TCP/IP Internetworking Chapter 8 Panko’s Business Data Networks and Telecommunications, 6th edition Copyright 2007 Prentice-Hall May only be used by adopters of the book

8-2 Recap Single Networks (Subnets) –Chapters 4 and 5 covered single LANs –Chapters 6 and 7 covered residential Internet access and single WANs Internets –Connect multiple single networks using routers –70%-80% of internet traffic follows TCP/IP standards –These standards are created by the IETF –Chapter 10 looks in more detail at TCP/IP management

8-3 Figure 2-8: Hybrid TCP/IP-OSI Architecture General PurposeLayerSpecific Purpose Application-application communication Application (5)Application-application interworking Transmission across an internet Transport (4)Host-host communication Internet (3)Packet delivery across an internet Transmission across a single network (LAN or WAN) Data Link (2)Frame delivery across a network Physical (1)Device-device connection Recap TCP/IP standards dominate at the internet and transport layers— transmission across an internet

8-4 Figure 2-11: Internet and Transport Layer, Cont. Transport Layer end-to-end (host-to-host) TCP is connection-oriented, reliable UDP is connectionless and unreliable Internet Layer (usually IP) hop-by-hop (host-router or router-router) connectionless, unreliable Router 1Router 2 Router 3 Client PC Server Recap

8-5 Frames and Packets Messages at the data link layer are called frames Messages at the internet layer are called packets Within a single network, packets are encapsulated in the data fields of frames Frame Header Packet (Data Field) Frame Trailer Recap

8-6 Frames and Packets In an internet with hosts separated by N networks, there will be: –2 hosts –One packet (going all the way between hosts) One route (between the two hosts) –N frames (one in each network) N-1 routers (change frames between each pair of networks) Recap

8-7 Figure 2-21: Combining Horizontal and Vertical Communication Int App DL Trans Phy Int Trans Int Source Host Destination Host Switch 1 Switch 2 Router 1 Switch 3 Router 2 Transmission Control Protocol (TCP) Or User Datagram Protocol (UDP) Internet Protocol (IP) Recap Horizontal Communication IP

8-8 Figure 8-1: Major TCP/IP Standards 5 Application User Applications HTTPSMTP Many Others DNS Routing Protocols Many Others Supervisory Applications TCPUDP4 Transport IP3 Internet MPLS ARP None: Use OSI Standards2 Data Link None: Use OSI Standards1 Physical Internetworking is done at the internet and transport layers. There are only a few standards at these layers. We will look at the shaded protocols in this chapter. ICMP

8-9 Figure 8-1: Major TCP/IP Standards, Continued 5 Application User Applications HTTPSMTP Many Others DNS Routing Protocols Many Others Supervisory Applications TCPUDP4 Transport IP3 InternetICMPARP None: Use OSI Standards2 Data Link None: Use OSI Standards1 Physical At the application layer, there are user applications and supervisory applications. We will look at two TCP/IP application layer supervisory applications in this chapter.

8-10 Figure 8-2: IP, TCP, and UDP ProtocolLayerConnection- Oriented/ CNLS Reliable / Unreliable Lightweight / Heavyweight TCP4. TransConnection- oriented ReliableHeavyweight UDP4. TransCNLSUnreliableLightweight IP3. IntCNLSUnreliableLightweight Note: CNLS = connectionless Recap

IP Addresses

8-12 Figure 8-3: Hierarchical IP Address IP addresses are not simple 32-bit numbers. They usually have 3 parts. Consider the example

8-13 Hierarchical Addressing Hierarchical Addressing Brings Simplicity –Phone System Country code-area code-exchange-subscriber number –Long-distance switches near the top of the hierarchy only have to deal with country codes and area codes to set up circuits –Similarly, core Internet routers only have to consider network or network and subnet parts of packets

