8/22/2019 TCP/IP Chap 01
1/55
Guide To TCP/IP, Second Edition 1
Guide To TCP/IP, Second Edition
Chapter 1
Introducing TCP/IP
8/22/2019 TCP/IP Chap 01
2/55
Guide To TCP/IP, Second Edition 2
Objectives
Understand TCP/IPs origins and history
Explain the process by which TCP/IP standards and otherdocuments, called Requests for Comments (RFCs), are
created, debated, and formalized (where appropriate) Understand the Open Systems Interconnection network
reference model, often used to characterize networkprotocols and services, and how it relates to TCP/IPs owninternal networking model
8/22/2019 TCP/IP Chap 01
3/55
Guide To TCP/IP, Second Edition 3
Objectives (cont.)
Define the terms involved and explain how TCP/IP
protocols, sockets, and ports are identified
Understand data encapsulation and how it relates to the
four layers of the TCP/IP protocol stack
Understand and apply the basic practices and principles
that underlie network protocol analysis
8/22/2019 TCP/IP Chap 01
4/55
Guide To TCP/IP, Second Edition 4
What is TCP/IP?
Large collection of networking protocols
and services
Two key protocols
Transmission Control Protocol (TCP)
Reliable delivery for messages
Internet Protocol (IP) Manages the routing of network transmissions
8/22/2019 TCP/IP Chap 01
5/55
Guide To TCP/IP, Second Edition 5
Origins and History
1969, Department of Defense (DoD) andAdvanced Research Projects Agency (ARPA)funded research for packet-switched networking
The sender and receiver are identified by uniquenetwork addresses
Do not require all packets to follow the same path
in transit The network built as a result of this project is
known as the ARPANET
8/22/2019 TCP/IP Chap 01
6/55
Guide To TCP/IP, Second Edition 6
TCP/IPs Design Goals
Withstand a potential nuclear strike
Need for packet switching
Permit different kinds of computer systems
to easily communicate
Need to interconnect systems across long
distances
8/22/2019 TCP/IP Chap 01
7/55
Guide To TCP/IP, Second Edition 7
A TCP/IP Chronology
1978: Internet Protocol version 4 (IPv4) came intoexistence
1983: Defense Communications Agency tookover operation of the ARPANET
1986: National Science Foundation (NSF)launches a long-haul, high-speed network, known
as NSFNET 1987: Number of hosts on the Internet breaks
10,000
8/22/2019 TCP/IP Chap 01
8/55
Guide To TCP/IP, Second Edition 8
A TCP/IP Chronology (cont.)
1989:
Number of hosts on the Internet breaks 100,000
NSFNET backbone upgraded to 1.544 megabits persecond (Mbps)
1990:
McGill University releases the Archie protocol andservice
Work begins on the Hypertext Transfer ProtocolWorldwide Web is born at Centre European Researche
Nucleaire (CERN)
8/22/2019 TCP/IP Chap 01
9/55
Guide To TCP/IP, Second Edition 9
A TCP/IP Chronology (cont.)
1991:
Commercial Internet Exchange (CIX) is formed
Wide Area Information Service (WAIS) protocol andservice allowing Internet searches of multimegabyte
databases
Gopher allows searching of text-based archives
1992: Internet Society (ISOC) is chartered
Number of hosts on the Internet breaks one million
8/22/2019 TCP/IP Chap 01
10/55
Guide To TCP/IP, Second Edition 10
A TCP/IP Chronology (cont.)
1992:
NSFNET backbone upgraded to 44.736 Mbps
CERN releases HTTP and Web server technology tothe public
1993:
Internet Network Information Center (InterNIC) is
chartered Mosaic, the first high-powered graphical browser
The U.S.White House goes online at whitehouse.gov
8/22/2019 TCP/IP Chap 01
11/55
Guide To TCP/IP, Second Edition 11
A TCP/IP Chronology (cont.)
