Bellevue University
CIS 351
OSI and TCP/IP
Topics
• Comparison of OSI and TCP/IP Models
• Local Area Networking using Ethernet and TCP/IP
• Ethernet
• The TCP/IP Protocol Stack
The OSI Reference Model
Application
Presentation
Session
Transport
Network
Data Link
Physical
TCP/IP
• Development was funded by US Government’s Advanced Research Projects Agency (ARPA) in 1960s and 1970s.
• Widely used protocol suite – Protocol of choice for the Internet and most operating systems
• Implementation parallels the OSI Model
The TCP/IP Model
Application
Transport
Internet
Network Interface
TCP/IP Protocol Suite• Transmission Control Protocol (TCP)• User Datagram Protocol (UDP)• Internet Protocol (IP)• Internet Control Message Protocol (ICMP)• Internet Group Management Protocol (IGMP)• Address Resolution Protocol (ARP)• TCP/IP Utilities
TCP/IP Layers
Application LayerApplication Layer
Transport LayerTransport LayerTransport LayerTransport Layer
Internet LayerInternet LayerInternet LayerInternet Layer
Network Interface LayerNetwork Interface LayerNetwork Interface LayerNetwork Interface Layer
Internet LayerIPIP ICMPICMP IGMPIGMP ARPARP
Network Interface Layer
EthernetEthernetATMATM
Transport LayerUDPUDPTCPTCP
Application Layer
FTPFTPHTTPHTTP
Ethernet
• Covers both Physical and Data link standards in ISO model
• Covers
• Uses CSMA/CD
• Handles communication at the link level
• Sends and receives frames
Ethernet (cont)
IEEE 802.3: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Access Method and Physical Layer Specifications– Physical layer specification– Frame Format– CSMA/CD Media Access Control (MAC)
mechanism
Physical Layer
• Star or bus topology
• RG8 or RG58 Coax, UTP, STP, or fiber optic cable
• Coax limited to 10 MBps
• UTP, STP, and fiber optic limited to 1GBps (currently)
100BaseT
• Most popular physical layer for Ethernet LANs
• Category 5 Unshielded Twisted Pair cable
• RJ-45 Connectors
• Star Topology - requires a hub or switch
Cat 5 UTP
Cable Connections
Pin# Color NIC Hub or Switch
1 Striped Orange Tx Rx
2 Solid Orange Tx Return Rx Return
3 Striped Green Rx Tx
4 Solid Blue Not Used Not Used
5 Striped Blue Not Used Not Used
6 Solid Green Rx Return Tx Return
7 Striped Brown Not Used Not Used
8 Solid Brown Not Used Not Used
The 5-4-3 Rule
• You may have five cable segments
• Connected by four repeaters
• No more than three segments can be of mixed types
Packet Terminology
Segment
Message
Datagram
Frame
TCP/IP Traffic From top to bottom
Internet layer dataEthernet header Ethernet footer
frame
Transport layer dataIP header
datagram
Application layer dataTCP header
message
Application layer data
segment
Ethernet Frame
Preamble
Start of Frame Delimiter
Destination Address
Source Address
Ethertype/Length
Data and Pad
Frame Check Sequence
Preamble
7 bytes of alternating ones and zeros used to synchronize clock signals with the incoming frame
Start of Frame Delimiter
A one byte field consisting of 6 ones and zeros followed by two consecutive ones. The ones signal that the bits to follow contain the start of the actual frame
Destination Address
A six byte field containing the hardware address of the destination end of the link
Source Address
A six byte field containing the address of the network interface adapter that generated the packet.
Addressing
• Six byte hardware address
• Unique to each Network Interface Card
• Consists of a three byte Organizationally Unique Identifier and three byte serial number
Organizationally Unique Identifier (OUI)
• First three bytes of the hardware address
• Identifies the company that manufactured the Network Interface
• Complete list can be found at:
http://standards.ieee.org/regauth/oui/oui.txt
Example
00-10-5A (hex) 3COM CORPORATION 00105A (base 16) 3COM CORPORATION 5400 BAYFRONT PLAZA MAILSTOP: 4220 SANTA CLARA CA 95052 UNITED STATES
Ethertype/Length
Contains the protocol type and length of the data field excluding any pad
Common Ethertype Values
0800 Internet Protocol
0805 X.25
0806 ARP
8035 RARP
809B AppleTalk on Ethernet
8137 Netware IPX
Data and Pad
• Contains the data passed down from the network layer protocol on the transmitting system
• Padding is used if the length of the data sent from the network layer is less than 46 bytes.
• The maximum length for the data field is 1500 bytes
Frame Check Sequence
• Four bytes of footer that contain a checksum of the entire packet.
• The transmitting computer calculates the checksum and stores it in the footer.
• The receiving computer recalculates the checksum and compares it to the stored checksum.
