TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Internet Protocol Version4 (IPv4)
TCP/IP Protocol Suite 2 INTRODUCTION The Internet Protocol (IP) is the transmission mechanism used by the TCP/IP protocols at the network layer.
TCP/IP Protocol Suite 3 DATAGRAMS Packets in the network (internet) layer are called datagrams. A datagram is a variable-length packet consisting of two parts: header and data. The header is 20 to 60 bytes in length and contains information essential to routing and delivery. It is customary in TCP/IP to show the header in 4-byte sections. A brief description of each field is in order.
TCP/IP Protocol Suite 4 IP datagram
TCP/IP Protocol Suite 5 The total length field defines the total length of the datagram including the header. Note
TCP/IP Protocol Suite 6 Multiplexing
TCP/IP Protocol Suite 7
8 An IP packet has arrived with the first 8 bits as shown: Example Example 7.1 The receiver discards the packet. Why? Solution There is an error in this packet. The 4 left-most bits (0100) show the version, which is correct. The next 4 bits (0010) show the wrong header length (2 × 4 = 8). The minimum number of bytes in the header must be 20. The packet has been corrupted in transmission.
TCP/IP Protocol Suite 9 In an IP packet, the value of HLEN is 1000 in binary. How many bytes of options are being carried by this packet? Solution The HLEN value is 8, which means the total number of bytes in the header is 8 × 4 or 32 bytes. The first 20 bytes are the base header, the next 12 bytes are the options. Example Example 7.2
TCP/IP Protocol Suite 10 In an IP packet, the value of HLEN is 5 16 and the value of the total length field is How many bytes of data are being carried by this packet? Solution The HLEN value is 5, which means the total number of bytes in the header is 5 × 4 or 20 bytes (no options). The total length is 40 bytes, which means the packet is carrying 20 bytes of data (40 − 20). Example Example 7.3
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Hypertext Transfer Protocol (HTTP)
HTTP The Hypertext Transfer Protocol (HTTP) is a protocol used mainly to access data on the World Wide Web. HTTP functions as a combination of FTP and SMTP. It is similar to FTP because it transfers files and uses the services of TCP. it is much simpler than FTP because it uses only one TCP connection. There is no separate control connection; only data are transferred between the client and the server. TCP/IP Protocol Suite 12
TCP/IP Protocol Suite 13 HTTP uses the services of TCP on well-known port 80.
HTTP transaction TCP/IP Protocol Suite 14
Message categories TCP/IP Protocol Suite 15
Request message TCP/IP Protocol Suite 16
Request line TCP/IP Protocol Suite 17
Request line Request type: This field is used in the request message. The uniform resource locator (URL) is a standard for specifying any kind of information on the Internet. The URL defines four things: protocol, host computer, port, and path. Version: The most current version of HTTP is 1.1 TCP/IP Protocol Suite 18
URL TCP/IP Protocol Suite 19
Response message TCP/IP Protocol Suite 20
Status line TCP/IP Protocol Suite 21 Status code: Same format as FTP responses (three digits)
Status line Status code: This field is used in the response message. The status code field is similar to those in the FTP and the SMTP protocols. It consists of three digits. Status phrase: This field is used in the response message. It explains the status code in text form. TCP/IP Protocol Suite 22
Header format TCP/IP Protocol Suite 23
Header The header exchanges additional information between the client and the server Headers consist of one or more headers line Each header line consists of a header name, colon, space, and a header value A header line belongs to one of four categories: General: used in request & response messages Request: used in request messages only Response: used in response messages only Entity: used in request & response messages TCP/IP Protocol Suite 24
Headers TCP/IP Protocol Suite 25
Domain Name System (DNS) TCP/IP Protocol Suite 26
NEED FOR DNS To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the connection of a host to the Internet. However, people prefer to use names instead of numeric addresses. Therefore, we need a system that can map a name to an address or an address to a name. TCP/IP Protocol Suite 27
Purpose of DNS TCP/IP Protocol Suite 28
NAME SPACE To be unambiguous, the names assigned to machines must be carefully selected from a name space with complete control over the binding between the names and IP addresses. In other words, the names must be unique because the addresses are unique. A name space that maps each address to a unique name can be organized in two ways: flat or hierarchical. TCP/IP Protocol Suite 29
Domain name space TCP/IP Protocol Suite 30
Domain names and labels TCP/IP Protocol Suite 31
FQDN and PQDN TCP/IP Protocol Suite 32
Hierarchy of name servers TCP/IP Protocol Suite 33
Zones and domains TCP/IP Protocol Suite 34
TCP/IP Protocol Suite 35 A primary server loads all information from the disk file; the secondary server loads all information from the primary server. When the secondary downloads information from the primary, it is called zone transfer.
