You are on page 1of 91

TCP/IP Overview

• Initiated by ARPA of DOD in 1969 to establish a packetswitching network linked by point-to-point leased lines
• A standard protocol used for interoperability among
different types of computers (internetworking). An internet
under TCP/IP operates like a single (virtual) network
connecting computers of any size and type
• Primary disadvantages of TCP/IP are its size and speed
(twice the size of NetBEUI)

TCP/IP Protocol Suite vs. OSI

Internet Protocol Suite

PDUs in TCP/IP Architecture .

The interface between processes and their corresponding ports is provided by the operating system of the host (ex. socket programming) • Port address – 16 bits • Standard TCP/IP transport protocols include – UDP: connectionless (3% of IP traffic) – TCP: connection-oriented (95% of IP traffic) .Transport Layer Protocols • Transport layer protocols are port-to-port protocols • A protocol port is a destination point (a buffer) for storing data for use by a particular process.

Connection-Oriented vs. Connectionless Service • Connection mapped through network (requires call setup) • Abbreviated addressing (virtual circuit identifier) • Usually fixed routing (virtual circuit) between networks • More reliable (flow & error control) • • • • Limited end-to-end mapping Full addressing (IP) Use of alternate routing Limited accountability. unreliable delivery • More flexible and robust .

Internet Ports • A TCP upper-layer application in a host machine is identified by a port number. assigned by IANA – The registered ports (1024 – 49151) – The dynamic and/or private ports (49152 – 65535) . A pair of sockets uniquely identifies each end point connection • The port numbers are divided into: – The well-known ports (0 – 1023). The port number is concatenated with the IP address to form a socket.

Well-Known Port Number .

and SNMP • UDP provides connectionless delivery service and does not send or receive acknowledgements to guarantee the successful transmission of data • UDP does not provide any sequencing or reordering functions and cannot specify the damaged packet when reporting an error (ICMP – 1% of IP traffic) • UDP has the ability to demultiplex data to an application process based on the destination port number. if an SNMP manager wants to obtain management information.User Datagram Protocol (UDP) • UDP uses IP’s services and provides services to NFS. TFTP. For example. DNS. it sends its request to UDP port 161 on the destination port . RPC.

UDP Datagram Format (Including header) (optional) .

FTP. SMTP • Combination of an IP address and a port number is called a socket. or out of sequence) – Reliable connection startup: three-way handshake – Graceful connection shutdown: all data delivered before termination occurs .Transmission Control Protocol (TCP) • Major clients of TCP are Telnet. duplicated. lost. point-to-point communication – Complete reliability (flow and error control to recover data that is damaged. Two sockets uniquely define a TCP connection • TCP provides reliable transport service – Connection oriented – FDX.

TCP Operation • TCP is an end-to-end protocol and uses IP to carry traffic • TCP is network-independent .

TCP Segment .

comparable to EOT • Checksum: segment discarded if error is detected • Urgent pointer: significant if URG is set.TCP header • • • • Source/destination port address defines application program Sequence/Acknowledgement number is used for flow control Header length: measured in 32-bit words. point to the end of urgent data . usually 5 (20 B) Control field – URG: validates the urgent pointer – ACK: validates the acknowledgement number – PCH: push function to indicate the need for higher throughput – RST: reset the connection – SYN: synchronize sequence numbers. used with connection setup – FIN: no more data from sender.

extracts Internet addresses. records the initial sequence number and sends a SYN-ACK segment to the client. the initiator sends an ACK packet confirming the receipt of SYN-ACK The handshake guarantees that TCP will not open or close a connection until both ends have interacted . sets a retransmission timer. and waits for ACK • Remote TCP verifies the SYN flag and valid checksum. It also sets a retransmission timer and waits for ACK • After receiving SYN-ACK.TCP Connection Management Three-Way Handshake: • Source TCP (client) sends an initial SYN segment to remote TCP (server).