8-14 IPv4 Address Formats 0 ~ ~ ~ ~ ~

8-15 IP Addresses - Class A 32 bit global internet address Network part and host part Class A –Start with binary 0 –All 0 reserved ( ) – (127) reserved for loopback –Range 1.x.x.x to 126.x.x.x –All allocated

8-16 IP Addresses - Class B Start 10 Range 128.x.x.x to 191.x.x.x Second Octet also included in network address 2 14 = 16,384 class B addresses All allocated

8-17 IP Addresses - Class C Start 110 Range 192.x.x.x to 223.x.x.x Second and third octet also part of network address 2 21 = 2,097,152 addresses Nearly all allocated –See IPv6

8-18 Special IP Addresses All-0 host suffix  Network Address – /24  /24 All-1 host suffix  All hosts on the destination net (directed broadcast) /24  All-0s  This computer – All-1s  All hosts on this net (limited broadcast) –  Subnet number cannot be all 1 All-0s network  This network. – /24  (Host 7 on this network) 127.*.*.*  Loopback through IP layer –

8-19 Private IP Addresses Any organization can use these inside their network Can’t go on the internet. [RFC 1918] – (10/8 prefix) – (172.16/12 prefix) – ( /16 prefix) Network Address Translation (NAT) – Basic NAT (one-to-one NAT) – NAT(NAPT, Network Address Port Translation)

Router Operation

8-21 Figure 8-4: Border Router, Internet Router, Networks, and Subnets Border routers connect different Internet networks (In this case, x.x and 60.x.x.x). An “x” indicates anything.

8-22 Figure 8-4: Border Router, Internet Router, Networks, and Subnets Internal routers connect different subnets in a network. In this case, the three subnets are boxed in red: x, x, and x.

8-23 Figure 8-5: Multiprotocol Routing Real routers must handle multiple internet and transport layer architectures— TCP/IP, IPX/SPX, SNA, etc. We will only look at TCP/IP routing

8-24 Figure 8-6: Ethernet Switching Versus IP Routing The switch reads the frame’s destination address (In this case, E5-BB D3-56). The switch locates the frame’s one matching row. The switch sends the frame out the indicated port. (In this case, Port 5) Ethernet switching is simple, fast, and therefore inexpensive One Correct Row

8-25 Figure 8-6: Ethernet Switching Versus IP Routing Routing Because of multiple alternative routes, Routers may have several rows that match an IP address. Routers must find all matches and then select the best one. This is slow and expensive compared to switching. Matches

8-26 Figure 8-7: The Routing Process Routing –Processing an individual packet and passing it on its way is called routing Router ports are called interfaces Packet arrives in one interface The router sends the packet out another interface

8-27 Figure 8-7: The Routing Process The Routing Table –Each router has a routing table that it uses to make routing decisions –Routing Table Rows Each row represents a route for a RANGE of IP addresses—often a network or subnet All packets with addresses in this range are routed according to that row Route IP Address Range Governed by the route Metric Next-Hop Router x.x9B C:\> route print

8-28 Figure 8-7: The Routing Process The Routing Table –Routing Table Columns Row (route) number: Not in real routing tables IP address range governed by the row Metric for the quality of the route Next-hop router that should get the packet next if the row is selected as the best match RouteIP Address Range MetricNext-Hop Router x.x9B x.x2B

8-29 Figure 8-7: The Routing Process A Routing Decision –The router looks at the destination IP address in an arriving packet (in this case, ). –1. The router determines which rows match (have an IP address range containing the packet’s destination IP address) The router must check ALL rows for possible matches RouteIP Address Range MetricNext-Hop Router x.x9B x.x2B Arriving Packet Match No Match

8-30 Figure 8-7: The Routing Process A Routing Decision –2. After finding all matches, the router then determines the best-match row 2A. Selects the row with the longest length of match –60.3.x.x has 16 bits of match – x has 24 bits of match so is a better match 2B. If two or more rows tie for the longest length of match, router uses the metric column value –If cost, lowest metric value is best –If speed, highest metric value is best –Etc.

