TCPIP Basics P-1

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-2

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-3

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-4

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-5

 Since the 1960s, computer networks have undergone a dramatic development. To

take the leading position and have a larger share in the communication market,
manufacturers competed in advertising their own network structures and standards
which included IBM’s SNA, Novell’s IPX/SPX., Apple’s Apple Talk, DEC’s DECnet
and TCP/IP, which remains the most widely used today. These companies pushed
software and hardware that use their protocols to the market enthusiastically. All
these efforts promoted the fast development of network technology and the prosperity
of the market of network devices. However, the network became more and more
complicated due to lack of compatibility between the various protocols.
 To improve network compatibility, the International Organization for Standardization
(ISO) developed the Open System Interconnection Reference Model (OSI RM) which
soon became the model of network communications

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-7

 The OSI reference model has seven layers. From bottom to top, they are physical
layer, data link layer, network layer, transport layer, session layer, presentation layer
and application layer.
 The bottom three layers are usually called lower layer or the media layer, which is
responsible for transmitting data in the network. Networking devices often work at
lower layers and network interconnection is achieved by the cooperation of software
and hardware. Layer 5 to layer 7 form the upper layer or the host layer. The upper
layer guarantees data is transmitted correctly, which is achieved by software.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-8

 The functions of each layer of the OSI Reference Model are listed as follows:
 Physical layer: providing a standardized interface to physical transmission media
including voltage, wire speed and pin-out of cables.
 Data link layer: combines bits into bytes and bytes into frames. Provides access to
media using MAC address and error detection.
 Network layer: providing logical addresses for routers to decide path.(path selection)
 Transport layer: providing reliable or unreliable data transfer services and error
correction before retransmission.
 Session layer: establishing, managing and terminating the connections between the
local and remote application. Service requests and responds of application programs
in different devices form the communication of this layer

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-10

 Since the OSI reference model and protocols are comparatively complicated, they do
not spread widely. However, TCP/IP has been widely accepted for its openness and
simplicity. The TCP/IP stack has already been the main stream protocols for the
Internet.
 The TCP/IP model also takes a layered structure. Each layer of the model is
independent from each other but they work together very closely.
 The difference between the TCP/IP model and the OSI reference model is that the
former groups the presentation layer and the session layer have been merged into the
application layer. So the TCP/IP model has only five layers. From bottom to top, they
are: physical layer, data link layer, network layer, transport layer and application layer.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-11

 Each layer of the TCP/IP model corresponds to different protocols. The TCP/IP
protocol stack is a set of communication protocols. Its name, the TCP/IP protocol
suite, is named after two of its most important protocols: the Transmission Control
Protocol (TCP) and the Internet Protocol (IP). The TCP/IP protocol stack ensures the
communication between network devices. It is a set of rules that define how
information is delivered in the network.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-12

 Each layer of the TCP/IP model uses Protocol Data Unit (PDU) to exchange
information and enable communication between network services. During
encapsulation, each succeeding layer encapsulates the PDU that it receives from the
layer above. At each stage of the process, a PDU has a different name to reflect its
new appearance.
 For example, the transport layer adds TCP header to the PDU from the upper layer to
generate the layer 4 PDU, which is called a segment. Segments are then delivered to
the network layer. They become packets after the network layer adds the IP header
into those PDUs. The packets are transmitted to the data link layer, where they are
added data link layer headers to become frames. Finally, those frames are encoded
into bit stream to be transmitted through network medium. This process in which data
are delivered following the protocol suite from the top to the bottom and are added
with headers and tails is called encapsulation.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-14

 When Host B receives the bit stream, it sends it to its data link layer. The data link
layer removes the frame header and trailer, then passes the packet to the upper layer
- network layer. Then the network layer removes the IP header from the packet and
passes segment to the transport layer. In the similar way, the transport layer extracts
the original data and delivers it to the top layer, the application layer.
 The process of encapsulation or de-capsulation is done layer by layer. Each layer of
the TCP/IP has to deal with data both from its upper and lower layers by adding or
deleting packet headers.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-15

 The main functions of the physical layer are:

 •It specifies the media, interface and signaling types.
 •It specify the electrical, mechanical, procedural, and functional requirements for
activating, maintaining, and deactivating a physical link between end systems.
 •It specify the features such as voltage, wire speed, maximum transmission distance
and pin-out.
 The physical layer provides standards of the transmission media and connectors.
 The common physical layer standards include IEEE 802.3 for Ethernet, IEEE 802.4
for token bus networks, IEEE 802.5 for token ring networks and Fiber Distributed Data
Interface (FDDI) specified by the X3T9.5 committee of ANSI. The common physical
layer standard for WANs include EIA/TIA-232 (RS-232), V.24 and V.35 developed by
ITU for serial ports and G.703, which involves the physical and electrical and
electronic standards for all digital interfaces.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-16

