TCP/IP Protocols Review

1
TCP/IP Protocols Review

• Protocol Model
• Internet Protocol IP/ICMP/ARP
• Reliable Stream Transport Service - TCP
• User Datagram Protocol - UDP
• Internet Applications

2
OSI Reference Model
Application
Application
Presentation
Presentation
Session
Session
Transport
Transport
Network
Network
Network
Network
Data link
Data link
Data link
Data link
Physical
Physical
Physical
Physical
3
TCP/IP v.s. OSI ???
Application
Http,Telnet,FTP,SMTP,SNMP,NFS TCP,UDP IP ,
ICMP device driver and interface card
Host-to-Host Transport
Internet
Network Access
4
TCP/IP Data Encapsulation
Data
Application LayerUser Data
TCP Header
Data
UDP Header
Data
TCP or UDP or ICMP Layer
ICMP Header
Data
IP Layer
IP Header
TCP / UDP/ICMP Header
Data
Frame Header
IP Header
TCP/UDP/ICMP Header
Data
Trailer
Lower Layer
5
TCP/IP?????
User Process
User Process
User Process
Application
Application
TCP
UDP
Transport
Transport
ICMP
IP
IGMP
Network
Internet
Network Access
ARP
Interface
RARP
Link
6
Internet Protocol (IP)

• Internet Address
• IP Datagram
• IP Fragmentation
• IP Routing
• Internet Control Message Protocol(ICMP)
• IP???????
• IPv6

7
Internet Address

• Network ID and Host ID (Network Mask and Subnet)
• Address Class and Classless IP
• NIC Reserved IP Address
• Broadcast / Loop Back / Multicast Address
• Internet Addressing???

8
Network Mask and Subnet

• network mask
• A host needs to know how many bits are used for
  the Network-ID and how many bits are used for
  the Host-ID. This is specified using network
  mask.
• Class C network mask example
• 255.255.255.0 , 255.255.255.128, 255.255.255.192
  , 255.255.255.224, 255.255.255.240,
  255.255.255.248
• Commands to check IP address and network mask
• Win95/98 - winipcfg
• WinNT/2000 - ipconfig /all
• UNIX - ifconfig -a

9
IP Address Class (1)

• Class A nnn.hhh.hhh.hhh(1.0.0.0
  126.255.255.255)
• Class B nnn.nnn.hhh.hhh(128.0.0.0
  191.255.255.255)

7
0
0
15
10
IP Address Class (2)

• Class C nnn.nnn.nnn.rrr(192.0.0.0
  223.255.255.255)
• Class D Multicast address(224.0.0.0
  239.255.255.255)

0
1
2
Host
1
Network
1
0
1
0
1
1
Multicast address
11
NIC Reserved IP Address

• Class A
• 10.0.0.0 10.255.255.255
• Class B
• 172.16.0.0 172.31.255.255
• Class C
• 192.168.0.0 192.168.255.255

12
Special IP Address

• Directed Broadcast Address
• Network ID all 1s with Host ID
• Limited Broadcast Address
• Thirty-two 1s
• Multicast Address
• IGMP, Internet Group Management Protocol
• Loop Back Address
• 127.0.0.1
• For inter-process communication on the local
  machine

13
Internet Addressing ??

• IP????????
• IP Spoofing
• ?????

14
IP Datagram
15
IP Fragmentation

• Maximum Transmission Unit(MTU)
• Related fields in IP Header
• Identification
• Flags w/o more Fragment, DF bit
• Fragment Offset
• Related Attack
• Ping of Death
• Tiny Fragments
• Fragments overlapped

16
MTU
Typical Maximum Transmission Units (MTUs)
17
Why Frag. is BAD

• ?????????????????
• ????????TCP/UDP Header??,???????????
• ????????(???????)??
• information hiding
• ???????????????
• overlapping data/header

18
Overlapping Fragments
IP Header
TCP Header
DATA
IP Header
DATA
IP Header
TCP Header
DATA
IP Header
DATA
IP Header
TCP Header
DATA
IP Header
Fake TCP Header
DATA
19
Time to Live (TTL)

• ?????????????? (hop count)
• ???????????(router/gateway)?,?????TTL???1
• ?TTL?????,????????????????????,???ICMP Time
  Exceeded????????