8-31 Figure 8-7: The Routing Process A Routing Decision –3. After selecting the best-match row, the router sends the packet on to the next-hop router indicated in the best-match row—Next-Hop Router B in this example. RouteIP Address Range MetricNext-Hop Router x.x9B x.x2B Best-Match Row Send Packet out to NHR B

A More Detailed Look at Routing Decisions Box

8-33 Figure 8-8: Detailed Row-Matching Algorithm Routing Table IP Address Range RowDestinationMask……… ……… 2…………… 3…………… Box Actually, the table does not really have an “IP Address Range” column. It has two columns to indicate the IP address range: Destination (an IP address) and a mask

8-34 Figure 8-8: Detailed Row-Matching Algorithm 1. Basic Rule of Masking –Information Bit –Mask Bit –Result Where mask bits are one, the result gives the original IP address bits Where mask bits are zero, the result contains zeros Box

8-35 Figure 8-8: Detailed Row-Matching Algorithm 2. Example –Address (partial) –Mask –Result Box

8-36 Figure 8-8: Detailed Row-Matching Algorithm 3. Common 8-bit Segment Values in Dotted Decimal Notation –SegmentDecimal Value Example – is 24 ones followed by 8 zero – is also called /24 in “prefix notation” Box

8-37 Figure 8-8: Detailed Row-Matching Algorithm Example 1: A Destination IP Address that is in the Range Destination IP Address of Arriving Packet Apply the Mask Result of Masking Destination Value Does Destination Value Match the Masking Result?Yes ConclusionRow 1 is a match. RowDestinationMask……… ……… Box

8-38 Figure 8-8: Detailed Row-Matching Algorithm Example 2: A Destination IP Address that is NOT in the Range Destination IP Address of Arriving Packet Apply the Mask Result of Masking Destination Value Does Destination Value Match the Masking Result?No ConclusionRow 1 is NOT a match. RowDestinationMask……… ……… Box

8-39 Figure 8-9: Interface and Next-Hop Router Switches –A switch port connects directly to a single computer or another switch –Sending the frame out a port automatically gets it to the correct destination Frame Box

8-40 Figure 8-9: Interface and Next-Hop Router Routers –Router ports (interfaces) connect to subnets, which have multiple hosts and that may have multiple routers –The packet must be forwarded to a specific host or router on that subnet Subnet on Router Interface IP Packet Next-Hop Router Host Box

8-41 Figure 8-9: Interface and Next-Hop Router Box Best-match row has both an interface (indicating a subnet) and also a next-hop router value to indicate a host or router on the subnet. (Not just a Next Hop Router Column) Interface (port)Next-Hop Router

Dynamic Routing Protocols Routing Table Information Dynamic Routing Protocol

8-43 Figure 8-10: Dynamic Routing Protocols (Study Figure) Routing –Routers constantly exchange routing table information with one another using dynamic routing protocols –Note that the term routing is used in two ways In TCP/IP For IP packet forwarding and For the exchange of routing table information through routing protocols Routing Table Information Dynamic Routing Protocol

8-44 Figure 8-10: Dynamic Routing Protocols (Study Figure) Autonomous System –An organization’s internal network (internet) Interior Dynamic Routing Protocols –Within an Autonomous System, firms use interior dynamic routing protocols Exterior Dynamic Routing Protocols –Between Autonomous Systems, companies use an exterior dynamic routing protocol

8-45 Figure 8-10: Dynamic Routing Protocols (Study Figure) Interior Dynamic Routing Protocols –As just discussed, within an Autonomous System, firms use interior dynamic routing protocols –The organization can freely select an interior routing protocol RIP OSPF EIGRP Etc.

