol (EGP) .89: Open Shortest Path First © Alcatel University 8AS 90200 1124 VH ZZA Ed.4: IP (IP encapsulation) .6: Transmission Control Protocol (TCP) .

1 a fragment follows. MF=1) MF=1 2 500 bytes (DF=0. MF=0) MF=0 3 500 bytes (DF=0. 1 means do not allow fragmentation. MF=0) MF=0 MTU: 1500 1’ 1400 bytes(DF=1 DF=1) 2’ MTU: 500 174 Flags : DF (Do not Fragment): 0 means allow fragmentation. MF: More Fragment Bits 0 Version Header length Identification Type Of Service Protocol 0 DF MF 1 2 TTL Flag Datagram length Checksum Datagram Offset Destination IP address Options 4 400 bytes (DF=0. 1 cannot be fragmented 5 IP protocol 5. MF=1) MF=1 Source IP address 1 1400 bytes (DF=0.174 .DF: Don't fragment 0 can be fragmented. MF (More Fragments): 0 means that this is the last fragment of the datagram.3 IP header Flags 0 last fragment.02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed. 1 means that additional fragments will follow.

© Alcatel University 8AS 90200 1124 VH ZZA Ed. MF=0) MF=0 1 1400 bytes ID=6700 (DF=0. MF=0) MF=0 4 400 bytes ID=6700 (DF=0. MF=0) MF=0 MTU: 1500 5 300 bytes ID=6701 (DF=0. MF=1) MF=1 500 bytes ID=6700 (DF=0. MF=1) MF=1 2 MTU: 500 175 Identification : A unique number assigned by the sender to aid in reassembling a fragmented datagram.175 .02 Page 1. MF=0) MF=0 3 500 bytes ID=6700 (DF=0.5 IP protocol 5.3 IP header Identification Version Header length Type Of Service Datagram length Flag Datagram Offset Checksum TTL Identification Protocol Source IP address Destination IP address Options 300 bytes ID=6701 (DF=0. Each fragment of a datagram has the same identification number.

this field contains a value of zero.176 . The value in this field contains the number of 64-bit segments (8 bytes) contained in earlier fragments.5 IP protocol 5. Header bytes are not counted.02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 IP header Offset field Version Header length Flag Identification TTL Protocol Type Of Service Datagram length Datagram Offset Source IP address Destination IP address Options Checksum •Expressed in word of 8 bytes 176 Fragment Offset: This is used to aid the reassembly of the full datagram. If this is the first (or only) fragment.

1 Frag. This is called the maximum transmission unit (MTU).1 . Each physical network has a maximum frame size. 1 Offset= 0 . 2 Offset= 200 x 8 =1600 0 800 1600 Frag.3 data Frag.2 MTU: 2000 1880 octets MTU: 800 Frag.1 Frag.1 Frag.5 IP protocol 5.2 ag Fr Offset= 100 x 8 =800 Byte 0 Byte 800 Byte 1600 Byte 1879 Fragmentation When an IP datagram travels from one host to another. The process creates a set of datagrams within the maximum size.3 IP header Use of the offset Frag. Offset= 0 Frag. It limits the length of a datagram that can be placed in one physical frame.02 Page 1. 3 177 © Alcatel University 8AS 90200 1124 VH ZZA Ed.1 Frag. The receiving host reassembles the original datagram. IP implements a process to fragment datagrams exceeding the MTU.3 Frag.2 Frag.2 Frag. it may pass through different physical networks.3 ag Fr Frag.177 .

source route options are copied in all fragments. . The headers of these datagrams are minor modifications of the original: .The fragment offset field in each is set to the location this data portion occupied in the original datagram. . The offset is measured in 8-byte units.The total length field of the new datagram is set. . the receiving host allocates a storage buffer when the first fragment arrives. the data is copied into the buffer storage at the location indicated by the fragment offset field. 1000 bytes 45 0 39 1234 000 250 11 6 xxxx source address dest address. IP handles each fragment independently. relative to the beginning of the original unfragmented datagram. • Based on the MTU value. The identification field set by the sending host is used together with the source and destination IP addresses in the datagram. the complete original unfragmented datagram is restored. . If the bit is set.3 IP header Fragmentation synthesis (3) MTU = 4096 Total length Offset Identification Flag TTL 4 5 0 2039 1234 000 0 12 6 xxxx source address dest address. . the high order bit of the option type byte determines if this information is copied to all fragment datagrams or only the first datagram.At the destination host. All newly created data portions must have a length that is a multiple of 8 bytes.178 . © Alcatel University 8AS 90200 1124 VH ZZA Ed. They can be subject to further fragmentation if they pass through networks specifying a smaller MTU. The fragments can traverse different routers to the intended destination. 178 The following steps are performed to fragment the datagram: • The DF flag bit is checked to see if fragmentation is allowed. 1000 bytes 20 oct 20 oct 4 5 0 1020 1234 001 125 11 6 xxxx source address dest address. the data is reassembled into the original datagram.5 IP protocol 5. When subsequent fragments of the datagram arrive. the datagram will be discarded and an ICMP error returned to the originator. the data field is split into two or more parts. Each of these fragmented datagrams is now forwarded as a normal IP datagram. When all fragments have arrived.The header checksum field is re-calculated. with the exception of the last data portion. 19 bytes 20 oct Must be a multiple of 8 bytes 20 oct Optional exercise: What will be the value of the various fields if the next MTU is 512. Data 2019 bytes MTU = 1024 4 5 0 1020 1234 001 0 11 6 xxxx source address dest address.02 Page 1. • Each data portion is placed in an IP datagram.The more fragments flag bit is set in all fragments except the last. For example.The header length field of the new datagram is set. Processing continues as for unfragmented datagrams. The host also starts a timer. In order to reassemble the fragments.If options were included in the original datagram. Fragmentation does not alter this field.

02 Page 1.5 IP protocol 5. the datagram is discarded.179 .3 IP header Check of the header Version Header length Flag Identification TTL Protocol Type Of Service Datagram length Source IP address Destination IP address Options Data Checksum Datagram Offset 179 Header Checksum: This field is a checksum for the information contained in the header. If the header checksum does not match the contents. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

3 IP header IP Addresses Version Header length Flag Identification TTL Protocol Type Of Service Datagram length Datagram Offset Source IP address Destination IP address Options Checksum •IP address using 32 bits 180 Source IP Address: The 32-bit IP address of the host sending this datagram.180 .02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol 5. • Destination IP Address: The 32-bit IP address of the destination host for this datagram.

02 Page 1. Strict source routing also called the strict source and record route (SSRR) option. © Alcatel University 8AS 90200 1124 VH ZZA Ed. maxi length 40 bytes.5 IP protocol 5. Loose source routing also called the loose source and record route (LSRR) option. uses the same principle as loose source routing except the intermediate router must send the datagram to the next IP address in the source route via a directly connected network.181 . provides a means for the source of an IP datagram to supply explicit routing information. It also provides a method for an IP datagram to determine the route that it travels. Internet timestamp A timestamp is an option forcing some (or all) of the routers along the route to the destination to put a timestamp in the option data. rarely used 181 IP datagram routing options The IP datagram Options field provides two methods for the originator of an IP datagram to explicitly provide routing information.3 IP header Options Version Header length TTL Identification Type Of Service Destination IP address Options •Main options : -Route recording -Route + Time stamp -strict routing -no strict routing Protocol Checksum Source IP address Flag Datagram length Datagram Offset Padding •variable field. Record route This option provides a means to record the route traversed by an IP datagram.

182 . Options Data MAC protocol Eth V2 frame MAC @ MAC @ Dest. Type serv. Source 6 6 Type 0800 2 IP datagram FCS 4 0800 = IP 182 © Alcatel University 8AS 90200 1124 VH ZZA Ed. Total Leng Identif Flag 20 bytes 0≤ length≤40 Offset TTL Protocol fragment CRC IP @ source IP @ dest. Head leng.5 IP protocol 5.02 Page 1.3 IP header IP encapsulation in Ethernet V2 Data IP protocol Ver.

183 . no error recovery Best effort connectionless-oriented 183 © Alcatel University 8AS 90200 1124 VH ZZA Ed.5 IP protocol Synthesis no reliability.02 Page 1.

255.0 001E:0021 Destination Address: 255.184 .5 IP protocol 5. Reliability:Normal 0010:0011 Packet Length: 328 0012:0013 Identification: 0x0000 0014:0014 DF: May Fragment.255 184 © Alcatel University 8AS 90200 1124 VH ZZA Ed.3 IP header Exercise Addr. Precedence: Routine. Data FF FF FF FF 01 48 00 00 FF FF 00 44 7E BA 00 00 00 00 00 00 00 00 00 00 FF 00 00 00 00 00 FF 00 43 00 00 00 00 0F 01 00 00 00 80 11 34 00 80 00 9F AA EF 00 9F 00 21 A6 12 00 21 00 32 00 01 00 32 00 A9 00 01 00 A9 00 08 00 06 00 00 00 00 00 00 00 00 00 45 FF 00 00 00 00 00 FF 00 00 00 00 •1-What is the encapsulated protocol in this IP packet? •2-What is the byte representing this protocol in the hexadecimal trace ? 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Eth v2 [0000:000D] 0000:0005 Destination Address: FFFFFFFFFFFF (Broadcast) 0006:000B Source Address: 00809F2132A9 (Alcatel2132A9) 000C:000D Ethernet Type: DOD Internet Protocol (IP) IP [000E:0021] 000E:000E Version: 4.255.Throughput:Normal.0.02 Page 1. Delay:Normal. MF: Last Fragment 0014:0015 Fragment Offset: 0 0016:0016 Time to Live: 15 0017:0017 Transport: User Datagram 0018:0019 Header Checksum: 0xAAA6 (correct) 001A:001D Source Address: 0.0. 0000: 0010: 0020: 0030: 0040: 0050: 0140: 0150: Hex. Header Length: 20 000F:000F TOS.

5 IP protocol 5.3 IP header Exercise

Addr. 0000: 0010: 0020: 0030: 0040:

Hex. Data 01 00 5E 00 00 34 00 00 00 09 02 08 00 00 0A 0A 00 01

Ethernet Frame
00 00 02 00 09 00 08 00 00 02 00 FF 10 11 20 FF 7B CD 05 00 81 DD 73 00 9E 0A 02 00 9A 0E 02 00 08 00 00 00 00 05 00 00 45 E0 00 00 C0 00 02 00

ASCII ..^.....{.....E. .4.............. ....... .s...... ................

1- Look for the destination IP @ and indicate which class is it 2- Look for the destination MAC @ and explain its value
185

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.185

Objective: To be able to describe the role of the various IP header fields

5 IP protocol Evaluation

Thank you for answering the self-assessment of the objectives sheet

186

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.186

1 2 3 4 5 6 7 8 9

Introduction Physical and link layers ARP protocol Repeaters, Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol

© Alcatel University - 8AS 90200 1124 VT ZZA Ed.02

1.187

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.187

6 ICMP protocol ICMP protocol situation
ICMP Network

IP ARP

SNAP LLC Link MAC 802.2

FDDI

token Ring Paires torsadées blindées

Ethernet ISO 802.3 10 Base T

Ethernet V2

Physical

Fibre optique

10 Base 2

10 Base 5

188
ICMP uses IP as if ICMP were a higher level protocol (that is, ICMP messages are encapsulated in IP datagrams). However, ICMP is an integral part of IP and must be implemented by every IP module. ICMP messages are described in RFC 792 and RFC 950, belong to STD 5 and are mandatory.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.188

6 ICMP protocol Main function

IP @ : Y Router IP @ : M
2 ICMP message

@IP:M @IP:Z IP @ :Z @IP:Z @IP:Y
Data Router

1

189
When a router or a destination host must inform the source host about errors in datagram processing, it uses the Internet Control Message Protocol ICMP is used to report errors, not to make IP reliable. Datagrams may still be undelivered without any report on their loss. Reliability must be implemented by the higher-level protocols using IP services. ICMP cannot be used to report errors with ICMP messages. This avoids infinite repetitions.ICMP responses are sent in response to ICMP query messages (ICMP types 0, 8, 9, 10 and 13 through 18). ICMP messages are never sent in response to datagrams with a broadcast or a multicast destination address. ICMP is also used to perform tests (see ping, traceroute).

