TCP/IP Refresher - PowerPoint PPT Presentation

1 / 96
About This Presentation
Title:

TCP/IP Refresher

Description:

ICMP (Internet Control Message Protocol) ping www.yahoo.com ICMP uses IP to deliver messages. ICMP messages are usually generated and processed by the IP layer, ... – PowerPoint PPT presentation

Number of Views:103
Avg rating:3.0/5.0
Slides: 97
Provided by: Prabhake5
Learn more at: http://cecs.wright.edu
Category:
Tags: tcp | icmp | refresher

less

Transcript and Presenter's Notes

Title: TCP/IP Refresher


1
TCP/IP Refresher
  • Prabhaker Mateti
  • (ack Many many sources )

2
TCP/IP ?
  • TCP Transmission Control Protocol
  • IP Internet Protocol
  • Almost always includes other protocols
  • UDP, User (Unreliable) Datagram
  • ICMP, Internet Control Message
  • ARP, Address Resolution

3
Whats a Protocol?
  • An agreed upon convention for communication.
  • Protocols must be formally defined and unambiguous

4
Layers
TCP
 
UDP  
    ICMP other
IP layer IP layer IP layer IP layer
Physical Physical Physical Physical Physical   Physical
 
The relative heights indicate the level of
functionality.
5
Unix is a Layered System
Applications
Libraries
System Calls
Kernel
6
Layers
  • The routines/methods of Layer N will not call
    Layer N1.
  • The routines/methods of Layer N typically do call
    the same layer methods.
  • The routines/methods of Layer N typically do call
    Layer N-1 methods.

7
DoD model Four Layers
  1. Network Access Layer Delivery over physical
    media in use.
  2. Internet Layer Delivery across different
    physical networks that connect source and
    destination machines.
  3. Host-to-Host Layer Connection rendezvous, flow
    control, retransmission of lost data, etc. TCP
    and UDP protocols are in this layer.
  4. Process Layer User-level functions, such as
    SMTP, FTP and rlogin.

8
OSI Reference Model
  • Seven Layers
  • 7. Application
  • 6. Presentation
  • 5. Session
  • 4. Transport
  • 3. Network
  • 2. Data Link
  • 1. Physical

9
TCP/IP OSI
  • In OSI reference model terminology -the TCP/IP
    protocol suite covers the network and transport
    layers.
  • TCP/IP can be used on many data-link layers (can
    support many network hardware implementations).

10
Process
Process
Process Layer
TCP
UDP
Transport Layer
ICMP, ARP RARP
IP
Network Layer
802.3
Data-Link Layer
11
Physical Layer
  • Responsibility
  • transmission of raw bits over a communication
    channel.
  • Issues
  • mechanical and electrical interfaces
  • time per bit
  • distances

12
Data Link Layer - Data Link Control
  • Responsibility
  • provide an error-free communication link
  • Issues
  • framing (dividing data into chunks)
  • header trailer bits
  • addressing

10110110101
01100010011
10110000001
13
The Data Link Layer - The MAC sub layer
  • Medium Access Control (MAC) - needed by
    multi-access networks.
  • MAC provides DLC with virtual wires on
    multi-access networks.

14
Ethernet A Data-Link Layer
  • IEEE 802.3
  • Variety of physical layers.
  • Multi-access (shared medium).
  • Interface has a unique 6-byte hardware address.
    (E.g. 00-D0-09-E8-08-61)
  • The broadcast address is all 1s.
  • Addresses are assigned to vendors by a central
    authority.

15
An Ethernet Frame
8 bytes
6
6
2
0-1500
4
  • Preamble is a sequence of alternating 1s and 0s
    used for synchronization.
  • CRC is Cyclic Redundancy Check

16
Ethernet Addressing
  • Each NIC looks at every frame and inspects the
    destination address. If the address does not
    match the hardware address of the interface or
    the broadcast address, the frame is discarded.
  • Some NICs can be programmed to recognize
    multicast addresses.

17
The Network Layer
  • Responsibilities
  • path selection between systems (routing).
  • subnet flow control.
  • fragmentation reassembly
  • translation between different network types.
  • Issues
  • packet headers
  • virtual circuits

18
The Transport Layer
  • Responsibilities
  • provides virtual end-to-end links between peer
    processes.
  • end-to-end flow control
  • Issues
  • headers
  • error detection
  • reliable communication

19
The Session Layer
  • Responsibilities
  • establishes, manages, and terminates sessions
    between applications.
  • service location lookup
  • Many protocol suites do not include a session
    layer.

