TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Internet Protocol Version4 (IPv4)

TCP/IP Protocol Suite 2 INTRODUCTION The Internet Protocol (IP) is the transmission mechanism used by the TCP/IP protocols at the network layer.

TCP/IP Protocol Suite 3 DATAGRAMS Packets in the network (internet) layer are called datagrams. A datagram is a variable-length packet consisting of two parts: header and data. The header is 20 to 60 bytes in length and contains information essential to routing and delivery. It is customary in TCP/IP to show the header in 4-byte sections. A brief description of each field is in order.

TCP/IP Protocol Suite 4 IP datagram

TCP/IP Protocol Suite 5 The total length field defines the total length of the datagram including the header. Note

TCP/IP Protocol Suite 6 Multiplexing

TCP/IP Protocol Suite 7

8 An IP packet has arrived with the first 8 bits as shown: Example Example 7.1 The receiver discards the packet. Why? Solution There is an error in this packet. The 4 left-most bits (0100) show the version, which is correct. The next 4 bits (0010) show the wrong header length (2 × 4 = 8). The minimum number of bytes in the header must be 20. The packet has been corrupted in transmission.

TCP/IP Protocol Suite 9 In an IP packet, the value of HLEN is 1000 in binary. How many bytes of options are being carried by this packet? Solution The HLEN value is 8, which means the total number of bytes in the header is 8 × 4 or 32 bytes. The first 20 bytes are the base header, the next 12 bytes are the options. Example Example 7.2

TCP/IP Protocol Suite 10 In an IP packet, the value of HLEN is 5 16 and the value of the total length field is How many bytes of data are being carried by this packet? Solution The HLEN value is 5, which means the total number of bytes in the header is 5 × 4 or 20 bytes (no options). The total length is 40 bytes, which means the packet is carrying 20 bytes of data (40 − 20). Example Example 7.3

McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Hypertext Transfer Protocol (HTTP)

HTTP The Hypertext Transfer Protocol (HTTP) is a protocol used mainly to access data on the World Wide Web. HTTP functions as a combination of FTP and SMTP. It is similar to FTP because it transfers files and uses the services of TCP. it is much simpler than FTP because it uses only one TCP connection. There is no separate control connection; only data are transferred between the client and the server. TCP/IP Protocol Suite 12

TCP/IP Protocol Suite 13 HTTP uses the services of TCP on well-known port 80.

HTTP transaction TCP/IP Protocol Suite 14

Message categories TCP/IP Protocol Suite 15

Request message TCP/IP Protocol Suite 16

Request line TCP/IP Protocol Suite 17

Request line Request type: This field is used in the request message. The uniform resource locator (URL) is a standard for specifying any kind of information on the Internet. The URL defines four things: protocol, host computer, port, and path. Version: The most current version of HTTP is 1.1 TCP/IP Protocol Suite 18

URL TCP/IP Protocol Suite 19

Response message TCP/IP Protocol Suite 20

Status line TCP/IP Protocol Suite 21 Status code: Same format as FTP responses (three digits)

Status line Status code: This field is used in the response message. The status code field is similar to those in the FTP and the SMTP protocols. It consists of three digits. Status phrase: This field is used in the response message. It explains the status code in text form. TCP/IP Protocol Suite 22

Header format TCP/IP Protocol Suite 23

Header The header exchanges additional information between the client and the server Headers consist of one or more headers line Each header line consists of a header name, colon, space, and a header value A header line belongs to one of four categories:  General: used in request & response messages  Request: used in request messages only  Response: used in response messages only  Entity: used in request & response messages TCP/IP Protocol Suite 24

Headers TCP/IP Protocol Suite 25

Domain Name System (DNS) TCP/IP Protocol Suite 26

NEED FOR DNS To identify an entity, TCP/IP protocols use the IP address, which uniquely identifies the connection of a host to the Internet. However, people prefer to use names instead of numeric addresses. Therefore, we need a system that can map a name to an address or an address to a name. TCP/IP Protocol Suite 27

Purpose of DNS TCP/IP Protocol Suite 28

NAME SPACE To be unambiguous, the names assigned to machines must be carefully selected from a name space with complete control over the binding between the names and IP addresses. In other words, the names must be unique because the addresses are unique. A name space that maps each address to a unique name can be organized in two ways: flat or hierarchical. TCP/IP Protocol Suite 29

Domain name space TCP/IP Protocol Suite 30

Domain names and labels TCP/IP Protocol Suite 31

FQDN and PQDN TCP/IP Protocol Suite 32

Hierarchy of name servers TCP/IP Protocol Suite 33

Zones and domains TCP/IP Protocol Suite 34

TCP/IP Protocol Suite 35 A primary server loads all information from the disk file; the secondary server loads all information from the primary server. When the secondary downloads information from the primary, it is called zone transfer.