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.189

6 6 Type 0800 2 Datagram IP Type=0800 (IP) FCS 4 190 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.190 .6 ICMP protocol Format of the ICMP message ICMP message Type Code 1 1 CRC 2 Parameters 4 Data Protocol= 1 (ICMP) Header 20 bytes IP Eth V2 frame MAC @ MAC @ Source Dest.

Code Type 0:Echo Code 0: Response 0: network unreachable 1: host unreachable 2: Protocol unreachable 3: Port unreachable 4: fragmentation needed but don’t frag=0 5: Source route failed 6: Unknown destination network 7: Unknown destination host 8: (obsolete) 9: destination network administratively forbidden 10: destination host administratively forbidden 11: network unreachable for this TOS 12: host unreachable for this TOS 13: Communication forbidden (filter) 14: Violation of the precedence 15: precedence 0: Source Quench 0: 1: 2: 3: Redirection for a network Redirection for a host Redirection for a service and a network Redirection for service and a host 8: Echo Type 0: Request 0: 0: Code 9: Router Advertisement 10: Router solicitation 11: Time to live 12: parameter error 13: Timestamp Request 14: Timestamp response 15: Information request 16: Information Response 17: Netmask request 18: Netmask response 3:unreachable destination 0: time to live exceeded in transit 1: during reassembly 0: IP header 1: Option missing 0: 0: 0: 0: 0: 0: (obsolete) (obsolete) 4: flow control 5:Redirection 191 © Alcatel University 8AS 90200 1124 VH ZZA Ed.191 .02 Page 1.6 ICMP protocol Type .

02 Page 1. The ICMP header code field may have the one of the following values: • 0: unspecified error • 1: required option missing © Alcatel University 8AS 90200 1124 VH ZZA Ed. The pointer field indicates the byte in the original IP datagram where the problem was encountered.192 .6 ICMP protocol Parameter Error ICMP Message Parameters 0 4 Type Code 12 0 or 1 1 1 CRC 2 data Header IP+ 64 first bits 0: Bad IP header 1: Requested option missing IP Packet 2 Router 1 ICMP •Parameter error : •bad IP header 192 Parameter Problem (12) This message indicates that a problem was encountered during processing of the IP header parameters.

6 ICMP protocol Unreachable destination Host not existing Type =3 (unreachable destination) Code= 1 (unreachable Host) Type =3 (unreachable destination) Code= 1 (unreachable Host) Network Type =3 (unreachable destination) Code= 3 (non valid Port) non active Application non implemented Type =3 (unreachable destination) Code= 0 (unreachable network) Unreachable destination (3) Type =3 (unreachable destination) Code= 2 (non valid protocol ) 193 If this message is received from an intermediate router. If this message is received from the destination host. it means that the router regards the destination IP address as unreachable.193 . it means that either the protocol specified in the protocol number field of the original datagram is not active or the specified port is inactive. © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

194 .6 ICMP protocol Unreachable destination «fragmentation needed» ICMP Message Parameter 0 4 Type Code 4 3 1 1 CRC 2 Data IP header+ 64 first bits fragmentation needed Flag df (don’t fragment) 1 1500 oct 2 MTU=1500 3 MTU=256 MTU=512 ICMP unreachable destination (fragmentation needed) 194 Unreachable destination (3) © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. It is described in RFC 1191. the format of the destination unreachable message is changed for code 4. If a router implements the Path MTU Discovery protocol. This includes the MTU of the link that did not accept the datagram.195 .Type Code 4 3 1 1 CRC 2 ICMP Message 0 2 6 ICMP protocol MTU discovery (option rfc 1191) Data IP header+ 64 first bits MT U= 5 12 Flag df (don’t fragment) 1 1500 fragmentation needed 2 MT U =1536 next hop MTU 2 4 1 0 2 = U M T 3 ICMP Unreachable destination (Path MTU Discovery:1024) Flag df (don’t fragment) 4 1024 5 MT U =1536 2 4 = 1 0 U M T 6 7 MT U= 5 12 ICMP Unreachable destination (Path MTU Discovery:512) 195 Unreachable destination (3) Path MTU Discovery is a draft standard protocol with a status of elective.

The ICMP header code field may have the one of the following values: • 0: transit TTL exceeded • 1: reassembly TTL exceeded © Alcatel University 8AS 90200 1124 VH ZZA Ed.196 . If this message is received from the destination host.Type Code 0 11 1 1 CRC 2 Parameters 0 ICMP Message 4 6 ICMP protocol Time overflow (overflow TTL) Data IP header + 64 first bits overflow generated by a router TTL (Time to Live) Network 2 1 ICMP 4 3 196 Time Exceeded (11) If this message is received from an intermediate router. it means that the IP fragment reassembly time to live timer has expired while the host is waiting for a fragment of the datagram.02 Page 1. it means that the time to live field of an IP datagram has expired.

197 .Type Code 1 11 1 1 CRC 2 Parameters 0 ICMP Message 4 6 ICMP protocol Time overflow (overflow time to reassemble) Data IP header + 64 first bits overflow (during reassembly) generated by a host TTL (Time to Live) MTU=1536 1 2 MTU=512 ICMP overflow time to reassemble 197 Time Exceeded (11) The ICMP header code field may have the one of the following values: • 0: transit TTL exceeded • 1: reassembly TTL exceeded © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

The router forwards the datagram to its next hop destination.198 .6 ICMP protocol Redirection Type Code 0 .. This message will not be sent if the IP datagram contains a source route. This preferred router will always be on the same subnet as the host that sent the datagram and the router that returned the IP datagram.3 5 1 1 2 0: Network redirection 1: Host redirection 2: Network redirection for the requested service 3: Host redirection for the requested service R2 CRC Parameters @IP router ICMP Message 4 Data IP header + 64 first bits Default gateway : R1 4 1 ICMP Redirection (R2) R2 3 2 R1 198 Redirect (5) If this message is received from an intermediate router.02 Page 1. © Alcatel University 8AS 90200 1124 VH ZZA Ed. it means that the host should send future datagrams for the network to the router whose IP address is specified in the ICMP message.

252.252.183 5 ICMP host redirection 140.32 140.0.252.1.252.1.1.1.1.02 Page 1.33 Network 140.252.183 140.34 140.32 140.13.252.252.11 7 140.252.13.29 140.34 199 Redirect (5) Example © Alcatel University 8AS 90200 1124 VH ZZA Ed.1.1 Flags UH U UG Interface lo0 eth0 eth0 flag H: the destination is a Host flag G: route through Gateway flag U: the route is Up flag D: route made by redirection ICMP 2 6 140.252.0. 1.1.13.4 Internet Network 140.66 140.35 140.252. 13.252.252.65 140.0.1 140.252.183 3 4 140.13.0.6 ICMP protocol Example of redirection Destination 127.13.252.1.1.13.92 140.252.1 140.34/32 140.0/24 default Gateway 127.199 .252.13.4 UGHD eth0 1 % ping 140.252.252.252.

If this message is received from the destination host. The ICMP header code field is always zero. it means that the incoming datagrams are arriving too quickly to be processed.200 .6 ICMP protocol Source Quench ICMP message 4 Type Code 0 4 1 1 CRC 2 Parameters 0 Data IP header + 64 first bits Source Quench 1 ICMP Source quench 2 Flow control 200 Source Quench (4) If this message is received from an intermediate router. © Alcatel University 8AS 90200 1124 VH ZZA Ed. it means that the router did not have the buffer space needed to queue the datagram.02 Page 1.

2 Router © Alcatel University 8AS 90200 1124 VH ZZA Ed.Type Code 17 ou 18 0 1 1 CRC 2 ICMP message Identification 2 6 ICMP protocol Subnet mask Netmask 32 Sequence number 2 17: Request 18: Response Subnet IP @ :A 1 ICMP: Response netmask of network 2 @IP:A Broadcast Router ICMP: Request netmask ICMP: Response netmask of network 201 Address Mask Request (17) and Address Mask Reply (18) An address mask request is used by a host to determine the subnet mask used on an attached network. the host broadcasts an address mask request. such as diskless workhosts. Most hosts are configured with their subnet mask(s). The ICMP header code field is zero. must obtain this information from a server. A host uses RARP to obtain its IP address. However some. convert the packet to an address mask reply and return it to the sender.02 Page 1. Any host on the network that has been configured to send address mask replies will fill in the subnet mask.201 . To obtain a subnet mask.

© Alcatel University 8AS 90200 1124 VH ZZA Ed. The datagram has two timestamps if there is a perceptible time difference between the receipt and transmit times. changes the type to timestamp reply and returns it to the original sender. This sets the two timestamps to the same value.202 . most implementations perform the two (receipt and reply) in one operation. The receiving host fills in the receive and transmit timestamps. The sender initializes the identifier and sequence number (which is used if multiple timestamp requests are sent). Timestamps are the number of milliseconds elapsed since midnight UT (GMT).6 ICMP protocol Time stamp Type Code 13 0 1 1 CRC 2 Identification 4 Sequence number 1 ICMP timestamp Request Origin time 2 ICMP timestamp Response Type Code 14 0 1 1 CRC 2 Identification 4 Sequence number Origin time reception transmission time time Transit time Processing time 202 Timestamp Request (13) and Timestamp Reply (14) These two messages are for debugging and performance measurements. In practice.02 Page 1. sets the originate timestamp and sends the datagram to the recipient. They are not used for clock synchronization.

The default behavior is to send advertisements every 10 minutes with a TTL value of 1800 (30 minutes). The default is zero. Typically. Alternatively a host may wait for periodic advertisements.255.2) or the limited broadcast address (255.255). which is in the middle of the possible range. They send an advertisement with a TTL value of zero. • entry length: The length of an entry in 32-bit units. Each time a host receives an advertisement with a higher preference value.255. Routers also reply to solicitation messages they receive. Routers periodically advertise their IP addresses on those subnets where they are configured to do so. three solicitation messages are sent at 3-second intervals.6 ICMP protocol Advertisement/ Solicitation of Routers Solicitation 1 Type 10 Code 0 1 2 Parameter 0 2 CRC Advertisement Type 9 Number of addresses 1 Code 0 Entry size (=2) Preference level (1) Preference level(2) Preference level (n) router address(n) router address(2) router address (1) 1 CRC TTL 203 Router Advertisement (9) and Router Solicitation (10) (RFC 1256) These two messages are used if a host or a router supports the router discovery protocol.02 Page 1.203 . This process also provides a mechanism for routers to declare themselves unavailable. They may reply directly to the soliciting host. © Alcatel University 8AS 90200 1124 VH ZZA Ed. it resets the TTL value to that in the new advertisement.255). A value of X'80000000’ (-231) indicates the router should never be used as a default router. • router address: One of the sender's IP addresses. it updates its default router. Advertisements are made on the all-systems multicast address (224. Hosts may send solicitation messages. • preference level: A signed 32-bit level indicating the preference to be assigned to this address when selecting a default router. or they may wait a short random interval and reply with a multicast. • number: The number of entries in the message. Larger values imply higher preference. Solicitation messages are sent to the all-routers multicast address (224.0. • TTL: The number of seconds that an entry will be considered valid.0.0. When the host receives a new advertisement for its current default router. smaller values imply lower.1) or the limited broadcast address (255. The host also sets the TTL timer for the new entry to match the value in the advertisement.255. This is 2 (32 bits for the IP address and 32 bits for the preference value). Each router on a subnet is responsible for advertising its own preference level.0.255.

sequence number. the first test of reachability for a host is still to attempt to ping it. Traditionally. • ping a-remote-IP-address: Verifies whether the network can be accessed. if you could successfully ping a host. PING (Packet Internet Groper ) Ping is the simplest of all TCP/IP applications. • ping a-remote-host-name: Verifies the operation of the name server (or the flat namespace resolver. is taken from the sonar operation to locate an underwater object. The following variations of the command each require the operation of an different portion of an IP installation: • ping loopback: Verifies the operation of the base TCP/IP software. this is no longer necessarily true. Nonetheless. and data field. • ping my-IP-address: Verifies whether the physical network device can be addressed. other applications such as Telnet or FTP could reach that host.204 . particularly firewalls. The datagram is then sent to the destination host.The sender initializes the identifier. It sends IP datagrams to a specified destination host and measures the round trip time to receive a response. The word ping.02 Page 1. It is also an abbreviation for Packet InterNet Groper. Ping is useful for verifying an IP installation. © Alcatel University 8AS 90200 1124 VH ZZA Ed. With the advent of security measures on the Internet. It is used bythe Ping command. depending on the installation). which is used as a noun and a verb. The recipient changes the type to Echo Reply and returns the datagram to the sender.6 ICMP protocol Echo (PING) ICMP Message Identification 4 Type Code 0 ou 8 0 1 1 CRC 2 Sequence number Data 0: Echo Response 8: Echo Request IP@A IP@B ICMP Echo Request 1 IP @ : A 2 @IPB @IPA ICMP Echo Response @IP: B 204 Echo (0) (8) is used to detect if another host is active on the network. which control access to networks by application protocol and/or port number.

