Guide To TCPIP, Second Edition

1
Guide To TCP/IP, Second Edition

• Chapter 3
• Data Link And Network Layer TCP/IP Protocols

2
Topics

• How Data link protocols SLIP and PPP support
  TCP/IP
• Ethernet and token ring frame types
• MAC addresses in a TCP/IP environment
• ARP and RARP Services for networks
• Internet Protocol (IP)
• How IP packets behave on TCP/IP networks

3
Topics

• Time to Live for IP datagram
• The processes of fragmentation and reassembly
• Types of service delivery options
• IP header fields and functions

4
Data Link Protocols

• Data Link layer performs several key jobs
• Media Access Control (MAC)
• Logical Link Control (LLC)
• Point-to-point data transfer
• Wide area network (WAN) links and WAN protocols

5
Data Link Protocols (cont.)

• Data encapsulation techniques
• Special handling for X.25, frame relay, and
  Asynchronous Transfer Mode (ATM) WAN links
• WAN encapsulation of frames at the Data Link
  layer involves
• Addressing
• Bit-level integrity check
• Delimitation
• Protocol identification (PID)

6
Serial Line Internet Protocol (SLIP)

• Original point-to-point protocol
• Management through a dial-up serial port
• Supports only TCP/IP
• 0xC0, 0xDB, 0xDC
• compressed SLIP (C-SLIP)

7
Point-to-Point Protocol (PPP)

• WAN data link encapsulation
• PPP encapsulation and framing techniques
• Fields in the PPP header and trailer include the
  following values
• Flag
• Protocol Identifier
• Frame Check Sequence (FCS)
• Synchronous technologies use bit substitution
• Support for a multi-link PPP implementation

8
Special Handling for PPP Links

• Additional control and addressing in PPP headers
  to manage X.25, frame relay, or ATM
• X.25 RFC 1356
• Public packet-switched data network using noisy,
  narrow-bandwidth, copper telephone lines
• Frame Relay RFC 2427
• Logical point-to-point and multi-point
  connections through a single physical interface
• ATM RFC 1577 and 1626
• High-speed cell-switched networking technology

9
Frame Types

• Ethernet frames types
• Ethernet II
• Ethernet 802.2 Logical Link Control (LLC)
• Ethernet 802.2 Sub-Network Access Protocol (SNAP)
• The de facto standard is Ethernet II frame type
• Ethernet II frame fields and structure
• Preamble
• Source/Destination Address
• Type/Data
• Frame Check Sequence

10
Frame Types (cont.)
11
Frame Types (cont.)

• Ethernet 802.2 LLC frame structure
• Preamble
• Start Frame Delimiter (SFD)
• Destination Address/Source Address
• Length
• Destination Service Access Point (DSAP)
• Source Service Access Point (SSAP)
• Control
• Data
• Frame Check Sequence (FCS)

12
Frame Types (cont.)
13
Frame Types (cont.)

• Ethernet SNAP frame structure
• Preamble/Start Frame Delimiter (SFD)
• Destination Address/Source Address
• Length
• Destination Service Access Point (DSAP)
• Source Service Access Point (SSAP)
• Control
• Organization Code
• Ether Type
• Data
• Frame Check Sequence (FCS)

14
Frame Types (cont.)
15
Frame Types (cont.)

• Token Ring frame
• IEEE 802.5
• Physical star design
• Logical ring transmission path
• Token ring workstation acts as a repeater
• Two variations of token ring frames
• Token Ring 802.2 LLC frames
• Token Ring SNAP frames

16
Frame Types (cont.)
17
Frame Types (cont.)

• Token Ring 802.2 LLC frame format
• Start Delimiter
• Access Control/Frame Control
• Destination Address/Source Address
• Destination Service Access Point (DSAP) (LLC
  802.2)
• Source Service Access Point (SSAP) (LLC 802.2)
• Control (LLC 802.2)
• Data
• Frame Check Sequence
• End Delimiter/Frame Status

