myintroip3

7/27/2019 MyIntroIP3

1/135


2/135

Page 2Alcatel University - 8AS 90145 0007 VH ZZA Ed.02

TCP/IPAlcatel University - 8AS 90145 0007 VT ZZA Ed.02 - June 2000 Page 2

INTRODUCTION TO TCP/IP

IP LAYER PROTOCOLS

IP OVER LAN / MAN / WAN

TCP/IP : TRANSPORT LAYER

TCP/IP : APPLICATIONS

IP NETWORK INTERCONNECTIONS

NETWORK ADMINISTRATION

SECURITY

IP VERSION 6

CONTENTS


3/135



Section 1 -INTRODUCTION TO TCP/IP


4/135



DEFINITIONS

Network architecture covers all the hardware and software resources for

interchanging data between two remotely located data processingsystems

The OSI model (Open Systems Interconnection) is a 7-layer architecturefor communication between two open systems

Communication between layers is defined by the concept of service

Communication between peer layers is defined by the concept ofcommunication protocol

The TCP/IP architecture incorporates only three functional layers

1 IP : NETWORK PROTOCOL

1.1 Fundamental concepts of TCP/IP

When two data processing systems want to communicate, numerous problems ofvery different types have to be solved.

The functions required for communication must be structured in the same way,hence the need for standardization.

In the field of long haul networks, the ITU (International Telecommunications Union(formerly CCITT)) is responsible for most standardization.

It has brought together both public and private telecoms Operators and telecommanufacturers from all countries to develop and distribute the most well known standards

such as X.25, X.400, ISDN, V.24, etc.

The standardization of local area networks is mainly the responsibility of the IEEE

(Institute of Electrical and Electronics Engineers), and its committee 802.

The ISO (International Standards Organization), which is dependent on the United

Nations, plays a major role in networks and telecommunications. It has defined areference model and is the only organization which can qualify a standard. In France, it

is represented by AFNOR.In addition to these official organizations, manufacturers and software publishers

also produce standards.

When a product becomes widely used, it becomes a "de facto" standard. Ethernet(Digital, Intel, Xerox) and NetWare (Novell) are examples of manufacturer standards.

TCP/IP architecture is a particular type of manufacturer standard, although notoriginated by manufacturers.


5/135



FUNCTIONAL STRUCTURE

Physical bearer access method

End-to-end management

Network interconnection

Management of applicationconnections

Application

Presentation

Session

Transport

Network

Data link

Physical

1.2 Layered architecture

Layer 7 : application layer : This layer manages the ways in which other layers canbe used. It provides user services such as messaging, file transfer and

sharing, and terminal emulation.

Layer 6 : presentation layer : This layer manages data presentation problems (thatis, syntax and form). It defines the way in which two communicating entities

can describe themselves to one another, and the type of data interchanged.Layer 5 : session layer : This layer mainly manages the synchronization of remote

tasks. It also manages dialogue between the tasks.

Layer 4 : transport layer : This layer adapts data units to network transportconditions. It manages end-to-end reliability functions if not provided by the

network.Layer 3 : network layer : This layer manages end-to-end routing of data units called

packets, with or without reliability mechanisms. It mainly provides routingand switching functions.

Layer 2 : data link layer : This layer handles point-to-point transfer of data unitscalled frames, incorporating error detection (and in some cases correction)mechanisms.

Layer 1 : physical layer : This layer manages data bits, adapting the form (electricalor optical) to the physical bearer. It also provides clock signals required for

synchronization.


6/135



(N) - PDU

(N+1) - PDULayer (N+1)

(N) - SDU(N)-PCI

Layer (N)

ENCAPSULATION

Layer 1 PDU :bitLayer 2 PDU :frameLayer 3 PDU :packetLayer 4 PDU :message

ConventionPDU : Protocol Data Unit

SDU : Service Data Unit

PCI : Protocol Control Information

1.3 Services and Protocols

Communication between adjacent layers (vertical communication) is based

on the concept of service.

The data unit interchanged at the service interface (transparent on a datatransmission line) is called : Service Data Unit(SDU).

Communication between layers on the same level (peer layers) is based onthe concept of protocol.

An element of protocol data is called a Protocol Data Unit(PDU).

The information to be transported is "encapsulated" on transition into a layer.


7/135



CONNECTION-ORIENTED ANDCONNECTIONLESS MODE

The connection-oriented mode is associated with theconcept of reliable transfer

It involves three phases:

- SET-UP

- TRANSFER

- RELEASE

Connectionless mode has only one phase:

- TRANSFER

1.4 Transfer mode

Information can be transported over a network in one of two modes:

connection-oriented and connectionless.

Connection-oriented mode entails maintaining an end-to-end connection

for the duration of the dialogue between two open systems.This transport mode requires the use of resources in both systems.In involves three phases:

- Set-up phase to establish the connection allowing the party initiatingthe call to ensure that the remote terminal is present and ready to

receive.

- Transfer phase, generally involving simultaneous bidirectional

(Full-duplex) transfer. Both communicating machines can send andreceive at the same time. Since the connection-oriented service is

considered reliable, regular acknowledgements are sent duringcommunication to guarantee that data is routed correctly.

- Release phase, used by the two machines to ensure that data still in

transit is not lost. This is called a negotiated disconnection. An abruptdisconnection can be initiated by one of the two parties but may lead to

data loss.

Connectionless datagram mode entails sending data over the network withno guarantee of correct delivery. There is no end-to-end continuous signalregarding the status of transfers.

This service is generally not guaranteed reliable. Its main advantages aresimplicity of implementation and performance.


8/135



RELIABLE TRANSFER

The concept of reliable transfer involves

3 functions:

- SEQUENCING

- ERROR RECOVERY

- FLOW CONTROL

The concept of reliable transfer is mainly associated with connection-oriented mode.

It provides a way of guaranteeing that PDUs are routed from end to end in the order in

which they were sent.

Sequencing can be achieved by numbering or quantifying PDUs.

Error recovery combines two functions: error detection and error correction.

In general, detection is handled by an acknowledgement mechanism and correction byretransmission.

The purpose of flow control is to prevent data loss in the event of congestion. It allowsthe receiver to control and even stop data transmission by the sender.


9/135



CLIENT-SERVER MODEL

TCP/IP communication complies with the

CLIENT-SERVER model

A machine (host) running a SERVER software package (process),responds to requests sent by a CLIENT

It is always the CLIENT that sends requests to the server

In the client-server model, the client initiates dialogue and waits for confirmation fromthe server.

If the server accepts the client, it can send requests to which the server responds.

The term client-server application is now reserved for a category of applications(generally, but not necessarily, network applications) in which application processing is

distributed between client and server.

TCP/IP is an architecture based on networked Client-Server relations.


10/135



ARCHITECTURES

Application

Presentation

Session

Transport

Network

Link

Physical

OSIArchitecture

TCP/IPArchitecture

NovellArchitecture

MicrosoftArchitecture

HDLC, LAP-B, FR, ATM,X21, V35, S,TCopper, FO, Microwave

802.2 Ethernet

802.x Token Ring

FDDI

DQDB

X.25 PLPInternet 8473

ISO 8326

ASN.1 X409

VT, FTAM,X400,CMIP

TP0, ..., TP4 TCP UDP

IP

TelnetFTP, NFSSMTPHTTPSNMP

SPX

IPX

NCPSAP

WAN MAN LAN

NetBios

S.M.B.

NetBeui

There are three main types of architecture:

- Proprietary architectures

These are the oldest types of architecture (defined before the OSI model).

The lower layers of these architectures can use standard protocols. Forexample, Microsoft or Novell architectures can communicate with TCP/IP

layers 3 and 4. SNA is IBM's architecture.

- Standardized architecture

A set of services and protocols defined by the ISO within the framework of the

OSI model. Although the lower layers (1 to 3) are widely used, the higherlayers of the OSI model seem to be limited to administrations.

