Semester 2v2

1
Semester 2v2 Chapter 9  TCP/IP
2

• List three components of the TCP/IP protocol
  stack.
• protocols to support file transfer, e-mail,
  remote login, and other applications
• reliable and unreliable transports
• connectionless datagram (packet) delivery at the
  network layer
• ICMP provides control and message functions at
  the network layer.

3
The Transmission Control Protocol/Internet
Protocol (TCP/IP) suite of protocols was
developed by the Defense Advanced Research
Projects Agency (DARPA). The suite includes not
only Layer 3 and 4 specifications (such as IP and
TCP), but also specifications for such common
applications as e-mail, remote login, terminal
emulation, and file transfer. Later, TCP/IP was
included with the Berkeley Software Distribution
of UNIX. You can use the Internet protocols to
communicate across any set of interconnected
networks. They are equally well-suited for both
LAN and WAN communication.
4
The TCP/IP protocol stack maps closely to the OSI
reference model in the lower layers. It supports
all standard physical and data link protocols.
TCP/IP information is transferred in a sequence
of datagrams. One message may be transmitted as a
series of datagrams that are reassembled into the
message at the receiving location.
5
The application layer supports network
management. It has protocols for file transfer,
e-mail, and remote login.
6
The transport layer performs two functions
flow control, provided by sliding
windows reliability, provided by sequence
numbers and acknowledgments.
The transport layer also provides two protocols

• TCP - a connection-oriented, reliable protocol
  provides flow control by providing sliding
  windows, and reliability by providing sequence
  numbers and acknowledgments. The advantage of TCP
  is that it provides guaranteed delivery of the
  segments
• UDP - connectionless and unreliable although
  responsible for transmitting messages, no
  software checking for segment delivery is
  provided at this layer. The advantage that UDP
  provides is speed.

7

• source port - the number of the calling port
• destination port - the number of the called port
• sequence number - the number used to ensure
  correct sequencing of the arriving data
• acknowledgment number - the next expected TCP
  octet
• HLEN - the number of 32-bit words in the header

• reserved - set to 0
• code bits - the control functions (e.g. setup and
  termination of a session)
• window - the number of octets that the sender is
  willing to accept
• checksum - the calculated checksum of the header
  and data fields
• urgent pointer - indicates the end of the urgent
  data
• option - one currently defined maximum TCP
  segment size
• data - upper-layer protocol data

8
Both TCP and UDP use port (or socket) numbers to
pass information to the upper layers. Port
numbers are used to keep track of the different
conversations that cross the network at the same
time.
Application software developers have agreed to
use the well-known port numbers that are defined
in RFC 1700. For example, any conversation bound
for an FTP application uses the standard port
number 21. Conversations that do not involve an
application with a well-known port number are,
instead, assigned port numbers that are randomly
selected from within a specific range. These port
numbers are used as source and destination
addresses in the TCP segment.

• Some ports are reserved in both TCP and UDP,
  although applications might not be written to
  support them. Port numbers have the following
  assigned ranges
• Numbers below 255 are for public applications.
• Numbers 255-1023 are assigned to companies for
  marketable applications.
• Numbers above 1023 are unregulated.

9
End systems use port numbers to select the proper
application. Originating source port numbers,
usually some numbers larger than 1023, are
dynamically assigned by the source host
10
Host A -- seq n Host B -- seq n1
Both ends of a connection are synchronized with a
three-way handshake/open connection sequence.
Exchanging beginning sequence numbers during the
connection sequence ensures that lost data can be
recovered if problems occur later
11
Window size determines how much data areceiving
station can accept at one time. With a window
size of 1(byte), each segment that you send must
be acknowledged before you can transmit another
segment. This results in inefficient use of
bandwidth by the hosts.
12
Window size refers to the number of bytes (or
octets) that a host can transmit while awaiting
an acknowledgment. A larger window size allows
the host to transmit more data pending
acknowledgment.
After it transmits the window-size number of
bytes, it must receive an acknowledgment before
it can send more messages. TCP uses
expectational acknowledgments, meaning that the
acknowledgment number refers to the octet that is
expected next. The sliding part of sliding
window refers to the fact that the window size is
negotiated dynamically during the TCP session. A
sliding window provides more efficient use of
bandwidth by the hosts.
13
TCP provides sequencing of segments with a
forward reference acknowledgment. Each datagram
is numbered before transmission. At the
receiving station, TCP reassembles the segments
into a complete message. If a sequence number is
missing in the series, that segment is
retransmitted. If segments are not acknowledged
within a given time period, retransmission occurs
14

• Application layer protocols must provide for
  reliability if necessary. UDP uses no windowing
  or acknowledgments.
• It is designed for applications that do not need
  to put sequences of segments together. Protocols
  that use UDP include the following
• TFTP
• SNMP
• Network File System (NFS)
• Domain Name System (DNS)

15

• Several protocols operate at the TCP/IP Internet
  layer that corresponds to the OSI network layer
• IP - provides connectionless, best-effort
  delivery routing of datagrams is not concerned
  with the content of the datagrams looks for a
  way to move the datagrams to their destination
• ICMP - provides control and messaging
  capabilities
• ARP - determines the data link layer address for
  known IP addresses
• RARP - determines network addresses when data
  link layer addresses are known

