Presentation is loading. Please wait.

Presentation is loading. Please wait.

“Internet Security” Chapter 2

Published byChloe Sparks Modified over 8 years ago

Similar presentations

Presentation on theme: "“Internet Security” Chapter 2"— Presentation transcript:

1 “Internet Security” Chapter 2

2 2. TCP/IP Suite and Internet Stack Protocols
Contents 2. TCP/IP Suite and Internet Stack Protocols 2.1 Network Layer Protocols 2.2 Transport Layer Protocols 2.3 World Wide Web 2.4 File Transfer 2.5 Electronic Mail 2.6 Network Management Service 2.7 DNS 2.8 Routing Protocols 2.9 Remote System Programs

3 Network Layer Protocols
Internet Protocol (IP) A network layer (layer 3 in the OSI model or Internet layer in the TCP/IP model) protocol which contains addressing information and some control information to enable packets to be controlled An unreliable and connectionless datagram protocol The service is called unreliable because delivery is not guaranteed The service is called connectionless because each packet is treated independently from all others Packets in the IP layer are called datagrams

4 Network Layer Protocols
IP Datagrams ( Header + Data) 15 31 Ver HLEN Service Type Total Length Identification Flags Fragmentatin Offset 20~60 TTL Protocol Header Checksum bytes ( variable Source Address length ) Destination Address Options (if any) Data IP Datagram format

5 Network Layer Protocols
Each field in an IP Datagram Version (VER, 4 bits) The version of the IP protocol that was used to create the datagram Header Length (HLEN, 4 bits) The total length of IPv4 datagram header Type of service (TOS, 8 bits) How the datagram should be handled by routers Precedence (3 bits) D T R C unused (1 bit) TOS 4 bits D : Minimize delay (1000) R : Maximize reliability (0010) T : Maximize throughput (0100) C : Minimize cost (0001) Normal (default) : (0000)

6 Network Layer Protocols
Each field in an IP Datagram Overall length (16 bits) The total length (header plus data) of the IP datagram in bytes Identification (ID,16 bits) specifies to identify a datagram originating from the source host It is set by sender and uniquely identifies a specific IP datagram sent by a source host Flags (3 bits) used in fragmentation Fragmentation offset (13 bits) Fragment : the small pieces into which a datagram is divided Fragmentation : the process of dividing a datagram The relative position of each fragment with respect to the whole datagram Where the data in a fragmented datagram should be placed in the datagram being reassembled

7 Network Layer Protocols
Each field in an IP Datagram Time to live (TTL, 8 bits) Limited lifetime in its travel through an Internet Routers and hosts that process datagram must decrement this TTL filed as time passes and remove the datagram from the Internet when its time expires Protocol (8 bits) Higher-level protocols such as TCP, UDP, ICMP, IGMP Helps the de_multiplexing process when the datagram arrives at its final destination Header checksum (16 bits) The error detection method used by most TCP/IP protocols Ensuring the integrity of header values

8 Network Layer Protocols
Each field in an IP Datagram Source IP address (32 bits) The IP address of the sender of the IP datagram Destination IP address (32 bits) The IP address of the host to which this datagram is to be sent Options (variable length) Variable length filed ( zero or more) The most common options are as followings The security option A record route option The timestamp option A source routing option

9 Network Layer Protocols
IP Addressing Table 2.2 TCP/IP architecture and corresponding address Layer Application Transport Internet Network Access TCP/IP Protocol HTTP, FTP, SMTP DNS and other protocols TCP, UDP IC, ICMP, IGMP Physical network Address Port address - IP address Physical (link) address

10 Network Layer Protocols
IP Addressing Physical (local or link) address A local address is called a physical address because it is usually implemented in hardware IP address An IP address is called a logical address at the network level because it is usually implemented in software Port address The label assigned to a process is called a port address (1~1023 number) Telnet port port Telnet port port FTP FTP Computer A Computer B/C Computer B/C