• Transmission is successful if both checksum values match
Internet Protocol (IP)
RouterRouterUDPTCP
IPIP ICMP IGMP ARP
Datagram (IP)
Source IP Address
Destination IP Address
Time To Live
Version IHL Total Length
Identification Flags
Protocol Header Checksum
Data
Options
IP Header
Type of Service
Fragment Offset
Some Common Protocol Numbers (RFC 791)
1 ICMP
2 IGMP
6 TCP
17 UDP
IP Addressing
• Uses a 32 bit binary address
• Address is expressed as group of four decimal numbers in the range of 0-255, separated by periods (also known as dots)
Classful IP Addressing
• IP Addresses
• IP Address Classes
IP Address Classes
ww xx yy zz
Class A Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID
Class B Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID
Class C Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID
Limitations of the Original IP Addressing Scheme
Wastes IP Addresses
Network of 2000 ComputersAssigned 65,534 IP Addresses
63,534Wasted
2000Allocated
Class B
ww xx yy zz
Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID
255255 0 0255255
Adds Multiple Entries to Routing Tables
Class C
ww xx yy zz
Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID0255255 255255 255255
192.168.1.0192.168.1.0
192.168.2.0192.168.2.0
192.168.3.0192.168.3.0
192.168.4.0192.168.4.0
192.168.5.0192.168.5.0
192.168.6.0192.168.6.0
192.168.7.0192.168.7.0
192.168.8.0192.168.8.0
Portion of Internet Routing Tables192.168.1.0 255.255.255.0 192.168.1.1192.168.2.0 255.255.255.0 192.168.2.1192.168.3.0 255.255.255.0 192.168.3.1192.168.4.0 255.255.255.0 192.168.4.1192.168.5.0 255.255.255.0 192.168.5.1192.168.6.0 255.255.255.0 192.168.6.1192.168.7.0 255.255.255.0 192.168.7.1192.168.8.0 255.255.255.0 192.168.8.1
Company Network IDsInternet
Solution: Classless Inter-Domain Routing (CIDR)
ww xx yy zz10.217.123.710.217.123.7
00001010 11011001 01111011 0000011100001010 11011001 01111011 00000111
IP Address in Dotted Decimal Notation
Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID
32 Values
4 Values
IP Address in Binary Notation
The Key to CIDR is the Subnet Mask
• Subnet Mask Bits
• CIDR Notation
• Calculating the Network ID
• Determining Local and Remote Hosts
Subnet Masks
• Determine which part of the IP address is the Network part and which is the host part
Example:
255.0.0.0
Network Host
Subnet Mask Bits
Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID
111111 11 111111 11 111111 11 111111 11 111111 11 111111 11 000 0 000 0
ww xx yy zz 10 . 217 . 123 . 7 10 . 217 . 123 . 7
255 . 255 . 255 . 0 255 . 255 . 255 . 0
Binary RepresentationBinary RepresentationBinary RepresentationBinary Representation Decimal RepresentationDecimal RepresentationDecimal RepresentationDecimal Representation
1111111111111111 255255
1111111011111110 254254
1111110011111100 252252
1111100011111000 248248
1111000011110000 240240
1110000011100000 224224
1100000011000000 192192
1000000010000000 128128
0000000000000000 00
Using CIDR Notation to indicate the configuration of the subnet mask
IPAddress
Subnet Mask
Number of Subnet Mask Bits (ones)
IP Address in CIDR Notation
255 . 255 . 240 . 0255 . 255 . 240 . 0 255 . 255 . 240 . 0255 . 255 . 240 . 011111111 11111111 11110000 0000000011111111 11111111 11110000 00000000
10 . 217 . 123 . 710 . 217 . 123 . 7 10 . 217 . 123 . 710 . 217 . 123 . 700001010 11011001 01111011 0000011100001010 11011001 01111011 00000111
8 + 8 + 4 + 0 = 208 + 8 + 4 + 0 = 20
10.217.123.7/2010.217.123.7/2010.217.123.7/2010.217.123.7/20
Calculating the Network ID
IPAddress
Subnet Mask
NetworkID
Network ID in CIDR Notation 10.217.112.0/2010.217.112.0/2010.217.112.0/2010.217.112.0/20
255 . 255 . 240 . 0255 . 255 . 240 . 0 255 . 255 . 240 . 0255 . 255 . 240 . 011111111 11111111 11110000 0000000011111111 11111111 11110000 00000000
10 . 217 . 123 . 710 . 217 . 123 . 7 10 . 217 . 123 . 710 . 217 . 123 . 700001010 11011001 01111011 0000011100001010 11011001 01111011 00000111
00001010 11011001 01110000 0000000000001010 11011001 01110000 00000000
IP Address in CIDR Notation: 10.217.123.7/20
IP Address Classes
• Class A 0x.x.x.x
• Class B 10x.x.x.x
• Class C 110x.x.x.x
• Class D 1110x.x.x.x
Private Addresses(Non-routable over the Internet)
– 10.x.x.x Class A private IPs– 172.(16-31).x.x Class B private IPs– 192.168.x.x Class C private IPs– 169.254.x.x Automatic Private IP
(Microsoft)
Internet Control Message Protocol (ICMP)