16

• The fields in this IP datagram are as follows
• VER - version number
• HLEN - header length, in 32-bit words
• type of service - how the datagram should be
  handled
• total length - total length (header data)
• identification, flags, frag offset - provides
  fragmentation of datagrams to allow differing
  MTUs in the internetwork
• TTL - Time-To-Live
• protocol - he upper-layer (Layer 4) protocol
  sending the datagram
• header checksum  - an integrity check on the
  header
• source IP address and destination IP address -
  32-bit IP addresses
• VIP options - network testing, debugging,
  security, and other options

17
The protocol field determines the Layer 4
protocol being carried within an IP datagram.
Although most IP traffic uses TCP, other
protocols can also use IP.
Each IP header must identify the destination
Layer 4 protocol for the datagram. Transport
layer protocols are numbered, similarly to port
numbers. IP includes the protocol number in the
protocol field.
18

• Destination Unreachable
• Time to Live Exceeded
• Parameter Problem
• Source Quench
• Redirect
• Echo
• Echo Reply
• Timestamp
• Timestamp Reply
• Information Request
• Information Reply
• Address Request
• Address Reply

ICMP is implemented by all TCP/IP hosts. ICMP
messages are carried in IP datagrams and are used
to send error and control messages.
19
If a router receives a packet that it is unable
to deliver to its final destination, the router
sends an ICMP unreachable message to the source.
The message might be undeliverable because
there is no known route to the destination
20
An echo reply is a successful reply to a ping
command however, results could include other
ICMP messages, such as unreachable and timeout
messages
21
ARP is used to resolve or map a known IP address
to a MAC sublayer address in order to allow
communication on a multi-access medium such as
Ethernet.
To determine a destination MAC address for a
datagram, a table called the ARP cache is
checked. If the address is not in the table, ARP
sends a broadcast that will be received by every
station on the network, looking for the
destination station. The term "local ARP" is
used to describe the search for an address when
the requesting host and the destination host
share the same medium or wire. Prior to issuing
the ARP, the subnet mask must be consulted. The
mask determines that the nodes are on the same
subnet.
22
RARP relies on the presence of a RARP server with
a table entry or other means to respond to
requests. On the local segment, you can use
RARP to initiate a remote operating system load
sequence.


23
Internet protocols enable communications between
any set of interconnected networks. They are
equally well suited for both LAN and WAN
communications,
TCP/IP is the de facto standard for internetwork
communications and serves as the transport
protocol for the Internet, enabling millions of
computers to communicate globally. The function
of the TCP/IP protocol stack, or suite, is the
transfer of information from one network device
to another.
The layers most closely affected by TCP/IP are
Layer 7 (application), Layer 4 (transport), and
Layer 3 (network).
24
DNS (Domain Name System) is a system used in the
Internet for translating names of network nodes
into addresses
WINS (Windows Internet Naming Service) is a
Microsoft-developed standard for Microsoft
Windows NT that automatically associates NT
workstations with Internet domain names.
HOSTS is a file created by network administrators
and maintained on servers. They are used to
provide static mapping between IP addresses and
computer names.
POP3 (Post Office Protocol) is an Internet
standard for storing e-mail on a mail server
until you can access it and download it to your
computer. It allows users to receive mail from
their inboxes using various levels of security.
      SMTP (Simple Mail Transport Protocol)
governs the transmission of e-mail over computer
networks. It does not provide support for
transmission of data other than plain text.
25
SNMP (Simple Network Management Protocol) is a
protocol that provides a means to monitor and
control network devices, and to manage
configurations, statistics collection,
performance and security.
FTP (File Transfer Protocol) is a reliable
connection-oriented service that uses TCP to
transfer files between systems that support FTP.
It supports bi-directional binary file and ASCII
file transfers
TFTP (Trivial File Transfer Protocol) is a
connectionless unreliable service that uses UDP
to transfer files between systems that support
the TFTP. It useful in some LANs because it
operates faster than FTP in a stable
environment. HTTP (Hypertext Transfer Protocol)
is the Internet standard that supports the
exchange of information on the World Wide Web, as
well as on internal networks. It supports many
different file types, including text, graphic,
sound , and video. It defines the process by
which Web browsers originate requests for
information to send to Web servers.
26
Telnet is a standard terminal emulation protocol
used by clients for the purpose of making remote
terminal connections to Telnet server services
enables users to remotely connect to routers to
enter configuration commands.       PING
(Packet Internet Groper) is a diagnostic utility
used to determine whether a computer is properly
connected to devices/Internet.
Traceroute is a program that is available on many
systems, and is similar to PING, except that
traceroute provides more information than PING.
Traceroute traces the path a packet takes to a
destination, and is used to debug routing
problems

• There are also a few Windows-based protocols that
  you should be familiar with
• NBSTAT - a utility used to troubleshoot NetBIOS
  name resolution used to view and remove entries
  from the name cache    
•   
• NETSTAT - a utility that provides information
  about TCP/IP statistics can be used to provide
  information about the status of TCP/IP
  connections and summaries of ICMP, TCP, and UDP
     
•   
• ipconfig/winipcfg - utilities used to view
  current network settings for all adapters on a
  device can be used to view the MAC address, IP
  address, and gateway

The END