examining tcp/ip. overview introduction to tcp/ip tcp/ip protocol suite name resolution examining...
TRANSCRIPT
Examining TCP/IP
Overview
Introduction to TCP/IP
TCP/IP Protocol Suite
Name Resolution
Examining the Data Transfer Process
Routing Data
Introduction to TCP/IP
The Communication Process
TCP/IP Layers
Identifying Applications
The Communication Process
NameAddress
Post OfficePost Office Post OfficePost Office
NameAddressNameAddress
Post OfficePost Office Post OfficePost Office
NameAddress
TCP/IP Layers
Application LayerApplication Layer
Transport LayerTransport LayerTransport LayerTransport Layer
Internet LayerInternet LayerInternet LayerInternet Layer
Network Interface LayerNetwork Interface LayerNetwork Interface LayerNetwork Interface Layer
Internet LayerIPIP ICMPICMP IGMPIGMP ARPARP
Network Interface Layer
EthernetEthernetATMATM
Transport LayerUDPUDPTCPTCP
Application Layer
FTPFTPHTTPHTTP
Identifying Applications
UDPUDPTCPTCP
FTPFTPHTTPHTTP
192.168.2.150192.168.2.150
FTP Server
HTTP Server
TCP Port 20, 21TCP Port 20, 21
TCP Port 80TCP Port 80
IP Address + TCP Port or UDP Port= Socket
TCP/IP Protocol Suite
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
Internet Protocol (IP)
Internet Control Message Protocol (ICMP)
Internet Group Management Protocol (IGMP)
Address Resolution Protocol (ARP)
TCP/IP Utilities
Transmission Control Protocol (TCP)
IP ICMP IGMP ARP
UDPTCPTCP
User Datagram Protocol (UDP)
UDPUDPTCP
IP ICMP IGMP ARP
Internet Protocol (IP)
RouterRouterUDPTCP
IPIP ICMP IGMP ARP
Internet Control Message Protocol (ICMP)
UDPTCP
IP ICMPICMP IGMP ARP
RouterRouter
Internet Group Management Protocol (IGMP)
UDPTCP
IP ICMP IGMPIGMP ARP
Address Resolution Protocol (ARP)
UDPTCP
IP ICMP IGMP ARPARP
BB
CC
AA
ARPCache
2
1
4
6
5
1. ARP cache is checked2. ARP request is sent3. ARP entry is added4. ARP reply is sent5. ARP entry is added6. IP packet is sent
ARPCache
3
TCP/IP Utilities
Server-basedSoftware
Diagnostic Utilities
Connectivity Utilities
FtpFtp
TelnetTelnet
TftpTftp
ArpArp
HostnameHostname
IpconfigIpconfig
NbstatNbstat
NetstatNetstat
PingPing
TracertTracert
TCP/IP Printing Service
TCP/IP Printing Service
Internet InformationServices
Internet InformationServices
Name Resolution
Types of Names
Static IP Mapping
Dynamic IP Mapping
Name Resolution in Windows 2000
Types of Names
Host NamesHost Names
Assigned to a computer’s IP address255 characters in lengthCan contain alphabetic and numeric
characters, hyphens, and periods Can take various forms
Alias Domain name
Assigned to a computer’s IP address255 characters in lengthCan contain alphabetic and numeric
characters, hyphens, and periods Can take various forms
Alias Domain name
16-byte address Used to represent a single computer or
group of computers15 of the characters may be used for the
name 16th character is used by the services that
a computer offers to the network
16-byte address Used to represent a single computer or
group of computers15 of the characters may be used for the
name 16th character is used by the services that
a computer offers to the network NetBIOS NamesNetBIOS Names
Static IP Mapping
Provides name resolution for host names to IP addresses
Multiple host names can be assigned to the same IP address
Entries are case sensitive
Provides name resolution for host names to IP addresses
Multiple host names can be assigned to the same IP address
Entries are case sensitive
Provides name resolution for NetBIOS names to IP addresses
A part of the Lmhosts file is pre-loaded into memory
Provides name resolution for NetBIOS names to IP addresses
A part of the Lmhosts file is pre-loaded into memory
Hosts FileHosts File
Lmhosts FileLmhosts File
Dynamic IP Mapping
DNS is a system for naming computers and network services
DNS naming system is organized in a hierarchical fashion
Maps domain names to IP address Mapping records are stored on a DNS
server
DNS is a system for naming computers and network services
DNS naming system is organized in a hierarchical fashion
Maps domain names to IP address Mapping records are stored on a DNS
