Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.
Published byModified over 5 years ago
Presentation on theme: "Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn."— Presentation transcript:
Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn
Institute of Technology Sligo - Dept of Computing Jack Pol2 Lesson Overview How TCP/IP operates to ensure communication across any set of interconnected networks. Learn about parts of the TCP/IP protocol stack that support: File transfer (FTP, TFTP), e-mail, Reliable (TCP) and unreliable (UDP) transport layer protocols, Connectionless datagram (packet) delivery at the network layer, ICMP provides control and message functions at the network layer, ARP and RARP.
Institute of Technology Sligo - Dept of Computing Jack Pol3 TCP/IP Developed by the Defence Advanced Research Projects Agency (DARPA). Later included with the Berkeley Software Distribution of UNIX. Now the de facto standard for internetwork communications. Serves as the transport protocol for the Internet.
Institute of Technology Sligo - Dept of Computing Jack Pol4 9.1.1 The Internet TCP/IP protocols and the OSI model OSI Layers 7,6 & 5 are rolled into 1 application layer The Transport layer in both models perform basically the same function OSI layers 2 & 1 are combined into 1 Network Access layer
Institute of Technology Sligo - Dept of Computing Jack Pol5 9.1.2 TCP/IP protocol stack and the application layer DNS - Domain Name System WINS - Windows Internet Naming System NFS - Network File System (The standard UNIX file system) POP3 - Post Office Protocol (An e-mail standard) SMTP - Simple Mail Transfer Protocol SNMP - Simple Network Management Protocol FTP - File Transfer Protocol (Upload/Download files from the ‘net) TFTP - Trivial File Transfer Protocol HTTP - The Internet standard for web browsing
Institute of Technology Sligo - Dept of Computing Jack Pol6 Other Application Layer protocols used for troubleshooting a network include: Telnet - A standard terminal emulation protocol PING - Packet InterNet Groper Traceroute - Traces the path of a packet from the source to the receiver. 9.1.2 TCP/IP protocol stack and the application layer
Institute of Technology Sligo - Dept of Computing Jack Pol7 9.1.3 TCP/IP protocol stack and the transport layer The transport layer provides two protocols: TCP (Transport Control Protocol) Provides reliable, connection-oriented communications between 2 hosts. TCP requires more network overhead because data is acknowledged as it is received. UDP (User Datagram Protocol) UDP is faster but less reliable, because the recipient does not acknowledge the data as it is received. Communication reliability is left to the Application Layer
Institute of Technology Sligo - Dept of Computing Jack Pol8 9.1.4 TCP segment format source port -- the number of the calling port destination port -- the number of the called port sequence number -- the number used to ensure correct sequencing of the arriving data acknowledgment number -- the next expected TCP octet HLEN -- the number of 32-bit words in the header reserved -- set to 0 code bits -- the control functions (e.g. setup and termination of a session) window -- the number of octets that the sender is willing to accept checksum -- the calculated checksum of the header and data fields urgent pointer -- indicates the end of the urgent data option -- one currently defined: maximum TCP segment size data -- upper-layer protocol data
Institute of Technology Sligo - Dept of Computing Jack Pol9 9.1.4 UDP segment format Application layer protocols provide for reliability. UDP uses no windowing or acknowledgments. Designed for applications that do not need to put sequences of segments together. Protocols that use UDP are: TFTP SNMP Network File System (NFS) Domain Name System (DNS)
Institute of Technology Sligo - Dept of Computing Jack Pol10 Both TCP and UDP use port numbers for communication between hosts. Port numbers are similar to phone numbers Transport layer services can be “called” by their port number. EG When a Host wants to transfer a file using FTP Uses TCP port 21 to establish and control the connection Uses TCP port 20 to transfer the data TCP ports 20 & 21 are called “Well Known Port Numbers” because applications expect to find FTP services on these ports. Other “Well Known” Port numbers are: TCP Port 23 - Telnet TCP Port 25 - SMTP (email) TCP Port 53 - DNS TCP Port 80 - HTTP web services UDP Port 53 - DNS UDP Port 69 - TFTP UDP Port 161 - SNMP 9.1.5 TCP and UDP port numbers Request For Comment 1700 defines “Well Known Port Numbers”
Institute of Technology Sligo - Dept of Computing Jack Pol11 9.1.6 TCP three-way handshake/open connection For TCP to establish a reliable connection between 2 hosts. Uses a “Three Way Handshake” Transmits 3 packets before the actual data The 2 Hosts synchronise their “Initial Sequence Number” (ISN) Ensures that the communications are assembled in the correct order and no missing packets exist. The process occurs by Host 1 sends a SYN packet to Host 2 (1st data packet) Host 2 ACK the packet from Host 1 (2nd data packet) Host 2 includes its’ own SYN data for Host 1 (2nd data packet) Host 1 ACK packet from Host 2 (3rd data packet) It is call the 3 way handshake because only 3 packets are exchanged The SYN packet from Host 2 also serves as the acknowledgment to the SYN packet from Host 1