20
The Presentation Layer
  • Responsibilities
  • data encryption
  • data compression
  • data conversion
  • Many protocol suites do not include a
    Presentation Layer.

21
The Application Layer
  • Responsibilities
  • anything not provided by any of the other layers
  • Issues
  • application level protocols
  • appropriate selection of type of service

22
Layering Headers
  • Each layer needs to add control information.
  • Typically prefixed to the data before passing on
    to the lower layer.

23
Headers
DATA
Process
Process
Transport
Transport
DATA
H
Network
DATA
H
H
Network
Data Link
Data Link
DATA
H
H
H
24
Example Headers
  • Physical no header
  • Data Link
  • address of the receiving endpoints
  • address of the sending endpoint
  • length of the data
  • checksum

25
Network layer header - examples
  • protocol
  • header checksum
  • source network address
  • destination network address
  • protocol suite version
  • type of service
  • length of the data
  • packet identifier
  • fragment number
  • time to live

26
Connecting Networks
  • Repeater physical layer
  • Bridge data link layer
  • Router network layer
  • Gateway network layer and above.

27
Repeater
  • Copies bits from one network to another
  • Does not look at any bits
  • Allows the extension of a network beyond physical
    length limitations

REPEATER
28
Bridge
  • Copies frames from one network to another
  • Can operate selectively - does not copy all
    frames (looks at data-link headers).
  • Extends the network beyond physical length
    limitations.

BRIDGE
29
Router
  • Copies packets from one network to another.
  • Makes decisions about what route a packet should
    take (looks at network headers).

30
Gateway
  • Operates as a router
  • Data conversions above the network layer.
  • Conversions
  • encapsulation - use an intermediate network
  • translation - connect different application
    protocols
  • encryption - could be done by a gateway

31
Encapsulation Example
Gateway
Gateway
  • Provides service connectivity even though
    intermediate network does not support protocols.

32
Translation
Gateway
  • Translate from green protocol to brown protocol

33
Encryption gateway
34
Hardware v. Software
  • Repeaters are typically hardware devices.
  • Bridges can be implemented in hardware or
    software.
  • Routers and gateways are typically implemented in
    software so that they can be extended to handle
    new protocols.
  • Many workstations can operate as routers or
    gateways.

35
Modes of Service
  • connection-oriented vs. connectionless
  • sequencing
  • error-control
  • flow-control
  • byte stream vs. message based
  • full-duplex vs. half-duplex.

36
Connection-Oriented Service
  • establishment of a logical connection between two
    processes.
  • transfer data
  • terminate connection.

37
Connectionless Service
  • Sends independent messages.

38
Sequencing
  • Sequencing provides support for an order to
    communications.
  • A service that includes sequencing requires that
    messages (or bytes) are received in the same
    order they are sent.

39
Error Control
  • Some services require error detection.
  • Checksums provide a simple error detection
    mechanism.
  • Error control sometimes involves notification and
    retransmission.

40
Flow Control
  • Flow control prevents the sending process from
    overwhelming the receiving process.
  • Flow control can be handled in a variety of ways.

41
Byte Stream vs. Message
  • Byte stream implies an ordered sequence of bytes
    with no message boundaries.
  • Message oriented services provide communication
    service to chunks of data called datagrams.

42
Full- v. Half-Duplex
  • Full-Duplex services support the transfer of data
    in both directions.
  • Half-Duplex services support the transfer of data
    in one direction.

43
End-to-End v. Hop-to-Hop
  • Service modes, flow control and error control can
    be
  • Either between endpoints of the communication.
  • Or between consecutive nodes on the path between
    the endpoints.

44
End-to-End
45
Hop-by-Hop
46
Buffering
  • Buffering can provide more efficient
    communications.
  • Buffering is most useful for byte stream services.

Process A
Process B
Send Buffer
Recv. Buffer
47
Addresses
  • Physical Layer no address necessary
  • Data Link Layer address must be able to select
    any host on the network.
  • Network Layer address must be able to provide
    information to enable routing.
  • Transport Layer address must identify the
    destination process.

48
Broadcasts
  • Broadcast sending a message from one host to
    all other hosts on the network.
  • A special address called the broadcast address
    is created.
  • Some popular network services are based on
    broadcasting (YP/NIS, rup, rusers)

49
The IP in TCP/IP
  • IP is the network layer
  • packet delivery service (host-to-host).
  • translation between different data-link protocols.