Traceroute is based upon ICMP and UDP.205 . It sends an IP datagram with a TTL of 1 to the destination host. This process is repeated with successively larger TTL values to identify the exact series of routers in the path to the destination host. The first router decrements the TTL to 0. These datagrams reference a port number outside the standard range.02 Page 1. In this way. the first router in the path is identified. When an ICMP Port Unreachable message is received.IP @ : A IP@: x IP @ :y 6 ICMP protocol Trace route program IP @: z IP @ : B @IPA @IPB TTL=1 @IPx @IPA @IPA ICMP: Type 11 code 0: overflowTTL @IPB TTL=2 @IPy @IPA ICMP: Type 11 code 0: overflowTTL @IPA @IPB TTL=3 @IPz @IPA @IPBTTL=4 ICMP: Type 11 code 0: overflowTTL @IPA ICMP: Type 0 code 0: Echo Response Traceroute @IPB @IPA 205 The Traceroute program is used to determine the route IP datagrams follow through the network. © Alcatel University 8AS 90200 1124 VH ZZA Ed. discards the datagram and returns an ICMP Time Exceeded message to the source. the source determines the destination host has been reached. Traceroute sends UDP datagrams to the destination host.

02 Page 1.6 ICMP protocol Exercise: Ping and Trace route program cmd 3 2 1 On Windows-NT On Unix or Linux traceroute ping > tracert <ip-addr> or > tracert isoc.206 .org > ping <ip-addr> > ping icann.org 206 4 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

the firewalls connected to the border between Private network and Internet will discard any ICMP messages.pdf © Alcatel University 8AS 90200 1124 VH ZZA Ed. Traceroute allows to know the IP addresses of the routers ICMP Redirects modifies the routing table of the hosts ( DoS attack).com/archive/papers/ICMP_Scanning_v1.02 Page 1.207 . That is why.6 ICMP protocol Attacks against security with ICMP (1) I P@ o l ast _ t @ P _I = f i r st For i i i next e r out e c a tr P ing Hacker Ping allows the scan of IP addresses Destination unreachable allows to know who is unreachable and why. ICMP Source Quench request to reduce the throughput 207 ICMP can be used by hackers to know more about a network as well as to damage the correct operation of a network. usually.sys-security. Note : DoS attack.0.This name is given to this kind of attack because only Microsoft DoS (not Unix nor Linux) take in account the redirect ICMP message. http://www.

208 .6 ICMP protocol Attacks against security with ICMP (2) ICMP allows to detect the type of Operating System : 3 A DoS 2’ Destin a unrea tion chable A: Microsoft B: Unix UNIX B 2 ICMP timestamp Request sta mp e m i t IC MP po nse R es 1 Hacker ICMP Address Mask Requests (type 16) Allows to detect routers Allows to know the subnets 208 ICMP with type=echo and code ≠0 : is accepted by UNIX leads to a response with code=0 on Microsoft © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

1 Given this interconnection diagram and the trace (next page) of messages made on the network 10.0.7b.Draw the exchanges (see the page following the trace) MAC@: 00.81.12.16. .7e 00.11 Exercise: PC configuration 209 A ping has been launch to the IP@:10.9d.209 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.ea.0 when a ping is sent from this PC : 1. .24. . default/gateway: 10.0. .02 Page 1.9c.81.on the diagram. .16.7e IP@ : .write down the IP @ of the host.12. .10.a0.0. .Draw the events 2 .ping @IP:10.0.0.24.0/16 MAC@ :00.10.10.draw with arrows the exchanges.7b.10.Fill in this diagram (IP@ of various units) Network 10.1 Given the following trace: 1. . 6 ICMP protocol Exercise ICMP(1) 2.a0.10.15 IP@ : .ea . MAC@ :00.f9 IP@ : .

6 ICMP protocol Exercise ICMP(2)
802.3 Destination Address: 00107B819D15 Source Address: 00A024EA167E (3ComEA167E) Ethernet Type: DOD Internet Protocol (IP) IP Source Address: 10.10.10.10 Destination Address: 10.12.0.1 ICMP Type: Echo Code: 0x00 Checksum: 0xFB5B Identifier: 0x0001 Sequence Number: 81 802.3 Destination Address: 00A024EA167E Source Address: 00107B819D15 Ethernet Type: DOD Internet Protocol (IP) IP Source Address: 10.10.0.11 Destination Address: 10.10.10.10 ICMP Type: Redirect Code: Redirect datagrams for the Network Checksum: 0x9B8D Gateway Internet Address: 10.10.0.12 IP - Version: 4, Header Length: 20 IP - Service Type: 0x00 IP - Packet Length: 60 IP - Identification: 0xB941 IP - Fragment Offset: 0x0000 IP - Time to Live: 31 IP - Transport: Internet Control Message IP - Header Checksum: 0xC45F IP - Source Address: 10.10.10.10 IP - Destination Address: 10.12.0.1 Others: 8 bytes of data 802.3 Destination Address: 00107B819CF9 Source Address: 00107B819D15 Ethernet Type: (IP) IP Source Address: 10.10.10.10 Destination Address: 10.12.0.1 ICMP Type: Echo Code: 0x00 Checksum: 0xFB5B Identifier: 0x0001 Sequence Number: 81 802.3 Destination Address: 00A024EA167E Source Address: 00107B819CF9 Ethernet Type: (IP) IP Source Address: 10.12.0.1 Destination Address: 10.10.10.10 ICMP Type: Echo Reply Code: 0x00 Checksum: 0x035C Identifier: 0x0001 Sequence Number: 81 802.3 Destination Address: 00107B819CF9 Source Address: 00A024EA167E Ethernet Type: (IP) IP Source Address: 10.10.10.10 Destination Address: 10.12.0.1 ICMP Type: Echo Code: 0x00 Checksum: 0xFA5B Identifier: 0x0001 Sequence Number: 82

Frame 1

Frame 2

Frame 5

Frame 4

Frame 3

210

% ping IP @ :10.12.0.1 MAC @ :00.a0.24.ea.16.7e default/gateway: 10.10.0.11 IP @ :

Network 10.10.0.0/16 MAC @ :00.10.7b.81.9d.15 @IP:

MAC @ :00.10.7b.81.9c.f9 IP @ :

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.210

MAC@:00.a0.24.ea .16.7e MAC@:00.a0.24.ea.16.7e IP@ : . . .
IC M P ( echo, . . .

MAC @ :00.10.7b.81.9d.15 IP@ : . . .

MAC@ :00.10.7b.81.9c.f9 IP@ : . . .

6 ICMP protocol Exercise ICMP(2)

time

time

time

211

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.211

Objective:

6 ICMP protocol Evaluation

to be able to analyze an ICMP message and explain the operation of the Ping and Trace_route programs

Thank you for answering the self-assessment of the objectives sheet

212

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.212

1 2 3 4 5 6 7 8 9

Introduction Physical and link layers ARP protocol Repeaters, Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol

3

© Alcatel University - 8AS 90200 1124 VT ZZA Ed.02

1.213

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.213

The “Client” is the party requesting a service
Example:

7 Client-Server Model Overview

The “Server” is the party providing a service
Network IP Server : File transfer

tftp <server-IP@>

tftp> put/get <file_name> ……. ……. Transfer completed tftp> quit

Client : File transfer

File

File

Whatever the direction of the transfer
214
A server is an application that offers a service to internet users; a client is a requester of a service. An application consists of both a server and a client part, which can run on the same or on different systems. Users usually invoke the client part of the application, which builds a request for a particular service and sends it to the server part of the application using TCP/IP as a transport vehicle. The server is a program that receives a request, performs the required service and sends back the results in a reply. A server can usually deal with multiple requests and multiple requesting clients at the same time.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.214

© Alcatel University 8AS 90200 1124 VH ZZA Ed. UDP/TCP ports allows multiplexing. Delivering data from an application to its remote peer.7 Client-Server Model Overview of UDP / TCP Multiplexing Finance 4 Business Research accounting department Telecom Company 75000 PARIS Sender: UDP port ≡ MAC address ≡ IP address ≡ Finance department Alcatel 22300 LANNION Alcatel Artois SOMME NORD SEINEMARITIME Picardie OISE VAL D'OISE AISNE ARDENNES 3 CALVADOS BasseBrest FINISTÈRE St-Brieuc CÔTES D'ARMOR Normandie EURE Haute- Paris Île de France ESSONE SEINE-ETMARNE MARNE MOSELLE MEUSE T T H E -E M E U R BASRHIN Île Normandie ORNE YVELINES ChampagneArdenne HAUTEMARNE d'Oussant MOSELLE EUREMAYENNE SARTHE ILLE-ETVILAINE ET-LOIR Quimper Bretagne MORBIHAN Lorient Lorraine VOSGES HAUTRHIN HAUTESAÔNE BELFORT CÔTE-D'OR Alsace 2 NCHE 1 AUBE LOIRET YONNE LOIREATLANTIQUE Pays de la Loire LOIRET-CHE R FRANCE CHER NIÈVRE MAINE-ETLOIRE INDREET-LOIR INDRE VENDÉE DOUBS FrancheSAÔNE-ETLOIRE JURA Comté R E S X -S È V D E U VIENNE ALLIER CHARENTEMARITIME Charentes CHARENTE Poitou- AIN HAUTEVIENNE CREUSE RHÔNE Rhône-Alpes HAUTE SAVOIE PUY-DE-DÔME LOIRE ISÈRE SAVOIE CORRÈZE Auvergne CANTAL HAUTELOIRE Savoie Grenoble GIRONDE Bordeaux DORDOGNE Valence LOT LOZÉRE LOT-ETGARONNE TARN-ETLANDES GARONNE AVEYRON ARDÈCHE DRÔME HAUTES-ALPES Pyrénées TARN Midi- Roussillon GARD Nîmes LanguedocVAUCLUSE Avignon ALPES-DEHAUTEPROVENCE ALPESMARITIMES Nice Cannes GERS -G A R O N N E Bayonne PYRÉNÉESATLANTIQUES P Y R É N É E S H A U T E S - Toulouse HÉRAULT Montpellier BOUCHESDU-RHÔNE Provence-Côte d'Azur VAR H A U TE Pau Tarbes Béziers AUDE ARIÈGE Marseilles Toulon Perpignan PYRÉNÉESORIENTALES 215 Analogy The city/post code ≡ MAC@ Company name ≡ IP@ Department ≡ UDP port Note : the company could move to another city => modification of the City/post code but no modification of the company name (logical address) The post office pay attention only on the city/post code (MAC@) and the Company name (IP@) but not the department (UDP port) Only the private companies (users) pay attention to the department (UDP port).215 .02 Page 1. Multiple applications can be supported simultaneously.