1994:
U.S. Senate and House of Representatives establishinformation servers on the Internet
Online junk mail and shopping malls begin toproliferate
1995:
Netscape launches Netscape Navigator
Number of hosts on the Internet breaks five million
1996: Microsoft launches Internet Explorer Webbrowser
8/22/2019 TCP/IP Chap 01
12/55
Guide To TCP/IP, Second Edition 12
A TCP/IP Chronology (cont.)
1997: Number of registered domain names reaches
31 million
2000: Love Letter worm infects over one millionpersonal computers
2001:
Number of hosts on the Internet breaks 150 million
Sircam virus and Code Red worm infect thousands of
Web servers and e-mail accounts
8/22/2019 TCP/IP Chap 01
13/55
Guide To TCP/IP, Second Edition 13
A TCP/IP Chronology (cont.)
2002:
Number of hosts on the Internet breaks 204
millionThe Internet2 backbone utilizes native IP
version 6
2003: Public Interest Registry (PIR)assumes responsibility as .org registry
operator
8/22/2019 TCP/IP Chap 01
14/55
Guide To TCP/IP, Second Edition 14
Who Owns TCP/IP?
TCP/IP falls squarely into the public
domain
Funded with public monies since its
inception
Both everybody and nobody own TCP/IP
8/22/2019 TCP/IP Chap 01
15/55
Guide To TCP/IP, Second Edition 15
Meet the Standards Groups that Manage
TCP/IP Internet Society (ISOC)
Internet Architecture Board (IAB)
Internet Engineering Task Force (IETF)
Internet Research Task Force (IRTF)
Internet Societal Discussion Forum (ISDF) Internet Corporation for Assigned Names
and Numbers (ICANN)
8/22/2019 TCP/IP Chap 01
16/55
Guide To TCP/IP, Second Edition 16
TCP/IP Standards and RFCs
Request For Comments (RFC)
www.faqs.org/rfcs
RFC 2026 describes how a RFC is created RFC status designations
Proposed Standard, Draft Standard, Internet
Standard, Retired Standard, and HistoricStandard
Best Current Practice (BCP)
8/22/2019 TCP/IP Chap 01
17/55
Guide To TCP/IP, Second Edition 17
OSI Reference Model Overview
Network reference model
Formally (ISO/OSI )
Designed to replace TCP/IP
OSI model is the standard way to explain
how networks operate
TCP/IP remains the open standard protocol
suite of choice
8/22/2019 TCP/IP Chap 01
18/55
Guide To TCP/IP, Second Edition 18
OSI Network Reference Model
Models break networking into layers
The OSI network reference model
How protocol layers behave Physical Layer Data Link Layer
Network Layer
Transport Layer Session Layer
Presentation Layer
Application Layer
8/22/2019 TCP/IP Chap 01
19/55
Guide To TCP/IP, Second Edition 19
OSI Network Reference Model (cont.)
The reference model described in ISO
Standard 7498 breaks network
communication into seven layers
8/22/2019 TCP/IP Chap 01
20/55
Guide To TCP/IP, Second Edition 20
Models Break Networking into Layers
Divide and conquer approach
Separate networking hardware concerns from
those related to networking software
Key points about networking Easier to solve problems when broken into layers
Layers operate independently of one another Changes to one layer need not affect other layers
8/22/2019 TCP/IP Chap 01
21/55
Guide To TCP/IP, Second Edition 21
Models Break Networking into Layers
(cont.) Key points about networking (cont.)