50
IP Datagrams
  • IP provides connectionless, unreliable delivery
    of IP datagrams.
  • Connectionless each datagram is independent of
    all others.
  • Unreliable there is no guarantee that datagrams
    are delivered correctly or at all.

51
IP Addresses
  • The address must include information about what
    network the receiving host is on. This makes
    routing feasible.
  • IP addresses are not the same as the underlying
    data-link (MAC) addresses.

52
IP Addresses
  • Includes a network ID and a host ID.
  • A Network ID is assigned to an organization by a
    global authority (http//www.iana.org/ )
  • Host IDs are assigned locally by a system
    administrator.

53
IP Addresses
  • A single NIC is assigned one IP address.
  • A host may have multiple NICs, and therefore
    multiple host addresses.
  • Hosts that share a network all have the same IP
    network address (the network ID).

54
Subnet Addresses
  • An organization can subdivide its host address
    space into groups called subnets.
  • The subnet ID is generally used to group hosts
    based on the physical network topology.
  • It is possible to have a single wire network with
    multiple subnets.

NetID
SubnetID
HostID
55
IP4 Addresses
Class
56
IP Addresses
  • An IP broadcast address has a host- ID of all
    1s.
  • An IP address that has a host ID of all 0s is
    called a network address and refers to an entire
    network.

57
IP Addresses v. MAC Addresses
  • IP Addresses are not recognized by NIC.
  • The process of finding the MAC address of a host
    given the IP address is called Address
    Resolution.
  • The process of finding out the IP address of a
    host given a hardware address is called Reverse
    Address Resolution.

58
IPv6 addresses
  • Address is 128 bits long (16 bytes)
  • Addresses are written in hexadecimal
  • Addresses can be abbreviated
  • 3FFE0B00000000000000000000000001
  • 3FFE0B000001
  • 3FFEB001
  • There is no broadcast addresses, only multicast.
  • Loopback address is 1
  • Addresses are scoped
  • Link-local, site-local, global

59
IP6 Address
60
IP4-Compatible IP6 Address
80 bits of 0s followed by 16 bits of 0s, followed
by a 32 bit IP4 Address
0000 . . . 0000
IP4 Address
0000
80 bits
32 bits
16 bits
61
ARP
  • ARP is a broadcast protocol. Each host checks the
    request against its own host addresses - the
    matched one responds.
  • Hosts remember the hardware addresses of others.
  • ARP protocol specifies that the receiving host
    should also remember the IP and hardware
    addresses of the sending host.

62
Services provided by IP
  • Connectionless Delivery (each datagram is treated
    individually).
  • Unreliable (delivery is not guaranteed).
  • Fragmentation / Reassembly (based on hardware
    MTU).
  • Routing.
  • Error detection.

63
IP Datagram
64
IP Datagram Fragmentation
  • Fragmentation can happen when datagrams are
    forwarded through a network for which they are
    too big.
  • IP specifies that datagram reassembly is done
    only at the destination (not on a hop-by-hop
    basis).
  • If any of the fragments are lost the entire
    datagram is discarded (and an ICMP message is
    sent to the sender).

65
ICMP (Internet Control Message Protocol)
  • ping www.yahoo.com
  • ICMP uses IP to deliver messages.
  • ICMP messages are usually generated and processed
    by the IP layer, not the user process.

66
ICMP
  • If packets arrive too fast the receiver discards
    excessive packets and sends an ICMP message to
    the sender (SOURCE QUENCH).
  • If an error is found (header checksum problem,
    say) the packet is discarded and an ICMP message
    is sent to the sender.

67
ICMP Message Types
  • Echo Request
  • Echo Response
  • Destination Unreachable
  • Redirect
  • Time Exceeded
  • Redirect (route change)
  • more ...

68
UDP (User Datagram Protocol)
  • UDP is a transport protocol
  • Uses IP to deliver datagrams
  • Connectionless, Unreliable, Minimal
  • UDP uses ports to provide communication services
    to individual processes.

69
Ports
  • Port an abstract destination point.
  • Ports are identified by a positive 16-bit
    integer.
  • Operating systems provide some mechanism that
    processes use to specify a port.

70
Ports
Host A
Host B
Process
Process
Process
Process
Process
Process
71
UDP Datagram Format
72
Sockets
73
Sockets
  • An active socket is connected to a remote active
    socket. Closing the connection destroys the
    active sockets at each endpoint.
  • A passive socket is not connected, but rather
    awaits an incoming connection, which will spawn a
    new active socket.

