© Copyright 1997, The University of New Mexico 7-1 Internetworking Technologies & Services (II) Introduction to TCP/IP –Models –Packet formats –Addressing.

7-1© Copyright 1997, The University of New Mexico

Internetworking Technologies & Services (II)

• Introduction to TCP/IP– Models– Packet formats– Addressing– Routing

• IPv6• TCP/IP Troubleshooting • TCP/IP Management• Applications and Services


TCP/IP Evolution

• Set of protocols developed by the U.S. Defense Department's Advanced Research Projects Agency (DARPA) during the early 1970s.

• De facto Standard.• Well suited for LAN’s and WAN’s• Birth of the Internet: National and

International Connectivity


TCP/IP Evolution

• Standards maintained by Internet Activities Board (IAB) through the Internet Engineering Task Force (IETF)

• Standards maintained on line in Request for Comments documents (RFC) (e.g. IP is defined in RFC791 and TCP in RFC 793)


TCP/IP Model

• TCP/IP Protocol Suite, ARPANET (DARPA)

Application

Transport (TCP,UDP)

Internet (IP)

Network Access

Physical


OSI to TCP/IP Models

• 7-layer OSI and TCP/IP Protocol Architectures

Application

Presentation

Session

Transport

Network

Data Link

Physical

Transport (TCP,UDP)

Network Access

Application

Internet (IP)

Physical


TCP/IP Network Architecture


IP - Internet Protocol

• The Internet Protocol (IP) is a packet-based protocol used to exchange data over computer networks. IP handles addressing, fragmentation, reassembly, and protocol multiplexing.

• It is the foundation on which all other IP protocols, collectively referred to as the IP Protocol suite, are built (TCP, UDP, ICMP, ARP, etc.).

• IP is a network-layer protocol that contains addressing and control information that allows data packets to be routed.


IP - Internet Protocol

• IP is responsible for moving packet of data from node to node. IP forwards each packet based on a four byte destination address (the IP number). The Internet authorities assign ranges of numbers to different organizations. The organizations assign groups of their numbers to departments. IP operates on gateway machines that move data from department to organization to region and then around the world.


TCP - Transmission Control Protocol

• The Transmission Control Protocol (TCP) is built upon the IP layer. TCP is a connection-oriented protocol that specifies the format of data and acknowledgments used in the transfer of data. TCP also specifies the procedures that the computers use to ensure that the data arrives correctly.

• TCP allows multiple applications on a system to communicate concurrently because it handles all multiplexing of the incoming traffic among the application programs.


TCP - Transmission Control Protocol

• TCP is responsible for verifying the correct delivery of data from client to server. Data can be lost in the intermediate network. TCP adds support to detect errors or lost data and to trigger retransmission until the data is correctly and completely received.

• Sockets is a name given to the package of subroutines that provide access to TCP/IP on most systems.


UDP - User Datagram Protocol

• The User Datagram Protocol (UDP) is used when reliability mechanisms in TCP are not needed. UDP is a connection-less-oriented protocol.


IP Packet Format


IP Packet Format

• Version:– Indicates the version of IP currently used.

• IP header length (IHL):– Indicates the datagram header length in 32-bit words.

• Type-of-service:– Specifies how a particular upper-layer protocol would like

the current datagram to be handled. Datagrams can be assigned various levels of importance through this field.

• Total length:– Specifies the length of the entire IP packet, including

data and header, in bytes.


IP Packet Format

• Identification:– Contains an integer that identifies the current

datagram. This field is used to help piece together datagram fragments.

• Flags:– A 3-bit field of which the low-order 2 bits control

fragmentation. One bit specifies whether the packet can be fragmented; the second bit specifies whether the packet is the last fragment in a series of fragmented packets.


IP Packet Format

• Time-to-live:– Maintains a counter that gradually decrements down to

zero, at which point the datagram is discarded. This keeps packets from looping endlessly.

• Protocol:– Indicates which upper-layer protocol receives incoming

packets after IP processing is complete.

• Header checksum:– Helps ensure IP header integrity.

• Source address:– Specifies the sending node.


IP Packet Format

• Destination address:– Specifies the receiving node.

• Options:– Allows IP to support various options, such as security.