- TCP/IP standard architecture

TCP/IP is a network architecture for connection of and communicationbetween any type of hardware over any type of network. TCP/IP is rapidly

becoming a universal architecture.


11/135



IP-RELATED ORGANIZATIONS

ISOC ("internet society")

defines policy and development objectives

IAB (Internet Activities Board) coordinates research and development activities

IETF (Internet Engineering Task Force) manages technical standards

IRTF (Internet Research Task Force) responsible for network development

NICs (Network Information Centre)

In France : AFNIC (www.nic.fr) In United States : INTERNIC (www.internic.net)

The organization supervising all TCP/IP developments is the IAB (Internet ActivitiesBoard). It is independent of all manufacturers. It has recently been recognized by theISO as an independent organization for defining standards. The IAB has two main "task

forces":

IRTF Internet Research Task Force : responsible for TCP/IP researchand development

IETF Internet Engineering Task Force : responsible for the Internet

Another entity manages Internet access addresses and RFC (requests for comments)numbers: NIC (Network Information Centre). Its French counterpart is the AFNIC:Association Franaise pour le Nommage Internet en Coopration.

The IETF and NIC are the two main authorities for both Operators and commercial

companies.


12/135



REQUESTS FOR COMMENTS

Document references on protocols and services

Technical publications on networks

Since 1969 (ARPANET) : more than 2300 RFCs

Freely available over the Internet (www.internic.net)

Not all RFCs are equivalent to standards

Status

Required

Recommended

Elective

Limited use

Not recommended

State

Standard

Draft standard

Proposed

Experimental

Informational

The RFCs published by the IETF are the equivalent of ITU recommendationsRFCs have no version N, but the number is changed on each update.

Everyone can contribute

Any new protocol studied and/or implemented is submitted to the IAB in the form of anRFC study document. The IAB (via the NIC) then assigns it a state and a status. Thestate and status are changed during formalization of the protocol described, its

functionalities, implementations, etc.

The different states of an RFC are listed below:

- Standard protocol : Official standard for TCP/IP architecture. Tested productsexist and have been in operation for some time.

- Draft standard protocol : Potential standard. Additional tests are required.These tests will be submitted once again to the IAB for approval and

validation.

- Proposed Standard Protocol : Potential standard. Numerous tests are still tobe carried out. The tested protocol will definitely be reviewed and improved.

- Experimental protocol : Protocol in the experimental phase. This type of

protocol must not be implemented by any operational system.RFCs are assigned a reference N (and any RFCs made obsolete), and the references,name, company, etc of the author or authors.

Many servers relay RFCs over the Internet according to theme or N. Unlike the

standards, they are therefore freely accessible.

RFCs specify whether implementation is mandatory, recommended, optional or not

recommended.


13/135



TCP/IP ARCHITECTURE

HDLC, LAP-B

X21, V35, S, T

Ethernet

Token RingFDDI

WAN MAN LAN

IP

ARP

IGP / EGP

Telnet

SMTPDNSFTP

X-Window

TFTP

SNMPNNTPDHCPHTTP

RPC

XDR

NFS

TCP UDPICMP

ping

Network layer:

IP : Internet Protocol

ICMP : Internet Control Message Protocol

ARP : Address Resolution Protocol

BOOTP/DHCP : Bootstrap Protocol/Dynamic Host Configuration Protocol

EIGRP : Enhanced Inter Gateway Protocol

OSPF : Open Shortest Path First

Transport layer:

TCP : Transmission Control Protocol

UDP : User Datagram Protocol

Session, Presentation and Application layers:

TELNET : TELecommunication NETwork

SMTP : Simple Mail Transfer Protocol

DNS : Domain Name System

TFTP/FTP : Trivial / File Transfer Protocol

SNMP : Simple Network Management Protocol

NFS : Network File System

RPC : Remote Procedure Call

XDR : eXternal Data Representation

HTTP : Hyper Text Transport Protocol


14/135



Introduction : The essential

True or False

IP was created in the beginning of the 80 s, when the first PCs appeared.

The OSI model has been defined in order to classify TCP/IP protocols.

Both IP and X25 protocols allow to transmit data, but with different advantages

A reliable transfer must be transmitted by a reliable physical bearer.

Client/Server architecture is very often used in applications based on IP.

IRTF et IETF are organizations depending on the DARPA

All the protocols of TCP/IP architeture are defined in the RFCs.

FalseFalse

FalseFalse

TrueTrue

FalseFalse

TrueTrue

FalseFalse

TrueTrue


15/135



Section 2 -IP LAYER PROTOCOLS


16/135



IP LAYER

IP is a protocol that can be routed in connectionless mode

Type : Best Effort Delivery

The IP layer incorporates different protocols

IP datagram

ICMP datagrams

Routing datagrams

IP needs a transport protocol

IP is non-reliable

Routing not guaranteed

No error checking

No flow control

Sequencing not guaranteed

- Adaptation to the physical network (fragmentation/reassembly)

The IP protocol manages packet sizes adapted to the frame size limits at link

level (MTU : Maximum Transmit Unit). (Eg. : 1500 octets for Ethernet,8 Kbytes for Token Ring, etc).

IP has a mechanism for fragmenting segments received from a higher layer sothat they can be sent on the physical network. Fragmentation, if required, is

performed in the routers used.

- Time To Live

Each packet is sent with the life span, or "time-to-live", defined by the value inthe TTL field of the IP header. The counter is initialized by the packet sender

and decremented by unity each time it crosses a router. When it hits 0 in arouter, the packet is destroyed. An ICMP packet is then returned to the

sender.

- Multiplexing a number of higher level protocols

IP manages N level 4 protocols. A "type" field identifies the protocoltransported. Eg: TCP, UDP, Routing, etc.

- Dynamic and auto-adaptive routing

Routing is the IP protocol's basic functionality. It serves mainly to route thepacket from end to end.


17/135



IP : MEDIATION LAYER

PSTNISDN

LANEthernetLAN

Token Ring

WANppp

WANX.25, FR, ATM

PSTN-ISDN

FDDIInternet

Restrictions

Guaranteed routing

The IP protocol provides a datagram service. The IP packet sender does not keep a

record of the packet sent, which means that it is not capable of retransmitting the packetif it does not reach its destination. The IP protocol therefore has no acknowledgement

mechanism.

Error checking

The checksum computed for IP is applied only to the IP packet header and used by IPrecipients (mainly routers) to check that the packet has not been altered by protocolinternal management.

Error monitoring is handled by link level protocols.

Flow control

There is no mechanism for managing buffer saturation in routers. Congestion results in

packet loss.

Data resequencingPackets sent are routed independently to individual recipients (datagram mode principle).

They can take different paths and be received in a sequence different from thetransmission sequence. The IP protocol does not guarantee sequencing of the packets

transmitted (IP-SDU).


18/135



IP ADDRESSES (V4)

In IP V4, an address is coded on 32 bits

It is represented by the decimal value of each of the 4 octets, separated bya dot

It consists of two fields:

- Net ID field- Host ID field

The field separator position is variable

It is identified using the concept of address class

1 0 0 1 0 1 1 0 0 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 1 1 1 1 0

1 5 0 . 1 0 . 2 0 . 3 0

Network logical addresses used by the IP layer are 32-bit addresses configured manuallyor dynamically.

These addresses are independent of physical addresses. A static or dynamicmechanism is therefore required to link these two types of address.

Any IP station can be reached using different types of address supported by LANs but notby telecom WANs.

Unicast address (individual)

Each IP machine (that is, a machine with TCP/IP connectivity) has a unique individualaddress. Note that in contrast to the uniqueness of MAC unicast addresses, IP logical

address uniqueness must be guaranteed by the administrator if there is no DHCP server.

Broadcast address

Any IP machine can be reached using a broadcast address and therefore process theappropriate packet. This type of address means that all stations in the network can be

addressed using a single packet.

This functionality does not exist on telecom networks.