20
Protocol Field
TransportLayer
UDP
TCP
ProtocolNumbers
6
17
ESP
51
InternetLayer
AH
50
IP

• Determines destination upper-layer protocol

21
IP Options

• ???empty,????
• Firewall??????IP option?IP source route
• IP source route?mobile IP????,?????,?????????
• ??packet filtering systems???????IP option
  set,????packet,?????????

22
IP Routing

• Mapping Internet Address to Physical Address
  (ARP)
• Table Driven IP Routing
• Static and Dynamic Routing

23
Routing Scenario
Host B
Source MAC Router
Dst. MAC B
Source IP A
Dst. IP B
Data.
Router
Host A
Source MAC A
Dst. MAC Router
Source IP A
Dst. IP B
Data.
24
Address Resolution Protocol

• ?IP Protocol
• ARP Cache
• ARP Proxy
• arp -a, arp -p

25
???? Sniffing (1)
26
???? Sniffing (2)

• Sniffer?????? ?
• 1. ?????????????????????????
• ????????.
• 2. ??????????????????????,???
• ??????? MAC(Media Access Control) ?????
• ??. ( ?????? FF FF FF FF FF FF )
• 3. Sniffer???????????????????
• Promiscuous Mode, ????????????,???
• ???????????.

27
IP Routing Tables

• A Systems Routing Tables Containing
• loop back interface
• Interface for itself network
• host-specific are added
• network-specific are added
• default gateway are added
• Commands to check routing tables
• netstat -rn

28
IP Routing Principals

• (1) Search for host-specific host address
• (2) Search for network-specific network
• (3) Search for itself interface network for
  broadcast
• (4) Search for a default entry

29
Static and Dynamic Routing

• Static routing
• Command added
• There is single connection point to other network
• Dynamic routing
• Used by routers to communication each
  other,informing each other of what networks each
  router currently connected to.

30
Add a Static Routing Into a Routing Table

• Windows 9x / NT / 2000 (Under Dos Mode )
• route add Host/Network IP mask
  Network Mask Gateway IP
• Example
• route add 203.75.1.0 mask
  255.255.255.128 192.72.155.254
• Unix
• route add Host/Network IP Gateway
  IP Metric
• Example
• - Add an Default Routing Entry
• route add default 192.72.155.254
  1
• - Add an Static Routing Entry
• route add 172.16.1.1
  192.168.100.254 1

31
case study static route
Host A
Host B
How to let the two host reach each other?
32
ICMP (1)

• Internet Control Message Protocol
• ICMP only reports error conditions to the
  original source it does not correct it.
• ICMP Message Format
• Testing Destination Reachability and Status
• Echo Request and Reply

33
ICMP (2)

• Reports of Unreachable Destinations
• ???????????,e.g.??????????
• Congestion and Datagram Flow Control
• Source Quench Message
• Route Change Request From Gateways
• Redirect Message
• Detecting Circular or Excessively Long Routes
• Time Exceeded for a Datagram message

34
ICMP Message Format
IP
IP Header
ICMP Message
ICMP
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4
5 6 7 8 9 0 1
Type
Code
Checksum
Data..
35
ICMP Type

• 0 Echo Reply
• 3 Destination Unreachable
• 4 Source Quench
• 5 Redirect(Change a route)
• 8 Echo Request
• 11 Time Exceeded for a Datagram

• 12 Parameter Problem on a Datagram
• 13 Timestamp Request
• 14 Timestamp Reply
• 15 Information Request (Obsolete)
• 16 Information Reply ( Obsolete)
• 17 Address Mask Request
• 18 Address Mask Reply

36
ICMP Code of Unreachable Destination

• 0 Network Unreachable
• 1 Host Unreachable
• 2 Protocol Unreachable
• 3 Port Unreachable
• 4 Fragmentation Needed and DF Set
• 5 Source Route Failed
• 6 Destination Network Unknown
• 7 Destination Host Unknown

• 8 Source Host Isolated
• 9 Communication with Destination Network
  Administratively Prohibited
• 10 Communication with Destination network
  Administratively Prohibited
• 11 Network Unreachable for Type of Service
• 12 Host Unreachable for Type of Service

37
IP???????

• Connectionless Delivery System
• Unreliable Delivery Protocol
• Lost, Duplicated, Delayed, Out of Order
• ???????????Reliable Service