74
Sockets v. Ports
  • A socket is not a port. A socket is associated
    with a port. This is a many-to-one relationship.
  • Each port can have a single passive socket,
    awaiting incoming connections, and multiple
    active sockets, each corresponding to an open
    connection on the port.

75
TCP
  • Transmission Control Protocol
  • Connection-oriented
  • Reliable
  • Full-duplex
  • Byte-Stream

76
Connection
  • Four Numbers Source IP Address, Source Port,
    Destination IP Address, Destination Port
  • connection is established Operating Systems of
    both source and destination hosts are maintaining
    state information re the connection.

77
Connection-Oriented
  • Connection oriented means that a virtual
    connection is established before any payload data
    is transferred.
  • If the connection cannot be established the user
    program is notified.
  • If the connection is ever interrupted the user
    program is notified.

78
Connection establishment
  • Connection establishment phase is required
  • Ensures that the receiving process is
    available and to synchronize sequence
    numbers, etc.

79
TCP State Diagram
80
Reliable
  • Every transmission of data is acknowledged by the
    receiver.
  • If the sender does not receive ACK within a
    specified amount of time, the sender retransmits
    the data.
  • ACK can be piggybacked on data.

81
Byte Stream
  • Stream means that the connection is treated as a
    stream of bytes.
  • The user application does not need to package
    data in individual datagrams (as with UDP).

82
Buffering
  • TCP is responsible for buffering data and
    determining when it is time to send a datagram.
  • It is possible for an application to tell TCP to
    send the data it has buffered without waiting for
    a buffer to fill up.

83
Full Duplex
  • TCP provides transport in both directions.
  • To the application program these appear as two
    unrelated data streams, although TCP can
    piggyback control and data communication by
    providing control information (such as an ACK)
    along with user data.

84
TCP Ports
  • Interprocess communication via TCP is achieved
    with the use of ports (just like UDP).
  • UDP ports have no relation to TCP ports
    (different name spaces).

85
TCP/UDP Ports
  • Reserved Ports less than 1024 Only root can bind
    to these ports.
  • Local Port of a process that requested the
    connection. Usually a random number, 0-65535.
  • Remote Port What application accepted the
    connection. Usually a known number.
    /etc/services. E.g.,
  • 80 for HTTP
  • 143 for IMAP
  • 443 for HTTP/SSL

86
TCP Segments
  • The chunk of data that TCP asks IP to deliver is
    called a TCP segment.
  • Each segment contains
  • data bytes from the byte stream
  • control information that identifies the data
    bytes

87
TCP Segment Format
88
Sequence Number
  • The positional number of the first data byte in
    this segment, except when SYN control flag is 1. 
  • If SYN is 1 the sequence number is the initial
    sequence number (ISN).
  • 32 bit unsigned integer

89
Sequence Number
  • Initial Sequence Number (ISN) is randomly
    generated.
  • What if ISN is not random?
  • You can hijack and kill arbitrary connections!

90
Acknowledgment Number
  • If the ACK control bit is set, this field
    contains the value of the next sequence number
    the sender of the segment is expecting to
    receive. Once a connection is established this is
    always included.

91
Control Bits
  • URG Urgent Pointer field significant
  • PSH Push Function
  • ACK Acknowledgment field significant
  • RST Reset the connection
  • SYN Synchronize sequence numbers
  • FIN No more data from sender

92
TCP v. UDP
  • Q Which protocol is better ? A It depends on
    the application.
  • TCP provides a connection-oriented, reliable byte
    stream service (lots of overhead).
  • UDP offers minimal datagram delivery service (as
    little overhead as possible).

93
TCP three-way handshake
  • Establishes a connection.
  • A I would like to talk to you B.A sends a SYN
    packet to B
  • B Ok, let's talk.B sends a SYN-ACK packet to
    A
  • A Thanks for agreeing.A sends ACK to B

94
TCP three-way handshake
  • Flags src dst seq ack
  • SYN 1037 80 102723769 0
  • SYN-ACK 80 1037 1527857206 102723770
  • ACK 1037 80 102723770 1527857207

95
Four-Way Handshake
  • The Four-Way Handshake terminates a previously
    established connection
  • A to B FIN
  • B to A ACK
  • B to A FIN
  • A to B ACK

96
Connection Resetting
  • Host X sends an RST packet resetting the
    connection if
  • Y requested a connection to a non-existent port P
    on host X, or
  • For whatever reason (idle for a long time, or an
    abnormal condition, ...), the host X (client or
    the sever) wishes to close the connection.
  • Resetting is unilateral.
Write a Comment
User Comments (0)
About PowerShow.com