This mechanism might employ a registration service such as portmap. Port69 Well known port 2 1843 1955 2’ UDP/TCP 3 IP a @IPa @IPb PORTsrc:1843 PORTdst: 69 @IPa @IPb PORTsrc:1955 PORTdest: 69 IP network 3’ UDP/TCP IP b 5 69 5’ 4’ 4 « Well-known » port <1024 Ephemeral port ≥ 1024 216 The well-known ports are controlled and assigned by the Internet Assigned Number Authority (IANA)Most servers wait for requests at a well-known port so that their clients know which port (and in turn.7 Client-Server Model « Ephemeral » ports and « well-known » ports File File Client File transfer 1 Ephemeral port Client File transfer 1’ Ephemeral port TFTP server File transfer 6’ 6 Socket Socket @ IPa .Port1955 @IPa. normally in the range 1024 to 65535. as long as the combination of <transport protocol. which does use a well-known port. Ephemeral port numbers have values greater than 1023.02 Page 1. Ephemeral: Clients do not need well-known port numbers because they initiate communication with servers and the port number they are using is contained in the UDP datagrams sent to the server. A client can use any number allocated to it. Each client process is allocated a port number for as long as it needs it by the host it is running on. port number> is unique. The reason for well-known ports is to allow clients to be able to find servers without configuration information. Clients that wish to communicate with a server that does not use a well-known port must have another mechanism for learning to which port they must address their requests. which application) they must direct their requests.216 . Port1843 @IPb. © Alcatel University 8AS 90200 1124 VH ZZA Ed. Ephemeral ports are not controlled by IANA and can be used by ordinary user-developed programs on most systems. The well-known port numbers are defined in STD 2 – Assigned Internet Numbers. IP address. The client typically uses an arbitrary port called an ephemeral port for its communication.Port69 @Ipb.

. Port :: n Portsrc :…...7 Client-Server Model Multiplexing Server Application layer Layer 4 (TCP / UDP) Layer 3 IP Multiplexing based on port number Application x Port 1 Application y Port 2 3 Application z Port n Data 4 Data 2 UDP 4 header Layer header Port :…. © Alcatel University 8AS 90200 1124 VH ZZA Ed. the destination port is used to determine the target application.02 Page 1. Portdest n src dest IP header @IPsrc @Ipdest Layer 4 header Portsrc:….217 . Portdest: n IP packet 1 Data 217 In both transport layer UDP and TCP.

An association is the 5-tuple that completely specifies the two processes that comprise a connection: <protocol. determine which local process at a given host actually communicates with which process.Port1025 IPc. at which remote host. If this sounds confusing.Port1025 @IPb.Port69 Server File transfer Well known port Socket 5’ @IPc. 193.Port1025 IPa. the following could be a valid association: <tcp. • Process IDs differ between operating system platforms.Port69 IPb. local-process> For example.234. local-address. local-process.Port1025 @IPb. irrespective of specific process IDs.Port69 4’ 2’ Client File transfer 1’ Ephemeral port 2 UDP:TCP IP a 1025 UDP/TCP IP b 4 69 UDP/TCP IP c 1025 @IPa @IPb PORTsrc:1025 PORTdst: 69 3 3’ IP network @IPc @IPb PORTsrc:1025 PORTdest: 69 218 The concepts of port and socket.3. which is likely to be different each time that process is started. using which protocol.44. foreign-process> In the TCP/IP suite.3. 12345> A conversation is the communication link between two processes. hence simple connection identifiers would not be unique.234.5.218 .7 Client-Server Model Simultaneous access to a server File File File Client File transfer 1 Ephemeral port Socket 5 @IPa.234. 21> © Alcatel University 8AS 90200 1124 VH ZZA Ed. 193. 193. consider the following: • An application process is assigned a process identifier number (process ID). in the TCP/IP suite: <tcp. foreign-address.44. • A server process can have multiple connections to multiple clients at a time. 1500. A socket address is the triple: <protocol. The concept of ports and sockets provides a way to uniformly and uniquely identify connections and the programs and hosts that are engaged in them. hence they are not uniform. local-address.Port69 IPb.02 Page 1.44.

Port 69 2 UDP/TCP IP a 1025 1542 2’ 4 69 UDP/TCP IP b 3’ Well known port 4’ 69 UDP/TCP IP c @IPa @IPb PORTsrc:1025 PORTdst: 69 3 IP network @IPb @IPc PORTsrc:1542 PORTdest: 69 219 A server could be a client for another communication.219 .02 Page 1.Port1542 @IPc.Port 69 Server File transfer Client File transfer 1’ Ephemeral port Server File transfer Well known port Socket 5’ @IPb. © Alcatel University 8AS 90200 1124 VH ZZA Ed.Port1025 5 @IPb.7 Client-Server Model Host being both Server and Client File File File Client File transfer 1 Ephemeral port Socket @IPa.

7 Client-Server Model Port distribution 1 Well-known ports 1023 1024 Registered ports 49151 49152 Ephemeral ports 65535 7: Echo 9: Discard 11: Systat.logged users 13: Daytime 15: Netstat 19: Chargen20: FTP File Transfer Protocol.Client 69: TFTP Trivial File Transfer Protocol 111: RPC remote Procedure Call 123: NTP Network Time Protocol 161: SNMP Simple Network Management Protocol 162: SNMP .Data 21: FTP File Transfer Protocol.220 . But in fact each application runs always to only one transport protocol some exception like DNS running on server which uses both UDP port 53 (for query operation) and TCP port 53 (for database transfer between 2 DNS servers). because so many new services have been born : Well-known ports are assigned by IANA. Exception is the FTP server.Remote Job Entry 7: Echo 9: Discard 11: Systat. Registered ports are displayed bu IANA Ephemeral ports Well-known port numbers are typically odd.Traps UDP « Well-known » ports 5: RJE. because early systems using the port concept required an odd/even pair of ports for duplex operations. exception is the BOOTP client.logged users 13: Daytime 15: Netstat 19: Chargen 37: Temps (time) 43: whois53: DNS Domain Name Server (Query) 67: BOOTPs BOOTP Bootstrap Protocol. only two ranges of ports : well-known and ephemeral Now.02 Page 1. which uses well known port 68 Most servers require only a single well known port.Server 68: BOOTPc BOOTP Bootstrap Protocol. Client uses an ephemeral port. © Alcatel University 8AS 90200 1124 VH ZZA Ed. which uses two: 20 and 21 An application could run on both TCP or UDP transport layer. range between 1 and 1023.Commands 23: TELNETTELNET Remote connection 25: SMTP Simple Mail Transfer Protocol53: DNS Domain Name Server (zone transfer) 80: HTTP Hypertext Transfer Protocol 110: POP3 Post Office Protocol 111: SUNRPC 139: Netbios TCP « Well-known » ports 220 In the past.

Router Interconnects networks at the internetwork layer level and routes packets between them.221 . Multiple applications can be supported simultaneously. flow control.02 Page 1. or error recovery. An application is a user process cooperating with another process usually on a different host Transport layer The transport layer provides the end-to-end data transfer by delivering data from an application to its remote peer. Internetwork layer Internet Protocol (IP) is the most important protocol in this layer. It is a connectionless protocol that doesn't assume reliability from lower layers. Network interface layer The network interface layer. IP does not provide reliability. is the interface to the actual network hardware. © Alcatel University 8AS 90200 1124 VH ZZA Ed.Host @IPa data Transport Port sα→dβ data IP@ sa→db Phys@ 2 Phys@ Phys@ 8 6 Phys@ s8→d7 7 Client-Server Model TCP/IP communication synthesis IP Network IP@ sa→db Phys@ 7 @IPb Appli β Host Network IP@ sa→db Link Phys@ s1→d2 Phys@: 1 Phys@ s1→d2 Phys@ 3 Phys@ Phys@: 15 4 Phys@ s4→d15 Phys@ 34 Network IP@ sa→db Link Phys@ s4→d15 Transport Port sα→dβ data Appli Appli λ δ Host Phys @ 9 Phys @ 12 Host 221 Application layer The application layer is provided by the program that uses TCP/IP for communication. also called the link layer or the data-link layer. These functions must be provided at a higher level.

222 .02 Page 1.7 Client-Server Model Evaluation Objective: to be able to describe the operation of the client/server model at the transport layer Thank you for answering the self-assessment of the objectives sheet 222 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

223 © Alcatel University 8AS 90200 1124 VH ZZA Ed.1 2 3 4 5 6 7 8 9 Introduction Physical and link layers ARP protocol Repeaters.02 Page 1. Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol © Alcatel University .223 .8AS 90200 1124 VT ZZA Ed.02 1.

3 10 Base T Ethernet V2 Physical 10 Base 2 10 Base 5 224 Usually. voice over IP) •that have a very short communication (one question.224 . one response) •that can tolerate the loss of some data. UDP is used by applications •that need a fast transport mechanism (time synchronisation. The main applications using UDP are : TFTP: Trivial File Transfer Protocol DNS : Domain Name System NTP : Network Time Protocol © Alcatel University 8AS 90200 1124 VH ZZA Ed.8 User Datagram Protocol Situation of the UDP protocol Application Transport Network NTP TFTP UDP ICMP SNMP DNS Telnet FTP SMTP TCP HTTP IP ARP LLC SNAP 802.02 Page 1.2 Link MAC FDDI Optical fibre token Ring Shield twisted pair Ethernet ISO 802.

225 .9 User Datagram Protocol “Connectionless service” UDP IP P3 P2 P1 UDP does not reorder the received packets Offers Connectionless service P2 IP network P2 P1 P3 UDP IP P1 P3 P2 P1 P3 P3 P1 P2 UDP offers Connectionless service 225 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

if it is so desired. flow control. the letter is retransmit) UDP provides connectionless. unreliable.8 User Datagram Protocol UDP not a reliable protocol 1 5 0 $ Bill Classical mail User User Not reliable Nevertheless people appreciate mail services That is the role of users to implement a procedure if they want a reliable communication ( i.226 . UDP is used by applications that need a fast transport mechanism and can tolerate the loss of some data. The UDP protocol can be regarded as being extremely thin and consequently has low overheads. best-effort service. As a result. Usually. but it requires the application to take responsibility for error recovery and so on. 226 UDP provides a mechanism for one application to send a datagram to another. © Alcatel University 8AS 90200 1124 VH ZZA Ed. : if no response in 3 day time. and congestion control.e.02 Page 1. applications using UDP as the transport protocol have to provide their own end-to-end integrity.

227 . A Network Time Server delivers recurrently the time. In addition if the part of lost conversation is repeated. the ear is capable of understanding. Example: Voice over IP .8 User Datagram Protocol Applications tolerating the loss of some data Convsation IP network Conversation Co nv er sa ti on E v ery 1 0 s Network Time Server Dat NTP e& t im e IP network Network management 227 UDP is suitable for application tolerating loss of some data. Time synchronisation is necessary to well manage a network. it will be out of sequence and will cause the worst effect. it is crazy to repeat this message because the time run.If a part of the conversation is lost during the transmission.02 Page 1. If a message conveying the current time is lost. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

http://alcatel. .. Let’s cite : DNS..33.c om” = 169. TFTP.109.02 Page 1.06 Alcatel Name Server DNS UDP application not needs reliable reliability What is t he IP@ of “alc at e l. © Alcatel University 8AS 90200 1124 VH ZZA Ed.33.109.c “alc The application has to implement an error recovery procedure 228 Applications using a communication type “Question / Response” can easily implement a simple procedure to assure a correct exchange.co m” ? l.c om” ? DNS UDP not application reliable needs reliability Wha t is the IP@ o f “ a lca tel.228 .06 169.109.33.com Internet 8 User Datagram Protocol Applications using simple exchange IP@=169.06 alc ate l.

Exceptions are the BOOTP server. Well-known: Well-known ports belong to standard servers. DNS uses port 53.229 .Client 69: TFTP Trivial File Transfer Protocol 111: RPC remote Procedure Call 123: NTP Network Time Protocol 161: SNMP Simple Network Management Protocol 162: SNMP .8 User Datagram Protocol Main UDP « Well-known » ports 7: Echo 9: Discard 11: Systat.Traps 229 Well-known port are assigned by ICANN. which uses two: 67 and 68 « Well-known ports » © Alcatel University 8AS 90200 1124 VH ZZA Ed.logged users 13: Daytime 15: Netstat 19: Chargen 37: Temps (time) 43: whois53: DNS Domain Name Server 67: BOOTPs BOOTP Bootstrap Protocol.Serveur 68: BOOTPc BOOTP Bootstrap Protocol. Well-known port numbers range between 1 and 1023 Well-known port numbers are typically odd.02 Page 1. Most servers require only a single port. for example. because early systems using the port concept required an odd/even pair of ports for duplex operations.