11 Network Layer Protocols
Addressing schemes IP address being divided into five different classes Class A, Class B, Class C, Class D Class A, B and C differ in the number of hosts allowed per network Class D is used for multicasting Class E is reserved for future use Table 2.3 Number of networks and hosts in each address class Address Class A (0) B (10) C (110) D (1110) E (1111) Netid First octet (8 bits) Two octets (16 bits) Three octets (24 bits) -- Hostid Three octets (24 bits) Two octets (16 bits) Last octets (8 bits) -- Number of Networks and Hosts = = 214 = = 65534 221 = = 254 No netid No hostid Netid Hostid

12

13 Network Layer Protocols
Subnetting and supernetting In subnetting, one large network is divided into several samller subnetworks, and class A, B and C addresses can be subnetted Three portions netid, subnetid, hostid In supernetting, several networks are combined into one large network For example For a 32-bit IP address of as netid 5 as subnetid 23 as hostid

14 Network Layer Protocols
Mapping by mask Masking is a process that extracts the physical network address from IP address Performing a 32-bit IP address on another 32-bit mask, bit-by-bit logical AND operation Example 2.3

15 Network Layer Protocols
Address Resolution Protocol (ARP) The delivery of a packet to a host or a router requires two levels of addressing Such as logical (IP) address and physical (MAC) address Since the IP datagram is encapsulated in a form to be passed through the physical network (such as LAN), the sender needs the physical MAC address of the receiver IP MAC NIC NIC

16 Network Layer Protocols
ARP operation Refer to hard copy figure

17 Network Layer Protocols
Proxy ARP Reverse Address Resolution Protocol (RARP) Using the physical address to get the logical IP address receiver Network A LAN 3. Packet delivery router Proxy ARP 1. ARP request LAN 2. ARP reply Network B sender

18 Network Layer Protocols
IP Version 6 (IPv6, or IPng) Advantages Extended Address Space 32 bits (232)  128 bits (2128) Auto-configuration Stateless/Stateful address auto-configuration Efficient Packet Processing Fixed IPv6 basic header (Lower processing overhead) Extension header and no checksum Security IPSec

19 Network Layer Protocols
IP Version 6 (IPv6, or IPng) IPv6 Addressing IPv6 address consists of 32 hexadecimal digits, with every four digits separated by a colon Flea:1075:fffb:110e:0000:0000:7c2d:a65f Flea:1075:fffb:110e::7c2d:a65f (abbreviated address) IPv6 Address Types Unicast Packets sent to a unicast address are delivered to the interface uniquely specified by the address Anycast Packets sent to a anycast address will be delivered to at least one interface specified by the address Multicast Packets sent to a multicast address will be delivered to all the interface to which the address refers

20 Network Layer Protocols
IPv6 Packet format Source Address Destination Address Flow Label Ver Priority Payload Length Next Header Hop Limit Hop-by-hop Option header Destination Options header (note 1) Routing header Fragment header Authentication header Encapsulation header Destination Options header (note 2) upper-layer header Basic Header Extension Headers 3 31 11 15

21 Network Layer Protocols
IPv6 Header field Version (4 bits) Priority (4 bits) defines the priority of packet with respect to traffic congestion Flow label (24 bits) designed to provide special handling for a particular flow of data contains information that routers use to associate a datagram with s specific flow and priority Payload length (16 bits) The total length of the IP datagram excluding the base header Optional extension header + data from the upper layer Next header (8 bits) Defining the header that follows the base header in the datagram Table 2.6 Next header codes

22 Network Layer Protocols
IPv6 Header field Hop limit (8 bits) Decrements by 1 each node that forwards the packet TTL in IPv4 Source address (128 bits) A 128 bit originator address that identifies the initial sender of the packet Destination address (128 bits) A 128 bit recipient address that identifies the final destination of the datagram

23 Network Layer Protocols
Internet Control Message Protocol (ICMP) An extension to the Internet Protocol which is used to communicate between a gateway and a source host, to manage errors and generate control messages The purpose of ICMP Providing feedback about problems in the communication environment, not to make IP reliable ICMP message 8 bits 8 bits 16 bits Type Type Checksum Rest of the header IP header IP data Data Section Frame header Frame data Trailer (if any) ICMP message format ICMP encapsulation