Multicast address (group)

This type of address defines a group in which an N-machine subset of all machines canbe reached. Addressing is not configurable and is generally application-based or linked

to routing protocols.


19/135



IP ADDRESSES : CLASSES

Class A : NET ID 1st octet, Host ID 3 octets

Net Id Host Id

Class B : NET ID 2 octets, Host ID 2 octets

Net Id

Net Id

Host Id

Host Id

Class C : NET ID 3 octets, Host ID 1 octet

32-bit IP addresses consist of two fields:

The net ID field first and host id field last.

Two stations on the same physical local network can intercommunicate only if theybelong to the same IP logical network.

Two stations on two different IP networks can intercommunicate only via a router.

The position of the network and host field separator depends on the 32-bit addressvalues used. These values are organized in address classes.

Addresses in which the first octet has a decimal value between 1 and 126 are class Aaddresses.

The first octet then represents the network number and the other three octets the hostnumber.

Addresses in which the first octet has a decimal value between 128 and 191 are class Baddresses.

The first two octets then represent the network number, and the last two octets the host

number.Addresses in which the first octet has a decimal value between 192 and 223 are class Caddresses.

The first three octets represent the network number and the last octet the host number.


20/135



IP ADDRESSES : CLASSES

Class A : NET ID 1st octet, Host ID 3 octets. 1st octet value from 1 to 126

Nets : 128 Hosts : 16 777 214

Class B : NET ID 2 octets, Host ID 2 octets. 2nd octet value from 128 to 191

Nets :

Nets :

Hosts : 65 534

Hosts : 254

Class C : NET ID 3 octets, Host ID 1 octet. 1st octet value from 192 to 223

16 384

2 097 152

These address classes have resulted in wastage, in particular in regard to class Baddresses because of the significant differences in capability between a class B networkand a class C network.

Class D contains multicast addresses, 224.

Higher values (225 to 254) are class E addresses reserved for the IETF.


21/135



IP ADDRESSES : FEATURES

Value 0 : represents ANY Host

Value 1 : represents ALL Hosts

150.10.0.0 represents any host on network 150.10

150.10.255.255 represents all hosts on network 150.10

127.X.X.X addresses are LOOPBACK addresses

These addresses are never sent over the network

Some forms of address are reserved.

The all-0 and all-1 forms are special values.

0.0.0.0

This address represents any machine not yet assigned an address. It use is allowed onstartup (on booting, before determining the true unicast address). It is not a valid networkaddress.

network n + machine n set to 0 : Eg. : 150.10.0.0

Represents this network.

network n set to 0 + machine n : Eg. : 0.0.20.30

The machine on this network.

127.x.x.x

This address is reserved for loopback (local loop).

It represents the machine and can be used for intercommunication between localprocesses.

Client and server implemented in the same host.

A packet with destination address 127.0.0.1 is looped in the IP layer and therefore neverleaves the machine.


22/135




Any station can be reached at its UNICAST address

Eg. : 150.10.20.30

Any station can be reached at its BROADCAST address

Selected broadcast Eg. : 150.10.255.255

Restricted broadcast : 255.255.255.255

Any station can be reached at its MULTICAST address

MULTICAST addresses are structured : 224.X.X.X

They are class D addresses and represent ALL hosts in a group

IP V6 does not support Broadcasts but introduces the concept of ANYCAST:Any (at least one) host in a group

network n + machine n set to 1 : Eg. : 160.10.255.255

Selected broadcast for broadcasting on another network.

225.255.255.255 :

Restricted broadcast for broadcasting on the physical network and not crossing routers

(except in special configurations).

224.0.0.9 :

Represents the Multicast address of routers running the RIP Version 2 routing protocol.


23/135



IP ADDRESSES : MASK

The function of routing is to reach any host in a network

Eg. : 150.10.0.0

The HOST part of the UNICAST address must be masked

Eg. : 150.10.20.30 must be converted to 150.10.0.0

A logical AND must be applied to the UNICAST address and the mask value

Configuring a mask entails:

Setting the NET part to 1 and the Host part to 0

It is therefore sufficient to know the class

Eg. : for network 150.10, class B, the mask will be:

255.255.0.0

Any IP machine must have at least one network mask, required for the routing function.

The mask is used to specify the net part (user, server or router) which the station mustchoose to route the IP packet.


24/135



IP ADDRESSES : MASK

1 0 0 1 0 1 1 0 0 0 0 0 1 0 1 0 0 0 0 1 0 1 0 0 0 0 0 1 1 1 1 0

1 5 0 . 1 0 . 2 0 . 3 0

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

2 5 5 . 2 5 5 . 0 . 0

1 0 0 1 0 1 1 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

1 5 0 . 1 0 . 0 . 0

AND

When processing a packet, IP applies a LOGICAL AND to the unicast address generatedand the configured mask value.

The objective is to obtain a logical AND result in the form:

Net ID (n). 0, where n depends on the class

so that the packet can be routed to the appropriate network.

This means that once unicast address 150.10.20.30 has been applied, mask 255.255.0.0will be presented in the form 150.10.0.0 for interrogating the routing table.


25/135




IP network 192.1.1.0

IP network 128.15.0.0

Requirements

Two stations separated by router: Different network Ns

Two stations connected with no router: Same network Ns

On same network: Different host Ns

192.1.1.1

192.1.1.2192.1.1.3

192.1.1.17

128.15.1.1

128.15.187.1

128.15.1.13

An IP machine must know:

- its IP address

- its subnetwork mask

- at least one IP router address

Router

In order to "exist", a station must have a unicast address and associated mask. Theaddress of a router (generally default address) allows it to avoid being shut in to its ownnetwork.

The station derives its "routing table" on the basis of this information.


26/135



SENDING THE IP DATAGRAM

Packet ready to send Routing table

Logical networkN1

Logical network

N2

C:\netstat -r

network address network mask Gateway addr. Interface metric

0.0.0.0 0.0.0.0 150.10.20.31 150.10.20.30 1127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1150.10.0.0 255.255.0.0 150.10.20.30 150.10.20.30 1

150.10.20.30 255.255.255.255 127.0.0.1 127.0.0.1 1255.255.255.255 255.255.255.255 150.10.20.30 150.10.20.30 1150.10.255.255 255.255.255.255 150.10.20.30 150.10.20.30 1224.0.0.0 224.0.0.0 150.10.20.30 150.10.20.30 1

The IP layer which has a packet to send must determine the interface to which the packetmust be delivered. This amounts to deciding the layer 2 (LAN, MAN or WAN) to whichthe IP must "pass" the datagram.

It interrogates the routing table using the netstat rcommand to identify the interface to

be used.


27/135



SENDING THE IP DATAGRAM

Packet ready to send Routing table

Logical networkN1 Logical network

N2

InterfaceLAN

ARP cache 08 20 02 12 63 48 150.10.20.30

MAC frameARP request

ARP cache

No Entry

After identifying the interface, the IP must know the type of protocol associated with theinterface, depending on whether the procedure is LAN/MAN or not.

This is because layer 2 will have to define a physical destination address associated withthe layer 3 address.

For LAN/MANs, this address is supplied by an ARP cache managed dynamically usingARP requests so that IP and MAC address can be mapped.

An interesting feature of these requests is that they are Broadcast by layer 2.

The broadcast function does not exist on WAMs and manual mapping is required.

ATM represents a special case since it can be implemented on a LAN, MAN or WAN, in

which case ARP mechanisms are provided by servers.


28/135



ADDRESSING BY SUBNETWORK

Network 1

150.10.0.0

Network 2

Network 3

160.10.0.0

170.10.0.0

S/Network 2

S/Network 3

S/Network 1

Subnetworks are used to partition the network and segregate message flows.

The subnetwork address is configured in the Host Idpart.

A mask is used to create subnetworks, forcing routers to "deepen" the analysis.

The number of subnetworks depends on the number of bits reserved in the Host Id field.