• Data:– Contains upper-layer information.


IP Network Addressing

• IP address is 32 bits in length, divided into either two or three parts:– First part designates the network address– Second part (if present) designates the subnet address– Third part designates the host address

• Conceptual Interpretation of IP Addresses– [Internet Part:Local Part] - Original – [Internet Part:Physical Network:Host] - With subnets


IP Network Addresses

• IP addressing supports five different network classes:– Class A: Mainly used with a few very large networks.

Provide only 7 bits for the network address field.– Class B: 14 bits for the network address field, 16 bits for

the host address field. Offers a good compromise between network and host address space

– Class C: Allocate 22 bits for the network address field, provide only 8 bits for the host field. The number of host may be a limiting factor

– Class D: Reserved for multicast groups, the 4 highest-order bits are set to 1, 1, 1, and 0.

– Class E: Reserved for future use, the four highest-order bits are all set to 1.


IP Network Address Representation

• Binary Notation: – 1000 0000.0000 1010. 0000 0010.0001 1110

• Hexadecimal Notation:– 80.0A.02.1E

• Dotted Decimal Notation: – 128.10.2.30



• Class A: [0:netid:hostid]• Class B: [10:netid:hostid]• Class C: [110:netid:hostid]• Class D: [1110:Multicast]• Class E: [11110:Reserved]


IP Primary Network Addresses



• Class A: 0 through 127; e.g. 10.2.0.37– netid = 10. and hostids = 10.0.0.0 to 10.255.255.255– Note: 127.0.0.0 network addresses are reserved for

loopback addressing– 24-bits available; 16,777,216 possible hostid IP addresses

• Class B: 128 through 191; e.g. 129.24.24.119– netid = 129.24. and hostids = 129.24.0.0 to 129.24.255.255– 16-bits available; 65,536 possible hostid IP addresses

• Class C: 192 through 223; e.g. 198.6.7.3– netid = 198.6.7. and hostids = 198.6.7.0 to 198.6.7.255– 8-bits available; 256 possible hostid IP addresses



• Class D: 224 through 239– Multicast

• Class E: 240 through 255– Reserved for future use



• Addresses specify network connections– IP addresses do not specify a host but a connection to a

network

• Network and broadcast addresses– IP address with all bits of HOSTID field set to 0 is reserved

to refer to the network– IP address with all bits of HOSTID field set to 1 is a

broadcast address (hardware/software supported)

• Limited Broadcast– Local network broadcast address is 32 1’s (i.e.

255.255.255.255)– Provides broadcast capability to local network independent

of IP



• Subnet addressing and multicast– Designed to conserve network addresses– Multipoint delivery

• Loopback Address– Not all possible addresses have been assigned to

classes– Class A address 127.0.0.0 is reserved for loopback– Use in testing TCP/IP and for inter-process

communications on the local machine– Packets with network address should never appear on

any network



• IP address limitations– address refers to network connection not host

• IP address authority– All IP addresses are assigned by a central authority– IANA: Internet Assigned Number Authority has ultimate

control– INTERNIC: Internet Network Information Center assigns

addresses

• Network Byte Order– Internet standard for byte order specifies integers be sent

most significant byte first– Big Endian style; lowest memory address holds the high

order byte of the integer


IP Network Address Mapping

• Logical: IP addresses define Layer 3 (Network Layer) logical addresses

• Physical: Layer 2 (Data Link Layer) physical addresses is a function of IP addresses

• Address Resolution (Mapping): Translation from logical address (IP address) to an equivalent physical hardware address ( Ethernet address) ; required for information exchange between host-to-host and host-to-router located on the same physical network


Address Resolution Techniques

• Table lookup (e.g. WANs)• Closed-form computation (e.g.