server
Provides a distributed database for registering dynamic mappings of NetBIOS names
WINS maps NetBIOS names to IP addresses
Provides a distributed database for registering dynamic mappings of NetBIOS names
WINS maps NetBIOS names to IP addresses
DNS ServerDNS Server
WINS ServerWINS Server
Name Resolution in Windows 2000
Enter CommandEnter Command1111
Local Host NameLocal Host Name2222
DNS ServerDNS Server4444
WINS ServerWINS Server6666
LMHOSTSFile
LMHOSTSFile8888
NetBIOS Name CacheNetBIOS Name Cache5555
HOSTSFile
HOSTSFile
3333
7777 BroadcastBroadcast
Host Name Resolution
NetBIOS Name CacheNetBIOS Name Cache2222
WINS ServerWINS Server3333
BroadcastBroadcast4444
DNS ServerDNS Server7777
HOSTSFile
HOSTSFile
6666
LMHOSTSFile
LMHOSTSFile
5555
Enter CommandEnter Command1111
NetBIOS Name ResolutionEnter CommandEnter Command1111
Local Host NameLocal Host Name2222
DNS ServerDNS Server4444
WINS ServerWINS Server6666
LMHOSTSFile
LMHOSTSFile8888
NetBIOS Name CacheNetBIOS Name Cache5555
HOSTSFile
HOSTSFile
3333
7777 BroadcastBroadcast
NetBIOS Name CacheNetBIOS Name Cache2222
WINS ServerWINS Server3333
BroadcastBroadcast4444
DNS ServerDNS Server7777
HOSTSFile
HOSTSFile
6666
LMHOSTSFile
LMHOSTSFile
5555
Enter CommandEnter Command1111
Host Name Resolution
NetBIOS Name Resolution
Examining the Data Transfer Process
Packet Terminology
Frame Components
Data Flow
Packet Terminology
Segment
Message
Datagram
Frame
Frame Components
HeaderA
lert
Sig
nal
Ale
rt S
igna
l SourceAddressSource
Address
DestinationAddress
DestinationAddress
Data
0.5 KB - 4 KB0.5 KB - 4 KB
Trailer
CRCCRC
Data Flow
UDPUDPTCPTCP
FTPFTPHTTPHTTP
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
UDPUDPTCPTCP
FTPFTPHTTPHTTP
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
Data
ApplicationApplication
DataFTPFTPHTTPHTTP
TransportTransport
Data
UDPUDPTCPTCP
FTPFTPHTTPHTTP
InternetInternet
Data
UDPUDPTCPTCP
IPIP ICMPICMP IGMPIGMP ARPARP
PreamblePreamble
Data
CRCCRC
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
Data
EthernetEthernetATMATM
Data
EthernetEthernetATMATM
Data
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
Data
UDPUDPTCPTCP
IPIP ICMPICMP IGMPIGMP ARPARP
Data
UDPUDPTCPTCP
FTPFTPHTTPHTTP
PreamblePreamble
Internet
Transport
Application
Data
CRCCRC
FTPFTPHTTPHTTP
Routing Data
IP Routing
Data Transfer Across Routers
IP RoutingIP Routing
RouterRouter
Portion of Routing Table192.168.1.0 255.255.255.0 192.168.1.1192.168.2.0 255.255.255.0 192.168.2.1192.168.3.0 255.255.255.0 192.168.3.1192.168.4.0 255.255.255.0 192.168.4.1192.168.5.0 255.255.255.0 192.168.5.1192.168.6.0 255.255.255.0 192.168.6.1192.168.7.0 255.255.255.0 192.168.7.1192.168.8.0 255.255.255.0 192.168.8.1
Is destination local?Yes, add the destination MAC addressNo, add the Router’s MAC address
Always add the destination’s IP address
Is destination local?Yes, add the destination MAC addressNo, add the Router’s MAC address
Always add the destination’s IP address
Data Transfer Across Routers
Verify packetDecrease TTLIs destination local?
Yes, add the destination MAC addressNo, add another Router’s MAC address
Verify packetDecrease TTLIs destination local?
Yes, add the destination MAC addressNo, add another Router’s MAC address
Verify packetVerify IP addressSend the packet up to the next layer
Verify packetVerify IP addressSend the packet up to the next layer
Is destination local?Yes, add the destination MAC addressNo, add the router’s MAC address
Always add the destination’s IP address
Is destination local?Yes, add the destination MAC addressNo, add the router’s MAC address
Always add the destination’s IP address
Verify packet
Verify IP address
Send the packet up to the next layer
Verify packet
Verify IP address
Send the packet up to the next layer
Verify packetDecrease TTLIs destination local?
Yes, add the destination MAC addressNo, add another router’s MAC address
Router 2Router 2
Router 1Router 1
AA
BB
CC
DD
Review
Introduction to TCP/IP
TCP/IP Protocol Suite
Name Resolution
Examining the Data Transfer Process
Routing Data