DNS IN THE INTERNET DNS is a protocol that can be used in different platforms. In the Internet, the domain name space (tree) is divided into three different sections: generic domains, country domains, and the inverse domain (see Figure 19.8). TCP/IP Protocol Suite 36

DNS used in the Internet TCP/IP Protocol Suite 37

Generic domains TCP/IP Protocol Suite 38

TCP/IP Protocol Suite 39

Country domains TCP/IP Protocol Suite 40

Inverse domain TCP/IP Protocol Suite 41

RESOLUTION Mapping a name to an address or an address to a name is called name-address resolution. TCP/IP Protocol Suite 42

DNS MESSAGES DNS has two types of messages: query and response. Both types have the same format. The query message consists of a header and question records; the response message consists of a header, question records, answer records, authoritative records, and additional records (see Figure 19.14). TCP/IP Protocol Suite 43

COMPRESSION DNS requires that a domain name be replaced by an offset pointer if it is repeated. For example, in a resource record the domain name is usually a repetition of the domain name in the question record. For efficiency, DNS defines a 2-byte offset pointer that points to a previous occurrence of the domain or part of it. The format of the field is shown in Figure TCP/IP Protocol Suite 44

DNS messages TCP/IP Protocol Suite 45

ENCAPSULATION DNS can use either UDP or TCP. In both cases the well- known port used by the server is port 53. UDP is used when the size of the response message is less than 512 bytes because most UDP packages have a 512-byte packet size limit. If the size of the response message is more than 512 bytes, a TCP connection is used. In that case, one of two scenarios can occur: TCP/IP Protocol Suite 46

Multimedia Multimedia TCP/IP Protocol Suite 47

Internet audio/video TCP/IP Protocol Suite 48

Internet audio/video  Streaming means a user can listen (or watch) the file after the downloading has started  the files are compressed andstored on a server. A client downloads the files through the Internet. This is sometimesreferred to as on-demand audio/video  streaming live audio/video, a user listens to broadcast audio and video through the Internet.  A good example of this type of application is the Internet radio  interactive audio/video, people use the Internet to interac-tively communicate with one another.  A good example of this application is Internet telephony TCP/IP Protocol Suite 49

TCP/IP Protocol Suite 50

TCP/IP Protocol Suite 51

TCP/IP Protocol Suite 52

TCP/IP Protocol Suite 53

TCP/IP Protocol Suite 54

TCP/IP Protocol Suite 55

Image Compression: JPEG if the picture is not in color (gray scale), each pixel can be represented by an 8-bit integer (256 levels). If the picture is in color, each pixel can be represented by 24 bits (3 × 8 bits), with each 8 bits representing red, blue, or green (RBG). In JPEG, a gray scale picture is divided into blocks of 8 × 8 pixels see Figure TCP/IP Protocol Suite 56

JPEG gray scale TCP/IP Protocol Suite 57

JPEG process TCP/IP Protocol Suite 58

TCP/IP Protocol Suite 59

TCP/IP Protocol Suite 60

TCP/IP Protocol Suite 61

TCP/IP Protocol Suite 62

TCP/IP Protocol Suite 63

TCP/IP Protocol Suite 64

TCP/IP Protocol Suite 65

Internet Security TCP/IP Protocol Suite 66

NETWORK LAYER SECURITY We start this chapter with the discussion of security at the network layer. Although in the next two sections we discuss security at the transport and application layers, we also need security at the network layer. IP Security (IPSec) is a collection of protocols designed by the Internet Engineering Task Force (IETF) to provide security for a packet at the network level. IPSec helps create authenticated and confidential packets for the IP layer. TCP/IP Protocol Suite 67

TCP/IP Protocol Suite 68

TCP/IP Protocol Suite 69

TCP/IP Protocol Suite 70

TRANSPORT LAYER SECURITY Two protocols are dominant today for providing security at the transport layer: the Secure Sockets Layer (SSL) protocol and the Transport Layer Security (TLS) protocol. We discuss SSL in this section; TLS is very similar. Figure shows the position of SSL and TLS in the Internet model. TCP/IP Protocol Suite 71

Location of SSL and TSL in the Internet mode TCP/IP Protocol Suite 72

APPLICATION LAYER SECURITY This section discusses two protocols providing security services for s: Pretty Good Privacy (PGP) and Secure/Multipurpose Internet Mail Extension (S/MIME). TCP/IP Protocol Suite 73

TCP/IP Protocol Suite 74

TCP/IP Protocol Suite 75

A plaintext message TCP/IP Protocol Suite 76

An authenticated message TCP/IP Protocol Suite 77

A compressed message TCP/IP Protocol Suite 78

A confidential message TCP/IP Protocol Suite 79

FIREWALLS All previous security measures cannot prevent Eve from sending a harmful message to a system. To control access to a system we need firewalls. A firewall is a device (usually a router or a computer) installed between the internal network of an organization and the rest of the Internet. It is designed to forward some packets and filter (not forward) others. TCP/IP Protocol Suite 80