Turnaround time from sending to receiving the echo provides useful measurements of response times and latency within the network. whereas UDP receives datagrams through that port. Time is specified in a HH:MM:SS format. It is up to the receiving application to convert the number to a useful figure. including setting system calendars and clocks to minimize variations. Discard The Discard service simply discards everything it receives.8 User Datagram Protocol Optional services Servers DNS TFTP Appli. The Discard service might seem pointless. It also can be used by applications. The Echo service provides very good diagnostics about the proper functioning of the network and the protocols themselves. but it can be useful for routing test messages during system setup and configuration. No responses are sent. It can also be used by applications in place of a discard service of the operating system (such as /dev/null in UNIX). Portdest Data UDP 230 Character Generator : The Character Generator service is designed to send a set of ASCII characters. The format it uses is the day of the week. The echoes continue until the port connection is broken or no datagrams are received. it simply returns whatever data comes down the connection. With TCP. Time Time : The Time service returns the number of seconds that have elapsed since January 1. responds with a list of the currently active users and then closes the port. 1990. return the message. It returns a quotation from a file of quotes. When a request is received. TCP waits for a connection on port 9. Quote of the Day : The Quote of the Day service does as its name implies. The reliability of transmissions can be tested this way. Both TCP and UDP versions monitor port 13 and. the service fails. The Time service is often used for synchronizing network machines or for setting clocks within an application. day of the month. upon receipt of a datagram. When requested. UDP sends a datagram. whereas UDP returns an identical datagram (except for the source and destination addresses). Echo : The Echo service returns whatever it receives. © Alcatel University 8AS 90200 1124 VH ZZA Ed. Port 37 is used to listed for a request (TCP) or receive an incoming datagram (UDP). month of the year. Note : Users can directly access their service of choice (assuming it is supported) by using Telnet. time. Finger The Active Users service returns a message to the originating user that contains a list of all users currently active on the remote machine. The Daytime service can be used for several purposes. Upon receipt of a datagram (the contents of which are ignored). Anything incoming is ignored. n Finger Echo Port 7 Discard Port 9 Port 11 Daytime Port 13 Chargen Port 19 Port 53 Time Port 37 Port 69 Port n Portsrc. the Character Generator service returns a list of all printable ASCII characters. upon establishment of a connection.230 . and theyear. the time is sent as a 32-bit binary number.02 Page 1. Up to 512 characters can be sent. The UDP Character Generator service monitors port 19 for an incoming datagram and responds with a datagram containing a random number of characters. If a source file of quotations is not available. Each field is separated by spaces to enable parsing of the contents. the Active Users service monitors port 11 and. randomly selecting one a day when a request arrives on port 17. It is called through port 7. Daytime : The Daytime service returns a message with the current date and time. The behavior of the TCP and UDP versions is the same. too. and TCP uses the connection itself.

231 .02 Page 1. but this is not guaranteed. All IP implementations are required to accept datagrams of 576 bytes. • Length: The length (in bytes) of this user datagram. Although. and the UDP data. and the UDP length: © Alcatel University 8AS 90200 1124 VH ZZA Ed. It is the port to which replies should be addressed. • Checksum: An optional 16-bit one's complement of the one's complement sum of a pseudo-IP header. the receiving IP implementation will reassemble it before presenting it to the UDP protocol. the UDP header.8 User Datagram Protocol Format of the UDP message byte byte byte byte UDP message length UDP source port UDP destination port Checksum UDP Data 231 UDP datagram format Each UDP datagram is sent within a single IP datagram. which means that. Many implementations will accept larger datagrams. allowing for maximum-size IP header of 60 bytes. a UDP datagram of 516 bytes is acceptable to all implementations. the IP datagram may be fragmented during transmission. The UDP datagram has a 16-byte header. • Destination Port: Specifies the port of the destination process on the destination host. Source Port: Indicates the port of the sending process. including the header. the protocol. The pseudo-IP header contains the source and destination IP addresses.

232 . since datagrams are normally directed to certain processes and not to the system as a whole. Port Portdest n src dest Prot=17 TCP (6) Layer 3 IP @IPsrc→ @Ipdest IP header UDP header Portsrc:…... Portdest: n IP packet 1 Data 232 It simply serves as a multiplexer/demultiplexer for sending and receiving datagrams. using ports to direct the datagrams.8 User Datagram Protocol IP packet processing Server Application layer Layer 4 UDP (17) 2 Multiplexing based on port number Application x Port 1 Application y Port 2 4 Application z Port n Data 5 Data 3 UDP header Port :….02 Page 1. :: n Portsrc :….. UDP provides this by using ports. Applications sending datagrams to a host need to identify a target that is more specific than the IP address. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

Why is this header added? It is because the TCP header doesn¢t contain IP addresses and just includes source and destination port numbers. the protocol.233 . This means if a TCP segment is delivered to the wrong system (wrong destination IP address). the TCP module on that system could not notice it by looking at the TCP header. Nothing informs the sending system. and the UDP length. the UDP header. and the UDP data. © Alcatel University 8AS 90200 1124 VH ZZA Ed. Including the IP address information in checksum using the pseudo-header prevents this problem. The pseudo-IP header contains the source and destination IP addresses.UDP pseudo IP header 12 bytes IP address source IP address destination 00 Protocol Datagram length UDP dest Port Checksum UDP UDP src Port UDP message length 8 User Datagram Protocol Checksum calculation IP Ver Header length Type Of Service Datagram length Identification TTL Protocol 17 Flag Datagram Offset Checksum Source IP address Destination IP address Calculation Data UDP Datagram 233 Checksum: An optional 16-bit one's complement of the one's complement sum of a pseudo-IP header.02 Page 1. If a problem is detected after the checksum calculation (validation) in a receiving system. the TCP segment is silently discarded.

8 User Datagram Protocol Synthesis UDP added value : no reliability. Application 2 Application Application 1 3 no error recovery UDP simply serves as a multiplexer/demultiplexer 234 © Alcatel University 8AS 90200 1124 VH ZZA Ed. connectionless-oriented no flow-control.234 .02 Page 1.

00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Eth V2 [0000:000D] 0000:0005 Destination Address: FFFFFFFFFFFF (Broadcast) 0006:000B Source Address: 00809F2132A9 (Alcatel2132A9) 000C:000D Ethernet Type: DOD Internet Protocol (IP) IP [000E:0021] 000E:000E Version: 4. 0010:0011 Packet Length: 328 Reliability:Normal 0012:0013 Identification: 0x0000 0014:0014 DF: May Fragment.255 UDP [0022:0029] 0022:0023 Source Port: Bootstrap Protocol Client 0024:0025 Destination Port: Bootstrap Protocol Server 0026:0027 Packet Length: 308 0028:0029 Checksum: 0xEF12 (correct) 235 © Alcatel University 8AS 90200 1124 VH ZZA Ed.255.0 001E:0021 Destination Address: 255.0. MF: Last Fragment 0014:0015 Fragment Offset: 0 0016:0016 Time to Live: 15 0017:0017 Transport: User Datagram 0018:0019 Header Checksum: 0xAAA6 (correct) 001A:001D Source Address: 0. Delay:Normal.255.UDP trace Addr.Throughput:Normal.0. look for the field allowing to know the encapsulated protocol.8 User Datagram Protocol Exercise . Precedence: Routine. Header Length: 20 000F:000F TOS.235 . Data FF FF FF FF 01 48 00 00 FF FF 00 44 7E BA 00 00 00 00 00 00 00 00 00 00 FF 00 00 00 00 00 FF 00 43 00 00 00 00 0F 01 00 00 00 80 11 34 00 80 00 9F AA EF 00 9F 00 21 A6 12 00 21 00 32 00 01 00 32 00 A9 00 01 00 A9 00 08 00 06 00 00 00 00 00 00 00 00 00 45 FF 00 00 00 00 00 FF 00 00 00 00 1.At each level.02 Page 1. 0000: 0010: 0020: 0030: 0040: 0050: 0140: 0150: Hex.

0. 0010:0011 Packet Length: 328 Reliability:Normal 0012:0013 Identification: 0x0000 0014:0014 DF: May Fragment. Delay:Normal.0 001E:0021 Destination Address: 255. 0000: 0010: 0020: 0030: 0040: 0050: 0140: 0150: BOOTPBOOTP-client Hex.236 . Precedence: Routine.255 UDP [0022:0029] 0022:0023 Source Port: Bootstrap Protocol Client 0024:0025 Destination Port: Bootstrap Protocol Server 0026:0027 Packet Length: 308 0028:0029 Checksum: 0xEF12 (correct) 236 © Alcatel University 8AS 90200 1124 VH ZZA Ed.255. 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Eth v2 [0000:000D] 0000:0005 Destination Address: FFFFFFFFFFFF (Broadcast) 0006:000B Source Address: 00809F2132A9 (Alcatel2132A9) 000C:000D Ethernet Type: DOD Internet Protocol (IP) IP [000E:0021] 000E:000E Version: 4. MF: Last Fragment 0014:0015 Fragment Offset: 0 0016:0016 Time to Live: 15 0017:0017 Transport: User Datagram 0018:0019 Header Checksum: 0xAAA6 (correct) 001A:001D Source Address: 0. look for the field allowing to know the encapsulated protocol.0.02 Page 1.255. Header Length: 20 000F:000F TOS. Data FF FF FF FF 01 48 00 00 FF FF 00 44 7E BA 00 00 00 00 00 00 00 00 00 00 BOOTPBOOTP-server FF 00 00 00 00 00 FF 00 43 00 00 00 00 0F 01 00 00 00 80 11 34 00 80 00 9F AA EF 00 9F 00 21 A6 12 00 21 00 UDP 32 00 01 00 32 00 A9 00 01 00 A9 00 08 00 06 00 00 00 00 00 00 00 00 00 IP 45 FF 00 00 00 00 00 FF 00 00 00 00 8 User Datagram Protocol UDP trace 1.Addr.Throughput:Normal.At each level.

02 Page 1.Objective: 8 User Datagram Protocol Evaluation to be able to to be able to list the characteristics of UDP transport layer protocol Thank you for answering the self-assessment of the objectives sheet 237 © Alcatel University 8AS 90200 1124 VH ZZA Ed.237 .

238 .02 Page 1.Page intentionally left blank 238 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

8AS 90200 1124 VT ZZA Ed.02 1.1 2 3 4 5 6 7 8 9 Introduction Physical and link layers ARP protocol Repeaters.02 Page 1.239 .239 © Alcatel University 8AS 90200 1124 VH ZZA Ed. Bridges and Switches IP protocol ICMP protocol Client-Server model UDP protocol TCP protocol © Alcatel University .

TCP is a standard protocol with STD number 7.3 10 Base T Ethernet V2 Physical 10 Base 2 10 Base 5 240 Transmission Control Protocol (TCP) TCP provides connection-oriented reliable data delivery. TCP is described by RFC 793–transmission Control Protocol. notably : error recovery. duplicate data suppression.02 Page 1. and flow control. reliability. flow control.2 Link MAC FDDI Optical fibre token Ring Shield twisted pair Ethernet ISO 802. TCP provides considerably more facilities for applications than UDP. but in practice. every TCP/IP implementation that is not used exclusively for routing will include TCP. which is connectionless. Its status is recommended. © Alcatel University 8AS 90200 1124 VH ZZA Ed. unlike UDP.240 . TCP is a connection-oriented protocol.9 TCP protocol Situation of the TCP protocol Application Transport Network NTP TFTP UDP ICMP SNMP DNS Telnet FTP SMTP TCP HTTP IP ARP LLC SNAP 802. congestion control.

241 .02 Page 1.9 TCP protocol “Connection-oriented service” TCP IP P3 P2 P1 TCP reorder the received packets Connectionless service P2 IP network P1 P2 P3 TCP IP P1 P3 P2 P1 P3 P3 P1 P2 TCP offers Connection-oriented service Sequence numbers have to be introduced and managed by TCP 241 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

02 Page 1.9 TCP protocol Error recovery Application TCP P1 IP 2 Central Bank Withdraw: 50$ P1P1-OK Application Withdraw: 50$ TCP is reliable TCP P1 IP 1 IP network (not reliable) h C as er ens di s p 242 © Alcatel University 8AS 90200 1124 VH ZZA Ed.242 .