Subnetwork addresses which are all 0s or all 1s have a special function.

Example: up to six subnetworks can be configured using a three-bit subnetwork address.


29/135




Example:Class B address 150.10.0.0

can be subnetted using one of the masks below, depending onthe number of subnetworks required

N of bits Mask N of SNs

2 255.255.192.0 23 255.255.224.0 64 255.255.240.0 145 255.255.248.0 306 255.255.252.0 627 255.255.254.0 126

8 255.255.255.0 2549 255.255.255.128 510

etc.

A second addressing level: subnetwork.

The basic unicast address consisting of:

can be extended to:

The network npart remains unchanged (same addressing class, A, B or C).

The subnetwork npart occupies some of the space reserved for the machine number.Its length in terms of bits varies (in contrast to the network part which varies in terms of

the number of octets).

The machine npart occupies the remaining space and its length also varies in terms ofthe number of bits.

The main advantage of this type of addressing lies in the fact that a single network (classA, B or C) can be subdivided into N IP logical subnetworks with exactly the sameinterconnection and routing rules as for single-level conventional hierarchical addressing.


30/135



Network 1

150.10.0.0

Network 2

Network 3

160.10.0.0

170.10.0.0

S/Network 2

S/Network 1

160.10.128.0

160.10.64.0


The subnetworks (2-bit address) of network 160.10.0.0 are:

160.10.20.64.0

160.10.20.128.0

A station with address 160.10.20.30 before subnetwork creation must be renumbered.

In the first subnetwork, it becomes:

160.10.84.30

If it is installed in the second subnetwork, it becomes:

160.10.148.30


31/135



RFC 1918

10.0.0.0172.16.0.0to172.31.0.0

192.168.0.0to192.168.255.0

Class A Class B Class C

The following network numbers are not routed on the Internet

PRIVATE / PUBLIC ADDRESSING

Natural segregation of private traffic from Internet traffic

Requires the presence of an address translator

Network Address Translator (Router function)

The NAT does not replace the FireWall and/or Proxy Server


32/135



ADDRESS TRANSLATION

Internet

ISP

Firewall

Translator location

In the Firewall

In the router

Types of translation

N private @ to 1 public @

N private @ to M public @

1 private @ to 1 public @

Translator

@priv1,150.10.20.30

@priv2,150.10.20.31

@priv3,150.10.20.32

Dynamic managementof a mapping table

translating private/public IP @

@pubA,194.10.212.47

@pubA, 194.10.212.49

@pubA, 194.10.212.49

Example : N to M

The NAT (Network Address Translation) function solves the problem associated with theshortage of public addresses, and also provides protection for stations in the privatenetwork.

n private addresses can be associated with a single public address (front end routeraddress). The router then separates flows by identifying client-server pairs in terms of

application addressing (port Ns).


33/135



VERSION LENGTH SERVICE TYPE

TOTAL LENGTH

IDENTIFICATION

0 DF MF FRAGMENT OFFSET

TIME TO LIVE PROTOCOL

CHECKSUM

SOURCE IP ADDRESS

DESTINATION IP ADDRESS

OPTIONS + PADDING

0 7 15

IPpacket

Frameheader

Physicalframe

IP: DATAGRAM FORMATS

CRC

VERSION (4 bits): IP version number. Current version: 4.

LENGTH (4 bits): Total length of IP header expressed in 32-bit words. Defaultvalue: 5 (min=5, max=15 depending on the option field).

TOTAL LENGTH (16 bits): IP datagram total length in octets. Default value: 20.

SERVICE TYPE (8 bits): Type of service required based on the following criteria: reliability,

bit rate, network transfer time. Rarely used (value 0).

FLAGS (3 bits):

bit 0 : 0

bit 1 (Don't Fragment) : 1 = fragmentation not allowed / 0 = fragmentation allowedbit 2 (More Fragment) : 1 = intermediate fragmentation / 0 = last fragmentation

OFFSET (13 bits): Displacement relative to the first packet in the event of fragmentation.Default value: 0 (offset min=0, offset max=8191).

IDENTIFICATION (16 bits): SDU identification.

If fragmentation is used, each fragment has the same identification.

TTL (Time To Live): Life span of the IP datagram expressed in seconds, but more often innumber of hops. Default value:15 (min=0, max=255).

PROTOCOL: Higher layer protocol code.

- TCP, UDP, ICMP, OSPF

CHECKSUM: Header integrity check.

SOURCE ADDRESS: IP address of the sending machine.

DESTINATION ADDRESS: IP address of the recipient machine.

OPTIONS: Options associated with the IP protocol: routing, route discovery, security, etc.


34/135



ICMP : INTERNET CONTROL MESSAGE PROTOCOL

IPpacket

Network 1 Network 2 Network 3

IPpacke

tIP packet

ICMP packet

ICMP is an administration protocol for managing the network layer. It provides

information on events relating to IP protocol.

Most ICMP messages are generated by routers and sent to packet senders to notify a

problem in routing an IP packet.

ICMP monitors the IP protocol.

ICMP is implemented over IP. ICMP PDUs are routed on the network layer.

ICMP sends information in a datagram to the IP packet sender in the following cases:

- destruction (in a router) following a routing problem,

- destruction following a life span (TTL) problem,

- destruction following an error in the header,

- destruction following a router buffer saturation problem,

- information relating to the recipient IP machine's accessibility. A better route may bepossible using another router.

In addition, ICMP manages basic information relating to the IP layer.


35/135



ICMP: PACKET FORMAT

TYPE

CHECKSUM

0 7 15

ICMPpacket

Frameheader

Physicalframe

IPheader

IPdatagram

CODE

DATA

CRC

The main ICMP messages sent by routers are listed below:

Flow control ICMP_SOURCE_QUENCH

Allows a gateway (or host) to notify network congestion and ask the sender to slow down

transmission. No check is run on whether the source has effectively slowed down.Similarly, there is no message to tell the source that it can speed up again.

Time_out ICMP_TIME_OUT

This message indicates packet destruction due to TTL expiry.

Header error ICMP_HEADER_ERROR

Reports detection of an error making the datagram unusable. Checksum errors are nothandled in this way since, in this case, the sender's IP address is not reliable. Errors

generally relate to options.

Error report ICMP_UNREACHABLE_DEST

Notifies the sender of a datagram that it has not been delivered to the recipient.

Generally indicates a routing problem or unavailable station.


36/135



Network 1 Network 2 Network 3

Ping 150.10.20.30160.10.20.30

CAECHO REQUESTICMPIP

ECHO REPLYICMPIP

ICMP: PING UTILITY

Remote system activity test

IP network transfer time

Note: a pingin itself checks IP layer activity only, and not thenetwork board

The ping command is used to test host or router accessibility.

The command uses the ICMP echo function.

An ICMP packet (echo request) is sent and its receipt initiates transmission of a return

ICMP packet (echo reply).These packets contain data whose length is configurable. There are numerous optionsfor enhancing the ping command.

The main responses to the ping are:

Hostis alive

Reply from host

Or in the event of a problem:

Host unreachable

Network unreachable

No answer from host

Time out

Etc.


37/135



Server

Client

Network 3Network 2

Default gateway:

R1

R1 R2

1

2

3

4

5

ICMP REDIRECT

The ICMP_REDIRECT message is used by a gateway to tell a host that a better gatewayexists. In general, this occurs when two gateways are present on the same network, anda host in the network has out of date routing tables leading it to use the less appropriate

gateway. The message is not used between two gateways.

The example above shows a conventional case of route optimization from a client station:

1 : First packet sent for the server to the default gateway.

2 : Router R1 transmits the packet to router R2.

3 : Router R1 tells the client that there is a shorter path for reaching the

server's logical network: ICMP Redirect.

4 : Router R2 transmits the packet to the server.

5 : The client sends subsequent packets directly to router R2.

All IP machines must be capable of interpreting a received ICMP_REDIRECT message.