Configurable networks)• Message exchange (e.g. LAN with static

addressing)


ARP - Address Resolution Protocol

• TCP/IP can use any type of address resolution techniques, dependent on underlying hardware

• ARP allows a host or a router to find the physical address of a host or a router connected to the same physical network, given the target IP address


RARP - Reverse Address Resolution Protocol

• RARP allows a host or a router to obtain its IP address or another host or router IP address

• Normally used at boot time requiring a RARP server


ICMP - Internet Control Message Protocol

• Error reporting protocol• Echo and reply messages to test node

reachability across an internet. Redirects messages to simulate efficient routing

• Time exceeded messages to inform sources that a datagram has exceeded its allocated time to exist within the internet

• Used by routers to determine addresses of directly attached routers and to discover the subnet mask currently used by an internet


IP Subnets and Network Masks

• Subnets provide extra flexibility to network administrators by subdividing IP networks into smaller subnetworks

• IP subnets define two or more physical networks that share a common netid field (portion of 32-bit address that is assigned by the NIC)

• Subnetting allows routers to hide complexity of multiple LANs from the rest of the Internet and Enterprise WANs (e.g. if IP address = 129.24.8.1 then Network = 129.24., Subnet = 8. to 15., Host = 1)


IP Subnets and Network Masks

• Subnet masks are used to specify the number of bits used to define a subnet

• Subnet masks use the same format and representation techniques as IP addresses (e.g. 255.255.255.0)

• Subnet masks have 1’s in the netid and subnet fields, and 0’s in the hostid field

• Class B Subnetting example:– Before Subnetting: [10:netid:hostid];– After Subnetting: [10:netid:subnet:hostid];


Subnet Mask Construction

• Assign a value of 1 to all the bits in the netid field (i.e. first 8/16/24 bits of Class A/B/C networks)

• Assign a value of 1 to each bit in the subnet field

• Assign a value of 0 to each bit in the hostid field

• Convert to dotted decimal or hexadecimal notation



• Class B Address Info– 129.24.0.0 to 129.24.255.255– netid = 129.24.– hostid = 16 bits (i.e. 65,536 potential IP addresses)

• Subnet Mask Assumptions:– netid bits = 16– potential hostid bits = 16– If we divide the address space into 32 subnets we will

have 2048 hostids or IP addresses per subnet



• xxxx xxxx.xxxx xxxx.xxxx xxxx.xxxx xxxx (32-bits)

• 1111 1111.1111 1111.xxxx xxxx.xxxx xxxx (Step 1)

• 1111 1111.1111 1111.1111 1xxx.xxxx xxxx (Step 2)

• 1111 1111.1111 1111.1111 1000.0000 0000 (Step 3)

• 255.255.248.0 (Step 4)

• Hexadecimal representation = FF FF F8 00



• Sample Subnet hostid assignment– 129.24.8.0 (Reserved: not used)– 129.24.8.1– 129.24.8.2– . . . . . . . . . – 129.24.8.255– 129.24.9.0– 129.24.9.1– 129.24.9.2– . . . . . . . . . – 129.24.15.255 (Reserved: Subnet directed broadcast

address)



• Subnet Ranges (32 subnets/30 useable)– 129.24.0.0 to 129.24.7.255 (Reserved: not used)– 129.24.8.0 to 129.24.15.255 – 129.24.16.0 to 129.24.23.255– 129.24.24.0 to 129.24.31.255– 129.24.32.0 to 129.24.39.255– . . . . . . . . . . . . . . – 129.24.232.0 to 129.24.239.255– 129.24.240.0 to 129.24.247.255– 129.24.248.0 to 129.24.255.255 (Reserved: not used)



• Samples of other Subnet Masks for Class B network:– 255.255.255.192: 1,024 subnets with 64 hostids per subnet– 255.255.255.224: 2,048 subnets with 32 hostids per subnet– 255.255.255.240: 4,096 subnets with 16 hostids per subnet– 255.255.255.248: 8,192 subnets with 8 hostids per subnet– 255.255.255.252: 16,384 subnets with 4 hostids per subnet

• Samples of other Subnet Masks for Class C network:– 255.255.255.192: 4 subnets with 64 hostids per subnet– 255.255.255.224: 6 subnets with 32 hostids per subnet– 255.255.255.240: 16 subnets with 16 hostids per subnet– 255.255.255.248: 32 subnets with 8 hostids per subnet– 255.255.255.252: 64 subnets with 4 hostids per subnet


IP Routing Definitions and Terminology

• Routers are Layer 3 (Network Layer) devices • Traditionally routers were called gateways• Routers are used for information exchange

within a group of networks under the same administrative authority and control (Autonomous Systems)

• Routing can be both dynamic and static• Routing involves the determination of routing

paths and the transport of information groups (packets) through an internetwork


IP Routing Definitions and Terminology

• Path determination may be based on a variety of metrics (values resulting from algorithmic computations on a particular variable,for example, network delay) or metric combinations.