TCP Three-Way Handshake Connection establishment Connection termination .

Individual octets are grouped into segments for transmission and a single sequence number is provided for each segment . also called a window advertisement.TCP Flow Control • Flow control .sliding windows protocol with variable receive window size • Each entity implements flow control using a credit mechanism. A credit specifies the maximum number of bytes the entity sending this segment can receive and buffer from the other entity • Each octet of data is assigned a unique sequence number.

) Sequence numbers . etc.TCP ARQ Error Control TCP uses ARQ (automatic repeat request) for error control to achieve reliable data transfer – – – – acknowledgements retransmissions Timers (frame retransmit timer. delayed Ack timer.

what happens when 1. the delayed ACK timer for the 6th data segment expires? . the retransmit timer for the 4th data segment expires? 3. after the sender sends 8 K of data. the sender receives ACK 3001? 2.Flow & Error Control Exercise For a window size of 8K and a segment size of 1K.

TCP Retransmission Schemes Ack all traffic up to 302 Assuming 900 octets window size Go back n or selective repeat? .

and TCP Protocols .IP. UDP.

Network Layer Protocols • • • • • Internetwork Protocol (IP) Address Resolution Protocol (ARP) Reverse Address Resolution Protocol (RARP) Internet Control Message Protocol (ICMP) Internet Group Message Protocol (IGMP) .

the underlying hardware may misbehave and datagrams may be lost.IP • To accommodate heterogeneity. or delivered with corrupted data. delayed. an internet must define a hardware-independent packet format • IP is connectionless service. no circuit is established • In IPv4. Higher layers of protocol software are required to handle each of these errors . delivered out of order. a datagram can contain as little as a single octet of data or at most 64K octets. Each destination in a routing table is a network. not an individual host • Best-effort delivery: because IP is designed to operate over all types of network hardware. duplicated. There is no retransmission mechanism. including header • Routers extract destination address from header and use routing table to determine the next hop.

IP Datagram (IP v4) .

IGMP. source route. TCP. ICMP.536) Identification.IP Header • • • • • • • • • IP version Header length: measured in 32-bit words. usually 5 (20 B) TOS: identify several QOS functions requested by sender Total length: measured in octets (max: 65. flags. and fragmentation offset are used to control datagram fragmentation and reassembly TTL: number of hops to prevent endless loops Protocol: to identify the next-layer protocol (UDP. and timestamp option . OSPF) Header checksum is used to detect header error Options: record route.

RIP ignores TOS bits. Typically. but OSPF can route according to TOS requests .IP Type of Service (TOS) Not all vendors support TOS.

Examples of TOS Use .

Fragmentation • All fragments have the same identification field • Flags are used as follows: • Fragmentation offset is used to reassemble the fragments in order .

Time-to-Live Field .

IP Protocol Numbers .

3. UDP.Header Checksum The following checksum procedure is used in IP. calculate 16-bit 1s complement of the header 5. ICMP. . 2. and IGMP: Set checksum field to 0 Calculate 16-bit 1s complement sum of the header Store the sum in the checksum field At receiver. The sum should be all 1s if header has not been changed 1. 4. TCP.

Verify your answer if you are the receiver _______________________ .Checksum Exercise To send data string 110011111011101101110010 with segment length of eight. compute the checksum ________________.

version number. message length. header checksum.Major IP Services • Header Check Routine – Valid IP header length. nonzero TTL • Routing (based on destination IP address) • Fragmentation and reassembly .

Processing the Datagram .

128 bit (IPv6) .IP Addressing • An addressing scheme that assigns each host a unique protocol address • Uniform addressing for all hosts. an internet addressing scheme is an abstraction created by software and is independent of the underlying physical addresses • Addressing scaling issues: address space and ability to route • Solutions: – Subnetting – Private addressing – CIDR – IPv6: 32 bit (IPv4).