DNS IN THE INTERNET DNS is a protocol that can be used in different platforms. In the Internet, the domain name space (tree) is divided into three different sections: generic domains, country domains, and the inverse domain (see Figure 19.8). TCP/IP Protocol Suite 36
DNS used in the Internet TCP/IP Protocol Suite 37
Generic domains TCP/IP Protocol Suite 38
TCP/IP Protocol Suite 39
Country domains TCP/IP Protocol Suite 40
Inverse domain TCP/IP Protocol Suite 41
RESOLUTION Mapping a name to an address or an address to a name is called name-address resolution. TCP/IP Protocol Suite 42
DNS MESSAGES DNS has two types of messages: query and response. Both types have the same format. The query message consists of a header and question records; the response message consists of a header, question records, answer records, authoritative records, and additional records (see Figure 19.14). TCP/IP Protocol Suite 43
COMPRESSION DNS requires that a domain name be replaced by an offset pointer if it is repeated. For example, in a resource record the domain name is usually a repetition of the domain name in the question record. For efficiency, DNS defines a 2-byte offset pointer that points to a previous occurrence of the domain or part of it. The format of the field is shown in Figure TCP/IP Protocol Suite 44
DNS messages TCP/IP Protocol Suite 45
ENCAPSULATION DNS can use either UDP or TCP. In both cases the well- known port used by the server is port 53. UDP is used when the size of the response message is less than 512 bytes because most UDP packages have a 512-byte packet size limit. If the size of the response message is more than 512 bytes, a TCP connection is used. In that case, one of two scenarios can occur: TCP/IP Protocol Suite 46
Multimedia Multimedia TCP/IP Protocol Suite 47
Internet audio/video TCP/IP Protocol Suite 48
Internet audio/video Streaming means a user can listen (or watch) the file after the downloading has started the files are compressed andstored on a server. A client downloads the files through the Internet. This is sometimesreferred to as on-demand audio/video streaming live audio/video, a user listens to broadcast audio and video through the Internet. A good example of this type of application is the Internet radio interactive audio/video, people use the Internet to interac-tively communicate with one another. A good example of this application is Internet telephony TCP/IP Protocol Suite 49
TCP/IP Protocol Suite 50
TCP/IP Protocol Suite 51
TCP/IP Protocol Suite 52
TCP/IP Protocol Suite 53
TCP/IP Protocol Suite 54
TCP/IP Protocol Suite 55
Image Compression: JPEG if the picture is not in color (gray scale), each pixel can be represented by an 8-bit integer (256 levels). If the picture is in color, each pixel can be represented by 24 bits (3 × 8 bits), with each 8 bits representing red, blue, or green (RBG). In JPEG, a gray scale picture is divided into blocks of 8 × 8 pixels see Figure TCP/IP Protocol Suite 56
JPEG gray scale TCP/IP Protocol Suite 57
JPEG process TCP/IP Protocol Suite 58
TCP/IP Protocol Suite 59
TCP/IP Protocol Suite 60
TCP/IP Protocol Suite 61
TCP/IP Protocol Suite 62
TCP/IP Protocol Suite 63
TCP/IP Protocol Suite 64
TCP/IP Protocol Suite 65
Internet Security TCP/IP Protocol Suite 66
NETWORK LAYER SECURITY We start this chapter with the discussion of security at the network layer. Although in the next two sections we discuss security at the transport and application layers, we also need security at the network layer. IP Security (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. IPSec helps create authenticated and confidential packets for the IP layer. TCP/IP Protocol Suite 67
TCP/IP Protocol Suite 68
TCP/IP Protocol Suite 69
TCP/IP Protocol Suite 70
TRANSPORT LAYER SECURITY Two protocols are dominant today for providing security at the transport layer: the Secure Sockets Layer (SSL) protocol and the Transport Layer Security (TLS) protocol. We discuss SSL in this section; TLS is very similar. Figure shows the position of SSL and TLS in the Internet model. TCP/IP Protocol Suite 71
Location of SSL and TSL in the Internet mode TCP/IP Protocol Suite 72
APPLICATION LAYER SECURITY This section discusses two protocols providing security services for s: Pretty Good Privacy (PGP) and Secure/Multipurpose Internet Mail Extension (S/MIME). TCP/IP Protocol Suite 73
TCP/IP Protocol Suite 74
TCP/IP Protocol Suite 75
A plaintext message TCP/IP Protocol Suite 76
An authenticated message TCP/IP Protocol Suite 77
A compressed message TCP/IP Protocol Suite 78
A confidential message TCP/IP Protocol Suite 79
FIREWALLS All previous security measures cannot prevent Eve from sending a harmful message to a system. To control access to a system we need firewalls. A firewall is a device (usually a router or a computer) installed between the internal network of an organization and the rest of the Internet. It is designed to forward some packets and filter (not forward) others. TCP/IP Protocol Suite 80