8-46 Figure 8-10: Dynamic Routing Protocols (Study Figure) Routing Information Protocol (RIP) –Simple interior dynamic routing protocol from the IETF –Low-cost management –Poor efficiency: metric is merely the number of router hops to the destination host No way to select cheapest route, etc. –Weak security –Useful only in small firms

8-47

8-48 Figure 8-10: Dynamic Routing Protocols (Study Figure) Open Shortest Path First –Sophisticated IETF interior dynamic routing protocol –Very efficient, having a complex metric based on a mixture of cost, throughput, and traffic delays –Strong security –High management costs –The only IETF dynamic routing protocol that makes sense for all but the smallest networks

8-49 Figure 8-10: Dynamic Routing Protocols (Study Figure) Enhanced Interior Gateway Routing Protocol (EIGRP) –Proprietary interior dynamic routing protocol from Cisco Systems –“Gateway” is an obsolete term for “router” –Very efficient because metric is a mixture of interface bandwidth, load on the interface (0% to 100% of capacity), delay, and reliability (percentage of packets lost).

8-50 Figure 8-10: Dynamic Routing Protocols (Study Figure) Enhanced Interior Gateway Routing Protocol (EIGRP) –Only interior dynamic routing protocol that supports multiprotocol routing (not just TCP/IP): IPX/SPX, SNA, etc. –But to use it, a company must buy Cisco routers

8-51 Figure 8-10: Dynamic Routing Protocols (Study Figure) Exterior Dynamic Routing Protocols –Between autonomous systems, companies use an exterior dynamic routing protocol –An organization is not free to select an exterior routing protocol It must select a protocol selected by its ISP –Border Gateway Protocol (BGP) is the main exterior routing protocol Recall that “gateway” is the old term for “router”

8-52 Figure 8-11: Dynamic Routing Protocols Recap

The Address Resolution Protocol (ARP)

8-54 Figure 8-12: Address Resolution Protocol (ARP) The Situation: The router wishes to pass the packet to the destination host or to a next-hop router. The router knows the destination IP address of the target. The router must learn the target’s MAC layer address in order to be able to send the packet to the target in a frame. The router uses the Address Resolution Protocol (ARP) Packet Frame

8-55 Figure 8-12: Address Resolution Protocol (ARP) 1: Router broadcasts ARP Request to all hosts and routers on the subnet.

8-56 Figure 8-12: Address Resolution Protocol (ARP) This is the Destination host 2: ARP Reply sent by the host with the target IP address. Other hosts ignore it.

8-57 Figure 8-12: Address Resolution Protocol (ARP) 3. Router puts the MAC address in its ARP cache; uses it for subsequent packets to the host

8-58

C:\>arp -a Interface: x2 Internet Address Physical Address Type cf-28-cd-20 dynamic cf-29-c6-80 dynamic cf-28-1e-20 dynamic cf-28-4d-e0 dynamic cf dynamic cf-28-bf-e0 dynamic e3-dd-b3-1f dynamic arp -a arp -d arp -d * arp –s aa c6-09 arp -? C:\>arp -s cf-28-1e-20 C:\>arp –a Interface: x2 Internet Address Physical Address Type cf-28-1e-20 static e3-dd-b3-1f dynamic

Multiprotocol Label Switching (MPLS)

8-61 Figure 8-13: Multiprotocol Label Switching (MPLS) Routers are Connected in a Mesh –Multiple alternative routes make the choice of an outgoing interface very expensive PSDNs (Chapter 7) also are Arranged in a Mesh –However, a best path (virtual circuit) is set up before transmission begins –Once a VC is in place, subsequent frames are handled quickly and inexpensively MPLS Does Something Like this for Routers

8-62 Figure 8-13: Multiprotocol Label Switching (MPLS) MPLS Adds a Label Before Each Packet –Label sits between the frame header and the IP header –Contains an MPLS label number –Like a virtual circuit number in a PSDN frame –Label-switching router merely looks up the MPLS label number in its MPLS table and sends the packet back out Data Link Header MPLS Label IP Packet

8-63 Figure 8-13: Multiprotocol Label Switching (MPLS) Advantages of MPLS –Router does a simple table lookup. This is fast and therefore inexpensive per packet handled As fast as Ethernet switching! –Can use multiple label numbers to give to traffic between sites for multiple levels of priority or quality of service guarantees –MPLS supports traffic engineering: balancing traffic on an internet

8-64 Figure 8-13: Multiprotocol Label Switching (MPLS) First router adds the label Last router drops the label

The Domain Name System (DNS)

8-66 Figure 8-14: Domain Name System (DNS) Hierarchy A domain is a group of resources under the control of an organization. The domain name system is a general system for managing names. It is a hierarchical naming system. Queries to a DNS server can get Information about a domain.

