Network Programming

Front coverDraft Document for Review November 29, 2006 10:38 am GG24-3376-07

TCP/IP Tutorial and Technical OverviewUnderstand networking fundamentals of the TCP/IP protocol suite Advanced concepts and new technologies Includes the latest TCP/IP protocols

Lydia Parziale David T. Britt Chuck Davis Jason Forrester Wei Liu Carolyn Matthews Nicolas Rosselot

ibm.com/redbooks

Draft Document for Review November 29, 2006 10:38 am

3376edno.fm

International Technical Support Organization TCP/IP Tutorial and Technical Overview July 2006

GG24-3376-07

3376edno.fm


Note: Before using this information and the product it supports, read the information in Notices on page xix.

Seventh Edition (July 2006) This document created or updated on November 29, 2006.

Copyright International Business Machines Corporation 2006. All rights reserved. Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.


3376TOC.fm

ContentsNotices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi The team that wrote this redbook. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Become a published author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv Part 1. Core TCP/IP protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 1. Architecture, history, standards, and trends . . . . . . . . . . . . . . . 3 1.1 TCP/IP architectural model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1.1 Internetworking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.1.2 The TCP/IP protocol layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 1.1.3 TCP/IP applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.2 The roots of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 1.2.1 ARPANET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 1.2.2 NSFNET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 1.2.3 Commercial use of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 1.2.4 Internet2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18 1.2.5 The Open Systems Interconnection (OSI) Reference Model . . . . . . 19 1.3 TCP/IP standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 1.3.1 Request For Comments (RFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 1.3.2 Internet standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 1.4 Future of the Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 1.4.1 Multimedia applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 1.4.2 Commercial use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 1.4.3 The wireless Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 1.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Chapter 2. Network interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 2.1 Ethernet and IEEE 802 Local Area Networks (LANs) . . . . . . . . . . . . . . . . 30 2.1.1 Gigabit Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 2.2 Fiber Distributed Data Interface (FDDI). . . . . . . . . . . . . . . . . . . . . . . . . . . 33 2.3 Serial Line IP (SLIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 2.4 Point-to-Point Protocol (PPP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 2.4.1 Point-to-Point encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 2.5 Integrated Services Digital Network (ISDN) . . . . . . . . . . . . . . . . . . . . . . . 37 2.6 X.25 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Copyright IBM Corp. 2006. All rights reserved.

iii

3376TOC.fm


2.7 Frame relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.7.1 Frame format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.7.2 Interconnect issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 2.7.3 Data link layer parameter negotiation . . . . . . . . . . . . . . . . . . . . . . . . 43 2.7.4 IP over frame relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 2.8 PPP over SONET and SDH circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 2.8.1 Physical layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 2.9 Multi-Path Channel+ (MPC+) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 2.10 Asynchronous Transfer Mode (ATM) . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 2.10.1 Address resolution (ATMARP and InATMARP) . . . . . . . . . . . . . . . 46 2.10.2 Classical IP over ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 2.10.3 ATM LAN emulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 2.10.4 Classical IP over ATM versus LAN emulation. . . . . . . . . . . . . . . . . 58 2.11 Multiprotocol over ATM (MPOA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 2.11.1 Benefits of MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 2.11.2 MPOA logical components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 2.11.3 MPOA functional components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 2.11.4 MPOA operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 2.12 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Chapter 3. Internetworking protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 3.1 Internet Protocol (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 3.1.1 IP addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 3.1.2 IP subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 3.1.3 IP routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 3.1.4 Methods of delivery - unicast, broadcast, multicast, and anycast . . . 81 3.1.5 The IP address exhaustion problem . . . . . . . . . . . . . . . . . . . . . . . . . 84 3.1.6 Intranets - private IP addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 3.1.7 Network Address Translation (NAT) . . . . . . . . . . . . . . . . . . . . . . . . . 87 3.1.8 Classless Inter-Domain Routing (CIDR) . . . . . . . . . . . . . . . . . . . . . . 93 3.1.9 IP datagram. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 3.2 Internet Control Message Protocol (ICMP) . . . . . . . . . . . . . . . . . . . . . . . 107 3.2.1 ICMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 3.2.2 ICMP applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 3.3 Internet Group Management Protocol (IGMP) . . . . . . . . . . . . . . . . . . . . 118 3.4 Address Resolution Protocol (ARP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 3.4.1 ARP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 3.4.2 ARP detailed concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 3.4.3 ARP and subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 3.4.4 Proxy-ARP or transparent subnetting . . . . . . . . . . . . . . . . . . . . . . . 123 3.5 Reverse Address Resolution Protocol (RARP) . . . . . . . . . . . . . . . . . . . . 124 3.5.1 RARP concept. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125 3.6 Bootstrap protocol (BOOTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125

iv

TCP/IP Tutorial and Technical Overview


3376TOC.fm

3.6.1 BOOTP forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 3.6.2 BOOTP considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 3.7 Dynamic Host Configuration Protocol (DHCP) . . . . . . . . . . . . . . . . . . . . 130 3.7.1 The DHCP message format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 3.7.2 DHCP message types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 3.7.3 Allocating a new network address. . . . . . . . . . . . . . . . . . . . . . . . . . 135 3.7.4 DHCP lease renewal process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 3.7.5 Reusing a previously allocated network address . . . . . . . . . . . . . . 138 3.7.6 Configuration parameters repository . . . . . . . . . . . . . . . . . . . . . . . . 139 3.7.7 DHCP considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 3.7.8 BOOTP and DHCP interoperability . . . . . . . . . . . . . . . . . . . . . . . . . 140 3.8 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 Chapter 4. Transport layer protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 4.1 Ports and sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 4.1.1 Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 4.1.2 Sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 4.2 User Datagram Protocol (UDP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 4.2.1 UDP datagram format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 4.2.2 UDP application programming interface . . . . . . . . . . . . . . . . . . . . . 148 4.3 Transmission Control Protocol (TCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 4.3.1 TCP concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 4.3.2 TCP application programming interface . . . . . . . . . . . . . . . . . . . . . 164 4.3.3 TCP congestion control algorithms . . . . . . . . . . . . . . . . . . . . . . . . . 165 4.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Chapter 5. Routing protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 5.1 Autonomous systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 5.2 Types of IP routing and IP routing algorithms . . . . . . . . . . . . . . . . . . . . . 176 5.2.1 Static routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 5.2.2 Distance vector routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 5.2.3 Link state routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 5.2.4 Path Vector routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.2.5 Hybrid routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 5.3 Routing Information Protocol (RIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 5.3.1 RIP packet types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 5.3.2 RIP packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 5.3.3 RIP modes of operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 5.3.4 Calculating distance vectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 5.3.5 Convergence and counting to infinity . . . . . . . . . . . . . . . . . . . . . . . 187 5.3.6 RIP limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 5.4 Routing Information Protocol Version 2 (RIP-2) . . . . . . . . . . . . . . . . . . . 191 5.4.1 RIP-2 packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192