 Physical layer mediums include coaxial cable, twisted pair, fiber and wireless radio.
Coaxial cable is an electrical cable consisting of a round conducting wire. The coaxial
cable can be grouped into thick coaxial cable and thin coaxial cable according to their
diameters. The thick coaxial cable is more suitable for large LANs since its
transmission distance is longer and it is more reliable. The thick coaxial cable does
not need to be cut but you must install transceiver for networks using thick coaxial
cable. The thin coaxial cable is easy to install and is much cheaper, but you need to
cut the thin coaxial cable and put basic network connectors (BNC) on its two sides
and then inserts the two sides into T-shape connectors when installing the cable. So
when there are many connectors, the safety is influenced.
 Twisted pair is the most widely used cable, which is twisted by a pair of insulated
copper wires whose diameters are about 1mm. Twisted pair has two types: Shielded
Twisted Pair (STP)

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-18

 Data link layer is the first logical layer of the physical layer. It encodes physical
address for terminals and help network devices decide whether to pass data to upper
layers along the protocol stack. It also points out which protocol the data should be
delivered to with some of its fields and at the same time, it provides functions like
sequencing and traffic control.
 The data link layer has two sub-layers: Logical Link Control sub-layer (LLC) and
Media Access Control sub-layer (MAC) .
 LLC lies between the network layer and the MAC sub-layer. This sub-layer is
responsible for identifying protocols and encapsulating data for transmission. The
LLC sub-layer performs most functions of the data link layer and some functions of
the network layer such as sending and receiving frames. When it sends a frame,
 it adds the address and CRC to the original data. When it receives a frame, it takes
apart the frame and performs address identification and CRC. It also provides flow
control,

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-20

 Data link layer protocols specify the frame encapsulation at the data link layer. A
common data link layer protocol for LANs is IEEE 802.2LLC.
 Common data link layer protocols for WANs include High-level Data Link Control
(HDLC) , Point-to-Point Protocol (PPP) and Frame Relay (FR).
 HDLC is a bit-oriented synchronous data link layer protocol developed by the ISO.
HDLC specifies data encapsulation for synchronous serial links with frame characters
and CRC.
 PPP is defined by Request For Comment (RFC) 1661. PPP consists of the Link
Control Protocol (LCP) , the Network Control Protocol (NCP) and other PPP extended
protocol stacks. PPP is commonly used to act as a data link layer protocol for
connection over synchronous and asynchronous circuits and it supports multiple
network layer protocols. PPP is the default data link layer protocol for data
encapsulation of the serial ports of VRP routers. FR is a protocol conforming

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-22

 As every person is given a name for identification, each network device is labeled
with a physical address, namely, the MAC address. The MAC address of a network
device is unique globally. A MAC address consists of 48 binary digits and is often
printed in hexadecimal digits for human use. The first six hexadecimal bits are
assigned to producers by IEEE and the last six bits are decided by producers
themselves. For example, the first six hexadecimal bits of the MAC address of
Huawei’s products is 0x00e0fc.
 Network Interface Card (NIC) has a fixed MAC address. Most NIC producers burn the
MAC address of their products into the ROM. When an NIC is initialized, the MAC
address in the ROM is read into the RAM. When you insert a new NIC into a
computer, the physical address of the computer is replaced by the physical address
of the NIC.
 However if you insert two NICs into your computer, then your computer may have two
MAC addresses, so a network device may have multiple MAC addresses.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-23

 The data link layer ensures that datagram are forwarded between devices on the
same network, while the network layer is responsible for forwarding packets from
source to destination across networks. The functions of the network layer can be
generalized as follows:
 •Provide logical addresses for transmission across networks.
 •Routing: to forward packets from one network to another.
 The router is a common network device that works at the network layer. Routers
functions mainly for forwarding packets among networks. In the above figure,Host A
and Host B reside on different networks or links. When the router that resides on the
same network as Host A receives frames from Host A, the router passes those frames
to the network layer after it ensures that the frames should be sent to itself by
analyzing the frame header. Then the network layer checks where those frames
should go according to the destination address in the network layer header and later it
forwards those frames to the