255.54 1st octet 1 -126 128 -191 192 -223 224 -239 240 -255 . 128. ex.10.Classes of IP Addresses 32-bit IP address is divided into two parts: a prefix (identifies network) and suffix (identifies an individual computer on that network) to make routing efficient.

255) is used to identify a broadcast message.255.Division of Address Space • Virtually all class A addresses have been assigned. Relatively few class B addresses remain available. Routers do not forward broadcast messages to other networks -2 -2 -2 -2 -2 -2 . • Multicast are packets typically exchanged between routers • One class E address (255.255.

Special IP Addresses • Special addresses are reserved and should never be assigned to host computers • Limited broadcasts traverse repeaters and bridges and should never pass through a router • Directed broadcasts may pass through a router and will be broadcast to all hosts on the target network .

34 refers to node 34 on the local network • 145.0.0 refers to the network 145.67 itself.255.67 • 255.0.255 refers to all hosts on the network 145.0.1 often is used to refer to the local host .67.0 refers to the default router to simplify routing tables • 145.0.0. 127.255 refers to all hosts on the local network • 127.255.255.Examples of Special IP Addresses • 0. This notation is used within routing tables • 0.0.0 is reserved for loopback.

the assignment is often the responsibility of the network administrator (nonroutable private Internet addresses are used) . an organization obtains network numbers from ISPs. ISPs coordinate with a central organization. the Internet Assigned Numbers Authority (IANA).Authority for IP Addresses • For networks connected to the global Internet. to ensure each network prefix is unique • For a private internet.

168.0 – 192.0.Private IP Addresses (RFC 1918) 10.255. reserved for isolated test or experimental networks.168.0 – 10. but not globally unique • When the organization needs to connect to Internet.255.16. – 172. it would get official registered IP addresses and insert a NAT (Network Address Translation) device at the boundary (RFC1631).255.0.255 1 class A private address 16 class B private addresses 256 class C private address • Not routable addresses.255 192. Local host addresses need not be reassigned .0.0. These addresses are unique to an organization.255.

and a performance penalty . extra administration. Attackers can’t go after machines they can’t see – and private addresses aren’t visible on the Internet • The trade-off is added cost.NAT • NAT has another advantage – security.

0. In 1985. .16.0. All subnets use the same network-prefix and only the routers within the private organization need to differentiate between the individual subnets. a class B address such as 172. RFC 950 defined a standard procedure to support subnetting • The subnet structure of a network is never visible outside. the organization could split this address into up to 254 subnets by using addresses like 172.2.Subnetting • Class A and sometimes class B addresses can be wasteful. This allows the local administrator to introduce arbitrary complexity into the private network without affecting the size of Internet’s routing tables. and so forth up to 172.1. 172.16.254. For example.0.

Subnet Example The host portion of the internet address is partitioned into a subnet number and a host number by using a subnet mask to accommodate subnetting .

CIDR allows the division between prefix and suffix to occur on an arbitrary boundary.CIDR • Classless Inter-Domain Routing (CIDR) was documented in 1993 in RFCs 1517 .0.255. It permits networks to be grouped together logically. For example.1520 • Instead of having 3 classes.0.0. with a mask of 254.255.0 (/7). For example.0 and 195.0. This gives ISPs more flexibility in handing out addresses. or into four /18 blocks • CIDR is required for operations between autonomous systems (network administered by a single ISP).255 can be identified by a single entry in the routing table (route aggregation) . and to use one entry in a routing table for multiple networks. all addresses between 194. an ISP could elect to subdivide the /16 block into two /17 blocks.

However. 4. Decide how many subnets (n) you need Solve for x where 2 x > = n + 2 Reserve x bits from the top of the host position Be sure that enough host addresses to be usable are left over According to RFC1122 and RFC950. 2. 3.Calculating a Subnet Mask 1. subnets with all 0s and 1s must be reserved. most industry implementations of subnet masking allow the use of all 0s and 1s .