Contents

v

3376TOC.fm


5.4.2 RIP-2 limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 5.5 RIPng for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194 5.5.1 Differences between RIPng and RIP-2 . . . . . . . . . . . . . . . . . . . . . . 195 5.5.2 RIPng packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195 5.6 Open Shortest Path First (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 5.6.1 OSPF terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 5.6.2 Neighbor communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 5.6.3 OSPF route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 5.6.4 OSPF stub areas. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 5.6.5 OSPF route summarization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 5.7 Enhanced Interior Gateway Routing Protocol (EIGRP). . . . . . . . . . . . . . 215 5.7.1 Features of EIGRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 5.7.2 EIGRP packet types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 5.8 Exterior Gateway Protocol (EGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 5.9 Border Gateway Protocol (BGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 5.9.1 BGP concepts and terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 5.9.2 IBGP and EBGP communication . . . . . . . . . . . . . . . . . . . . . . . . . . 221 5.9.3 Protocol description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 5.9.4 Path selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 5.9.5 BGP synchronization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229 5.9.6 BGP aggregation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231 5.9.7 BGP confederations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233 5.9.8 BGP route reflectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 5.10 Routing protocol selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237 5.11 Additional functions performed by the router. . . . . . . . . . . . . . . . . . . . . 238 5.12 Routing processes in UNIX-based systems . . . . . . . . . . . . . . . . . . . . . 239 5.13 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 Chapter 6. IP Multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 6.1 Multicast Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 6.1.1 Multicasting on a single physical network . . . . . . . . . . . . . . . . . . . . 242 6.1.2 Multicasting between network segments . . . . . . . . . . . . . . . . . . . . 244 6.2 Internet Group Management Protocol (IGMP) . . . . . . . . . . . . . . . . . . . . 245 6.2.1 IGMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246 6.2.2 IGMP operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 6.3 Multicast delivery tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 6.4 Multicast forwarding algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256 6.4.1 Reverse path forwarding algorithm . . . . . . . . . . . . . . . . . . . . . . . . . 256 6.4.2 Center-based tree algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 6.4.3 Multicast routing protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 6.5 Distance Vector Multicast Routing Protocol (DVMRP) . . . . . . . . . . . . . . 258 6.5.1 Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 6.5.2 Building and maintaining multicast delivery trees . . . . . . . . . . . . . . 260

vi



3376TOC.fm

6.5.3 DVMRP tunnels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 6.6 Multicast OSPF (MOSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 6.6.1 Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 6.6.2 MOSPF and multiple OSPF areas . . . . . . . . . . . . . . . . . . . . . . . . . 264 6.6.3 MOSPF and multiple autonomous systems . . . . . . . . . . . . . . . . . . 265 6.6.4 MOSPF interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 6.7 Protocol Independent Multicast (PIM) . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 6.7.1 PIM dense mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 6.7.2 PIM sparse mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267 6.8 Interconnecting multicast domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 6.8.1 Multicast Source Discovery Protocol (MSDP) . . . . . . . . . . . . . . . . . 270 6.8.2 Border Gateway Multicast Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 273 6.9 The multicast backbone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 6.9.1 MBONE routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 6.9.2 Multicast applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 6.10 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 Chapter 7. Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 7.1 Mobile IP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280 7.1.1 Mobile IP operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281 7.1.2 Mobility agent advertisement extensions . . . . . . . . . . . . . . . . . . . . 283 7.2 Mobile IP registration process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.1 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 7.2.2 Broadcast datagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 7.2.3 Move detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 7.2.4 Returning home. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 7.2.5 ARP considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 7.2.6 Mobile IP security considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 290 7.3 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 Chapter 8. Quality of service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 8.1 Why QoS? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 8.1.1 Integrated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 8.1.2 Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 8.1.3 Integrated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 8.1.4 Service classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 8.1.5 Controlled Load Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298 8.1.6 Guaranteed Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299 8.1.7 The Resource Reservation Protocol (RSVP) . . . . . . . . . . . . . . . . . 300 8.1.8 RSVP operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 8.1.9 RSVP reservation styles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306 8.1.10 RSVP message format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308 8.1.11 Integrated Services outlook. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312

Contents

vii

3376TOC.fm


8.1.12 Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 8.1.13 Differentiated Services architecture . . . . . . . . . . . . . . . . . . . . . . . 315 8.1.14 Organization of the DSCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317 8.1.15 Configuration and administration of DS with LDAP. . . . . . . . . . . . 326 8.2 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329 Chapter 9. IP version 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 9.1 IPv6 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 9.1.1 IP growth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 9.1.2 IPv6 Feature Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 9.2 The IPv6 header format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334 9.2.1 Extension headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 9.2.2 IPv6 addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 9.2.3 Traffic class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349 9.2.4 Flow labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 9.2.5 IPv6 security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 9.2.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Packet sizes354 9.3 Internet Control Message Protocol Version 6 (ICMPv6) . . . . . . . . . . . . . 357 9.3.1 Neighbor discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 9.3.2 Multicast Listener Discovery (MLD) . . . . . . . . . . . . . . . . . . . . . . . . 370 9.4 DNS in IPv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373 9.4.1 Format of IPv6 resource records. . . . . . . . . . . . . . . . . . . . . . . . . . . 373 9.5 DHCP in IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 9.5.1 DHCPv6 messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377 9.6 IPv6 mobility support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 9.7 IPv6 new opportunities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382 9.7.1 New infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382 9.7.2 New services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383 9.7.3 New R&D Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384 9.8 Internet transition - Migrating from IPv4 to IPv6 . . . . . . . . . . . . . . . . . . . 386 9.8.1 Dual IP stack implementation - the IPv6/IPv4 node . . . . . . . . . . . . 386 9.8.2 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388 9.8.3 Interoperability summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393 9.9 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394 Chapter 10. Wireless IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399 10.1 Wireless concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 10.1.1 Radio propogation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 10.1.2 The deciBel (dB) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 10.1.3 Path loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 10.1.4 Effective isotropic radiated power . . . . . . . . . . . . . . . . . . . . . . . . . 401 10.1.5 Fixed versus mobile wireless . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 10.1.6 Effects of multipath . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401