18
Frame Types (cont.)
19
Frame Types (cont.)

• Token Ring SNAP frame format
• Start Delimiter
• Access Control/Frame Control
• Destination Address/Source Address
• Destination Service Access Point (DSAP) (LLC
  802.2)
• Source Service Access Point (SSAP) (LLC 802.2)
• Control (LLC 802.2)/Organization Code
• Ether Type/Data
• Frame Check Sequence
• End Delimiter/Frame Status

20
Frame Types (cont.)
21
Hardware Addresses In The IP Environment

• ARP
• ARP Cache
• Test for a duplicate IP address
• Routing tables
• Route resolution process

22
Hardware Addresses In The IP Environment (cont.)
23
Hardware Addresses In The IP Environment (cont.)
24
ARP Packet Fields and Functions

• Field types
• Hardware Type Field
• Protocol Type Field
• Length of Hardware Address Field
• Length of Protocol Address Field
• Opcode Field
• Senders Hardware Address Field
• Senders Protocol Address Field
• Target Hardware Address Field
• Target Protocol Address Field

25
ARP Packet Fields and Functions (cont.)
26
ARP Packet Fields and Functions (cont.)
27
ARP Cache

• Kept in memory
• Windows 2000 and Windows XP systems, 120 seconds
• Other kinds of networking equipment, 300 seconds
• ARP cache entries
• Automatic
• Manual adding or deletion
• WINIPCFG
• IPCONFIG

28
ARP Cache (cont.)
29
Proxy ARP and Reverse ARP

• Proxy ARP
• Enables a router to ARP in response to an IP
  hosts ARP broadcasts
• Reverse ARP (RARP)
• Obtain an IP address for an associated data link
  address
• Diskless Workstations
• RARP Server

30
About Internet Protocol

• A Network Layer protocol
• Datagrams or Packets
• End-to-end communications
• IPv4/IPv6

31
Sending IP Datagrams

• Connectionless service
• Certain requirements to send a datagram
• IP addresses of the source and destination
• Hardware address of the source and next-hop
  router
• Manually entered destination IP address
• DNS to obtain a destinations IP address

32
Sending IP Datagrams (cont.)
33
Route Resolution Process

• Local or remote destination?
• If Remote, which router?
• Two types of route table entries
• Host route entry
• Network route entry
• Default Gateway
• Gateway does one of the following
• Forwards the packet
• Sends an ICMP reply - an ICMP redirect
• Sends an ICMP reply - destination is unreachable

34
Lifetime of an IP Datagram

• Time to Live (TTL)
• Cannot indefinitely circle a looped internetwork
• Routing protocols prevent loops
• TTL Value
• Defined as number of seconds or hop counts
• Recommended TTL of 64
• Windows 2000/XP is 128
• Switches and hubs do not decrement the TTL value

35
Fragment and Reassembly

• Large packet fragmented by a router into smaller
  packets
• Reassembled at the Transport layer at the
  destination
• Same TTL value
• Fragment retransmission process causes more
  traffic
• Takes processing time

36
Service Delivery Options

• Packet priority and route priority
• Precedence
• Eight levels from 0-7
• Type of Service (TOS)
• Six possible types of service
• Differentiated Services (Diffserv)
• Early Congestion Notification (ECN)

37
IP Header Fields And Functions

• IP Header fields
• Version Field
• Type of Service Field
• New TOS Field Function Differentiated Services
  and Congestion Control
• Total Length Field/Flags Field
• Fragment Offset Field/Time to Live (TTL) Field
• Protocol Field/Header Checksum Field
• Source/Destination Address field
• Options Field

38
IP Header Fields And Functions (cont.)
39
Chapter Summary

• Data link protocols manage the transfer of
  datagrams across the network.
• This means negotiating a connection between two
  communications partners and transferring data
  between them
• Such transfers are called point-to-point because
  they move from one interface to another on the
  same network segment