Institute of Technology Sligo - Dept of Computing Jack Pol12 9.1.7 TCP simple acknowledgment and windowing TCP “Sliding Windows” control the flow and efficiency of communication Quite simply, once the window fills with data, the destination host sends an ACK for packets received in that window The window slides over in order to select new packets. TCP window sizes can change during the life of the connection so that the window can be
Institute of Technology Sligo - Dept of Computing Jack Pol13 9.2.1 TCP/IP and the Internet Layer The Internet layer of the TCP/IP stack corresponds to the network layer of the OSI model. Several protocols operate at the TCP/IP Internet layer that corresponds to the OSI network layer: IP -- provides connectionless, best-effort delivery routing of datagrams; is not concerned with the content of the datagrams; looks for a way to move the datagrams to their destination ICMP -- provides control and messaging capabilities ARP -- determines the data link layer address for known IP addresses RARP -- determines network addresses when data link layer addresses are known
Institute of Technology Sligo - Dept of Computing Jack Pol14 9.2.2 The IP datagram An IP datagram contains an IP header and data, and is surrounded by the Media Access Control (MAC) layer header and MAC layer trailer. One message may be transmitted as a series of datagrams that are reassembled into the message at the receiving location. VERS -- version number HLEN -- header length, in 32-bit words type of service -- how the datagram should be handled total length -- total length (header + data) identification, flags, flag offset -- provides fragmentation of datagrams to allow differing MTUs in the internetwork TTL -- Time-To-Live protocol -- the upper-layer (Layer 4) protocol sending the datagram header checksum -- an integrity check on the header source IP address and destination IP address -- 32-bit IP addresses IP options -- network testing, debugging, security, and other options
Institute of Technology Sligo - Dept of Computing Jack Pol15 9.2.2 The IP datagram The protocol field determines the Layer 4 protocol being carried within an IP datagram. Although most IP traffic uses TCP, other protocols can also use IP. Each IP header must identify the destination Layer 4 protocol for the datagram. Transport layer protocols are numbered, similarly to port numbers. IP includes the protocol number in the protocol field
Institute of Technology Sligo - Dept of Computing Jack Pol16 9.2.3 Internet Control Message Protocol (ICMP) Provides message control and error reporting services between 2 TCP/IP hosts or between a host server and a gateway to the Internet. The PING utility uses ICMP messages to check connections between 2 points. EG: A router receives a packet that it is unable to deliver to its final destination. The router sends an ICMP unreachable message to the source. The message might be undeliverable because there is no known route to the destination. An echo reply is a successful reply to a ping command. Results could include other ICMP messages, such as host unreachable and timeouts. How many of you have sent an email with the wrong address and it comes back to you with the message “host unknown”?
Institute of Technology Sligo - Dept of Computing Jack Pol17 9.2.4 How ARP works ARP maps IP addresses to MAC addresses. The source of the network packet sends the information to the destination. Unique MAC addresses reference the end points in the exchange. Networked devices maintain details of MAC and IP addresses of other devices on the network. This is called an ARP table or cache Maintained in RAM
Institute of Technology Sligo - Dept of Computing Jack Pol18 9.2.4 How ARP works A computer transmits a packet on the network. It checks its’ ARP cache for an IP to MAC address mapping If source finds an appropriate IP to MAC mapping, the source uses the IP and MAC address to encapsulate the data that it is ready to transmit. Source computer sends the packet directly to the destination.
Institute of Technology Sligo - Dept of Computing Jack Pol19 9.2.4 How ARP works The IP address is listed first, the MAC address next, followed by information about whether the entry is static or dynamic.
Institute of Technology Sligo - Dept of Computing Jack Pol20 9.2.4 How ARP works If a source computer cannot locate an IP to MAC address mapping in its’ ARP table, it must obtain the correct mapping. Source initiates an ARP request to all hosts to gain the destinations’ MAC address. The one host that sees that the ARP packet is meant for its’ IP address responds to the ARP request.
Institute of Technology Sligo - Dept of Computing Jack Pol21 How RARP works RARP is similar to ARP in that computers use it to bind MAC addresses to IP addresses. RARP is used by Diskless Workstations which have a MAC address burned into their network cards but no IP address. A clients IP configuration is stored on a RARP server RARP servers maintain a table of MAC and IP address mapping for RARP clients. During the boot process, a RARP client will call the RARP server to obtain their IP configuration.
Institute of Technology Sligo - Dept of Computing Jack Pol22 The preceding presentation was put together using the Cisco curriculum and the CCNA Guide to Cisco Networking Fundamentals by Kurt Hudson and Kelly Cannon.