viii



3376TOC.fm

10.1.7 System operating margin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.1.8 Free space loss. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.1.9 DeciBel over isotropic (dBi) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.1.10 Fresnel zone clearance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403 10.1.11 Line of sight (LOS) and Non-line of sight (NLOS) service. . . . . . 403 10.1.12 Wireless Access Point. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 10.1.13 Wireless router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 10.1.14 Wireless Ethernet Bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 10.2 Why wireless? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 10.2.1 Deployment and cost effectiveness . . . . . . . . . . . . . . . . . . . . . . . 404 10.2.2 Reachability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 10.2.3 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 10.2.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 10.2.5 Connectivity and reliability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 10.3 WiFi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 10.4 WiMax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 10.5 Applications of wireless networking. . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 10.5.1 Last mile connectivity in broadband services . . . . . . . . . . . . . . . . 411 10.5.2 Hotspots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 10.5.3 Mesh networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 10.6 IEEE standards relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . 412 Part 2. TCP/IP application protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413 Chapter 11. Application structure and programming interfaces . . . . . . 415 11.1 Characteristics of applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 11.1.1 The client/server model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416 11.2 Application programming interfaces (APIs) . . . . . . . . . . . . . . . . . . . . . . 418 11.2.1 The socket API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418 11.2.2 Remote Procedure Call (RPC) . . . . . . . . . . . . . . . . . . . . . . . . . . . 423 11.2.3 The SNMP distributed programming interface (SNMP DPI) . . . . . 428 11.2.4 REXX sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 430 11.3 Relevant RFCs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431 Chapter 12. Directory and naming protocols . . . . . . . . . . . . . . . . . . . . . . 433 12.1 Domain Name Systems (DNS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434 12.1.1 The hierarchical namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 434 12.1.2 Fully Qualified Domain Names (FQDNs) . . . . . . . . . . . . . . . . . . . 436 12.1.3 Generic domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436 12.1.4 Country domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437 12.1.5 Mapping domain names to IP addresses . . . . . . . . . . . . . . . . . . . 437 12.1.6 Mapping IP addresses to domain names pointer queries . . . . . 438 12.1.7 The distributed name space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438 12.1.8 Domain name resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440

Contents

ix

3376TOC.fm


12.1.9 Domain Name System resource records . . . . . . . . . . . . . . . . . . . 444 12.1.10 Domain Name System messages . . . . . . . . . . . . . . . . . . . . . . . . 447 12.1.11 A simple scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 12.1.12 Extended scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455 12.1.13 Transport. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456 12.1.14 DNS applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 12.2 Dynamic Domain Name System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460 12.2.1 Dynamic Updates in the DDNS . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 12.2.2 Incremental Zone Transfers in DDNS . . . . . . . . . . . . . . . . . . . . . . 463 12.2.3 Prompt Notification of Zone Transfer . . . . . . . . . . . . . . . . . . . . . . 464 12.3 Network Information System (NIS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 12.4 Lightweight Directory Access Protocol (LDAP) . . . . . . . . . . . . . . . . . . . 465 12.4.1 LDAP - lightweight access to X.500 . . . . . . . . . . . . . . . . . . . . . . . 466 12.4.2 The LDAP directory server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 12.4.3 Overview of LDAP architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 12.4.4 LDAP models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470 12.4.5 LDAP security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 12.4.6 LDAP URLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481 12.4.7 LDAP and DCE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482 12.4.8 The directory-enabled networks initiative (DEN) . . . . . . . . . . . . . . 484 12.4.9 Web-Based Enterprise Management (WBEM) . . . . . . . . . . . . . . . 485 12.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 485 Chapter 13. Remote execution and distributed computing. . . . . . . . . . . 489 13.1 Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 13.1.1 TELNET operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490 13.1.2 Network Virtual Terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492 13.1.3 TELNET options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493 13.1.4 TELNET command structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 496 13.1.5 Option negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498 13.1.6 TELNET basic commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499 13.1.7 Terminal emulation (Telnet 3270) . . . . . . . . . . . . . . . . . . . . . . . . . 499 13.1.8 TN3270 enhancements (TN3270E) . . . . . . . . . . . . . . . . . . . . . . . 501 13.1.9 Device-type negotiation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501 13.1.10 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503 13.2 Remote Execution Command protocol (REXEC and RSH) . . . . . . . . . 503 13.2.1 Principle of operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503 13.3 Introduction to the Distributed Computing Environment (DCE) . . . . . . . 504 13.3.1 DCE directory service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 505 13.3.2 Authentication service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 510 13.3.3 DCE threads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514 13.3.4 Distributed time service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515 13.3.5 Courier and backup courier time server . . . . . . . . . . . . . . . . . . . . 516

x



3376TOC.fm

13.3.6 Global time server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516 13.3.7 Courier roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 516 13.4 Distributed file service (DFS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 517 13.4.1 File naming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518 13.4.2 DFS performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519 13.4.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520 13.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 520 Chapter 14. File related protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 521 14.1 File Transfer Protocol (FTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522 14.1.1 An overview of FTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522 14.1.2 FTP operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 524 14.1.3 The active data transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 14.1.4 The passive data transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528 14.1.5 Using proxy transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530 14.1.6 Reply codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531 14.1.7 Anonymous FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532 14.1.8 Using FTP with IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533 14.1.9 Securing FTP sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534 14.2 Trivial File Transfer Protocol (TFTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 537 14.2.1 TFTP usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 537 14.2.2 Protocol description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538 14.2.3 TFTP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538 14.2.4 Data modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539 14.2.5 TFTP multicast option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540 14.2.6 Security issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540 14.3 Secure Copy Protocol (SCP) and SSH FTP (SFTP) . . . . . . . . . . . . . . . 540 14.3.1 SCP syntax and usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541 14.3.2 SFTP syntax and usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542 14.3.3 SFTP interactive commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 14.4 Network File System (NFS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545 14.4.1 NFS Concept. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546 14.4.2 File integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 14.4.3 Lock manager protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550 14.4.4 NFS file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551 14.4.5 NFS Version 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 551 14.4.6 Cache File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552 14.4.7 WebNFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553 14.5 The Andrews File System (AFS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555 14.6 Common Internet File System (CIFS) . . . . . . . . . . . . . . . . . . . . . . . . . . 557 14.6.1 NetBIOS over TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 557 14.6.2 SMB/CIFS specifics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558 14.7 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 561