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-25

 Common network layer protocols include the Internet Protocol (IP) , the Internet
Control Message Protocol (ICMP) , the Address Resolution Protocol (ARP) and the
Reverse Address Resolution Protocol (RARP) .
 IP is the most important one among the network layer protocols and its functions
represent the main functions of the network layer. The functions of IP include
providing logical address, routing and encapsulating or de-encapsulating packets.
ICMP, ARP and RARP facilitate IP to achieve the network layer functions.
 ICMP is a management protocol and it provides information for IP. ICMP information
is carried by IP packets.
 ARP maps an IP address to a hardware address, which is the standard method for
finding a host's hardware address when only its network layer address is known.
 RARP maps a hardware address to an IP address, which means to get a host’s IP
address through its hardware address.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-26

 The network layer address we mentioned here refers to the IP address. The IP
address is a logical address instead of a hardware address. The hardware address
such as the MAC address, is burned on the NIC and it is for the communication
between devices that are on the same link. However, the IP address is used for
communication between devices on different networks.
 An IP address is 4-byte long and is made up of the network address and the host
address. It is often presented in dotted decimal notation, for example, 10.8.2.48.
 More information about the IP address will be introduced in later chapters.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-27

 The transport layer provides transparent transfer of data between hosts. It shields the
complexity of communications for the upper applications and is usually responsible
for end-to-end connection. The main functions of the transport layer involve:
 • Encapsulate data received from the application layer and decapsulate data received
from the network layer.
 • Create end-to-end connections to transmit data streams.
 • Send data segments from one host to another, perform error recovery, flow control,
and ensure complete data transfer.
 • Some of the transport layer protocols ensure data are transmitted correctly which
means data are not lost or changed during transmission and the order of data packets
remains the same when they are received at the end.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-28

 Transport layer protocols mainly include the Transmission Control Protocol (TCP) and
the User Datagram Protocol (UDP) .

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-29

 Although TCP and UDP are both protocols of the transport layer, their contributions to
the application layer differ greatly.
 TCP provides connection-oriented and reliable transmission. Connection-oriented
transmission means that applications which use TCP as their transport layer protocol
need to create a TCP connection before they exchange data.
 TCP provides reliable transmission services for the upper layer through its
mechanisms of error detection, verification and reassembly. However, creating the
TCP connection and performing these mechanisms may bring a lot of extra efforts
and increase the cost.
 UDP does not guarantee reliability or ordering in the way that TCP does. It provides a
simpler service that does not guarantee the reliability which means datagrams may
arrive out of order, appear duplicated, or go missing without notice. UDP focuses on
applications that require more on transmission efficiency such as SNMP and Radius.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-31

 The main functions of the application layer are:

 •Provide user interfaces and deal with specific applications.
 •Provide data encryption, de-encryption, compression and decompression.
 •Specify the standards of data presentation.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-32

 The application layer has many protocols and the following protocols may help you
use and manage a TCP/IP network.
 •File Transfer Protocol (FTP) is used to transfer data from one computer to another
over the Internet, or through a network. It is often used for interactive user sessions.
 •Hypertext Transfer Protocol (HTTP) is a communication protocol used to transfer or
convey information on the World Wide Web.
 •TELNET is used to transmit data that carries the Telnet control information. It
provides standards for interacting with terminal devices or terminal processing. Telnet
supports end-to-end connections and process-to-process distributed communications.
 •Simple Message Transfer Protocol (SMTP) and Post Office Protocol 3 (POP3) are
for sending and receiving emails.
 •DNS (Domain Name Server) translates a domain name to an IP

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-34

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-35

 To illustrate the encapsulation process, imagine there is network whose transport

layer uses TCP, the network layer applies IP and the data link layer takes Ethernet
standards. The above figure shows the encapsulation of a TCP/IP packet on that
network.
 The original data is encapsulated and delivered to the transport layer. And then the
transport layer adds a TCP header to the data and passes it down to the network
layer. The network layer encapsulates the IP header in front of the segment and
delivers it to the data link layer. The data link layer encapsulates Ethernet header and
trailer to the IP packet and then passes it to the physical layer. At last, the physical
layer sends the data to the physical link as bit streams. The length of each field in the
header is pointed out in the above figure. Now, we’ll take a close look into the whole
process from the top to the bottom.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-36

 The above is a TCP data segment encapsulated in an IP packet. The TCP segment
consists of the TCP header and the TCP data. The maximum length of a TCP header
is 60 bytes. If there is not the Option field, normally, the header is 20-bytes long.
 The structure of a TCP header is shown as in the above figure. We are going to
explain just some of it. For more details, please refer to the transport layer protocols.
 •Source Port: Indicates the source port number. TCP allocates source port numbers
for every application.
 •Destination Port: Indicates the destination port number.
 •Sequence Number: Indicates the sequence number which labels TCP data streams.
 •Port number is used to distinguish applications,80 means HTTP application,23 for
telnet,20 and 21 for ftp,53 for DNS.
 •Ack Num: Indicates the acknowledgement sequence number.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-38