24 Network Layer Protocols
Internet Group Message Protocol (IGMP) used to facilitate the simultaneous transmission of a message to a group of recipients Two types of message Report and query Report message : host -> router Query message : router -> host Type : Query (1) Report (2) 8 bits 8 bits 16 bits Ver (1) Type Unused Checksum Group address in report, all 0s in query IGMP message format

25 Transport Layer Protocols
Two protocols in the transport layer TCP and UDP Transmission Control Protocol (TCP) A connection-oriented byte stream transport layer protocol in the TCP/IP suite provides a full duplex connection between two applications, allowing them to exchange large volumes of data efficiently Uses a sliding window protocol so that it can make efficient use of the network Error detection is handled by checksum, acknowledgement and timeout TCP is used by many popular application such as HTTP, TELNET, Rlogin, FTP and SMTP

26 Transport Layer Protocols
TCP header IP datagram TCP segment IP header TCP header TCP Data Figure 2.10 TCP encapsulation 20 bytes 20 bytes Source port number (16 bits) Destination port number (16 bits) Sequence number (32 bits) Acknowledgement number (32 bits) Header Length (4 bits) Reserved (6 bits) Code bits (6 bits) Windows size (16 bits) Figure 2.11 TCP packet format Checksum (16 bits) Urgent pointer (16 bits) TCP option (24 bits) Padding (8 bits) Data

27 Transport Layer Protocols
TCP header field Source and destination port number (16 bits each) The number to identify the sending and receiving application Sequence number (32 bits) The number assigned to the first byte of data stream contained in this segment Acknowledgement number (32 bits) The byte number that the sender of the segment is expecting to receive from the receiver Header length (4 bits) The number of four-byte words, between 20 to 60 bytes length Reserved (6 bits) For future use

28 Transport Layer Protocols
TCP header field Code bits (6 bits) Window size (16 bits) Used by sliding window protocol Checksum (16 bits) Urgent pointer (16 bits) This filed is used when the segment contains urgent data Options (24 bits) The options are used to convey additional information to the destination URG : Urgent pointer is valid RST : Reset the connection ACK : Acknowledgement is valid SYN : Synchronize sequence numbers PSH : Request for push FIN : Terminate the connection URG ACK PSH RST SYN FIN

29 Transport Layer Protocols
User Datagram Protocol (UDP) is suitable for a process that requires simple request-response communication with little concern for flow and error control But, UDP is not suitable for a process that needs to send bulk data, like FTP UDP is used for management processes such as SNMP

30 Transport Layer Protocols
UDP header IP datagram UDP datagram IP header UDP header UDP Data 20 bytes 8 bytes Figure 2.12 UDP encapsulation 15 16 31 Source port number (16 bits) Destination port number (16 bits) Header (8 bytes) UDP length (16 bits) Checksum (16 bits) Data (if any) Figure UDP header

31 Transport Layer Protocols
UDP header field Source port number (16 bits) Using to Identify the sending process running on the source host Destination port number (16 bits) The number used by the process running on the destination host Length (16 bits) Length of byte in the UDP datagram, including the UDP header and the user data Checksum (16 bits) Used to detect errors over the entire user datagram covering the UDP header and the UDP data

32 World Wide Web WWW Hypertext Transfer Protocol (HTTP)
A distributed client-server service, in which a client using a browser can access a service using a server Hypertext Transfer Protocol (HTTP) The protocol used to transfer a Web page between a browser and a Web server Hypertext Markup Language (HTML) A language used to create Web pages Web page : head + body Tags = marks < Tag Name >

33 World Wide Web HTMP example <html> <head>
<title>기본구조</title> </head> <body> <h1>HTML의 기본 구조</h1> HTML은 다음과 같이 ..... </body> </html>

34 File Transfer File Transfer Protocol (FTP)
The standard mechanism provided by TCP/IP for copying a file from on host to another Two TCP connections between the hosts Trivial File Transfer Protocol (TFTP) A protocol that quickly copies files because it does not require all the sophistication provided in FTP Network File System (NFS) Developed by Sun Microsystems Provides online shared file access that is transparent and integrated Data transfer FTP FTP Control info. Host A Host B