Contents

xi

3376TOC.fm


Chapter 15. Mail applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 563 15.1 Simple Mail Transfer Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 564 15.1.1 How SMTP works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 567 15.1.2 SMTP and the Domain Name System . . . . . . . . . . . . . . . . . . . . . 573 15.2 Sendmail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576 15.2.1 Sendmail as a mail transfer agent (MTA) . . . . . . . . . . . . . . . . . . . 576 15.2.2 How sendmail works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577 15.3 Multipurpose Internet Mail Extensions (MIME) . . . . . . . . . . . . . . . . . . . 579 15.3.1 How MIME works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 582 15.3.2 The Content-Transfer-Encoding field . . . . . . . . . . . . . . . . . . . . . . 591 15.3.3 Using non-ASCII characters in message headers . . . . . . . . . . . . 596 15.4 Post Office Protocol (POP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598 15.4.1 Connection states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598 15.4.2 POP3 commands and responses . . . . . . . . . . . . . . . . . . . . . . . . . 599 15.5 Internet Message Access Protocol (IMAP4) . . . . . . . . . . . . . . . . . . . . . 600 15.5.1 Fundamental IMAP4 electronic mail models . . . . . . . . . . . . . . . . . 600 15.5.2 IMAP4 states. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601 15.5.3 IMAP4 commands and response interaction . . . . . . . . . . . . . . . . 603 15.5.4 IMAP4 messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607 15.6 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 608 Chapter 16. The Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 611 16.1 Web browsers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613 16.2 Web servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614 16.3 Hypertext transfer protocol (HTTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 16.3.1 Overview of HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 16.3.2 HTTP operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616 16.4 Content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 16.4.1 Static content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 626 16.4.2 Client-side dynamic content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627 16.4.3 Server-side dynamic content. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627 16.4.4 Developing content with IBM Web Application Servers . . . . . . . . 632 16.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 Chapter 17. Network management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 633 17.1 The Simple Network Management Protocol (SNMP) . . . . . . . . . . . . . . 634 17.1.1 The Management Information Base (MIB) . . . . . . . . . . . . . . . . . . 635 17.1.2 The SNMP agent. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 640 17.1.3 The SNMP manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 641 17.1.4 The SNMP sub-agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642 17.1.5 The SNMP model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 642 17.1.6 SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 648 17.1.7 SNMP versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649

xii



3376TOC.fm

17.2 The NETSTAT utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658 17.2.1 Common NETSTAT options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658 17.2.2 Sample NETSTAT report output . . . . . . . . . . . . . . . . . . . . . . . . . . 658 17.3 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 661 Chapter 18. Wireless Application Protocol . . . . . . . . . . . . . . . . . . . . . . . . 665 18.1 The WAP environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 667 18.2 Key elements of the WAP specifications. . . . . . . . . . . . . . . . . . . . . . . . 667 18.3 Wap architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668 18.4 Client Identifiers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673 18.5 Multimedia Messaging System (MMS) . . . . . . . . . . . . . . . . . . . . . . . . . 673 18.6 WAP Push Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673 18.6.1 Push Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 674 18.6.2 Push proxy gateway (PPG) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 676 18.6.3 Push access control protocol (PAP) . . . . . . . . . . . . . . . . . . . . . . . 677 18.6.4 Service indication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678 18.6.5 Push over-the-air protocol (OTA) . . . . . . . . . . . . . . . . . . . . . . . . . 678 18.6.6 Client-side infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678 18.6.7 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679 18.7 The Wireless Application Environment (WAE2) . . . . . . . . . . . . . . . . . . 680 18.8 User Agent Profile (UAProf) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681 18.9 Wireless Protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682 18.9.1 Wireless Datagram Protocol (WDP) . . . . . . . . . . . . . . . . . . . . . . . 682 18.9.2 Wireless Profiled Transmission Control Protocol (WP-TCP) . . . . 684 18.9.3 Wireless Control Message Protocol (WCMP) . . . . . . . . . . . . . . . . 688 18.9.4 Wireless Transaction Protocol (WTP) . . . . . . . . . . . . . . . . . . . . . . 689 18.9.5 Wireless Session Protocol (WSP) . . . . . . . . . . . . . . . . . . . . . . . . . 692 18.9.6 Wireless profiled HTTP (W-HTTP) . . . . . . . . . . . . . . . . . . . . . . . . 706 18.10 Wireless Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 707 18.10.1 Wireless Transport Layer Security (WTLS). . . . . . . . . . . . . . . . . 707 18.10.2 Wireless Identity Module (WIM) . . . . . . . . . . . . . . . . . . . . . . . . . 712 18.11 Wireless Telephony Application (WTA) . . . . . . . . . . . . . . . . . . . . . . . . 713 18.12 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713 18.13 Specifications relevant to this chapter. . . . . . . . . . . . . . . . . . . . . . . . . 714 Chapter 19. Presence over IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717 19.1 Overview of the presence service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 720 19.2 Presence Information Data Format (PIDF) . . . . . . . . . . . . . . . . . . . . . . 724 19.3 Presence Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 726 19.3.1 Binding to TCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 728 19.3.2 Address Resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729 19.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729 Part 3. Advanced concepts and new technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 731