Individual layers work together on pairs of computers
Different expertise is needed at each layer Layers working together is known as networking
Network protocols usually map into one or more layers
TCP/IP is designed around a layered model
8/22/2019 TCP/IP Chap 01
22/55
Guide To TCP/IP, Second Edition 22
Seven Layers Of The OSI Model
8/22/2019 TCP/IP Chap 01
23/55
Guide To TCP/IP, Second Edition 23
How Protocol Layers Behave
Layers exist to encapsulate or isolatespecific types of functionality
Layers provide services to the layer above Layers deliver data to or accept data from
the layer below
Protocol Data Units (PDUs) PDUs include envelope information in the
form of specific headers and trailers
8/22/2019 TCP/IP Chap 01
24/55
Guide To TCP/IP, Second Edition 24
Physical and Data Link Layers
Physical Layer
Includes the physical transmission medium
Physical and electrical characteristics of the interfaces
PDUs consist of specific serial patterns of signals
Data Link Layer
Manages point-to-point transmission
Handles sequencing of data from sender to receiver Data transmission control: called media flow control
PDUs are specific bit patterns and are called frames ordata frames
8/22/2019 TCP/IP Chap 01
25/55
Guide To TCP/IP, Second Edition 25
Network and Transport Layers
Network Layer
Logical addresses associated with individual machines
Uses logical addressing to determine how to send PDUtraffic to other physical segments
PDUs are structured data called a packet
Transport Layer
Ensure reliable end-to-end transmission of PDUs
Includes end-to-end error-detection and error-recovery
PDUs are structured numbered sequence data calledsegments or data segments
8/22/2019 TCP/IP Chap 01
26/55
Guide To TCP/IP, Second Edition 26
Sessions and Presentation Layers
Sessions
Conversations are set up, maintained, and thenterminated
Includes mechanisms to maintain reliable ongoingconversations called checkpoints
PDUs at this level are Session PDUs, or SPDUs
Presentation
Manages how data is presented to the network and to aspecific machine/application
PDUs are generically called Presentation PDUs
8/22/2019 TCP/IP Chap 01
27/55
Guide To TCP/IP, Second Edition 27
Application Layer
Defines an interface that applications can
use to request network services
Defines a set of access controls over thenetwork
PDUs are generically called Application
PDUs
8/22/2019 TCP/IP Chap 01
28/55
Guide To TCP/IP, Second Edition 28
OSI and TCP/IP Models
8/22/2019 TCP/IP Chap 01
29/55
Guide To TCP/IP, Second Edition 29
TCP/IP Network Access Layer
Includes Ethernet, token ring, and wireless media
Includes WAN and connection-management
protocols Include the IEEE 802 family of standards
802.1 Internetworking
802.2 Media Access Control
802.3 CSMA/CD
802.5 Token Ring
8/22/2019 TCP/IP Chap 01
30/55
Guide To TCP/IP, Second Edition 30
TCP/IP Network Access Layer Protocols
High-level Data Link Control (HDLC)
Frame Relay
Asynchronous Transfer Mode (ATM)
PPP and SLIP
8/22/2019 TCP/IP Chap 01
31/55
Guide To TCP/IP, Second Edition 31
TCP/IP Internet Layer Functions
Handle routing between machines across
multiple networks
MTU fragmentation
Addressing
Routing
8/22/2019 TCP/IP Chap 01
32/55
Guide To TCP/IP, Second Edition 32
TCP/IP Internet Layer Protocols
Internet Protocol (IP)
Internet Control Message Protocol (ICMP)
Packet Internetwork Groper (PING)
Address Resolution Protocol (ARP)
Routing Information Protocol (RIP)
8/22/2019 TCP/IP Chap 01
33/55
Guide To TCP/IP, Second Edition 33
TCP/IP Transport Layer Functions
Functions
Reliable delivery of data from sender to receiver
Fragmentation of outgoing messages and theirreassembly prior to delivery to the Application layer
Protocols
Transmission Control Protocol (TCP)
Connection oriented
User Datagram Protocol (UDP)
Connectionless
8/22/2019 TCP/IP Chap 01
34/55
Guide To TCP/IP, Second Edition 34