8-67 Figure 8-14: Domain Name System (DNS) Hierarchy The highest level is called the root. There are 13 DNS Root Servers. They point to lower-level servers.

8-68 Figure 8-14: Domain Name System (DNS) Hierarchy Top-level domains are generic TLDs (.com,.net.,.org, etc.) or country TLDs (.ca,.uk,.ie, etc.)

8-69 Figure 8-14: Domain Name System (DNS) Hierarchy Organizations seek good second- level domain names cnn.com microsoft.com hawaii.edu etc. Get them from address registrars

8-70 Figure 8-14: Domain Name System (DNS) Hierarchy Host names are the bottom of the DNS hierarchy. A DNS request for a host name will return its IP address.

The Internet Control Message Protocol (ICMP)

8-72 Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages ICMP is the supervisory protocol at the internet layer. ICMP messages are encapsulated in the data fields of IP packets

8-73 Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages When an error occurs, the device noting the error may try to respond with an ICMP error message describing the problem. ICMP error messages often are not sent for security reasons because attackers can use them to learn about a network

8-74 Figure 8-15: Internet Control Message Protocol (ICMP) for Supervisory Messages To see if another host is active, a host can send the target host an ICMP echo request message (called a ping). If the host is active, it will send back an echo response message confirming that it is active.

8-75 ICMP Type Echo Request / Echo Reply Destination Unreachable Source Quench Redirect Time Exceeded Parameter Problem Timestamp Request / Timestamp Reply Address Mask Request / Address Mask Reply 8 / / / 18

8-76 Figure 8-16: Dynamic Host Configuration Protocol (DHCP) DHCP Gives Each Client PC at Boot-Up: –A temporary IP Address –A subnet mask –The IP addresses of local DNS servers Better Than Manual Configuration –If subnet mask or DNS IP addresses change, only the DHCP server has to be updated manually –Client PCs are automatically updated when they next boot up

8-77 動態主機組態協定 (DHCP) Dynamic Host Configuration Protocol 自動設定電腦的 –IP 位址 ( ) – 子網路遮罩 ( ) – 預設通訊閘 ( ) – 領域名稱伺服器 ( ) –… winipcfg (Win 98/Me) ipconfig /all (Win 2000/XP)

控制台  網路和網際網路連線

8-79 ICMP Message Formats

8-80

8-81 ipconfig ipconfig /all ipconfig /release ipconfig /renew C:\>ipconfig Windows IP Configuration Ethernet adapter 區域連線 : Connection-specific DNS Suffix. : ncnu.edu.tw IP Address : Subnet Mask : Default Gateway :

The Internet Protocol (IP) Versions 4 and 6

8-83 Figure 8-17: IPv4 and IPv6 Packets IP Version 4 Packet Version (4 bits) Value is 4 (0100) Header Length (4 bits) Flags (3 bits) Time to Live (8 bits) Header Checksum (16 bits) Diff-Serv (8 bits) Total Length (16 bits) Length in octets Bit 0 Bit 31 Identification (16 bits) Unique value in each original IP packet Fragment Offset (13 bits) Octets from start of original IP fragment’s data field Protocol (8 bits) 1=ICMP, 6=TCP, 17=UDP IPv4 is the dominant version of IP today. The version number in its header is 4 (0100). The header length and total length field tell the size of the packet. The Diff-Serv field can be used for quality of service labeling. (But MPLS is being used instead by most carriers)