Contents

xiii

3376TOC.fm


Chapter 20. Voice over internet protocol. . . . . . . . . . . . . . . . . . . . . . . . . . 733 20.1 Voice Over IP (VoIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734 20.1.1 Benefits and Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 734 20.1.2 VoIP Functional Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . 735 20.2 Session Initiation Protocol (SIP) technologies. . . . . . . . . . . . . . . . . . . . 740 20.2.1 SIP request and response. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 742 20.2.2 Sample SIP Message Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 743 20.2.3 SIP Protocol Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 744 20.3 Media Gateway Control Protocol (MGCP) . . . . . . . . . . . . . . . . . . . . . . 745 20.3.1 MGCP Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 746 20.3.2 MGCP Primitives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 747 20.4 Media Gateway Controller (MEGACO) . . . . . . . . . . . . . . . . . . . . . . . . . 747 20.4.1 MEGACO Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748 20.5 ITU-T recommendation H.323 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748 20.5.1 H.323 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 749 20.5.2 H.323 protocol stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 750 20.6 Summary of VoIP Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 752 20.7 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 753 Chapter 21. Internet protocol television . . . . . . . . . . . . . . . . . . . . . . . . . . 755 21.1 IPTV Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 756 21.1.1 IPTV requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757 21.1.2 Business Benefits and Applications . . . . . . . . . . . . . . . . . . . . . . . 759 21.2 Functional Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 759 21.2.1 Content acquizition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 760 21.2.2 CODED (encode and decode) . . . . . . . . . . . . . . . . . . . . . . . . . . . 760 21.2.3 Display devices and control gateway . . . . . . . . . . . . . . . . . . . . . . 761 21.2.4 IP (TV) Transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 761 21.3 IPTV Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 762 21.3.1 Summary of Protocol Standards . . . . . . . . . . . . . . . . . . . . . . . . . . 762 21.3.2 Stream Control Transmission Protocol . . . . . . . . . . . . . . . . . . . . . 763 21.3.3 Session Description Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 764 21.3.4 RTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 766 21.3.5 The Real-Time Control Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . 772 21.3.6 Motion Picture Expert Group (MPEG) standards . . . . . . . . . . . . . 777 21.3.7 H.261. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 779 21.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 780 Chapter 22. TCP/IP security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 781 22.1 Security exposures and solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 782 22.1.1 Common attacks against security . . . . . . . . . . . . . . . . . . . . . . . . . 782 22.1.2 Solutions to network security problems. . . . . . . . . . . . . . . . . . . . . 782 22.1.3 Implementations of security solutions . . . . . . . . . . . . . . . . . . . . . . 784

xiv



3376TOC.fm

22.1.4 Network security policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 786 22.2 A short introduction to cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . 787 22.2.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 787 22.2.2 Symmetric or secret-key algorithms . . . . . . . . . . . . . . . . . . . . . . . 790 22.2.3 Asymmetric or public-key algorithms . . . . . . . . . . . . . . . . . . . . . . 791 22.2.4 Hash functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 796 22.2.5 Digital certificates and certification authorities . . . . . . . . . . . . . . . 802 22.2.6 Random-number generators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 803 22.2.7 Export/import restrictions on cryptography . . . . . . . . . . . . . . . . . . 804 22.3 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805 22.3.1 Firewall concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805 22.3.2 Components of a firewall system . . . . . . . . . . . . . . . . . . . . . . . . . 807 22.3.3 Packet-filtering router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 807 22.3.4 Application level gateway (proxy) . . . . . . . . . . . . . . . . . . . . . . . . . 809 22.3.5 Circuit level gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 814 22.3.6 Types of firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 816 22.4 The IP security architecture (IPsec) . . . . . . . . . . . . . . . . . . . . . . . . . . . 820 22.4.1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 821 22.4.2 Authentication Header (AH) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 824 22.4.3 Encapsulating Security Payload (ESP) . . . . . . . . . . . . . . . . . . . . . 829 22.4.4 Combining IPsec protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 835 22.4.5 The Internet Key Exchange protocol (IKE) . . . . . . . . . . . . . . . . . . 841 22.5 SOCKS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 858 22.5.1 SOCKS Version 5 (SOCKSv5) . . . . . . . . . . . . . . . . . . . . . . . . . . . 860 22.6 Secure Shell (l) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 22.6.1 SSH overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 22.7 Secure Sockets Layer (SSL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 866 22.7.1 SSL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 866 22.7.2 SSL protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 868 22.8 Transport Layer Security (TLS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 873 22.9 Secure Multipurpose Internet Mail Extension (S-MIME) . . . . . . . . . . . . 873 22.10 Virtual private networks (VPN) overview . . . . . . . . . . . . . . . . . . . . . . . 873 22.10.1 VPN Introduction and benefits . . . . . . . . . . . . . . . . . . . . . . . . . . 874 22.11 Kerberos authentication and authorization system . . . . . . . . . . . . . . . 875 22.11.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 876 22.11.2 Naming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 876 22.11.3 Kerberos authentication process. . . . . . . . . . . . . . . . . . . . . . . . . 877 22.11.4 Kerberos database management . . . . . . . . . . . . . . . . . . . . . . . . 881 22.11.5 Kerberos Authorization Model . . . . . . . . . . . . . . . . . . . . . . . . . . . 882 22.11.6 Kerberos Version 5 enhancements. . . . . . . . . . . . . . . . . . . . . . . 882 22.12 Remote access authentication protocols. . . . . . . . . . . . . . . . . . . . . . . 883 22.13 Extensible Authentication Protocol (EAP) . . . . . . . . . . . . . . . . . . . . . . 885 22.14 Layer 2 Tunneling Protocol (L2TP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 886

Contents

xv

3376TOC.fm


22.14.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 886 22.14.2 Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 887 22.14.3 L2TP security issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 890 22.15 Secure electronic transactions (SET) . . . . . . . . . . . . . . . . . . . . . . . . . 890 22.15.1 SET roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 891 22.15.2 SET transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 891 22.15.3 The SET certificate scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 894 22.16 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 895 Chapter 23. Port based network access control . . . . . . . . . . . . . . . . . . . 899 23.1 Port based network access control (NAC) overview . . . . . . . . . . . . . . . 900 23.2 Port based NAC component overview . . . . . . . . . . . . . . . . . . . . . . . . . 901 23.3 Port based network access control operation . . . . . . . . . . . . . . . . . . . . 901 23.3.1 Port based network access control functional considerations. . . . 915 23.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 917 Chapter 24. Availability, scalability and load balancing . . . . . . . . . . . . . 919 24.1 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921 24.2 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921 24.3 Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 922 24.4 Clustering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 922 24.5 Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 924 24.6 Virtual Router Redundancy Protocol (VRRP) . . . . . . . . . . . . . . . . . . . . 926 24.6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 926 24.6.2 VRRP Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 928 24.6.3 VRRP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 928 24.6.4 Sample configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 930 24.6.5 VRRP packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 931 24.7 Round-robin DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 933 24.8 Alternative solutions to load balancing . . . . . . . . . . . . . . . . . . . . . . . . . 934 24.8.1 Network address translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 934 24.8.2 Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 936 24.9 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 936 Appendix A. Multiprotocol label switching . . . . . . . . . . . . . . . . . . . . . . . . 937 24.1 MPLS - an introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 938 24.1.1 Conventional Routing vs. MPLS Forwarding Mode . . . . . . . . . . . 938 24.1.2 Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 939 24.1.3 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 941 24.2 MPLS Network Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 944 24.2.1 Label swapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 944 24.2.2 Label switched path (LSP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 946 24.2.3 Label stack and label hierarchies . . . . . . . . . . . . . . . . . . . . . . . . . 946 24.2.4 MPLS stacks in a BGP environment . . . . . . . . . . . . . . . . . . . . . . . 948