38/135



Rn

A

R2 R3R1TTL=1

TTL=2

. . .

ICMP TTL Exceeded

TTL= 3TTL= n

B

ICMP : TRACEROUTE UTILITY

Traceroute is a software tool for identifying nodes crossed by an IP

datagram sent to a remote machine.

Traceroute is based on the use of "TTL exceeded" ICMP messages.


39/135



Dynamic configuration of IP machine addresses (clients)

DHCP

serverDHCP client

DHCP clientDHCP client

I want an individual IP address

Here is your IP address X.X.X.X

(DHCP is carried by IP broadcast in BOOTP packets to UDP)

DYNAMIC HOST CONFIGURATION PROTOCOL

The widespread use of TCP/IP machines (PC terminals) on local networks has

significantly increased administrator workload, and therefore the risk of errors associatedwith manual address management.

The most common error is allocation of duplicated addresses.

The BOOTP protocol (allowing diskless stations or X terminals to boot up on the network)provides mechanisms allowing a station which does not exist on the network to contact aserver, even though it does not know its address.

The DHCP protocol uses BOOTP as a support and provides a high degree of interchange

flexibility for allocating an address dynamically.

Dynamic Host Configuration Protocol is defined in the RFCs below:

RFC 1533 "DHCP Options and BOOTP Vendor Extensions"

RFC 1534 "Interoperation Between DHCP and BOOTP"

RFC 1541 "Dynamic Host Configuration Protocol"

DHCP has a facility for permanently storing client configuration parameters and

dynamically or statically allocating an IP address.

The server then supplies the address of the default gateway, together with the mask

value.

Depending on the type of network operation, a server can provide other information suchas the address of the DNS server.

The allocation can be either permanent or temporary. The function is described in terms

of a "lease" which the client has to renew periodically.


40/135



DHCPserver

DHCP client

DHCP DISCOVERSource Address: 0.0.0.0Dest. Address: 255.255.255.255

INITIALIZATION

In the initialization phase, the client sends a discoverrequest by IP broadcast over the

network.

By default, the DHCP server must be on the same IP network since 255.255.255.255restricted broadcast does not cross any routers.

However, it is possible to overcome this problem by configuring the router so that itextends UDP broadcasts to the address of the server.


41/135



DHCP server

DHCP client

DHCP OFFERSource Address: 150.10.20.30Dest. Address: 255.255.255.255IP Address: 150.10.20.31Subnet Mask: 255.255.0.0Server Identifier: 150.10.20.30Lease Length: 48 Hours

SERVER SELECTION

150.10.20.30

On receiving the discover, the server or servers make an offercontaining an IP address,

a mask and lease length, together with any other configuration information, at theadministrator's initiative.


42/135



DHCP REQUESTSource Address: 0.0.0.0Dest. Address: 255.255.255.255Req IP Address: 150.10.20.31Server Identifier: 150.10.20.30Requested Parameters........

DHCP server

DHCP client

SERVER CHOICE / REQUEST

150.10.20.30

The DHCP client may make a selection if more than one server is offered, and then send

a request to the selected server.

However, these interchanges are still executed by IP broadcast.


43/135



DHCP ACKSource Address: 150.10.20.30Dest. Address: 255.255.255.255IP Address: 150.10.20.31Subnet Mask: 255.255.0.0Server Identifier: 150.10.20.30Lease Length: 48 HoursDefault Gateway: 150.10.20.35Other Requested Parameters....

DHCP server

DHCP client

ATTACHMENT

150.10.20.30

The DHCP server selected sends an acknowledgement (DHCP ACK) containing the

address initially sent during the exploratory phase and a lease length valid for thisaddress, together with TCP/IP network configuration parameters for the client.

After receiving the acknowledgement, the client is attached and can now operate on the

TCP/IP network and terminate the startup procedure.

Client computers with the appropriate facility can store the received address locally so

that it can be used on subsequent startups.

When the lease is about to expire, the client attempts to renew the lease with the DHCPserver. If the current lease cannot be renewed, the client receives a new IP address.


44/135



DHCP server

DHCP client


RENEWAL

150.10.20.30

150.10.20.31


45/135



DHCP client


DHCPserver

REATTACHMENT

150.10.20.31


46/135



DHCPserver 1

Extended Extended

150.10.20.1to

150.10.20.100

150.10.20.75to

150.10.20.175

The DHCP client leases@IP 150.10.20.85 fromDHCP server 1

ERROR!!Duplicated address

DHCPserver 2

The DHCP client leases@IP 150.10.20.85 fromDHCP server 2

EXTENDED INTERSECTION


47/135



IP Layer : The essential

True or False

IP is named this way because it can interconnect any type of networks.

An IP characteristic is as follow : Best Effort Delivery ; So, it s a protocol idealfor voice transmission.

A broadcast packet never goes through routers.

The mask is used for IP packets routing.

A router has several IP addresses, one per each connected network.

ICMP goal is to allow IP packets to go correctly to the destination.

An IP host can not work correctly if DHCP is not managed.

TrueTrue

FalseFalse

FalseFalse

TrueTrue

TrueTrue

FalseFalse

FalseFalse


48/135



Section 3 -IP over LAN / MAN / WAN


49/135



IP OVER ALL NETWORKS

IP

LAN MAN

Ethernet Token Ring

WAN

Transparent Virtual circuit

LL, PSTN, ISDN X.25, FR, ATM

FDDI DQDB


50/135



IP OVER ETHERNET / 802.3

Encapsulation - IP/Ethernet DIX V2 - (RFC 894)

Destination

48 bits

Source

48 bits

SSAP

8 bits

Ctrl

8 bits

DSAP

8 bits

Destination

48 bits

Source

48 bits

Type

16 bits

0x0800

6 6

Encapsulation - IP/IEEE 802.2/IEEE 802.3 - (RFC 1042)

Datalength

16 bits

IP datagram

IPheader

Data

IP datagram

IPHeader

Data

The ISO 8802 standard is split into a number of parts:

- ISO 8802.1 defines the general organization of layers 1 and 2.

- ISO 8802.2 defines the higher part of layer 2, called LLC (LOGICAL LINK

CONTROL), including a number of protocol types.

The "type" field in the Ethernet DIX V2 standard is used to detect the higher levelprotocol.

Standard 802.3 replaces this field with a length field, defining the length of the informationfield.

However, it is still possible for these two methods to co-exist on the same LAN since themaximum length is 1500 octets and protocol typecodes are set to a higher value.


51/135



ADDRESS RESOLUTION PROTOCOL (ARP)

B

IP(A) = 150.10.20.30

IP(B) = 150.10.20.31

Eth(A) = 00 10 7B 38 52 EC

Eth(B) = ?

Mac Broadcast

ARP Reply

Eth(B) = 080026235577

A

Router

ARP Request

The IP network logical address facilitates end-to-end addressing on a virtual IP network.

Local routing using successive approximation (physical network) is based on MAC layerphysical addressing.

It is therefore necessary to map the destination IP address (intermediate router to end

user machine) to the MAC address of this recipient.

On broadcast networks (that is, networks with an MAC broadcast address), the ARPprotocol handles address resolution dynamically.

It updates a table (ARP cache) mapping IP and MAC addresses.

It is based on a two-frame interchange:

- request sent by the IP machine with an IP packet to send to an IP machine

whose MAC address it does not know.

broadcast over the LAN (does not cross routers). contains the IP address to be mapped, among other information.

- reply sent by a machine (recognizing its IP address in the request) to the

machine making the request. contains the required MAC address.

By default, the time-to-live of a line in ARP cache is limited to 30 seconds.


52/135



PROXY ADDRESS RESOLUTION PROTOCOL (ARP)

B

IP(A) = 150.10.20.30

IP(B) = 160.10.20.31

Eth(A) = 00 10 7B 38 52 EC

Eth(B) = ?