35 Electronic Mail Protocols that support electronic mail service
Simple Mail Transfer Protocol (SMTP) The protocol that transfer from one server to another Post Office Protocol Version 3 (POP3) Te most popular protocol used to transfer message from a permanent mailbox to local computer Internet Message Access Protocol (IMAP) A standard protocol for accessing from your local server Multipurpose Internet Mail Extension (MIME) allows arbitrary data to be encoded in ASCII and then transmitted in a standard message

36 Network Management Service
Simple Network Management Protocol (SNMP) An application protocol that facilitate the exchange of management information between network devices enables network administrators to manage network performance, find and resolve network problems and plan for network growth Management system request response Managed devices

37 Converting IP Addresses
Domain Name System (DNS) Distributed database to map a Domain Name to an IP address Receives query for a Domain Name Retrieves and Sends the IP address corresponding to a Domain Name Hierarchical naming scheme DNS Root Server DNS There exist many servers and hosts in a DNS Domain

38 5. Send that query to Name Server for kunsan.ac.kr
DNS operation example Upper level DNS 4. Notify the name server IP address for kunsan.ac.kr 3. If DNS has not cache data for “ deliver that query to the upper level DNS 5. Send that query to Name Server for kunsan.ac.kr 3 6. Receive the IP address corresponding to domain name “ 4 2. Send IP address query corresponding to domain name “ to predefined DNS 5 6 2 Predefined DNS 1. serching “ using Web Browser Name Server 7 7. Receive the IP address from predefined DNS 1 8 8. Receive hypertext data from using TCP 80 port

39 Routing Protocols Routing Information Protocol (RIP)
A protocol used to propagate routing information inside an autonomous system Autonomous System (AS) is a group of networks and routers under the authority of a single administration Popular interior routing protocol Updating routing tables in an AS Open Shortest Path First (OSPF) A new alternative to RIP as an interior routing protocol Link-state routing A process by which each router shares its knowledge about its neighborhood with every other router in the area

40 Routing Protocols Border Gateway Protocol (BGP)
An exterior gateway protocol for communication between routers in different autonomous system AS AS RIP or OSPF RIP or OSPF BGP

41 Remote System Programs
TELNET A simple remote terminal protocol allows a user to log on to a computer across an Internet Remote Login (Rlogin) designed for remote login only between UNIX hosts

Download ppt "“Internet Security” Chapter 2"

Similar presentations

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv4 20.3 IPv6.

Computer Networks20-1 Chapter 20. Network Layer: Internet Protocol 20.1 Internetworking 20.2 IPv IPv6.
CE363 Data Communications & Networking Chapter 7 Network Layer: Internet Protocol.

CE363 Data Communications & Networking Chapter 7 Network Layer: Internet Protocol.
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.

1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.
CP476 Internet Computing TCP/IP 1 Lecture 3. TCP / IP Objective: A in-step look at TCP/IP Purposes and operations Header specifications Implementations.

CP476 Internet Computing TCP/IP 1 Lecture 3. TCP / IP Objective: A in-step look at TCP/IP Purposes and operations Header specifications Implementations.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.

CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Lecture # 14 TCP/IP - UDP Computer Communication & Networks.

Lecture # 14 TCP/IP - UDP Computer Communication & Networks.
Networking Theory (part 2). Internet Architecture The Internet is a worldwide collection of smaller networks that share a common suite of communication.

Networking Theory (part 2). Internet Architecture The Internet is a worldwide collection of smaller networks that share a common suite of communication.
Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.

Chapter 2 Internet Protocol DoD Model Four layers: – Process/Application layer – Host-to-Host layer – Internet layer – Network Access layer.
1 Version 3.0 Module 9 TCP/IP Protocol and IP Addressing.

1 Version 3.0 Module 9 TCP/IP Protocol and IP Addressing.
Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.

Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
Process-to-Process Delivery:

Process-to-Process Delivery:
Packet Analysis with Wireshark

Packet Analysis with Wireshark
Networking Basics TCP/IP TRANSPORT and APPLICATION LAYER Version 3.0 Cisco Regional Networking Academy.

Networking Basics TCP/IP TRANSPORT and APPLICATION LAYER Version 3.0 Cisco Regional Networking Academy.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.

Similar presentations

Ads by Google