UDPTCP
IP ICMPICMP IGMP ARP
RouterRouter
ICMP
• Network layer TCP/IP Protocol
• Described in RFC 792
• Carries informational queries and error messages
• Used by the ping command
Internet Group Management Protocol (IGMP)
UDPTCP
IP ICMP IGMPIGMP ARP
IGMP
• Network layer TCP/IP Protocol
• Described in RFC 2236
• Provides a way for an Internet computer to report its multicast group membership to adjacent routers
Address Resolution Protocol (ARP)
UDPTCP
IP ICMP IGMP ARPARP
BB
CC
AA
ARPCache
2
1
4
6
5
1. ARP cache is checked2. ARP request is sent3. ARP entry is added4. ARP reply is sent5. ARP entry is added6. IP packet is sent
ARPCache
3
Transmission Control Protocol (TCP)
IP ICMP IGMP ARP
UDPTCPTCP
TCP
• Connection oriented
• Transport layer protocol
• Uses port numbers
• Handles segments
Message (TCP)
Source IP Address
Sequence Number
Acknowledgement Number
Data Offset Reserved
Destination IP Address
Unused Protocol Length
Source Port Destination Port
Control Bits Window
Checksum Urgent Pointer
Data
Options
Pseudo- Header
TCP Header
Port numbers
• A unique number that relates to a service or protocol
• Assigned by the Internet Assigned Numbers Authority (IANA) and published in RFC 1700
• Contained in a file called SERVICES
Source Port
• 2 Bytes in length
• Identifies the process on the transmitting system that generated the information in the Data field
Destination Port
• 2 Bytes in length
• Identifies the process on the receiving system for which the information in the Data field is intended
Sequence Number
• 4 bytes
• Unique number that identifies the location of the data in this segment in relation to the entire sequence.
Acknowledgment
• Used for acknowledgment messages
• Specifies the sequence number of the next segment expected by the receiving system
Data Offset
• 4 Bits in length
• Specifies the number of 4 byte words in the TCO header
Reserved
• 6 Bits in length
• This field is not used
Control Bits
• 6 bits in length– URG set if segment contains urgent data– ACK set if acknowledgment message– PSH set to forward immediately– RST set to reset TCP configuration and discard
all segments– SYN set to synchronize sequence numbers– FIN set to terminate a TCP connection
Window
• 2 Bytes in length.
• Specifies how many bytes the computer is capable of accepting from the connected system.
Checksum
• 2 Bytes in length
• Contains the result of a cyclical redundancy check (CRC) performed by the transmitting system
• The CRC is recalculated at the receiving end and compared with the number in the checksum field
Urgent Pointer
• 2 Bytes in length
• When the urgent (URG) control bit is present, this field indicates which part of the data in the segment is urgent
Options
• Variable length field
• Contains information related to optional TCP connection configuration features.
Socket
• Composed of an IP address and TCP port number
Example: 216.115.102.79:80
User Datagram Protocol (UDP)
UDPUDPTCP
IP ICMP IGMP ARP
Identifying Applications
UDPUDPTCPTCP
FTPFTPHTTPHTTP
192.168.2.150192.168.2.150
FTP Server
HTTP Server
TCP Port 20, 21TCP Port 20, 21
TCP Port 80TCP Port 80
IP Address + TCP Port or UDP Port= Socket
TCP/IP Utilities
Server-basedSoftware
Diagnostic Utilities
Connectivity Utilities
FtpFtp
TelnetTelnet
TftpTftp
ArpArp
HostnameHostname
IpconfigIpconfig
NbstatNbstat
NetstatNetstat
PingPing
TracertTracert
TCP/IP Printing Service
TCP/IP Printing Service
Internet InformationServices
Internet InformationServices
Data Flow
UDPUDPTCPTCP
FTPFTPHTTPHTTP
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
UDPUDPTCPTCP
FTPFTPHTTPHTTP
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
Data
ApplicationApplication
DataFTPFTPHTTPHTTP
TransportTransport
Data
UDPUDPTCPTCP
FTPFTPHTTPHTTP
InternetInternet
Data
UDPUDPTCPTCP
IPIP ICMPICMP IGMPIGMP ARPARP
PreamblePreamble
Data
CRCCRC
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
Data
EthernetEthernetATMATM
Data
EthernetEthernetATMATM
Data
IPIP ICMPICMP IGMPIGMP ARPARP
EthernetEthernetATMATM
Data
UDPUDPTCPTCP
IPIP ICMPICMP IGMPIGMP ARPARP
Data
UDPUDPTCPTCP
FTPFTPHTTPHTTP
PreamblePreamble
Internet
Transport
Application
Data
CRCCRC
FTPFTPHTTPHTTP
The TCP/IP Model
Network Access
Internet
Application
Transport
Internet
Network Access
Application
Transport
Internet
Network Access
Sender Receiver
Router
Data link
TCP
IP
MAC
IP
MAC
Data link