Mac Broadcast

ARP Reply

Eth(Router)00 00 0C 07 AC 01

A

Router

ARP Request

If the IP recipient is not on the same logical network as the machine sending the request,

the MAC address received is not that of the final recipient, but the address of a recipienton the LAN (that is, the gateway router providing access to the destination network).

Since the gateway router replies instead of the recipient, the operation is called proxy

ARP.


53/135



POINT-TO-POINT PROTOCOL

PPP is a layer 2 protocol (HDLC type)

Usable on transparent circuit with synchronous or asynchronous

transmision

Basic functionalities

Link configuration and link option negotiation

Protocol multiplexing by encapsulation and identification

Link quality testing and error detection

Authentication

Header compression

Choice of CRC

Incorporates sub-protocols

LCP (Link Control Protocol)

IPCP (IP Control Protocol)

NCP: Network Control Protocol

Two protocols are used to implement IP in transparent mode on a serial link or

PSTN/ISDN circuit.

The historic standard is SLIP (Serial Line IP).

This very simple method, limited to Asynchronous Serialtransmission (low rate), is now

practically obsolete.PPP is a much more complete protocol and can even be used for direct transmission ona very high rate SDH link.

PPP fully defines line management (layers 1 and 2), the encapsulation method and

higher level (layer 3) protocol management using the serial link as the layer 2 bearer.

It incorporates three elements:

- Datagram encapsulation method:

- Link control protocol: LCP.

- Network control protocol: NCP (layer 3 management protocols).

- IP control protocol: IPCP.


54/135



PPP AUTHENTICATION

PAP

Password Authentication Protocol

Plain text password CHAP

Challenge Handshake Authentication Protocol

Secretpassword

PPPclient

PPP

server

Reply

MD 5

Challenge(random)

=rcvd calc

Challenge(random)

Secretpassword

MD 5

OK or OK

PPP incorporates identification and authentication mechanisms.

Password Authentication Protocol (PAP) is used for simple identification by interchanging

a password associated with a user name.

However, the password is transmitted "in plain text", and the number of attempts is

unlimited.

The CHAP protocol is more effective.

Challenge Handshake Authentication Protocol works on the principle of a "question of theday". Identification-authentication involves an encrypted interchange and only one

attempt is permitted.

In addition, the encrypted sequence is not permanent and copying it does not guarantee

access.

Each time the link is established, a new challenge is proposed.

The PPP protocol also has a callback mechanism for guaranteeing security on switched

access (for example, ISDN).


55/135



IP OVER MULTIPOINT WAN : IP OVER X.25

X.25 network

LAN 3

LAN 1

LAN 2

HDLC X.25

802.3/5

@X121 R3

@X121 R1

@X121 R2

Address table@IP R1 Wan --> @X121 R1@IP R2 Wan --> @X121 R2

Routing tableLAN1 --> @IP R1 WanLAN2 --> @IP R2 Wan

PLP X.25

ARP table

@IP --> @MAC...

IP

802.2

Packet mode, X.25 and FR wide area networks are based on setting up virtual circuits

either statically or dynamically.

It is therefore necessary to implement a module for managing these circuits transparentlyfor IP.

Since broadcast mechanisms do not exist on these networks, it is not possible todynamically load the ARP cache.

For this reason, the link must be established manually between the IP address and eitherthe X.121 address for an SVC (Switched Virtual Circuit), or the LCN (Logical Channel

Number) for a PVC (Permanent Virtual Circuit).

The use of X.25 for transporting IP datagrams incorporates a special feature.

Encapsulation is used from layer 3 to layer 3. The IP datagram is encapsulated in anX.25 data packet which itself is encapsulated in an X.25 frame.


56/135



IP OVER MULTIPOINT WAN : IP OVER FR

FR network

LAN 3

LAN 1

LAN 2

Frame

Relay

802.2

802.3/5

DLCI R31

DLCI R13

DLCI R23

Address table@IP R1 Wan --> DLCI R31@IP R2 Wan --> DLCI R32


ARP table

@IP --> @MAC...

IP

DLCI R32

The use of Frame Relay for IP transport has now replaced X.25. The same principle is

used, except that to date Frame Relay is used in PVC mode only, and therefore set-up/release phase management is not required for the virtual circuit.

Mapping layer 3 and layer 2 addresses consists of associating the IP address of the

remote router with a logical connection identifier, called the Data Link ConnectionIdentifier (DLCI).


57/135



IP OVER MULTIPOINT WAN : IP OVER ATM

ATM network

LAN 3

LAN 1

LAN 2

FrameRelay

802.2

802.3/5

VPI/VCI R31

VPI/VCI R13

VPI/VCI R23

Address table@IP R1 Wan --> VPI/VCIR31

@IP R2 Wan --> VPI/VCIR32


ARP table

@IP --> @MAC...

IP

AAL/ATM

VPI/VCI R32

The use of ATM for IP transport is at present mainly reserved for operator and very large

business backbones.

The operating principle is the same as for Frame Relay. ATM is also used in permanentvirtual circuit mode, and the IP address of the remote router is mapped to the VPI-VCI

(Virtual Path Identifier-Virtual Circuit Identifier) identifying the circuit.


58/135



IP bearers : The essential

True or False

IP packets are segmented into packets of 1500 bytes for delivery to the lower layer.

ARP allows to find an IP host by knowing the MAC address.

PPP is a protocol at the same layer as Ethernet

2 LANs may be connected through the PSTN using PPP.

2 PCs can be connected together by serial link, in order to make an IP network.

This local network can be connected to the Internet, by linking one of them bymodem.

As IP can be placed above any type of physical network, it can be implemented in

the mobile networks.

An IP host may be a router, by only adding specific software.

FalseFalse

FalseFalse

TrueTrue

TrueTrue

TrueTrue

TrueTrue

TrueTrue

TrueTrue


59/135



Section 4 -TCP/IP : TRANSPORT LAYER


60/135



APPLICATION-ORIENTED ADDRESSING

Station A

Physical network : layers 1 and 2

IP

TCP - UDP

AppliX

Client

AppliY

Server

AppliZ

Server

IP

TCP - UDP

AppliX

Server

AppliY

Client

Station B

Port number: Communication local identification

Socket: Association of IP address and port number

Communication: Association of Server and Client sockets, transport type (TCP / UDP)

Source port-Destination port

Layer 4 (transport) provides an end-to-end service between communicating applications

(processes). In TCP/IP architecture, two transport protocols are used to perform thisfunction.

The transport service provided by Transmission Control Protocol (TCP: reliable transport

mode) and User Datagram Protocol (UDP: non-assured transport mode for transactionaltraffic) is an addressing service for communication between two application processes.

Any process wanting to communicate with a remote process is identified on the transportlayer by a port number (encoded on 16 bits).

A complete layer 4 address therefore incorporates two fields:

- IP address identifying the Host on the logical network,

- port number identifying the application within the host.

In TCP/IP terminology, this address is called a "socket". Each application process has anaddress of this type. Two processes therefore communicate by associating two sockets.

An application stream (communication channel) between two processes is defined by:

- local IP address, local port number, remote IP address, remote port number, type of

transport.

The "type of transport" field allows either TCP or UDP transport to be used for a given

application.


61/135



WELL KNOWN PORTS

Servicesfile

20/tcp21/tcp23/tcp25/tcp

53/udp67/udp68/udp69/udp79/tcp80/tcp

88/udp109/tcp110/tcp

111/udp161/udp162/udp

512/tcp513/tcp

520/udp

File Transfer Protocol [Default Data]File Transfer Protocol [Control]

TelnetSimple Mail Transfer Protocol

Domain Name ServerBootstrap Protocol ServerBootstrap Protocol Client

Trivial File Transfer ProtocolFinger

World Wide Web HTTPKerberos

Post Office Protocol - Version 2Post Office Protocol - Version 3

SUN Remote Procedure CallSNMP

SNMP TRAPRemote Process Execution

Remote LoginRIP

Number Protocol Keyword

ftp-dataftp

telnetsmtp

domainbootpsbootpc

tftpfinger

www-httpkerberos

pop2pop3

sunrpcsnmp

snmptrapexeclogin

router

Port numbers can be assigned in three ways:

- port number specified in the code,

- port number read in a configuration file,

- port number assigned by the system.The port number is assigned to the client when it requests a connection (TCP) or when it

sends data (UDP).