 The network layer adds the IP header to TCP datagram which it receives from the
transport layer. Usually, the IP header has a fixed length of 20 bytes which does not
include the IP options. The IP3838 header consists of the following fields:
 •Version: indicates the version of the IP protocol. At present, the version is 4. The
version is 6 for the next generation IP protocol.
 •IP header length is the number of 32-bit words forming the header including options.
Since it is a 4-bit field, its maximum length is 60 bytes.
 •TOS: 8 bits. It consists of a 3-bit COS (Class of Service) field, a 4-bit TOS field and a
1-bit final bit. The 4 bits of the TOS field indicates the minimum delay, the
 maximum throughput, the highest reliability and the minimum cost respectively.
 •Total length: indicates the length of the whole IP packet

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-40

 The physical layer has limitations on the length of frame it sends every time.
Whenever the network layer receives an IP datagram, it needs to decide which
interface the datagram should choose and check the MTU of that interface. IP uses a
technique called fragmentation to solve the problem of heterogeneous MTUs. When a
datagram is longer than the MTU of the network over which it must be sent, it is
divided into smaller fragments which are sent separately.
 Fragmentation can be done on the source host or the intermediary router.
 Fragments of an IP datagram are not reassembled until they arrive at the final
destination. The reassembly is performed by the IP layer at the destination.
 Datagram can be fragmented for more than one time. The IP header provides enough
information for fragmentation and reassembly.
 •Flags: 3 bits


Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-42

 The Ethernet header is made up of three fields:

 •DMAC: indicates the MAC address of the destination.
 •SMAC: indicates the MAC address of the source.
 •LENGTH/TYPE: its meanings vary with its values.
 When the value is bigger than 1500, it indicates the frame type, for example the
upper layer protocol type. The common protocol types are:
 0X0800 IP packets
 0X0806 ARP request/response message
 0X8035 RARP request/response message
 When the value is smaller than 1500, it indicates the length of data frame.
 •DATA/PAD: the original data. Ethernet standards specify that the minimum data
length should be 46 bytes. If the data is less than 46 bytes, add the Pad field to fill it.
 •FCS: the frame check field.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-43

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-44

 The above is an example of an HTTP packet that is captured, which may facilitate
your understanding towards packet encapsulation. The bottom displays the actual
data and the top is information analyzed by the software.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-45

 This page illustrates data encapsulation at the data link layer. The encapsulation
format used here is Ethernet, which is mentioned earlier.
 The figure above shows DMAC at the top and then comes SMAC and the type field is
listed at the bottom.
 DMAC is 00d0: f838: 43cf
 SMAC is 0011: 5b66: 6666
 Type field value is 0x0800, which indicates that it is an IP packet.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-46

 This page illustrates data encapsulation at the network layer. An IP packet is made up
of two parts, the IP header and the IP data. As described previously, the IP header
consists of many fields. In the above example, the value of the version field is 4,
which indicates the packet is an IPv4 packet. The packet header is 20-byte long. The
protocol field is 0x06, which tells us that the packet to be encapsulated is a TCP
packet. The IP address of the source is 192.168.0.123 and the IP address of the
destination is 202.109.72.70.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-47

 This page illustrates data encapsulation at the transport layer. The transport layer
here uses TCP protocols. The source port number is a random number 3514 and the
destination port number is 80, which is the number assigned for the HTTP protocol.
So the datagram is from the source to visit the HTTP service of the destination host.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-48

 1. What are the layers of the OSI reference model?

 The OSI reference model consists of seven layers, namely, the physical layer, the
data link layer, the network layer, the transport layer, the session layer and the
application layer.
 2. What are the functions of each layer in the TCP/IP protocol stack?
 The TCP/IP protocol stack has five layers: the physical layer, the data link layer, the
network layer, the transport layer and the application layer. The physical layer
specifies the mechanical, electrical and electronic standards for transmission. The
data link layer provides controls on the physical layer, detects errors and performs
traffic control (optional). The network layer checks the network topology to decide the
best route for data transmission. The basic function of the transport layer is to
segment the data it received from the application layer and combines data segments
before it sends the data to the application layer. It builds end-to-end connections to
send

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-50

Confidential Information of Huawei. No Spreading Without Permission