8-84 Figure 8-17: IPv4 and IPv6 Packets IP Version 4 Packet Version (4 bits) Value is 4 (0100) Header Length (4 bits) Flags (3 bits) Time to Live (8 bits) Header Checksum (16 bits) Diff-Serv (8 bits) Total Length (16 bits) Length in octets Bit 0 Bit 31 Identification (16 bits) Unique value in each original IP packet Fragment Offset (13 bits) Octets from start of original IP fragment’s data field Protocol (8 bits) 1=ICMP, 6=TCP, 17=UDP The second row is used for reassembling fragmented IP packets, but fragmentation is quite rare, so we will not look at these fields.

8-85 Figure 8-17: IPv4 and IPv6 Packets IP Version 4 Packet Version (4 bits) Value is 4 (0100) Header Length (4 bits) Flags (3 bits) Time to Live (8 bits) Header Checksum (16 bits) Diff-Serv (8 bits) Total Length (16 bits) Length in octets Bit 0 Bit 31 Identification (16 bits) Unique value in each original IP packet Fragment Offset (13 bits) Octets from start of original IP fragment’s data field Protocol (8 bits) 1=ICMP, 6=TCP, 17=UDP The sender sets the time-to-live value (usually 64 to 128). Each router along the way decreases the value by one. A router decreasing the value to zero discards the packet. It may send an ICMP error message. The protocol field describes the message in the data field (ICMP, TCP, UDP, etc.) The header checksum is used to find errors in the header. If a packet has an error, the router drops it. There is no retransmission at the internet layer, so the internet layer is still unreliable.

8-86 Traceroute To provide a trace of the path the packet took to reach the destination. Operates by first sending out a packet with a Time To Live (TTL) of 1. The first hop then sends back an ICMP error message indicating that the packet could not be forwarded because the TTL expired. The packet is then resent with a TTL of 2, and the second hop returns the TTL expired. This process continues until the destination is reached. Record the source of each ICMP TTL exceeded message RFC

8-87

8-88

8-89

8-90 Figure 8-17: IPv4 and IPv6 Packets IP Version 4 Packet Source IP Address (32 bits) Bit 0 Bit 31 Destination IP Address (32 bits) PaddingOptions (if any) Data Field The source and destination IP addresses Are 32 bits long, as you would suspect. Options can be added, but these are rare.

8-91 Figure 8-17: IPv4 and IPv6 Packets IP Version 6 Packet Source IP Address (128 bits) Bit 0 Bit 31 Hop Limit (8 bits) Next Header (8 bits) Name of next header Payload Length (16 bits) Version (4 bits) Value is 6 (0110) Diff-Serv (8 bits) Flow Label (20 bits) Marks a packet as part of a specific flow Destination IP Address (128 bits) Next Header or Payload (Data Field) IP Version 6 is the emerging version of the Internet protocol. Has 128 bit addresses for an almost unlimited number of IP addresses. Growing fastest in Asia, which was short-changed in IPv4 address allocations

8-92 IPv6 Header

8-93 IPv6 Header Fields (1) Version –6 Traffic Class (DS/ECN) –Classes or priorities of packet –Still under development –See RFC 2460 Flow Label –Used by hosts requesting special handling Payload length –Includes all extension headers plus user data

8-94 IPv6 Header Fields (2) Next Header –Identifies type of header Extension or next layer up Source Address Destination address

8-95 Types of address Unicast –Single interface Anycast –Set of interfaces (typically different nodes) –Delivered to any one interface –the “ nearest ” Multicast –Set of interfaces –Delivered to all interfaces identified

8-96 Text Representation of IPv6 Addresses x:x:x:x:x:x:x:x hexadecimal values of the eight 16-bit pieces of the address. –FEDC:BA98:7654:3210:FEDC:BA98:7654:3210 –1080:0:0:0:8:800:200C:417A RFC 3513