Port numbers are reserved. They are used by standard application services such as ftp,

telnet, etc.

The application connection is always initiated by the Client, and the server monitors the

port representing the application.

Two client-server relations cannot be confused since each session is assigned a port

number dynamically (port mapperfunction), and the application address also consists oftwo data fields:

Application port n, static - session port N, dynamic

Application port Ns known to the system are listed in the servicesfile.


62/135



TRANSMISSION CONTROL PROTOCOL

Connection-oriented mode

3 Phases : Set-up - Transfer - Release Reliable transfer mode

Fragmentation (octet stream)

Guaranteed sequencing

Error recovery (timer protection)

Window flow control

"Forced delivery" option

PSH flag

"Urgent data" option

URG flag

Sequencing

The TCP layer is capable of fragmenting data it receives.

Although the TCP service is a "continuous octet stream" service, TCPsequences the segments transmitted by allocating sequence numbers.

The sequence number representing a volume of data is also used foracknowledgement purposes.

Error recovery

Since IP is by design not reliable, TCP must know how to detect loss of octets

and recover this condition.Detection is based on a timed acknowledgement mechanism, and recovery isbased on retransmission.

Flow control

The flow control mechanism in TCP is based on the use of an anticipationwindow.

This window represents a volume of octets which the receiver is capable of

receiving at a given time.The receiver therefore manages the window for the sender to which it is

connected.Since transfer is full-duplex, the same independent mechanism is used at both

ends (send and receive).

In the event of congestion, failure to update the window results in transfer termination,

avoiding data loss.

TCP uses a set of pointers for managing operating mechanisms.


63/135



TCP: CONNECTION SET-UP

Snd SEQ N: 3256

Snd SEQ N2650Ack SEQ N3257

TCP client A TCP server B

Snd SEQ N: 3257Ack SEQ N: 2651

IP IP

network

Connection phase

During this phase, the transport connection is set up between the two remote processes.

Each end of the link initializes the connection using the SYN pointer. Each request is

acknowledged by the ACK pointer and Seq N +1.This means that there are two logical connections between the two processes: one for

each transmission direction, each set up on the send side.

These two connections are totally independent (characteristics / parameters, use, etc).


64/135



ClientAppli

TCP IP network TCP ServerAppli

SYN 3256

ACK 3257, SYN 2650

ACK 2651

PSH 3257, ACK 2651, lg=100

ACK 3357, PSH 2651, lg=500

ACK 3151

ACK 3357, PSH 3151, lg=200

ACK 3357, PSH 3351, lg=600

ACK 3951

TCP: DATA TRANSFER

Setup

Transfe

r

Transfer phase

During this phase, the two processes simultaneously interchange a bidirectional octet

stream (TCP-PDU). For TCP, the unit of transfer is the segment. Each segment

contains n octets of the N octets in the message sent by the application. TCP does nottherefore provide a block transmission service. It provides a send/receive service for alinear stream of octets with no separator and no structure. The application processcannot force TCP to delimit the blocks it sends. The remote process must be capable of

rebuilding the blocks received and therefore finding the block separators (applications!) inthe linear stream of octets received from TCP.

Information transfer by TCP is guaranteed in sequence, error free and with no losses.

Transfer reliability is guaranteed by acknowledgement mechanisms, send/receivesequence numbers and the ACK pointer. A PUSH pointer forces delivery without waiting

for a complete segment, such as transmission of a single character, and an URG pointerforces transmission even if the window is blocked for flow control purposes.


65/135



TCP: CONNECTION RELEASE

Snd SEQ N3357



TCP client A TCP server B

IP IP

network

Disconnection phase

This phase consists of two fully asynchronous sub-phases.

TCP disconnection is secured insofar as it must be executed at both ends.

In fact, there is a send disconnection for each TCP layer. This disconnection is

acknowledged and any data not sent is sent before the disconnect TCP-PDU.

On receiving a disconnect request, the TCP knows that the sender has no further data to

send. The receiving TCP can continue to send. Disconnection is complete when TCPhas sent its request.

This type of disconnection is normal and guaranteed with no loss of data.

The END pointer is used for disconnection.

A sudden disconnection facility exists:

- Use of the RESET pointer (possible data loss).


66/135



TCP : FORMAT

0

Frameheader

Physicalframe

IPheader

TCPsegment

IPpacket

SOURCE PORT N

DESTINATION PORT N

SEND SEQUENCE NUMBER

FIN

7 15

ACKNOWLEDGEMENT NUMBER

SYNRSTPSHACKURGOFFSET RESERVED

WINDOW

CHECKSUM

URGENT POINTER

OPTIONS + PADDING

crc

SOURCE PORT: TCP port of the application sending the segment.

DESTINATATION PORT: TCP port of the application receiving the segment.

SEQUENCE NUMBER: Sequence number of TCP segment sent.

ACKNOWLEDGEMENT NUMBER: Acknowledgement number for the TCP segmentsequence number.

OFFSET: Indicates the position of the data in the segment from the beginning of theheader (expressed in number of 32-bit words).

CHECKSUM: TCP segment check, pseudo-header containing the destination IPaddress.

WINDOW: Number of octets which can be transmitted before acknowledgement.

URGENT POINTER: Segment contains urgent data (if URG = 1).

FLAGS:

URG : Indicates presence of urgent data in the segment

ACK : Acknowledgement number validationPSH : Indicates that data must be sent immediately (push)

RST : Indicates a connection reset (connection break)SYN : Connection set-up

END : End of connection: release

OPTIONS: Allows interchange of optional information between modules(not used).


67/135



USER DATAGRAM PROTOCOL

Connectionless mode transport protocol

Transactional traffic oriented

Also used by applications which have control over transmissions(eg.: tftp)

In network terms, reduced overhead compared to TCP

UDP packet checksums calculated in a pseudo-header (UDP header +source and destination IP addresses sent are replaced by IP source

and IP local ports in receive mode)

Used by NFS, BOOTP, TFTP, SNMP, RIP, ...

UDP protocol can be thought of as an empty layer offering a simple layer 4 addressing

service.

It does not improve the service provided by the IP layer. It provides a simultaneousbidirectional transport service in datagram mode (block-oriented).

UDP protocol therefore has only one T-PDU: a data PDU!

UDP provides the following service:

- creation of send or receive ports,

- receipt of T-PDU with data communication and the sender's socket reference(IP address, port number),

- data sending with processing of parameters forming the send and receiveT-SAP (socket).


68/135



UDP : FORMAT

SOURCE PORT N

DESTINATION PORT N

LENGTH

0 7 15

Frameheader

Physicalframe

IPheader

UDPsegment

IPpacket

CHECKSUM

DATA

CRC

SOURCE PORT : Port sending the datagram.

DESTINATION PORT : Port to receive the datagram.

LENGTH : Total length of the UDP packet.

CHECKSUM : UDP packet integrity check (checksum calculation isoptional and a 0 value indicates that the checksum hasnot been calculated).

Same checksum calculation method as in IP and TCP.


69/135



SOCKET INTERFACE

Development interface for communication between remote processes

The "socket" interface is derived from BSD UNIX 4.2. It generalizes inter-process communication and allows development of network-basedclient-server applications

Sockets are used as interfaces with communication protocols

Among other things, they allow a port N (application) to be associatedwith an IP address (host)

They make TCP/IP protocols transparent to applications

Each application process using TCP/IP is identified by a data pair consisting of the

machine's IP address and a local port number (relative to the machine). This reference iscalled the socket and therefore represents the programming interface for access to the

Transport service in TCP/IP architecture.