xvi



3376TOC.fm

24.2.5 Label distribution protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 950 24.2.6 Stream merge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 951 24.3 Emulating Ethernet over MPLS Networks . . . . . . . . . . . . . . . . . . . . . . . 951 24.4 Generalized Multiprotocol Label Switching GMPLS . . . . . . . . . . . . . . . 953 24.4.1 Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 953 24.4.2 MPLS and GMPLS Comparision in OTN Environment . . . . . . . . . 954 24.4.3 How does GMPLS work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 955 24.4.4 Link Management Protocol (LMP). . . . . . . . . . . . . . . . . . . . . . . . . 956 24.4.5 Signaling for route selction and path setup . . . . . . . . . . . . . . . . . . 959 24.4.6 GMPLS Considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 960 24.4.7 GMPLS Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 962 24.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 964 Appendix B. Additional material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 967 Locating the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 967 Using the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 967 System requirements for downloading the Web material . . . . . . . . . . . . . 968 How to use the Web material . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 968 Abbreviations and acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 969 Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 971 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973 How to get IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 975

Contents

xvii

3376TOC.fm


xviii



3376spec.fm

NoticesThis information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-IBM product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not give you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A. The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-IBM Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Information concerning non-IBM products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-IBM products. Questions on the capabilities of non-IBM products should be addressed to the suppliers of those products. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. COPYRIGHT LICENSE: This information contains sample application programs in source language, which illustrate programming techniques on various operating platforms. You may copy, modify, and distribute these sample programs in any form without payment to IBM, for the purposes of developing, using, marketing or distributing application programs conforming to the application programming interface for the operating platform for which the sample programs are written. These examples have not been thoroughly tested under all conditions. IBM, therefore, cannot guarantee or imply reliability, serviceability, or function of these programs.


xix

3376spec.fm


TrademarksThe following terms are trademarks of the International Business Machines Corporation in the United States, other countries, or both: Eserver Eserver Redbooks (logo) ^ z/OS AFS AIX AS/400 DFS DPI HiperSockets IBM IMS IPDS Lotus Notes Lotus MVS Notes OS/2 OS/390 Redbooks RDN Summit WebSphere 1350

The following terms are trademarks of other companies: CacheFS, Enterprise JavaBeans, EJB, IPX, Java, Java Naming and Directory Interface, JavaBeans, JavaScript, JavaSoft, JSP, JVM, J2EE, ONC, Solaris, Sun, Sun Microsystems, WebNFS, and all Java-based trademarks are trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Microsoft, MSN, Windows NT, Windows, and the Windows logo are trademarks of Microsoft Corporation in the United States, other countries, or both. Intel, Intel logo, Intel Inside logo, and Intel Centrino logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States, other countries, or both. UNIX is a registered trademark of The Open Group in the United States and other countries. Linux is a trademark of Linus Torvalds in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others.

xx



3376pref.fm

PrefaceThe TCP/IP protocol suite has become a staple of today's international society and global economy. Continually evolving standards provide a wide and flexible foundation on which an entire infrastructure of applications are built. Through these we can seek entertainment, conduct business, make financial transactions, deliver services, and much, much more. However, because TCP/IP continues to develop and grow in order to meet the changing needs of our communities, it may sometimes be hard to keep track of new functionality or identify new possibilities. For this reason, the TCP/IP Tutorial and Technical Overview provides not only an introduction to the TCP/IP protocol suite, but also serves as a reference for advanced users seeking to keep their TCP/IP skills aligned with current standards. It is our hope that both the novice and the expert will find useful information in this publication. In Part I, you will find an introduction to the core concepts and history upon which TCP/IP is founded. Included is an introduction to the history of TCP/IP and an overview of its current architecture. Also discussed are detailed discussions on the protocols which comprise the suite, and how those protocols are most commonly implemented. Part II expands upon the information provided in Part I, providing general application concepts (such as file sharing) and specific application protocols within those concepts (such as the File Transfer Protocol, or FTP). Additionally, Part II discusses applications which may not be included in the standard TCP/IP suite but, because of their wide use throughout the Internet community, are considered de facto standards. Finally, Part III addresses new concepts and advanced implementations within the TCP/IP architecture. Of particular note, Part III examines the convergence of many formerly disparate networks and services using IP technology. Conjointly, this section reviews potential dangers of this IP convergence, and approaches the ever-growing standards used to secure and control access to networks and networked resources. We have purposely kept this book platform independent. However, we recognize that you may have a need to learn more about TCP/IP on various platforms, so the following websites may assist you in further researching this topic: TCP/IP andSystem z: http://www-03.ibm.com/servers/eserver/zseries/zos/bkserv/


xxi

3376pref.fm TCP/IP and System p:


http://www-03.ibm.com/systems/p/library/index.html TCP/IP and System i: http://www-03.ibm.com/servers/eserver/iseries/tcpip/index.html TCP/IP and System x: http://www-03.ibm.com/servers/eserver/support/xseries/allproducts/in stalling.html

The team that wrote this redbookThis redbook was produced by a team of specialists from around the world working at the International Technical Support Organization, Poughkeepsie Center.