Identify the IP address class.Subnet Example Assume that you have been assigned the IP address 128.0. If the above address has the CIDR block prefix of /20. What are the range of addresses you may assign for subnet #1? . a). How many host addresses are there? b). How many subnets are there? How many host addresses are there? How many addresses are lost by the subnetting process? c).0. give the subnet mask.1.

the network addresses must be consecutive and the first address’s third octet must be evenly divisible by 2 • Classless routing protocols are needed to support supernets • Supernetting is a useful tool for ISPs who can combine multiple Class C addresses to serve a larger population than might seem possible .Supernets • Subnets divide address into segments and supernets combine addresses into a block (address aggregation) • Supernets “steal” bits from the network portion of an IP address to “lend” those bits to the host part – it permits multiple IP addresses to be combined and make them function as a single logical network • In order to create supernets from class C IP addresses.

0 network being supernet 1 • 201.0 cannot be combined into a supernet • For additional examples of supernets.19.18.15. and 1519 .0 and 201.18.0 can be combined into a supernet and and 201.41.16.Supernet Examples • 201.41. 1518.18.41. refer to the RFCs 1338.19.0 network being supernet 0 and 201.

An Example of IP Routing
• 1st match eliminates all entries in which
the masked part of the destination address
is not identical to the masked part of the
destination address field in the table
• Keep the remaining entries in the pruned
table that have the longest mask
• Perform the longest match. If more than
one entry remains, the route taken may
depend on TOS metrics or network
administrator’s policy
• Because of this overhead, the high-end
routers use label-switching (MPLS)

Internet Node Addresses
After obtaining a set of Internet addresses, an
organization must allocate the addresses in its
subnet to nodes:
– Statically assigned: a node is assigned a
permanent IP
– Dynamically assigned: DHCP (dynamic host
configuration protocol) With dynamic addressing,
an ISP can have a modem-to-user ratio of 10 to 1
or more

IP Address Configuration
For a computer to connect to the Internet, it must have the
following information in its configuration file:
• IP address
• Subnet mask
• Router’s IP address
• Name server’s IP address

) used to access a resource. etc. followed by the resource name (domain name) such as • Domain names must be resolved to the IP addresses • Domain names and IP addresses are stored in databases on a number of Internet nodes called domain name servers . ftp. most Internet users use URL • A URL consists of two parts: the protocol (http.Internet Naming Conventions • Dotted decimal notation is too cumbersome.

Domain Name Space
• Domain name space is structured as an inverted tree. Each
block on the tree represents a domain
• The domain name can be up to 255 characters long and is
not case-sensitive

Host Names, Host Tables, and DNS
• IP networks rely on DNS to translate host names to IP
addresses on the Internet
• A host table is an ASCII file specific to each IP node
containing the names and addresses of systems one
commonly access

Operations with Name Servers

one for each connection .Routers and IP Addressing Principle An IP address identifies a connection between a computer and a network. A computer with multiple network connections (a router) must be assigned multiple IP addresses.

IP Forwarding Process If destination address is not found in the routing table. packets are routed via the default route to the default gateway (border router) via host table/ DNS .

An IP Network Example Router A’s routing table .

namely ARP datagrams do not have IP headers and will not be forwarded by routers) .Address Resolution • IP address must be translated to an equivalent hardware address (MAC address) when transmitting frames across physical network hardware • Mapping between an IP address and a MAC address is called address resolution • A host or router uses address resolution when it needs to send a packet to another computer on the same physical network. A computer never resolves the address of a computer that attaches to a remote network (ARP is not an IP protocol.

How ARP Works .

etc. .RARP • Allows a host to discover its IP address when it knows only its physical MAC address • Used when the host is a diskless computer (usually a host has its IP stored in a configuration file on its hard disk where the OS can find it at boot). when the computer is connected to the network for the first time (when it is being booted).


it divides the datagram into smaller pieces called fragments and each fragment has an IP datagram format • A bit in the flags field of IP header indicates whether a datagram is a fragment or a complete datagram. When a router receives a large datagram. Other fields in the header contain information that is used to reassemble the fragments to reproduce the original datagram • Intermediate routers do not reassemble fragments. transmission unit (MTU) of a network over which it is sent. IP’s reassembly timer is all-ornothing .MTU & Fragmentation • A datagram cannot be larger than the max. only the ultimate destination does.