© Alcatel University 8AS 90200 1124 VH ZZA Ed.243 .02 Page 1.9 TCP protocol TCP Format Byte Byte Byte Byte source Port number max 60 bytes A R S F Header Reserved U R C PS S Y I H length G K T N N Sequence number Acknowledge number destination port number Min 20 bytes Checksum Options (optional) Data (optional) Window size urgent Pointer Header length : expressed in word of 4 bytes 243 A unit of transmission in a TCP layer is called a segment Header length : The number of 32-bit words in the TCP header. It indicates where the data begins.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1. just as with UDP.244 .9 TCP protocol TCP port number Bytes Bytes Bytes Bytes Source port number Header length Checksum S Y I Reserved R C PS G K H T N N U A Sequence number Acknowledge number R S F Destination port number Options (optional) Data (optional) Window size urgent Pointer 244 Ports : Allow multiplexing: Achieved through the use of ports.

245 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.9 TCP protocol Some « Well known ports » using TCP server FTP Data port Server Telnet Server SMTP Server DNS Server HTTP port Ctrl 20 21 port 23 port TCP IP 25 port 53 port 80 Network TCP/IP Server 245 Unix display /etc/services to see port assignments.02 Page 1.

Exception is the FTP server.Data 21: FTP File Transfer Protocol. which uses two: 20 and 21 Normally.logged users 13: Daytime 15: Netstat 19: Chargen20: FTP File Transfer Protocol.9 TCP protocol Main TCP « well-known » ports 5: RJE.Remote Job Entry 7: Echo 9: Discard 11: Systat. but there are exceptions. © Alcatel University 8AS 90200 1124 VH ZZA Ed. For example. a server will use either TCP or UDP.Commands 23: TELNETTELNET Remote connection 25: SMTP Simple Mail Transfer Protocol53: DNS Domain Name Server (zone transfer) 80: HTTP Hypertext Transfer Protocol 110: POP3 Post Office Protocol 111: SUNRPC 139: Netbios 246 Most servers require only a single port. domain name servers use both UDP port 53 (for query) and TCP port 53 (for database transfer between Domain name servers).02 Page 1.246 .

the sequence number is the initial sequence number (n) and the first data byte is n+1. Acknowledgement Number: If the ACK control bit is set. PSH: Sometimes. this field contains the value of the next sequence number that the receiver is expecting to receive. If the SYN control bit is set.247 . URG: Indicates that the urgent pointer field is significant in this segment. a push function is defined. For that reason. ACK: Indicates that the acknowledgement field is significant in this segment. © Alcatel University 8AS 90200 1124 VH ZZA Ed. The normal close connection function also pushes the data to the destination.02 Page 1. It will push all remaining TCP segments still in storage to the destination host. SYN: Synchronise the sequence numbers. • RST: Resets the connection.9 TCP protocol Sequence numbers and flags Bytes Bytes Bytes Bytes source Port number Header length Checksum S Y I Reserved R C PS G K H T N N U A Sequence number Acknowledge number R S F destination port number Options (optional) Data (optional) Window size urgent Pointer 247 Sequence Number: The sequence number of the first data byte in this segment. FIN: No more data from sender. an application needs to be sure that all the data passed to TCP has actually been transmitted to the destination.

= ACK ( Ack. data can flow reliably on both directions © Alcatel University 8AS 90200 1124 VH ZZA Ed.= y +1)/ (Seq. : y Connect-Indication Connect-Response TCP Appli (Seq.9 TCP protocol Connection establishment Appli Seq.02 Page 1.= x+ 1) / ACK ( Ack.: x) Connect-Confirm q.= y) SYN (Seq. X Connect-Request TCP Three-way handshake S YN Seq.= X + 1) 248 Once established.248 .

02 Page 1.= 47) / Data “hi ” (Seq.= 40 ) / Data “a bc d” 44 ACK =44 Data-Indication (“abcd”) abcd (Seq.249 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.= 49 ) / Data “j kl” 52 ACK =52 Data-Indication (“efghijkl”) efghijkl 249 TCP is in charge of reordering the received data. : 40 Data-Request (“abcd”) abcd Data-Request (“efg”) efg Data-Request (“hi”) hi Data-Request (“jkl”) jkl Transfer phase ( S eq .= 44 ) / Dat a “e f g” (Seq.9 TCP protocol Reordering data Establishment phase Seq.

an application needs to be sure that all the data passed to TCP has actually been transmitted to the destination. TCP can be characterised by the following facilities it provides for the applications using it: Stream Data Transfer: From the application's viewpoint. Sometimes.. It will push all remaining TCP segments still in storage to the destination host. The normal close connection function also pushes the data to the destination. Since the data is transmitted in blocks (TCP segments). TCP transfers a contiguous stream of bytes through the network. 100 401 :: +1 411 SYN / seq nb :100 / A C K : a c k nb: 4 0 1 +1 101 Seq nb:4 0 1 PS / H ACK / a ck nb : 1 0 1 / /ACK /a ck nb: 1 0 1 /1 0 by tes 421 delivery 22 bytes 1 bytes 1/ PSH/ ACK ack nb : 42/2 21 séq:12 n° séq:1 Seq nb :4 2 1 / ACK / a ck nb : 1 2 3 /20 bytes 1/ ACK: ack nb : 411 01 séq:10 n° séq:1 Seq nb :4 1 1 / ACK / a ck nb : 1 2 1 /1 0 by tes delivery 10 bytes 121 123 250 The primary purpose of TCP is to provide reliable logical circuit or connection service between pairs of processes. The receiving TCP uses the sequence numbers to rearrange the segments when they arrive out of order. which are passed to IP TCP assigns a sequence number to each byte transmitted and expects a positive acknowledgement (ACK) from the receiving TCP. a push function is defined.02 Page 1. If the ACK is not received within a timeout interval. © Alcatel University 8AS 90200 1124 VH ZZA Ed. and to eliminate duplicate segments. For that reason. It does not assume reliability from the lower-level protocols (such as IP). only the sequence number of the first data byte in the segment is sent to the destination host.Client 400 9 TCP protocol Reliability thanks to sequence and acknowledge numbers Server SYN / Seq nb :4 0 0 /… …. TCP does this by grouping the bytes in TCP segments.250 . the data is retransmitted. so TCP must guarantee this itself. The application does not have to bother with chopping the data into basic blocks or datagrams.

The normal close connection function also pushes the data to the destination. It does not assume reliability from the lower-level protocols (such as IP). a push function is defined. The application does not have to bother with chopping the data into basic blocks or datagrams. TCP transfers a contiguous stream of bytes through the network. TCP does this by grouping the bytes in TCP segments. Since the data is transmitted in blocks (TCP segments). and to eliminate duplicate segments.02 Page 1.251 . only the sequence number of the first data byte in the segment is sent to the destination host. It will push all remaining TCP segments still in storage to the destination host. TCP can be characterised by the following facilities it provides for the applications using it: Stream Data Transfer: From the application's viewpoint. which are passed to IP TCP assigns a sequence number to each byte transmitted and expects a positive acknowledgement (ACK) from the receiving TCP. If the ACK is not received within a timeout interval.Client 421 FIN / Seq nb :4 2 1 / A CK / a ck nb : 1 2 3 A C K : a c k nb: 4 2 2 9 TCP protocol Session termination Server 123 +1 / ack nb : 422 FIN / Seq nb :123 / ACK +1 ACK: ack nb: 124 251 The primary purpose of TCP is to provide reliable logical circuit or connection service between pairs of processes. an application needs to be sure that all the data passed to TCP has actually been transmitted to the destination. © Alcatel University 8AS 90200 1124 VH ZZA Ed. so TCP must guarantee this itself. For that reason. the data is retransmitted. Sometimes. The receiving TCP uses the sequence numbers to rearrange the segments when they arrive out of order.

9 TCP protocol Urgent Pointer Bytes Bytes Bytes Bytes source Port number Header length Checksum S Y I Reserved R C PS G K H T N N U A Sequence number Acknowledge number R S F destination port number Urgent data Options (optional) Window size urgent Pointer 252 Urgent Pointer : Points to the first data byte following the urgent data. Only significant when the URG control bit is set.02 Page 1.252 . URG: Indicates that the urgent pointer field is significant in this segment © Alcatel University 8AS 90200 1124 VH ZZA Ed.

02 Page 1.253 .9 TCP protocol Flow control a window size TCP gives a credit to each sender IP network 253 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

also indicates to the sender the number of bytes it can receive beyond the last received TCP segment. This is sent in the ACK in the form of the highest sequence number it can receive without problems. Flow Control: The receiving TCP. Each ACK message will include the window size that the receiver is ready to deal with at that particular time.9 TCP protocol Window size Bytes Bytes Bytes Bytes source Port number Header length Checksum S Y I Reserved R C PS G K H T N N U A Sequence number Acknowledge number R S F destination port number Options (optional) Data (optional) Window size urgent Pointer 254 Window: The window size is determined by the receiver when the connection is established and is variable during the data transfer. without causing overrun and overflow in its internal buffers. This mechanism is also referred to as a window-mechanism. when sending an ACK back to the sender.02 Page 1.254 . © Alcatel University 8AS 90200 1124 VH ZZA Ed.

• The sender slides the window on each ACK received. nb=5 0 0 0 ) 9 TCP protocol Window : End-to-end flow control Receiver Ack nb=5000 / Window: 1000 Buffer 5 0 0 by t es 5000 5500 Ack nb=5500 S e gme n t 2 (Se q . knowing its free buffers are available and the window-size of the communication. but must start a timeout timer for each of them. • Flow-control. bn 0 / W i ndo w: 1 0 0 =5500) 500 b yte s 500 bytes 500 bytes 500 bytes Ack nb=6000 /W indow: 500 6000 =6000) 500 b yte s Ack nb=6500 / Window: 0 6500 6850 W I N D O W 350 bytes Se gme nt 4 (Se q. This window mechanism ensures: • Reliable transmission. Acknowledgements specify the sequence number of the next byte that the receiver expects to receive. © Alcatel University 8AS 90200 1124 VH ZZA Ed. • The receiver must acknowledge each packet received. since the receiver may delay replying to a packet with an acknowledgment. The sender can send all packets within the window without receiving an ACK. • Better use of the network bandwidth (better throughput). indicating the sequence number of the last well-received packet. nb=6500) Ack nb=6500 / Window: 800 350 byte s 6500 6850 350 bytes Ack nb=6850 / Window: 450 255 TCP sends data in variable length segments. bn S e gme n t 3 (Se q .255 .5000 W I N D 5500 O W I N 6000 D O W 500 bytes 500 bytes 500 bytes Seg m ent 1 ( Seq. Sequence numbers are based on a byte count.02 Page 1.

256 . The pseudo-header is the same as that used by UDP for calculating the checksum. While computing the checksum. It is a pseudo-IP-header. only used for the checksum calculation. the TCP header.TCP Source IP address Pseudo IP header 9 TCP protocol ‘ Checksum ’ calculation IP Ver Header length Type Of Service Datagram length Destination IP address 00 Protocol port source Ack number Window size Urgent pointeur port destination Datagramme length Identification Flag 12 bytes Datagram Offset TTL Protocol 17 Checksum Source IP address Destination IP address Sequence number Header Reserved U A P R S F RCS S Y I length Calculation Checksum G K HT N N Options (optional) Data (optional) TCP Datagram 256 Checksum: The 16-bit one's complement of the one's complement sum of all 16-bit words in a pseudo-header. the checksum field itself is considered zero. © Alcatel University 8AS 90200 1124 VH ZZA Ed. and the TCP data.02 Page 1.