Lydia Parziale is a Project Leader for the ITSO team in Poughkeepsie, New York with domestic and international experience in technology management including software development, project leadership and strategic planning. Her areas of expertise include e-business development and database management technologies. Lydia is a Certified IT Specialist with an MBA in Technology Management and has been employed by IBM for 23 years in various technology areas. David T. Britt is a software engineer for IBM in Research Triangle Park, NC, working specifically with the z/OS Communications Server product. He is a subject matter expert in the simple networking management protocol (SNMP) and file transfer protocol (FTP), and has written educational material for both in the form of IBM Technotes, Techdocs, and Webcasts. He holds a degree in Mathematical Sciences from the University of North Carolina in Chapel Hill, and is currently pursuing a Master of Science in Information Technology and Management from the University of North Carolina in Greensboro.

xxii



3376pref.fm

Chuck Davis is a Security Architect in the United States of America He has 12 years of experience in IT security field. He has worked at IBM for 9 years. His areas of expertise include IT security and privacy. He has written extensively on UNIX/Linux and Internet security.

Jason Forrester is an IT Architect for IBM Global Technology Services in Boulder, CO. He has over 12 years of experience with network communications. Specializing in IT strategy and architecture, Jason has designed large-scale enterprise infrastructures. He holds a CCIE certification and his work has lead to multiple patents on advanced networking concepts.

Dr. Wei Liu received his PhD from Georgia Institute of Technology. He has taught TCP/IP networks in the University of Maryland (UMBC campus) and he has participated in ICCCN conference organization committees. Dr. Liu has given lectures at Sun Yat-Sen University and Shantou University in NGN (Next Generation Networks). With over 30 technical publications (in packet networks, telecommunications and standards), he has received several awards from ATIS committees. Dr. Wei Liu has over 10 years of telecom industry experience, having participated in various network transformation projects as well as service integration programs. Currently he is investigating new infrastructure opportunities (virtualization, network, services, security and metadata models) that can lead to future offering and new capabilities.

Preface

xxiii

3376pref.fm


Carolyn Matthews is an IT Architect for IBM Global Technology Services in South Africa. She is an infrastructure architect for one of South Africas largest accounts. She also acts as a consultant, using various IBM techniques. Carolyn holds an Honours degree in Information Systems and is currently pursuing her Masters degree in Information Systems. Her areas of expertise include TCP/IP networks, IT architecture and new technologies. Nicolas Rosselot is a developer from Santiago, Chile. He has most recently been teaching an "Advanced TCP/IP Networking" class at Andres Bello University.

Thanks to the following people for their contributions to this project and laying the foundation for this book by writing the earlier version: Adolfo Rodriguez, John Gatrell, John Karas, Roland Peschke, Srinath Karanam, and Martn F. Maldonado, International Technical Support Organization, Poughkeepsie Center

Become a published authorJoin us for a two- to six-week residency program! Help write an IBM Redbook dealing with specific products or solutions, while getting hands-on experience with leading-edge technologies. You'll have the opportunity to team with IBM technical professionals, Business Partners, and Clients. Your efforts will help increase product acceptance and customer satisfaction. As a bonus, you'll develop a network of contacts in IBM development labs, and increase your productivity and marketability. Find out more about the residency program, browse the residency index, and apply online at: ibm.com/redbooks/residencies.html

xxiv



3376pref.fm

Comments welcomeYour comments are important to us! We want our Redbooks to be as helpful as possible. Send us your comments about this or other Redbooks in one of the following ways: Use the online Contact us review redbook form found at: ibm.com/redbooks Send your comments in an email to: [email protected] Mail your comments to: IBM Corporation, International Technical Support Organization Dept. HYTD Mail Station P099 2455 South Road Poughkeepsie, NY 12601-5400

Preface

xxv

3376pref.fm


xxvi



3376p01.fm

Part 1

Part

1

Core TCP/IP protocolsThe Transmission Control Protocol/Internet Protocol (TCP/IP) suite has become the industry-standard method of interconnecting hosts, networks, and the Internet. As such, it is seen as the engine behind the Internet and networks worldwide. While TCP/IP supports a host of applications, both standard and non-standard, these applications could not exist without the foundation of a set of core protocols. Additionally, in order to understand the capability of TCP/IP applications, an understanding of these core protocols must be realized. With this in mind, Part I begins with providing a background of TCP/IP, the current architecture, standards, and most recent trends. Next, the section explores the two aspects vital to the IP stack itself. This portion begins with a discussion of the network interfaces most commonly used to allow the protocol suite to interface with the physical network media. This is followed by the


1

3376p01.fm


protocols which must be implemented in any stack, including protocols belonging to the IP and transport layers. Finally, other standard protocols exist which may not necessarily be required in every implementation of the TCP/IP protocol suite. However, there are those that may be very useful given certain operational needs of the implementation. Such protocols include IP version 6, quality of service protocols, and wireless IP.

2



3376chCoreArchHistStandTrends.fm

1

Chapter 1.

Architecture, history, standards, and trendsToday, the Internet and World Wide Web (WWW) are familiar terms to millions of people all over the world. Many people depend on applications enabled by the Internet, such as electronic mail and Web access. In addition, the increase in popularity of business applications places additional emphasis on the Internet. The Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite is the engine for the Internet and networks worldwide. Its simplicity and power has lead to its becoming the single network protocol of choice in the world today. In this chapter, we give an overview of the TCP/IP protocol suite. We discuss how the Internet was formed, how it developed and how it is likely to develop in the future.


3



1.1 TCP/IP architectural modelThe TCP/IP protocol suite is so named for two of its most important protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP). A less used name for it is the Internet Protocol Suite, which is the phrase used in official Internet standards documents. We use the more common, shorter term, TCP/IP, to refer to the entire protocol suite in this book.

1.1.1 InternetworkingThe main design goal of TCP/IP was to build an interconnection of networks, referred to as an Internetwork, or Internet, that provided universal communication services over heterogeneous physical networks. The clear benefit of such an internetwork is the enabling of communication between hosts on different networks, perhaps separated by a large geographical area. The words internetwork and internet are simply a contraction of the phrase interconnected network. However, when written with a capital "I", the Internet refers to the worldwide set of interconnected networks. Hence, the Internet is an internet, but the reverse does not apply. The Internet is sometimes called the connected Internet. The Internet consists of the following groups of networks: Backbones: Large networks that exist primarily to interconnect other networks. Also known as network acces points (NAPs) or Internet Exchange Points (IXPs). Currently the backbones are comprised of commercial entities. Regional networks connecting, for example, universities and colleges. Commercial networks providing access to the backbones to subscribers, and networks owned by commercial organizations for internal use that also have connections to the Internet. Local networks, such as campus-wide university networks. In most cases, networks are limited in size by the number of users that can belong to the network, by the maximum geographical distance that the network can span, or by the applicability of the network to certain environments. For example, an Ethernet network is inherently limited in terms of geographical size. Hence, the ability to interconnect a large number of networks in some hierarchical and organized fashion enables the communication of any two hosts belonging to this internetwork. Figure 1-1 on page 5 shows two examples of internets. Each is comprised of two or more physical networks.