Packet Fragmentation .

Fragmentation Example .

Reassembly Example The following figure shows the fragmented datagrams arrive from gateways Y and Z in the order depicted by the time from n to n + m The length of IP datagram is not known until the reassembling host receives the 4th fragment 160 * 8 + 220 = 1500 .

ICMP can diagnose some network problems through query messages such as echo request and reply. and router solicitation and advertisement .ICMP • Internet Control Message Protocol (ICMP) is required for a standard implementation of IP (RFC0792) • IP uses ICMP when it sends an error message (from router to source) and ICMP uses IP to transport messages • ICMP error messages can be used to test an internet to obtain information (reachable destination? Trace a route? Path MTU discovery?) • In addition to error reporting. time-stamp request and reply. address mask request and reply.

ICMP Error Messages • Source quench: sent when a router runs out of buffer space and discards a datagram. hops) field becomes zero or when reassembly timer expires • Destination unreachable: sent when a router determines the datagram cannot be delivered. A host is required to reduce transmitting rate • Time exceeded: sent when time to live (# of max. the message specifies whether the host is unreachable or the network to which the destination attaches is unreachable • Parameter problem: wrong IP header checksum • Redirect: sent when a router wants to inform a source host of a better route .

ping retransmits the request. ping declares the remote machine is not reachable. so ping may be disabled by that host’s administrator . If no reply arrives for the retransmission (or if an ICMP destination unreachable message arrives). If no reply arrives.Using ICMP to Test Reachability • ping program sends an ICMP echo request message to the specified destination and waits for a reply. The process is helpful for troubleshooting serial link problems • ping causes a security hole on servers.

Using ICMP to Trace a Route • tracert program sets the time to live value to 1 and sends the datagram. The first router discards the datagram and sends back ICMP time exceeded message. tracert can extract router address from the IP source address • tracert then increment the time to live value to 2 and repeat the process .

Using ICMP for Path MTU Discovery Host can sent a probe datagram that has the header bit set to prevent fragmentation. The host then can send a smaller probe until one succeeds . the router connected to that network will discard the datagram and send the appropriate ICMP message to the host. If the datagram is larger than the MTU of a network along the path.

228 = 256 M group addresses are available • IGMP is designed to help a multicast router identify the hosts in a LAN that are members of a multicast group. IP hosts and multicast routers communicate multicast group membership information by exchanging IGMP messages • IP multicasting is critical to many applications. on-line training. such as interactive teleconferencing.IGMP • IP addressing supports multicasting. and electronic distribution of software and information . All 32-bit IP addresses that start with 1110 (class D) are multicast addresses.

or dedicated lines (PPP) . WANs.Network Access Layer • TCP/IP does not specify the implementations of lower two layers • Various standards are used to encapsulate the IP packet to interconnect different networks – LANS.

IPv6 (IPng) • IPv4 has been extremely successful – the protocol has accommodated changes in hardware technologies and heterogeneous networks • Motivations for changes (IP v4 deficiencies): – Limited address space – New Internet applications • real-time delivery of audio and video • collaboration technologies to allow group communications that require more complex addressing and routing capabilities • Accommodate data encryption and authentication of data • Refers to RFCs 1924. 1883 .

IPv6 Packet Format .

IPv6 Header Format Eliminate error checking (for faster throughput) Add header extension (for more functionality) .

IPv6 Priority Field The following table shows the permitted values for IPv6 priority field and the types of traffic the values identify .