TCP/IP Application Layer
Function
Interfaces with applications or processes on a
host machine
Protocol and Services
File Transfer Protocol (FTP)
Telnet
8/22/2019 TCP/IP Chap 01
35/55
Guide To TCP/IP, Second Edition 35
TCP/IP Protocols, Services, Sockets, And Ports
TCP/IP protocol numbers
Protocol numbers are used to identify distinct protocols,
and those protocols use port numbers
TCP/IP port numbers
TCP/IP application are identified by port numbers
The source or destination port number identifies the
process that sent or receives, respectively, the data
TCP/IP sockets
Dynamically assigned port address is called a socket
8/22/2019 TCP/IP Chap 01
36/55
Guide To TCP/IP, Second Edition 36
TCP/IP Protocol Numbers
8/22/2019 TCP/IP Chap 01
37/55
Guide To TCP/IP, Second Edition 37
Data Encapsulation In TCP/IP
Outgoing data is packaged and identified for
delivery to the layer underneath
Incoming data has its encapsulating informationfrom the underlying layer stripped off before its
delivered to its upper-layer
Each PDU has an opening component, called a
header, and closing component called a trailer
Data portion of the PDU is known as the payload
8/22/2019 TCP/IP Chap 01
38/55
Guide To TCP/IP, Second Edition 38
About Protocol Analysis
Protocol analysis is the process of
Tapping into the network communications
systemCapturing packets
Gathering network statistics
Decoding packets
Protocol analyzers can also transmit packets
A task for testing a network or device
8/22/2019 TCP/IP Chap 01
39/55
Guide To TCP/IP, Second Edition 39
Roles for Protocol Analysis
Used to troubleshoot network
communications
Used to test networksPassive
Active
Gather trends on network performance
8/22/2019 TCP/IP Chap 01
40/55
Guide To TCP/IP, Second Edition 40
Protocol Analyzer Elements
Promiscuous mode card and driver
Packet filters
Trace buffer
Decodes
Alarms
Statistics
8/22/2019 TCP/IP Chap 01
41/55
Guide To TCP/IP, Second Edition 41
Network Analyzer Process
8/22/2019 TCP/IP Chap 01
42/55
Guide To TCP/IP, Second Edition 42
Decodes
8/22/2019 TCP/IP Chap 01
43/55
Guide To TCP/IP, Second Edition 43
Statistics
8/22/2019 TCP/IP Chap 01
44/55
Guide To TCP/IP, Second Edition 44
Placing a Protocol Analyzer on a Network
Hubbing out
Placing a hub between a device of interest and the
switch, and connecting the analyzer to the hub
Port redirection
Switches can be configured to redirect (to copy) the
packets traveling through one port to another port
Remote monitoring (RMON) Collect traffic data at a remote switch and send the data
to a management device
8/22/2019 TCP/IP Chap 01
45/55
Guide To TCP/IP, Second Edition 45
Analyzer Placement Example
8/22/2019 TCP/IP Chap 01
46/55
Guide To TCP/IP, Second Edition 46
Chapter Summary
TCP/IP was designed with the following goals inmind
(1) To support multiple, packet-switched pathways
through the network so that transmissions can surviveall conceivable failures
(2) To permit dissimilar computer systems to easilyexchange data
(3) To offer robust, reliable delivery services for bothshort- and long-haul communications
(4) To provide comprehensive network access withglobal scope
8/22/2019 TCP/IP Chap 01
47/55
Guide To TCP/IP, Second Edition 47
Chapter Summary (cont.)
Initial implementations of TCP/IP were funded under the
auspices of the ARPA and Department of Defense
Until the late 1980s, the ARPANET remained largely in
government hands and supported by government funding
TCP/IP remains in the public domain as an open and
collaborative set of standards and best practices
The documents that govern TCP/IP standards and practices
are called RFCs, and the process of their creation,development, and approval involves representatives from
government, industry, research, and academia
8/22/2019 TCP/IP Chap 01
48/55
Guide To TCP/IP, Second Edition 48
Chapter Summary (cont.)