8-97 IPv6 Address Representation (2) The use of "::" indicates multiple groups of 16- bits of zeros. Unicast address –1080:0:0:0:8:800:200C:417A –1080::8:800:200C:417A Multicast address –FF01:0:0:0:0:0:0:101  FF01::101 Loopback address –0:0:0:0:0:0:0:1  ::1 unspecified addresses (Absence of address) –0:0:0:0:0:0:0:0  ::

8-98 IPv6 Address Representation (3) IPv4 and IPv6 mixed address –x:x:x:x:x:x:d.d.d.d –x: IPv6, d: IPv4 –Eg. 0:0:0:0:0:FFFF: :: ::FFFF:

The Transmission Control Protocol (TCP)

8-100 Figure 8-18: TCP Segment and UDP Datagram TCP Segment Window Size (16 bits) Bit 0 Bit 31 Destination Port Number (16 bits)Source Port Number (16 bits) Sequence Number (32 bits) Acknowledgment Number (32 bits) Urgent Pointer (16 bits)TCP Checksum (16 bits) Header Length (4 bits) Reserved (6 bits) Flag Fields (6 bits) Flag fields are one-bit fields. They include SYN, ACK, FIN, and RST. The source and destination port numbers specify a particular application on the source and destination multitasking computers (Discussed later) Sequence numbers are 32 bits long. So are acknowledgment numbers.

8-101 Figure 8-18: TCP Segment and UDP Datagram TCP Segment Window Size (16 bits) Bit 0 Bit 31 Destination Port Number (16 bits)Source Port Number (16 bits) Sequence Number (32 bits) Acknowledgment Number (32 bits) Urgent Pointer (16 bits)TCP Checksum (16 bits) Header Length (4 bits) Reserved (6 bits) Flag Fields (6 bits) Flags are one-bit fields. If a flag’s value is 1, it is “set”. If a flag’s value is 0, it is “not set.” TCP has six flags If the TCP Checksum field’s value is correct, The receiving process sends back an acknowledgment.

8-102

8-103 Figure 8-18: TCP Segment and UDP Datagram TCP Segment Window Size (16 bits) Bit 0 Bit 31 Destination Port Number (16 bits)Source Port Number (16 bits) Sequence Number (32 bits) Acknowledgment Number (32 bits) Urgent Pointer (16 bits)TCP Checksum (16 bits) Header Length (4 bits) Reserved (6 bits) Flag Fields (6 bits) For flow control (to tell the other party to slow down), The sender places a small value in the Window Size field. If the Window Size is small, the receiver will have to stop transmitting after a few more segments (unless it gets a new acknowledgment extending the number of segments it may send.)

8-104 Figure 8-18: TCP Segment and UDP Datagram TCP SegmentBit 0 Bit 31 PaddingOptions (if any) Data Field TCP segment headers can end with options. This is very common. If an option does not end at a 32-bit boundary, padding must be added.

The User Datagram Protocol (UDP)

8-106 Figure 8-18: TCP Segment and UDP Datagram UDP DatagramBit 0 Bit 31 Source Port Number (16 bits)Destination Port Number (16 bits) UDP Length (16 bits)UDP Checksum (16 bits) Data Field UDP messages (datagrams) are very simple. Like TCP, UDP has 16-bit port numbers. The UDP length field allows variable-length application messages. If the UDP checksum is correct, there is no acknowledgment. If the UDP checksum is incorrect, the UDP datagram is dropped.

8-107 Figure 8-19: TCP Connection Openings and Closings TCP is a connection-oriented protocol –Each connection has a formal opening process –Each connection has a formal closing process –During a connection, each TCP segment is acknowledged (Of course, pure acknowledgments are not acknowledged)

8-108 Figure 8-19: TCP Connection Openings and Closings SYN SYN/ACK ACK Normal Three-Way Opening A SYN segment is a segment in which the SYN bit is set. One side sends a SYN segment requesting an opening. The other side sends a SYN/acknowledgment segment. Originating side acknowledges the SYN/ACK.