Extension Header Types .

followed by data.IPv6 Key Upgrades • Expanded address space: 128 bits (32 bits for IPv4) • IP header changes: 40 octets (20 octets for IPv4) • Allow header extensions: a datagram consists of the base header followed by zero or more extension headers (separate headers for each function). Extension headers are used to reduce datagram size and for extensibility (experimenting and testing new functionalities) • Support for audio and video by prioritizing the flow of data and using flow label to request special handling of packet • Extensible protocol: provides a scheme to allow new features to be added as needed • Support for more security – encryption and authentication options .

The host must learn the MTU of each network along the path to the destination and choose a size to fit the smallest (path MTU discovery procedure) .Fragmentation • Fragmentation information is not in the base header. a sending host is responsible for fragmentation instead of routers. IPv6 places them in a separate fragment extension header • In IPv6.

site. organization.) • Each IPv6 address is one of 3 basic types: – Unicast: single host – Multicast: a group of computers that nay or may not be connected to the same network – Anycast: a group of hosts whose addresses have the same prefix. etc.IPv6 Addressing • IPv6 includes addresses with a multilevel hierarchy (ISP. all computers connected to the same network .

FDEC:BA98:0074:3210:000F:BBFF:0000:FFFF • Abbreviation – FDEC:BA98:74:3210:F:BBFF:0:FFFF FF0C:0:0:0:0:0:0:B1 FF0C::B1 IPv6 addresses hierarchy .IPv6 Address Hexadecimal Colon Notation • 16 bytes .

IPv6 protocols are designed to recognize IPv4 protocols • How to push the packet through a network that has no concept of a 128-bit address? Tunneling .Compatibility with IPv4 • IPv4 and IPv6 routers must be able to coexist and maintain all necessary connections.

Comparison between IPv4 and IPv6 Headers .

Summary of IPv6 • Same primary functions as IPv4. providing a connectionless routing capability • Added capabilities such as authentication and encryption to provide security • Increases the address space dramatically • Simplifies the headers to make routing more efficient • Intermediate nodes no longer fragment packets • There is no error detection (checksum) capability in IPv6. thus relieving routers of another time-consuming task .

Example of TCP/IP Topology Routers A and F are multi-protocol routers who can process either SNA or IP packet .

a derivative of XNS. . proprietary • DECnet: developed by DEC • VINES: developed by Banyan Corp. yet relatively small and fast protocol. limited to Microsoft-based networks • XNS: Xerox Network System for Ethernet LANs. large and slow protocol • IPX/SPX: Novell networks.Other Network Protocols • NetBEUI: nonroutable.

which requires registration and cost • Difficulty of setup • Relatively high overhead • Slower than IPX and NetBEUI .Advantages and Disadvantages of TCP/IP • • • • • • Broad connectivity Direct access to Internet Strong support for routing SNMP Support for DHCP Support for most other Internet protocols • Centralized TCP/IP domain assignment.

B. Distinguish between TCP/IP and OSI model What is the maximum size of an IP datagram? Distinguish among Class A. 3. What is CIDR? What are the advantages? Distinguish between subnetting and supernetting. Distinguish between IPv4 and IPv6 10. 4. What is address resolution? How does ARP work? What is MTU and who’s responsible for packet fragmentation and reassembly? 8. and C IP address. 5. Distinguish between TCP and UDP . 6.Review Questions 1. 2. 7. What is ICMP (ICGP) and what is it for? 9.

146. How many addresses are lost by the subnetting process? .156 /28 The IANA assigns you a Class B Internet address of 128. 4.0 b.0.255. 2.Homework 1. 255. What is the maximum number of subnets in class B networks using the following masks? a.0/27 network? b.0.192.34. You need to establish six subnets with each subnet capable of supporting up to 8190 hosts Explain all the information that you can obtain from the 5 host bits on the following IP address: 1101 0110 1001 0010 1110 0111 0100 1101 a.22.0 Find the subnetwork address and host address for the following: IP: 200. 3.224. How many subnets are possible on the 214.