38
IPv6??

• Plenty of addresses (one would never run out of
  address)
• support of billions of hosts
• Efficient yet flexible routing
• reduce the size of the routing tables
• simplify the protocol for high performance
  routing process
• Provide better security
• Support of real-time data
• Allow multicasting with specified scope
• Allow a host to roam without changing its address
• Allow protocol to evolve in the future
• Allow the coexistence of the old and new protocols

39
IPv4 Header20 OctetsOptions 13 fields,
include 3 flag bits
0 bits
31
4
8
24
16
Ver
IHL
Total Length
Service Type
Identifier
Flags
Fragment Offset
Time to Live
Header Checksum
Protocol
32 bit Source Address
32 bit Destination Address
Options and Padding
40
IPv6 Header40 Octets, 8 fields
0
31
4
12
24
16
Version
Class
Flow Label
Payload Length
Next Header
Hop Limit
128 bit Source Address
128 bit Destination Address
41
IPv6 Extension Headers

• IP options have been moved to a set of optional
  Extension Headers
• Extension Headers are chained together

IPv6 Header
TCP Header
Application Data
Next TCP
IPv6 Header
TCP Header
Routing Hdr
Application Data
Next Routing
Next TCP
IPv6 Header
TCP Header
Security Hdr
Fragment Hdr
Data Frag
Next Security
Next Frag
Next TCP
42
Transmission Control Protocol

• TCP Segment Format
• Reliable Delivery Service
• Positive Acknowledgement with Retransmission
• Sliding Windows
• Establish a TCP Connection

43
TCP Segment Format
44
Port Numbers
TELNET
DNS
SNMP
TFTP
SMTP
RIP
H T T P
FTP
ApplicationLayer
520
25
53
69
161
Port Numbers
21
23
80
TransportLayer
TCP
UDP
45
TCP Port Numbers
Source Port
Dest. Port

Telnet Z
Host Z
Host A
Dest. port 23.Send packet to my Telnet
application.
SP
DP
1028
23

46
Reliable Delivery Service of TCP (1)

• Stream Orientation
• Instead of Lost, Duplicated, and Out of Order
• Virtual Circuit Connection
• Clients Connect and Servers Listen/Accept
• Ports and Connections
• Buffered Transfer
• TCP will buffer data to make transfer more
  efficient
• Provides a push mechanism that applications use
  to force a transfer

47
Reliable Delivery Service of TCP (2)

• Unstructured Stream
• TCP does not show packet boundaries to
  applications
• Full Duplex Connection
• Think of it as two independent streams joined
  with piggybacking mechanism

48
Acknowledgement and Retransmission
???
49
Sliding Windows (1)

• Packets 1 2 3 4 5 6 7 8 9 10 11 12 13 gt
• done windows Not Sent
• 1-3 sent and ACKED
• 4-8 in window and sent but not ACKED
• if ACK arrives, sender slides window up
• Recv controls sliding window and views that as
  available buffering, can stop sending by telling
  its window size is 0 in ACK

50
Sliding Windows (2)

• To make stream transmission more efficient than a
  simple positive acknowledgement protocol
• Variable windows size and flow control
• Congestion Control
• Allowed-window min (receiver-advertisement,
  congestion_window)
• Multiplicative decrease congestion avoidance
• Slow-start (additive) Recovery

51
TCP Three Way Handshake-1
52
TCP Three Way Handshake-2
53
TCP Three Way Handshake-3
54
TCP Session Termination-1
Host A
Host B
FIN (seqm)
55
TCP Session Termination-2
Host A
Host B
FIN (seqm)
ACK m1
56
TCP Session Termination-3
Host A
Host B
FIN (seqm)
ACK m1
FIN (seqn)
57
TCP Session Termination-4
Host A
Host B
FIN (seqm)
ACK m1
FIN (seqn)
ACK n1
58
User Datagram Protocol (UDP)

• UDP Message Format
• IP with Ports
• Unreliable Connectionless Delivery
• Works fine just on a local network

59
UDP Message Format
0 1
2 3 0 1 2 3 4
5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9
0 1
Source Port
Destination Port
Length
Checksum
Data...
60
Internet Applications

• Telnet Remote Terminal Access
• FTP File Transfer Protocol
• SMTP Simple Mail Transfer Protocol
• POP3 Post Office Protocol 3
• HTTP Hyper Text Transfer Protocol
• NNTP Network News Transfer Protocol
• DNS Domain Name Service