IP Routing Protocols/OSI Model


Routing Algorithms Design Goals

• Correctness • Simplicity/Low Overhead • Robustness/Stability • Rapid Convergence • Flexibility


Routing Algorithm Types

• Static or Dynamic • Distributed or Centralized • Single-Path or Multi-Path • Flat or Hierarchical • Host-Intelligent or Router-Intelligent • Intra-Domain or Inter-Domain • Link State or Distance Vector


RIP - Routing Information Protocol

• RIP is a distance vector, intra-domain routing protocol originally designed for PUP (Xerox PARC Universal Protocol, 1980) and used in XNS

• RIP became associated with both UNIX and TCP/IP in 1982 when the Berkeley Standard Distribution (BSD) implementation of UNIX began shipping with a RIP implementation referred to as routed

• RIP is formally defined in RFC 1058


RIP Routing Table


RIP Packet Format


RIP Packet Fields Description

• Command:– Indicates that the packet is a request or a response. The

request command requests the responding system to send all or part of its routing table. Destinations for which a response is requested are listed later in the packet. The response command represents a reply to a request or, more frequently, an unsolicited regular routing update. In the response packet, a responding system includes all or part of its routing table. Regular routing update messages include the entire routing table.

• Version number:– Specifies the RIP version being implemented. With the

potential for many RIP implementations in the Internet, this field can be used to signal different, potentially incompatible, implementations.


RIP Packet Fields Description

• Address family identifier:– Follows a 16-bit field of all zeros and specifies the

particular address family being used. On the Internet, this address family is typically IP (value = 2), but other network types may also be represented

• Address:– Follows another 16-bit field of zeros. In Internet RIP

implementations, this field typically contains an IP address

• Metric:– Follows two more 32-bit fields of zeros and specifies the

hop count. The hop count indicates how many internetwork hops (routers) must be traversed before the destination can be reached


OSPF - Open Shortest Path First

• OSPF is a relatively recent intra-domain, link state, hierarchical routing protocol developed for IP networks by the Internet Engineering Task Force (IETF)

• OSPF was derived from an early version of OSI's IS-IS routing protocol


EGP - Exterior Gateway Protocol

• EGP is a dynamic routing protocol, it uses a very simple design. It does not use metrics and therefore cannot make true intelligent routing decisions.

• EGP is the primary inter-domain routing protocol used on the Internet. It is used for communication between the "core" Internet routers.

• Originally documented in RFC 904


BGP - Border Gateway Protocol

• BGP represents an attempt to address the most serious of EGP's problems. Like EGP, BGP is an inter-domain routing protocol created for use in the Internet core routers.

• BGP was designed to detect routing loops and to use a metric so that intelligent routing decisions may be made (BGP is the next-generation EGP, BGP is replacing EGP in the Internet )

• BGP is specified in RFC 1163


OSI Routing Protocols

• ES-IS - End System to Intermediate System– This protocol describes how ESs communicate with ISs in a

connectionless environment. Used with CLNP (Connectionless Network Protocol)

• IS-IS - Intermediate System to Intermediate System– Intra-domain routing protocol. This protocol describes how

routers communicate with other routers in the same domain. – Intra-domain routing protocol

• IDRP - Inter-Domain Routing Protocol– This protocol describes how routers communicate with

routers in different domains.


IGRP

• IGRP is an intra-domain distance vector routing protocol developed in the mid-1980s by Cisco Systems, Inc. It is designed for use in large, complex IP networks.

• IGRP uses a combination (vector) of metrics. Internetwork delay, bandwidth, reliability, MTU, and load are all factored into the routing decision.