4




Router Network 1 R Network 2

O ne Virtual Network

Two networks interconnected by a router

equals

Internet A

Router Network 1 R Network 2

Router R Network 3

M ultiple networks interconnected by routers (also seen as 1 virtual network, an Internet)

Figure 1-1 Internet examples - Two interconnected sets of networks, each seen as one logical network.

Another important aspect of TCP/IP internetworking is the creation of a standardized abstraction of the communication mechanisms provided by each type of network. Each physical network has its own technology-dependent communication interface, in the form of a programming interface that provides basic communication functions (primitives). TCP/IP provides communication services that run between the programming interface of a physical network and user applications. It enables a common interface for these applications, independent of the underlying physical network. The architecture of the physical network is therefore hidden from the user and from the developer of the application. The application need only code to the standardized communication abstraction to be able to function under any type of physical network and operating platform. As is evident in Figure 1, to be able to interconnect two networks, we need a computer that is attached to both networks and can forward data packets from one network to the other; such a machine is called a router. The term IP router is also used because the routing function is part of the Internet Protocol portion of the TCP/IP protocol suite (see 1.1.2, The TCP/IP protocol layers on page 6). To be able to identify a host within the internetwork, each host is assigned an address, called the IP address. When a host has multiple network adapters

Chapter 1. Architecture, history, standards, and trends

5



(interfaces), such as with a router, each interface has a unique IP address. The IP address consists of two parts: IP address = The network number part of the IP address identifies the network within the internet and is assigned by a central authority and is unique throughout the internet. The authority for assigning the host number part of the IP address resides with the organization that controls the network identified by the network number. The addressing scheme is described in detail in Figure 3-15 on page 97

1.1.2 The TCP/IP protocol layersLike most networking software, TCP/IP is modeled in layers. This layered representation leads to the term protocol stack, which refers to the stack of layers in the protocol suite. It can be used for positioning (but not for functionally comparing) the TCP/IP protocol suite against others, such as Systems Network Architecture (SNA) and the Open System Interconnection (OSI) model. Functional comparisons cannot easily be extracted from this, as there are basic differences in the layered models used by the different protocol suites. By dividing the communication software into layers, the protocol stack allows for division of labor, ease of implementation and code testing, and the ability to develop alternative layer implementations. Layers communicate with those above and below via concise interfaces. In this regard, a layer provides a service for the layer directly above it and makes use of services provided by the layer directly below it. For example, the IP layer provides the ability to transfer data from one host to another without any guarantee to reliable delivery or duplicate

6




suppression. Transport protocols such as TCP make use of this service to provide applications with reliable, in-order, data stream delivery. Figure 1-2 shows how the TCP/IP protocols are modeled in four layers.

Applications Transport

....... ....... ....... .......IP

ApplicationsTCP/UDP ICMP ARP/RARP

Internetwork

Network Interface and Hardware

Network Interface and Hardware

Figure 1-2 The TCP/IP protocol stack - Each layer represents a package of functions.

These layers include: Application Layer The application layer is provided by the program that uses TCP/IP for communication. An application is a user process cooperating with another process usually on a different host (there is also a benefit to application communication within a single host). Examples of applications include Telnet and the File Transfer Protocol (FTP). The interface between the application and transport layers is defined by port numbers and sockets, which is described in more detail in Ports and sockets on page 144 The transport layer provides the end-to-end data transfer by delivering data from an application to its remote peer. Multiple applications can be supported simultaneously. The most-used transport layer protocol is the Transmission Control Protocol (TCP), which provides connection-oriented reliable data delivery, duplicate data suppression, congestion control, and flow control. It is discussed in more detail in Transmission Control Protocol (TCP) on page 149 Another transport layer protocol is the User Datagram Protocol (see, User Datagram Protocol (UDP) on

Transport Layer

Chapter 1. Architecture, history, standards, and trends

7



page 146. It provides connectionless, unreliable, best-effort service. As a result, applications using UDP as the transport protocol have to provide their own end-to-end integrity, flow control, and congestion control, if it is so desired. Usually, UDP is used by applications that need a fast transport mechanism and can tolerate the loss of some data Internetwork layer The internetwork layer, also called the internet layer or the network layer, provides the "virtual network" image of an internet (this layer shields the higher levels from the physical network architecture below it). Internet Protocol (IP) is the most important protocol in this layer. It is a connectionless protocol that doesn't assume reliability from lower layers. IP does not provide reliability, flow control, or error recovery. These functions must be provided at a higher level. IP provides a routing function that attempts to deliver transmitted messages to their destination. IP is discussed in detail in Chapter 3, Internetworking protocols on page 65. A message unit in an IP network is called an IP datagram. This is the basic unit of information transmitted across TCP/IP networks. Other internetwork layer protocols are IP, ICMP, IGMP, ARP and RARP. Network interface layerThe network interface layer, also called the link layer or the data-link layer, is the interface to the actual network hardware. This interface may or may not provide reliable delivery, and may be packet or stream oriented. In fact, TCP/IP does not specify any protocol here, but can use almost any network interface available, which illustrates the flexibility of the IP layer. Examples are IEEE 802.2, X.25 (which is reliable in itself), ATM, FDDI, and even SNA. Some physical networks and interfaces are discussed inChapter 2, Network interfaces on page 29. TCP/IP specifications do not describe or standardize any network layer protocols per se; they only standardize ways of accessing those protocols from the internetwork layer.

8




A more detailed layering model is included in Figure 1-3.

Applications

SMTP, Telnet, FTP, Gopher...

Transport

TCP

UDP ICMP

Internetwork Network Interface and Hardware

IP

ARP RARP

Ethernet, Token-Ring, FDDI, X.25, Wireless, Async, ATM, SNA...

Figure 1-3 Detailed architectural model.

1.1.3 TCP/IP applicationsThe highest-level protocols within the TCP/IP protocol stack are application protocols. They communicate with applications on other

Network Programming

Documents

tcpip standards

internet protocol ip

tcpip applications

classical ip

ip routing75

ip addressing66

ip subnets

tcpip protocol layers