9 TCP protocol Options

Header length

destination port source port Sequence number Acknowledge number Checksum
S Y I Reserved R C PS G K H T N N U A R S F

Options (optional) Data (optional)

Window size urgent Pointeur

1 Type

1 Length

2 Value 4 : Sack-Permitted 5 : Sack(Selective ACK) 8 : Timestamps
257

0: end of option list 1 : No-Operation 2 : Maximum segment size 3 : Window scale
Options:

Maximum Segment Size option: This option is only used during the establishment of the connection (SYN control bit set) and is sent from the side that is to receive data to indicate the maximum segment length it can handle. Window Scale option: This option is not mandatory. Both sides must send the Windows Scale Option in their SYN segments to enable windows scaling in their direction. The Window Scale expands the definition of the TCP window to 32 bits. It defines the 32-bit window size by using scale factor in the SYN segment over standard 16bit window size. The receiver rebuild the 32-bit window size by using the 16-bit window size and scale factor. This option is determined while handshaking. There is no way to change it after the connection has been established. SACK-Permitted option: This option is set when selective acknowledgement is used in that TCP connection. SACK option: Selective Acknowledgement (SACK) allows the receiver to inform the sender about all the segments that are received successfully. Thus, the sender will only send the segments that actually got lost. If the number of the segments that have been lost since the last SACK is too large, the SACK option will be too large. As a result, the number of blocks that can be reported by the SACK option is limited to four. To reduce this, the SACK option should be used for the most recent received data. Timestamps option: The timestamps option sends a timestamp value that indicates the current value of the timestamp clock of the TCP sending the option. Timestamp Echo Value can only be used if the ACK bit is set in the TCP header.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.257

9 TCP protocol Retransmit Timeout
INTERNET

Round Trip Time

segment
Ack

etransmit _ x β= R TimeOut
Waiting for ack

segment

258
Variable timeout intervals Each TCP should implement an algorithm to adapt the timeout values to be used for the round trip time of the segments. To do this, TCP records the time at which a segment was sent, and the time at which the ACK is received. A weighted average is calculated over several of these round trip times, to be used as a timeout value for the next segment(s) to be sent. In Internet, the path between a pair of hosts may traverse a single high speed network or, it may wind across multiple intermediate networks. Thus it is impossible to know a priori how quickly an acknowledge will return. TCP uses an adaptive retransmission algorithm. The TCP sender records the time at which each segment is sent, and the time at which an acknowledgement arrives. The elapsed time is called RTT “Round Trip Time” .

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.258

9 TCP protocol Average RTT A : average RTT
INTERNET

A0 =

RTT0 RTT1 RTT2

segment
Ack

segment
Ack

A1 =0,9 x A0 + 0,1 x

segment
Ack
α : smooth factor 1< α <0

A2 =0,9 x A1 + 0,1 x

A =α x A + (1- α ) x RTT

259

The TCP sender records the time at which each segment is sent, and the time at which an acknowledgement arrives. The elapsed time is called RTT “Round Trip Time” . Whenever it measures a new RTT, TCP adjusts its notion of the average RTT for the connection. The algorithm is : RTT being the latest measured Round Trip Time, T0 being the average RTT calculated on the previous RTTs The new average T1 is given by : - T1 = α T0 + (1- α ) RTT α : weighing factor 0< α <1 Choosing a value for α close to 0 makes the weighted average respond to changes in delay very quickly. Usually, α is chosen closer to 1 to prevent a single RTT to affect average dramatically. Example: if α =0.9 then the last RTT contribute in only 10% of the new Timeout calculation. Van Jackobson suggested in 1990 a new method of timeout calculation. Karn algorithm suggested not to take in account the measured RTT after a retransmission because one cannot know if the received ack is the response to the initial segment or the retransmit segment.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.259

9 TCP protocol Congestion control: algorithm « Slow Start » Transmitter
Ex a mple : 5 1 2 by t es

Receiver

x dow si ze = Ack, Wi n
Segments 20 15 10 5
(Round Trip Time)

exponential increasing

260
TCP congestion control algorithms The TCP congestion algorithm prevents a sender from overrunning the capacity of the network Several congestion control enhancements have been added and suggested to TCP over the years. This is still an active and ongoing research area, but modern implementations of TCP contain four intertwined algorithms as basic Internet standards: • Slow start • Congestion avoidance • Fast retransmit • Fast recovery The assumption of the algorithm is that packet loss caused by damage is very small (much less than 1 percent). Therefore, the loss of a packet signals congestion somewhere in the network between the source and destination. There are two indications of packet loss: 1. A timeout occurs. 2. Duplicate ACKs are received. slow start It operates by observing that the rate at which new packets should be injected into the network is the rate at which the acknowledgements are returned by the other end. Slow start adds another window to the sender's TCP: the congestion window, called cwnd. The sender starts by transmitting one segment and waiting for its ACK. When that ACK is received, the congestion window is incremented from one to two, and two segments can be sent. When each of those two segments is acknowledged, the congestion window is increased to four. This provides an exponential growth, although it is not exactly exponential, because the receiver may delay its ACKs, typically sending one ACK for every two segments that it receives.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.260

9 TCP protocol Algorithm ‘Slow Start’ and ‘Congestion Avoidance’ segments
25

20

congestion Detection

Congestion avoidance
rowth

15

10

ssthresh= 16/2= 8

g L inear

5

slow start
(Round Trip Time)
261
Congestion avoidance Congestion avoidance and slow start are independent algorithms with different objectives. But when congestion occurs TCP must slow down its transmission rate of packets into the network, and invoke slow start to get things going again. In practice, they are implemented together. Congestion avoidance and slow start require that two variables be maintained for each connection: A congestion window, cwnd A slow start threshold size, ssthresh The combined algorithm operates as follows: 1. Initialization for a given connection sets cwnd to one segment and ssthresh to 65535 bytes. 2. The TCP output routine never sends more than the lower value of cwnd or the receiver's advertised window. 3. When congestion occurs (timeout or duplicate ACK), one-half of the current window size is saved in ssthresh. Additionally, if the congestion is indicated by a timeout, cwnd is set to one segment. 4. When new data is acknowledged by the other end, increase cwnd, but the way it increases depends on whether TCP is performing slow start or congestion avoidance. If cwnd is less than or equal to ssthresh, TCP is in slow start; otherwise, TCP is performing congestion avoidance.

© Alcatel University 8AS 90200 1124 VH ZZA Ed.02

Page 1.261

the data is retransmitted. Since the data is transmitted in blocks (TCP segments). without causing overrun and overflow in its internal buffers. including sockets. • Full Duplex: TCP provides for concurrent data streams in both directions. The combination of this status. only the sequence number of the first data byte in the segment is sent to the destination host. This is sent in the ACK in the form of the highest sequence number it can receive without problems. flow-control.9 TCP protocol Summary TCP adds : reliability. sequence numbers and window sizes. is called a logical connection.262 . error recovery multiplexing/ demultiplexing connection-oriented 262 Reliability: CP assigns a sequence number to each byte transmitted and expects a positive acknowledgment (ACK) from the receiving TCP. when sending an ACK back to the sender. • Logical Connections: The reliability and flow control mechanisms described above require that TCP initializes and maintains certain status information for each data stream. also indicates to the sender the number of bytes it can receive beyond the last received TCP segment. just as with UDP.02 Page 1. If the ACK is not received within a timeout interval. Each connection is uniquely identified by the pair of sockets used by the sending and receiving processes. The receiving TCP uses the sequence numbers to rearrange the segments when they arrive out of order. This mechanism is also referred to as a window-mechanism. © Alcatel University 8AS 90200 1124 VH ZZA Ed. and to eliminate duplicate segments. • Flow Control: The receiving TCP. • Multiplexing: Achieved through the use of ports.

263 .Objective: 9 TCP protocol Evaluation to be able to to be able to list the characteristics of TCP transport layer protocol Thank you for answering the self-assessment of the objectives sheet 263 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

02 Page 1.264 .Page intentionally left blank 264 © Alcatel University 8AS 90200 1124 VH ZZA Ed.

Exercise solutions 265 © Alcatel University 8AS 90200 1124 VH ZZA Ed.265 .02 Page 1.

3 ARP protocol Exercise :Trace of ARP protocol Given the following trace : Addr.3 ou Ethernet V2)? 2) Indicate the name of various fields and their value below ARP Message Hw type 2 EthV2 0001 Type type 0800 2 Legth @MAC 06 1 length @IP 04 1 Operation 0001 2 @MAC src 00600856F4E5 6 0A00008C 4 @IP src @MAC dest 000000000000 6 0A00008A 4 @IP dest Eth frame ffffffffffff 6 @MAC dest @MAC src 00600856F4E5 6 Protocol 2 0806 Request 4 3) Which kind of operation is it? 266 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.045 FF FF FF FF FF FF 00 60 08 56 F4 E5 08 06 00 01 08 00 06 04 00 01 00 60 08 56 F4 E5 0A 00 00 8C 00 00 00 00 00 00 0A 00 00 8A 1) What is the Ethernet protocol (IEEE802. 0000: 0010: 0020: >600hexa =>EthV2 Hex. Data Time:07:33:06.266 .

185.6. .0.0.78.5 IP protocol 5. . .83. 145.90.108.108. .1 IP Addressing Exercise ( 1) @IP 131. 125.0 .2.32. .78.173. .32. . 195.02 Page 1. .134 145. .173.0.0 .267 .3 class B _ B _ A _ C _ B _ Net Id 131. 267 © Alcatel University 8AS 90200 1124 VH ZZA Ed.18 195.219 125. 0. 0 159.10. .0 .0 .10 159.6.0. .

255.02 Page 1.134 159.90.248 .34 131.255.255. .128 255. .128 . . .6. 255. 195.90. .2.268 .255.32.2. .173. 159.255. 131.0 .255. .6.0 .216 . . .90.108.32.1 IP Addressing Exercise ( 2) @IP 159. bits for sub-net 9 _ 9 _ 8 5 Net Id 159.90.5 IP protocol 5.173.255.219 Sub-net Mask 255.108. .255.173. 268 © Alcatel University 8AS 90200 1124 VH ZZA Ed.128 255.10 195.173.0 . . .

131. .90.90.255.255. .90. .219 Network Broadcast 159.255.2.128 255.32. . .108.108.255 . .255 .6.173. .255 . .255.6.10 195.2.34 131.173. . . .1 IP Addressing Exercise ( 3) @IP 159.255.255.255.127 .173.255.223 269 © Alcatel University 8AS 90200 1124 VH ZZA Ed.173.0 255.255.90. .255 .32.269 . 195.173.02 Page 1.134 159. 159.248 Sub-net Broadcast 159.255 .6. .5 IP protocol 5.32. . . . 159.255 131.173.108.255.255. . . 195.128 255. Net mask 255.

255 . 128 192 270 © Alcatel University 8AS 90200 1124 VH ZZA Ed. 32 32 . 213 213 . 64 164 164 . 32 32 .5 IP protocol 5. 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 32 . .270 .Answer NetID Netmask NetID 1 NetID 2 NetID 3 NetID 4 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 164 .32.213.192 / 26 255 164 164 .64 / 26 NetID 3 : 164. 213 213 . .213.32.02 Page 1.Exercise 2 .32. 255 . 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 0 0 1 0 0 0 0 0 0 0 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 0 0 1 0 0 0 0 0 0 1 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 0 0 1 0 0 0 0 0 1 0 1 0 1 0 0 1 0 0 1 1 0 1 0 1 0 1 0 0 1 0 0 0 0 0 1 1 NetID 1 : 164. .0 / 26 NetID 2 : 164.128 / 26 NetID 4 : 164. 213 .213. . .213.1 IP Addressing Static subnetting . . 192 0 .32.

255.0 255.0 204.76.255.168.76.5 IP protocol 5.75.92.76.255. the bandwidth.0 192.92.92.76.168.92.0 0.1 e1 e0 e1 If Network Mask Next hop If e0 e1 e2 e0 271 An important function of the IP protocol is IP routing.92.255.2 204.2 e0 .0 192.92.0 255.0 204.0(default) Network 255.0.0 0.0.0 .92.75.02 Page 1.92.0 204.255. This provides the basic mechanism for routers to interconnect different physical networks.Exercise 8 (answer) 204..168. The router only has information about various kinds of destinations: • networks that are directly attached to one of the physical networks to which the router is attached.0.0 255.255.0 192.255.92.0 Fill-in this table 255.92. Metrics are based on : the number of hops.2 e1 R2 R1 e0 .76.255.1 204.1 204.2 IP routing Routing table .0 204.0 204.75.92.201.0 .77.1 192.255.271 .201.255.201.77.168.0 255.255.0 204. the delay.201.0.77.92.0 e1 e2 .0 204. . • Hosts or networks for which the router has been given explicit definitions.76.255.0 Mask Next hop 204. The metrics provide indication about cost of a route to a destination.. © Alcatel University 8AS 90200 1124 VH ZZA Ed.