IPv6

• Solves IPv4 address limitation by extending addressing from 32 to 128 bits

• Improved option mechanism• Address auto-configuration • Support for resource allocation• Enhanced Security Capabilities• Provider-based unicast addresses • Site-local-use addresses • Link-local-use addresses


IPv6


IPv6


IPv6


TCP/IP Troubleshooting

• Default Route Misconfiguration– 31 <indus> netstat -rn– Routing tables– Destination Gateway Flags Refs Use Interface– Netmasks: 255.255.255.248– default 129.24.96.1 UG 71 186452212 en0– 127 127.0.0.1 U 3 550586

lo0– 129.24.96 129.24.96.13 U 62 309522130

en0– 198.83.80.3 129.24.96.28 UGHD 0 11392 en0– 198.83.80.7 129.24.96.28 UGHD 0 484295 en0– 198.83.80.8 129.24.96.28 UGHD 0 4384 en0– 198.83.80.10 129.24.96.28 UGHD 0 300696 en0



• DNS Misconfiguration– <indus> host ariel– ariel.unm.edu is 129.24.8.1– 33 <indus> host globo– host: 0827-801 Host name globo does not exist.– 34 <indus> host globo.eece– globo.eece.unm.edu is 129.24.24.119– 35 <indus> host mhpcc– argo.unm.edu is 129.24.9.24, Aliases:

mhpcc.unm.edu



• Routers Not Active– 40 <indus> traceroute globo.eece– traceroute to globo.eece.unm.edu (129.24.24.119), 30

hops max, 40 byte packets– 1 eece-bcn (129.24.96.1) 2 ms 1 ms 1 ms– 2 B46-IGSL-01 (129.24.199.250) 4 ms 3 ms 4 ms– 3 globo.eece.unm.edu (129.24.24.119) 4 ms * 4 ms– 42 <indus>



• Routers Not Active– 43 <indus> traceroute dca.fee.unicamp.br– traceroute to dca.fee.unicamp.br (143.106.8.1), 30 hops max, 40

byte packets– 1 eece-bcn (129.24.96.1) 1 ms 1 ms 1 ms– 2 cirt-bcn (129.24.56.1) 2 ms 2 ms 2 ms– 3 ANS-7010-01 (198.83.5.5) 289 ms 7 ms 4 ms– 4 h3-0.cnss116.Albuquerque.t3.ans.net (192.103.74.41) 23 ms– 5 140.222.112.221 (140.222.112.221) 4 ms 5 ms 4 ms– 6 h14-1.t16-0.Los-Angeles.t3.ans.net (140.223.17.9) 27 ms 42– 7 h14-1.t8-0.San-Francisco.t3.ans.net (140.223.9.13) 42 ms – 8 core5-fddi1-0.SanFrancisco.mci.net (206.157.77.1) 322 ms



• Routers Not Active– 9 core1.Washington.mci.net (204.70.4.129) 331 ms 354 ms– 10 204.70.2.14 (204.70.2.14) 160 ms 98 ms 150 ms– 11 embratel.Washington.mci.net (204.189.152.194) 239 ms– 12 fpspra.cora.br (143.108.13.1) 237 ms 231 ms 237 ms– 13 fpsprd.cora.br (143.108.5.7) 230 ms 236 ms 234 ms– 14 ansprd2.unicamp.br (143.106.70.1) 237 ms 247 ms 238 ms– 15 ansp-gw.unicamp.br (143.106.70.3) 255 ms 244 ms 234 ms– 16 feegw.unicamp.br (143.106.1.19) 254 ms 239 ms 239 ms– 17 dca.fee.unicamp.br (143.106.8.1) 242 ms 249 ms 249 ms– 43 <indus>



• Host Responding– 44 <indus> ping -c5 aix– PING aix.unm.edu: (129.24.57.2): 56 data bytes– 64 bytes from 129.24.57.2: icmp_seq=0 ttl=254 time=2 ms– 64 bytes from 129.24.57.2: icmp_seq=1 ttl=254 time=1 ms– 64 bytes from 129.24.57.2: icmp_seq=2 ttl=254 time=2 ms– 64 bytes from 129.24.57.2: icmp_seq=3 ttl=254 time=2 ms– 64 bytes from 129.24.57.2: icmp_seq=4 ttl=254 time=2 ms– ----aix.unm.edu PING Statistics----– 5 packets transmitted, 5 packets received, 0% packet loss– round-trip min/avg/max = 1/2/7 ms– 45 <indus>