The reference consists of a set of primitives for accessing TCP and UDP transportservices.

The interface provides a resource for communication between Client and Serverprocesses. The two processes can be running on the same machine or on two remotemachines.

A socket is a communication point with a domain, name and type.

Domain:

Specifies the type of protocol used:

- UNIX : process on the same UNIX machine.

- INET : remote processes communicating via TCP/IP protocol.

Name:

Defines the socket reference. The reference content varies according to the socket

domain.

Type:

Determines the way in which data is routed. In the TCP/IP domain, there are threepossible types: STREAM, DATAGRAM or RAW.


70/135



Transport layer : The essential

True or False

All the applications must use TCP or UDP to access the IP network.

If an application is associated to a port number, it means that this application isconnected to the Internet at this moment.

The checksum on the TCP/UDP header also allows to verify parts of the IP header.

TCP is defined as reliable because it has 3 working steps : Establishment,Transfer, Release.

A WEB server will always listen on its dedicated port (port 80). Either, this serverwill not work at all.

All TCP messages must be acknowldeged.

If UDP is used to send data, the transmission may become reliable by addingcontrols in the application layer part.

FalseFalse

FalseFalse

TrueTrue

FalseFalse

FalseFalse

TrueTrue

TrueTrue


71/135



Lower layers : The essential

Complete the following protocols stack :

IPIP (Routage)

TCPTCP (Reliability,Robust)

UDPUDP (Speed,Simple)

ApplicationsApplications

Applications protocolsApplications protocols

LANLAN

Ethernet+ARPEthernet+ARP

RTCRTC

PPP/SLIPPPP/SLIP

ATMATM

AAL5AAL5

X25X25

Gateway

Interfaces

Sockets(Port + @IP)

Ping, traceroute, ...Ping, traceroute, ...

ICMPICMP


72/135



Section 5 -TCP/IP : APPLICATIONS


73/135



NAME SERVICE

The user manipulates server names and the network manipulates a

server IP address.

Problems:

Finding an IP address based on a host name

More than one type of name

TCP/IP name: standard

Used by applications such as http, ftp, smtp, snmp,

Netbios name: Windows/Microsoft name

Used by Netbios applications (SMB sharing, )


74/135



NAME-IP ADDRESS RESOLUTION

"Static" resolution

Host (standard) or lmhosts (Netbios) file

150.10.20.30 Mon_Host

150.10.20.31 Ton_Host

"Dynamic" resolution

DNS

Standard TCP/IP name resolution

Replaces the hosts file

WINS

Netbios resolution

Replaces broadcasts and lmhosts file

DNS (Domain Name Service) is a standard protocol for resolving machine names

(symbolic) into IP logical addresses (used by communication protocols). It is especiallydesigned for large TCP/IP networks (DNS is used on the Internet).

Historically, TCP/IP users directly specify the IP addresses of the corresponding

applications. These addresses are then replaced locally by host names using a hostsfile.

Nowadays, DHCP servers have a facility for managing the hostsfile.


75/135



DNS RESOLUTION

History

Impossible to load a hosts file into all Internet stations

Domain Name Service standardized by RFC

Principle

Names organized hierarchically in a Domain Name Tree

Simple request / response interchange protocol

Uses UDP and TCP

Cooperation between servers forming a network

For very large networks, maintaining local "mapping" files soon became impossible.

Initially, for the Internet, the NIC had a file with all existing (name, IP address) pairs whichstations could download via ftp.

These mechanisms were superseded by a network of DNS servers. The DNS system is

therefore both a system for naming machines in a TCP/IP network and an addressresolution protocol (mapping machine names and IP addresses).


76/135



.

frcom

alcatel

europe

DOMAIN NAME TREE

ru

alcatel

usa

alcatel

mow

jp

co

alcatel

www.alcatel.co.jp

www.mow.alcatel.ru

www.usa.alcatel.com

www.europe.alcatel.fr

DNS is based on the concept of a naming hierarchy which involves partitioning the

naming space and arranging it as a tree. A machine name will therefore be complex andreferenced relative to the location of the machine on the tree.

This type of name breakdown and mapping administration (name, IP address) is similar

to the hierarchical organization in a large company with divisions split into departmentswhich in turn are divided into sections. Each manager on each hierarchical level has adegree of authority and autonomy within his or her domain.

DNS is based on this principle and a machine name becomes:

- hostname.sub_domain. ... .root_domain

where:

- hostname : machine name (lowest level),

- sub_domain : intermediate administration subdomain,

- root_domain : highest administration domain (on the tree).


77/135



TOP LEVEL DOMAINS ON THE INTERNET

Open to all

Com : Commercial (highest demand!) Edu : universities

Net : network domain companies

Org : miscellaneous organizations

Int : international (little used)

Reserved for United States

Gov : American government

Mil : American military

Country (ISO naming)

Fr : France

Uk : United Kingdom

Ru : Russia

And also

Firm : Business (to alleviate .com)Shop : TraderWeb : Company working for the WebArts : Culture and eventsRec : Recreation and leisureInfo : Content editors, mediaNom : Personal home pages

Each name (except on the lowest level) represents a DNS domain which forms an

administration and autonomous management entity over which an administrator hasauthority and therefore manages internal mapping (name, IP address).

Internet naming is based on the principles above.

Root domain names are listed below:

edu : Universities and schools,

gov : Government agencies,

com : Businesses,

mil : Military administrations,

fr, us : Countries (France, United States).

Note:

The example is incomplete and does not show the full extent of the current name space

on the Internet.

The hierarchy has no specific root.

On the Internet, the NIC (AFNIC in France) is the authority managing subdomainassignment.

The tree structure in independent of physical network structure.


78/135



RECURSIVE SEARCH

.

fr

alcatel

europe

www : 198.64.191.11

com

www.europe.alcatel.fr

1

2

3

4

5

Root servers

For system security (in the event of failures), the name server (primary server) function is

duplicated in one or more secondary name servers.

On initialization and then at regular intervals (programmable period), each secondaryname server downloads the domain local mapping database from the primary server.

Each name solver must know of the existence of these secondary servers and becapable of switching over to a secondary server if the primary server does not respond.

Name / address translation is handled by name servers which cooperate and respond torequests sent by client programs called name solvers.

At design level, each domain has a name server which resolves domain internal mappingby cooperating with adjacent name servers (higher or lower level).

The name solver generates a request specifying the machine name (full name) and typeof resolution required (recursive or non-recursive).

For non-recursive resolution, the name server returns a list of servers to be contacted. Inthis case, the name solver (client) contacts another name server.


79/135



FORWARDER TYPE SEARCH

www.europe.alcatel.fr ?

1

2

3

4

Server A extends the request to B

If server B fails, A executes a recursive search

Forwarder : B

A B

If there is no local translation function, the server uses the procedure below:

- for recursive resolution:

The name server contacts other name servers and returns a response(positive or negative) to the client name solver.

- for non-recursive resolution:

The server returns a list of name servers likely to know the name-IP addressmapping. The client name solver then sends the request to another nameserver.

Note:

This mechanism means that all clients must know at least one name serverand that all name servers know at least one other server.

Performance:

A cache mechanism exists in each name server. It stores previous

mappings for names outside the domain (local mappings are in the database).Each entry stored contains a TTL (Time to live). The cache is therefore

regularly refreshed.

Some name solvers keep their own list of translations already executed. In

this case, a request from a user program can be resolved without sending arequest (network) to a server.


80/135



Control connection, Port 21

File transfer initialization and parameters

Activation of remote commands Data connection, Port 20

Information transfer (files, results, ...)

FTP

Client

Server

IP

TCP

21

Control

20

Data

yx

IP

TCP

ftp>

The FTP application satisfies the client-server model by allowing access to the remote

files, regardless of the OS run by each system.

FTP facilitates:

- creation, deletion, renaming of remo

myintroip3

Documents