.. ...... ......Look for the destination MAC @ and explain its value Multicast @ 01:00:5E:00:00:09 Copy of lower significant bits from IP@ Answer : E0...09 ≡ 224.E...3 IP header Exercise Ethernet header MAC@dest Addr................02 Page 1.... .0. 0000: 0010: 0020: 0030: 0040: Hex.00.. IP@dest 1.9 Class D (multicast) 272 © Alcatel University 8AS 90200 1124 VH ZZA Ed..0.4....{.272 .^.Look for the destination IP @ and indicate which class is it 2. Data 01 00 5E 00 00 34 00 00 00 09 02 08 00 00 0A 0A 00 01 00 00 02 00 09 00 08 00 IP header Ethernet Frame 00 02 00 FF 10 11 20 FF 7B CD 05 00 81 DD 73 00 9E 0A 02 00 9A 0E 02 00 08 00 00 00 00 05 00 00 45 E0 00 00 C0 00 02 00 ASCII ....5 IP protocol 5..00.....s...

273 .1 Abstract Syntax Notation 1 BGP Border Gateway Protocol BIND Berkeley Internet Name Domain BSD Berkeley Software Distribution CHAP Challenge Handshake Authentication Protocol CIDR Classless Inter-Domain Routing CLNP Connectionless Network Protocol JPEG Joint Photographic Experts Group CORBA Common Object Request Broker Architecture LAC L2TP Access Concentrator COS Class of Service LAN Local Area Network CPCS Common Part Convergence Sublayer LAPB Link Access Protocol Balanced CSMA/CD Carrier Sense Multiple Access with Collision Detection LCP Link Control Protocol LDAP Lightweight Directory Access Protocol LE LAN Emulation (ATM) DARPA Defense Advanced Research Projects Agency LLC Logical Link Layer DCE Data Circuit-terminating Equipment LNS L2TP Network Server LPD Line Printer Daemon DDNS Dynamic Domain Name System LPR Line Printer Requester DES Digital Encryption Standard LSAP Link Service Access Point L2F Layer 2 Forwarding DHCP Dynamic Host Configuration Protocol L2TP Layer 2 Tunnelling Protocol DLC Data Link Control DLCI Data Link Connection Identifier DMZ Demilitarized Zone DNS Domain Name Server DOD U.AAA Authentication. Department of Defense DSA Digital Signature Algorithm DSAP Destination Service Access Point DSS Digital Signature Standard DTE Data Terminal Equipment DVMRP Distance Vector Multicast Routing Protocol EGP Exterior Gateway Protocol ESP Encapsulating Security Payload FDDI Fiber Distributed Data Interface FQDN Fully Qualified Domain Name FR Frame Relay FTP File Transfer Protocol GGP Gateway-to-Gateway Protocol GUI Graphical User Interface HDLC High-level Data Link Control HMAC Hashed Message Authentication Code HTML Hypertext Markup Language HTTP Hypertext Transfer Protocol IAB Internet Activities Board IANA Internet Assigned Numbers Authority ICMP Internet Control Message Protocol ICSS Internet Connection Secure Server IDEA International Data Encryption Algorithm IDLC Integrated Data Link Control IDRP Inter-Domain Routing Protocol IEEE Institute of Electrical and Electronics Engineers IESG Internet Engineering Steering Group IETF Internet Engineering Tas k Fo r ce IGMP Internet Group Management Protocol IGP Interior Gateway Protocol IKE Internet Key Exchange IMAP Internet Message Access Protocol IMS Information Management System IP Internet Protocol IPSec IP Security Architecture IPX Internetwork Packet Exchange IRFT Internet Research Task Force ISAKMP Internet Security Association and Key Management Protocol ISDN Integrated Services Digital Network ISO International Organization for Standardization ISP Internet Service Provider Glossary MAC Medium Access Control MD2 RSA Message Digest 2 Algorithm MD5 RSA Message Digest 5 Algorithm MIB Management Information Base MILNET Military Network MIME Multipurpose Internet Mail Extensions MLD Multicast Listener Discovery MOSPF Multicast Open Shortest Path First MPC Multi-Path Channel MPEG Moving Pictures Experts Group MPLS Multiprotocol Label Switching MPOA Multiprotocol over ATM MPTN Multiprotocol Transport Network MS-CHAP Microsoft Challenge Handshake Authentication Protocol MTA Message Transfer Agent MTU Maximum Transmission Unit NAT Network Address Tr an sl a t i o n NBDD NetBIOS Datagram Distributor NBNS NetBIOS Name Server NCP Network Control Protocol NCSA National Computer Security Association © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.S. Authorization and Accounting AAL ATM Adaptation Layer API Application Programming Interface ARP Address Resolution Protocol ARPA Advanced Research Projects Agency AS Autonomous System ASN.

274 .02 Page 1.NDIS Network Driver Interface Specification NetBIOS Network Basic Input/Output System NFS Network File System NIC Network Information Center NIS Network Information Systems NIST National Institute of Standards and Technology NMS Network Management Station NNTP Network News Transfer Protocol NRZ Non-Return-to-Zero NRZI Non-Return-to-Zero Inverted NSAP Network Service Access Point NTP Network Time Protocol NVT Network Virtual Ter mi na l OSI Open Systems Interconnect OSPF Open Shortest Path First PAP Password Authentication Protocol PDU Protocol Data Unit PGP Pretty Good Privacy PI Protocol Interpreter PIM Protocol Independent Multicast PKCS Public Key Cryptosystem PKI Public Key Infrastructure PNNI Private Network-to-Network Interface POP Post Office Protocol POP Point-of-Presence PPP Point-to-Point Protocol PPTP Point-to-Point Tunneling Protocol PRI Primary Rate Interface PSDN Packet Switching Data Network PSTN Public Switched Telephone Network PVC Permanent Virtual Circuit QLLC Qualified Logical Link Control QoS Quality of Service RACF Resource Access Control Facility RADIUS Remote Authentication Dial-In User Service RARP Reverse Address Resolution Protocol RAS Remote Access Service RC2 RSA Rivest Cipher 2 Algorithm RC4 RSA Rivest Cipher 4 Algorithm REXEC Remote Execution Command Protocol RFC Request for Comments RIP Routing Information Protocol RIPE Réseaux IP Européens RISC Reduced Instruction-Set Computer RPC Remote Procedure Call RSH Remote Shell RSVP Resource Reservation Protocol RTCP Realtime Control Protocol RTP Realtime Protocol SA Security Association SAP Service Access Point SDLC Synchronous Data Link Control Glossary SET Secure Electronic Transaction SGML Standard Generalized Markup Language SHA Secure Hash Algorithm S-HTTP Secure Hypertext Transfer Protocol SLA Service Level Agreement SLIP Serial Line Internet Protocol SMI Structure of Management Information S-MIME Secure Multipurpose Internet Mail Extension SMTP Simple Mail Transfer Protocol SNA System Network Architecture SNAP Subnetwork Access Protocol SNMP Simple Network Management Protocol SOA Start of Authority SPI Security Parameter Index SSL Secure Sockets Layer SSAP Source Service Access Point SSP Switch-to-Switch Protocol SSRC Synchronization Source SVC Switched Virtual Circuit TACACS Terminal Access Controller Access Control System TCP Transmission Control Protocol TCP/IP Transmission Control Protocol/Internet Protocol TFTP Trivial File Transfer Protocol TLPB Transport-Layer Protocol Boundary TLS Transport Layer Security TOS Type of Service TRD Transit Routing Domain TTL Time to Live UDP User Datagram Protocol UID Unique Identifier URI Uniform Resource Identifier URL Uniform Resource Locator VPN Virtual Private Network VRML Virtual Reality Modeling Language VRRP Virtual Router Redundancy Protocol VTAM Virtual Telecommunications Access Method WAE Wireless Application Environment WAP Wireless Application Protocol WSP Wireless Session Protocol WTP Wireless Transaction Protocol WAN Wide Area Network WWW World Wide Web XDR External Data Representation XML Extensible Markup Language 3DES Triple Digital Encryption Standard © Alcatel University 8AS 90200 1124 VH ZZA Ed.

275 .dec 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 hex 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F 20 21 22 23 24 25 26 27 28 29 2A 2B 2C 2D 2E 2F 30 31 32 33 34 35 36 37 38 39 3A 3B 3C 3D 3E 3F bin 00000000 00000001 00000010 00000011 00000100 00000101 00000110 00000111 00001000 00001001 00001010 00001011 00001100 00001101 00001110 00001111 00010000 00010001 00010010 00010011 00010100 00010101 00010110 00010111 00011000 00011001 00011010 00011011 00011100 00011101 00011110 00011111 00100000 00100001 00100010 00100011 00100100 00100101 00100110 00100111 00101000 00101001 00101010 00101011 00101100 00101101 00101110 00101111 00110000 00110001 00110010 00110011 00110100 00110101 00110110 00110111 00111000 00111001 00111010 00111011 00111100 00111101 00111110 00111111 dec 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 hex 40 41 42 43 44 45 46 47 48 49 4A 4B 4C 4D 4E 4F 50 51 52 53 54 55 56 57 58 59 5A 5B 5C 5D 5E 5F 60 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 75 76 77 78 79 7A 7B 7C 7D 7E 7F bin 01000000 01000001 01000010 01000011 01000100 01000101 01000110 01000111 01001000 01001001 01001010 01001011 01001100 01001101 01001110 01001111 01010000 01010001 01010010 01010011 01010100 01010101 01010110 01010111 01011000 01011001 01011010 01011011 01011100 01011101 01011110 01011111 01100000 01100001 01100010 01100011 01100100 01100101 01100110 01100111 01101000 01101001 01101010 01101011 01101100 01101101 01101110 01101111 01110000 01110001 01110010 01110011 01110100 01110101 01110110 01110111 01111000 01111001 01111010 01111011 01111100 01111101 01111110 01111111 dec 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 hex 80 81 82 83 84 85 86 87 88 89 8A 8B 8C 8D 8E 8F 90 91 92 93 94 95 96 97 98 99 9A 9B 9C 9D 9E 9F A0 A1 A2 A3 A4 A5 A6 A7 A8 A9 AA AB AC AD AE AF B0 B1 B2 B3 B4 B5 B6 B7 B8 B9 BA BB BC BD BE BF bin 10000000 10000001 10000010 10000011 10000100 10000101 10000110 10000111 10001000 10001001 10001010 10001011 10001100 10001101 10001110 10001111 10010000 10010001 10010010 10010011 10010100 10010101 10010110 10010111 10011000 10011001 10011010 10011011 10011100 10011101 10011110 10011111 10100000 10100001 10100010 10100011 10100100 10100101 10100110 10100111 10101000 10101001 10101010 10101011 10101100 10101101 10101110 10101111 10110000 10110001 10110010 10110011 10110100 10110101 10110110 10110111 10111000 10111001 10111010 10111011 10111100 10111101 10111110 10111111 dec 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 hex C0 C1 C2 C3 C4 C5 C6 C7 C8 C9 CA CB CC CD CE CF D0 D1 D2 D3 D4 D5 D6 D7 D8 D9 DA DB DC DD DE DF E0 E1 E2 E3 E4 E5 E6 E7 E8 E9 EA EB EC ED EE EF F0 F1 F2 F3 F4 F5 F6 F7 F8 F9 FA FB FC FD FE FF bin 11000000 11000001 11000010 11000011 11000100 11000101 11000110 11000111 11001000 11001001 11001010 11001011 11001100 11001101 11001110 11001111 11010000 11010001 11010010 11010011 11010100 11010101 11010110 11010111 11011000 11011001 11011010 11011011 11011100 11011101 11011110 11011111 11100000 11100001 11100010 11100011 11100100 11100101 11100110 11100111 11101000 11101001 11101010 11101011 11101100 11101101 11101110 11101111 11110000 11110001 11110010 11110011 11110100 11110101 11110110 11110111 11111000 11111001 11111010 11111011 11111100 11111101 11111110 11111111 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.

Page intentionally left blank 276 © Alcatel University 8AS 90200 1124 VH ZZA Ed.02 Page 1.276 .