TCP/IP Management

• SNMP - Simple Network Management Protocol – Is an application-layer protocol designed to facilitate

the exchange of management information between network devices. By using SNMP to access management information data (such as packets per second and network error rates), network administrators can more easily manage network performance and find and solve network problems

– There are two versions of SNMP: Version 1.0, which was the initial version of SNMP, and Version 2.0, which incorporates security features and improvements in protocol operations and management architecture


TCP/IP Security

• Network security can be addressed at:– Layer 1 (Physical Media)– Layer 2 (Data Link)– Layer 3 (Network Layer)– Layer 6 & 7 ( Presentation and Application Layers)

• No single solution to TCP/IP security– Hub switching– Router packet filters– Router access lists and firewalls– Encryption


TCP/IP Applications & Services

• FTP ( File Transfer Protocol): Move files between computer systems.

• Telnet ( Terminal Emulation Protocol): Allows virtual terminal emulation.

• SMTP ( Simple Mail Transfer Protocol): Provides an electronics mail transport mechanism.

• SNMP ( Simple Network Management Protocol): It is a network management used for reporting anomalous network conditions and setting network threshold values, SNMP Version 1 & 2.


TCP/IP Applications & Services

• HTTP (Hypertext Transfer Protocol): Enables services to terminals running WWW clients and browsers.

• NFS (Network File System): Allows transparent access to network resources. It includes three services:– NFS (Network File System)– XDR (Eternal Data Representation)– RPC (Remote Procedure Call)


TCP/IP Applications & Services Architecture


HTTP - HyperText Transfer Protocol

• Definition: HTTP is an application-level protocol with lightness and speed necessary for distributed, collaborative, hypermedia information system.

• The protocol has been in use by the world-wide Web servers since 1990.

• HTTP allows an open-ended set of methods to be used to indicate the purpose of a request


HTTP - HyperText Transfer Protocol

• HTTP is used as a generic protocol to communicate between user agent and gateways to other Internet protocols, such as SMTP, NNTP, FTP, Gopher, and WAIS

• Messages are passed in a format similar to that used by Internet mail and MIME


How does HTTP Operates?

• HTTP is based on a request/response paradigm.

• A client establish a connection with a server and sends a request to the server in the form of a request method.

• URI and protocol version followed by a MIME- like message containing request modifiers, client information, and possible body content.


How does HTTP Operates?

• The server responds with a status line, including the messages protocol version and a success or error code, followed by a MIME- like message containing server information, entity meta-information, and possible body content.

• HTTP communication generally takes place over TCP/IP connection


NNTP - Network News Transport Protocol

• The protocol used by client and server software to carry USENET posting back and forth over a TCP/IP network.

• NNTP is designed so that news articles are stored in a central database allowing a subscriber to select the items he wishes to red.

• NNTP is the method used to access Usenet news and Internet mailing lists over the Internet.


NNTP - Network News Transport Protocol

• USENET news uses two variants of NNTP protocols: one for communication between adjacent servers and other for communication between a client and a server.

• USENET is a collection of discussion groups attended by millions of people from all over the world.


SMTP - Simple Mail Transport Protocol

• The main protocol used to send electronic mail on the Internet.

• SMTP consists of a set of rules for how a program sending mail and a program receiving mail should interact.

• Almost all Internet email is sent and received by clients and servers using SMTP.


POP - Post Office Protocol

• POP is a standard network protocol that is supported by DOS/Windows and Macintosh software for managing Internet electronic mail.


IMAP - Internet Message Access Protocol

• Allows a client to access and manipulate electronic mail messages on a server.

• IMAP4 permits manipulation of remote message folders, called "mailboxes", in a way that is functionally equivalent to local mailboxes.

• IMAP4 also provides the capability for an off-line client to resynchronize with the server.

• IMAP4 includes operations for creating, deleting, and renaming mailboxes; checking for new messages;permanently removing messages.

© Copyright 1997, The University of New Mexico 7-1 Internetworking Technologies & Services (II) Introduction to TCP/IP –Models –Packet formats –Addressing.

Documents

ip internet protocol

university of new mexico

ip layer

ip protocols

ip handles

ip number

ip forwards

protocol multiplexing