The standards creation and management processes
fall within the IETF, and final approval of Internet
standards rests in its parent organization, the IAB
Although the process of creating such standards is
rightfully called rough consensus , this process
works well enough to define literally hundreds of
protocols and services used every day on theInternet
8/22/2019 TCP/IP Chap 01
49/55
Guide To TCP/IP, Second Edition 49
Chapter Summary (cont.)
As Standard RFCs go through the approval process, they
begin life as Proposed Standard documents
After discussion and debate, and demonstration that two or
more separate reference implementations can successfullyinteroperate, RFCs can become Draft Standards
After further discussion and revisions, and approval from
the parent working group within the IETF, the Draft is
turned over to the IAB for final approval When the Draft is approved, it becomes a Standard RFC
(sometimes called an Internet Standard)
8/22/2019 TCP/IP Chap 01
50/55
Guide To TCP/IP, Second Edition 50
Chapter Summary (cont.)
Another popular type of RFC is an informational (non-
standard) RFC called a Best Current Practice, or BCP
Although these documents do not have the force of a
Standard RFC, they do provide useful information thatrepresents best approaches to designing, configuring,
implementing, or maintaining TCP/IP-based networks and
related services
For those reasons, BCPs are highly regarded and can beuseful tools for network administrators seeking to make the
most out of their TCP/IP networks
8/22/2019 TCP/IP Chap 01
51/55
Guide To TCP/IP, Second Edition 51
Chapter Summary (cont.)
In general, networking is a big, complex problem that is
most easily solved if broken up into a series of smaller,
less-complex, and interrelated problems
The ISO/OSI network reference model breaks networkinginto seven distinct layers that allow issues related to
hardware, media, and signaling to be separated from issues
related to software and services
Likewise, this model permits activities in software to bedistinguished on the basis of machine-to-machine
communications
8/22/2019 TCP/IP Chap 01
52/55
Guide To TCP/IP, Second Edition 52
Chapter Summary (cont.)
This communication involves handling informationdelivery from any sender to any receiver, moving largeamounts of data across the network, and handling various
issues related to ongoing communications, data formats,and application interfaces for network access
TCP/IP uses an older, simpler, four-layer model that lumpsthe latter three issues into a single application/serviceslayer, but is otherwise very much like the ISO/OSI
reference model TCP/IP uses a variety of encapsulation techniques at its
various layers to label the type of data contained in thecontents, or payloads, of its PDUs
8/22/2019 TCP/IP Chap 01
53/55
Guide To TCP/IP, Second Edition 53
Chapter Summary (cont.)
TCP/IP also uses numbering techniques to identify well-known protocols at the lower layers (protocol numbers)and to support ready access to well-known applications
and services at upper layers (well-known ports) When a client makes a request to a server that requires an
ongoing exchange of information, a listening process onthe server creates a temporary connection that combines acomputers numeric IP address with a specific port address
for the process involved (called a socket address) This ensures that the right process on the right computer
may be accessed on both sending and receiving machines
8/22/2019 TCP/IP Chap 01
54/55
Guide To TCP/IP, Second Edition 54
Chapter Summary (cont.)
Protocol analysis is a process whereby a network interfaceis used to inspect all traffic moving across a segment ofnetwork medium
Protocol analyzers are software programs that can managethis task and can capture not only healthy (properlyformed) traffic, but also erroneous or ill-formed traffic
This lets protocol analyzers characterize network traffic ona descriptive basis (the protocols used, the active station
addresses, the conversations, and the parties involved), andon a statistical basis (percentage of errors, percentage oftraffic per protocol, peak loads, low loads, average loads,and so forth)
8/22/2019 TCP/IP Chap 01
55/55
G ide To TCP/IP Second Edition 55
Chapter Summary (cont.)
Much of the remaining text depends on putting the
topical and theoretical discussions about TCP/IP
protocols together with the traces and decodes
(formatted contents of packets) to see how theory
and practice fit together