40
Chapter Summary (cont.)

• WAN protocols, such as SLIP or PPP, use analog
  phone lines digital technologies that include
  ISDN, DSL, or T-carrier connections or switched
  technologies, such as X.25, frame relay, or ATM,
  to establish links that can carry IP and other
  datagrams from a sender to a receiver
• At the Data Link layer, protocols deliver
  services, such as delimitation, bit-level
  integrity checks, addressing (for packet-switched
  connections), and protocol identification (for
  links that carry multiple types of protocols over
  a single connection)

41
Chapter Summary (cont.)

• Ethernet II frames are the most common frame type
  on LANs
• Other Ethernet frame types include Ethernet 802.2
  LLC frames and Ethernet 802.2 SNAP frames
• Token ring frame types include Token Ring 802.2
  LLC frames and Token Ring SNAP frames

42
Chapter Summary (cont.)

• Frame types include
• start markers or delimiters (sometimes called
  preambles)
• destination and source MAC layer addresses
• Type field that identifies the protocol in the
  frames payload
• the payload which contains the actual data inside
  the frame
• Most TCP/IP frames end with a trailer that stores
  a Frame Check Sequence field used to provide a
  bit-level integrity check for the frames contents

43
Chapter Summary (cont.)

• By recalculating a Cyclical Redundancy Check
  (CRC), and comparing it to the value stored in
  the FCS field, the NIC can accept and process the
  frame or discard if a discrepancy occurs

44
Chapter Summary (cont.)

• ARP can detect IP address duplication when it
  occurs on a single network segment
• The all-zeroes address in an ARP Target
  Hardware Address field indicates that a value for
  a physical address is needed

45
Chapter Summary (cont.)

• ARP also includes information about hardware
  type, protocol type, length of hardware address
  (varies with the type of hardware), length of
  protocol address, and an Opcode field that
  identifies what kind of ARP or RARP packet is
  under scrutiny
• Proxy ARP allows a router to forward a request
  across multiple network segments

46
Chapter Summary (cont.)

• When a router configured for proxy ARP receives
  an ARP broadcast, it responds with its own
  address
• When it receives the subsequent data packet, it
  forwards this along, according to its routing
  tables

47
Chapter Summary (cont.)

• Data encapsulation sends network layer
  information to the Data Link layer
• IP datagrams map the contents of an IP packet
  into a datagram that carries an the packet as its
  payload
• This process requires obtaining a numeric IP
  address for the destination (and may involve
  initial access to name resolution services such
  as DNS), and then using ARP (or the ARP cache) to
  map the destination address to a hardware address

48
Chapter Summary (cont.)

• The hardware address of a known router can be
  used as a default gateway to begin the routing
  process from the sending network to the receiving
  network
• When a frame must travel from one network segment
  to another, a process to resolve its route must
  occur
• Local destinations can be reached with a single
  transfer at the Data Link layer, but remote
  destinations require forwarding and multiple hops
  to get from sender to receiver

49
Chapter Summary (cont.)

• Thus, its important to understand the role of
  local routing tables that describe all known
  local routes on a network, and the role of the
  default gateway that handles outbound traffic
  when exact routes are not known
• Here, ICMP comes into play to help manage best
  routing behaviors and report when destinations
  may be unreachable

50
Chapter Summary (cont.)

• Other important characteristics of IP datagrams
  include Time to Live (TTL) values, which prevent
  stale frames from persisting indefinitely on a
  network fragmentation of incoming frames when
  the next link on a route uses a smaller MTU than
  the incoming link (reassembly of fragments always
  occurs when frames ultimately arrive at the
  destination host) and service delivery options
  to control packet and route priorities (seldom
  used, but worth understanding)
• IP traffic can be prioritized using
  Differentiated Services or Type of Service
  designations

51
Chapter Summary (cont.)

• Although Type of Service was defined in the
  original specification, current network
  prioritization implementations are based on
  Differentiated Services functions that place a
  DSCP value in the IP header
• This DSCP value is examined by routers along a
  path, and the traffic is forwarded according to
  the router configuration for that DSCP traffic
  type
• In addition, Explicit Congestion Notification
  enables routers to notify each other of congested
  links before they must drop packets