8-109 Figure 8-19: TCP Connection Openings and Closings FIN ACK FIN ACK Normal Four-Way Close A FIN segment is a segment in which the FIN bit is set. Like both sides saying “good bye” to end a conversation.

8-110 Figure 8-19: TCP Connection Openings and Closings RST Abrupt Reset An RST segment is a segment in which the RST bit is set. A single RST segment breaks a connection. Like hanging up during a phone call. There is no acknowledgment.

Port Numbers and Sockets in TCP and UDP

8-112 TCP and UDP Port Numbers Computers are multitasking devices –They run multiple applications at the same time –On a server, a port number designates a specific applications Server HTTP Webserver Application SMTP Applications Port 80 Port 25

8-113 Range of TCP (and UDP) Port Numbers 0~1023 –The range for assigned ports managed by the IANA 1024~49151 –Registered Port Numbers –For non-major applications. –Unix does not follow the rule. Uses some of these port numbers as ephemeral port numbers ~65535 –Ephemeral Port Numbers –Dynamic and/or Private Ports Port numbers: –

8-114 TCP and UDP Port Numbers Major Applications Have Well-Known Port Numbers –0 to 1023 for both TCP and UDP –HTTP is TCP Port 80 –SMTP is TCP Port 25 Server HTTP Webserver Application SMTP Applications Port 80 Port 25

8-115 TCP and UDP Port Numbers Clients Use Ephemeral Port Numbers –1024 to 4999 for Windows Client PCs –A client has a separate port number for each connection to a program on a webserver Client Port 4400Port 3270 Webserver Application on Webserver Application on Mail Server

8-116 Figure 8-20: Use of TCP (and UDP) Port Numbers Client Webserver Port 80 SMTP Server Port 25 A socket is an IP address, a colon, and a port number : : :2849 It represents a specific application (Port number) on a specific server (IP address) Or a specific connection on a client. Client PC Port 2849

8-117 Figure 8-20: Use of TCP (and UDP) Port Numbers Client Webserver Port 80 From: :2707 To: :80 SMTP Server Port 25 This shows sockets for a client packet sent to a webserver application on a webserver

8-118 Figure 8-20: Use of TCP (and UDP) Port Numbers Client Webserver Port 80 From: :2707 To: :80 From: :80 To: :2707 SMTP Server Port 25 Sockets in two-way transmission

8-119 Figure 8-20: Use of TCP (and UDP) Port Numbers Client Webserver Port 80 From: :2707 To: :80 From: :80 To: :2707 From: :4400 To: :25 SMTP Server Port 25 Clients use a different ephemeral Port number for different connections

Layer 3 Switches

8-121 Figure 8-21: Layer 3 Switches and Routers in Site Networks Usually too expensive to replace workgroup switches. Usually too limited in functionality to replace border routers. Replaces core switches in the middle.

Topics Covered

8-123 Topics Covered Internetworking Recap from Earlier Chapters –Internetworking involves the internet and transport layers –Packets are encapsulated in frames in single networks. –Transport layer is end-to-end –Internet layer is hop-by-hop between routers –IP, TCP, and UDP are the heart of TCP/IP internetworking

8-124 Topics Covered Hierarchical IP Address parts –Network, subnet, and host parts Router Operation –Border routers connect networks –Internal routers connect subnets –We focused on TCP/IP routing, but multiprotocol routing is crucial –Router meshes give alternative routes, making routing very expensive

8-125 Topics Covered Routing of Packets Routing tables IP address range governed by a row—usually a route to a network or subnet Metric to help select best matches Next-hop router to be sent the packet next –Can be a local host on one of the router’s subnets –Process Final all possible routes through row matching Select by length of match, then metric if tie Send out to next-hop router in the best-match row

8-126 Topics Covered Detailed Look at Routing Decisions IP address range –Destination –Mask –If the masked destination IP address in an arriving packet matches the destination value, the row is a match Next-Hop Router –Interface –Next-hop router or destination host Box

8-127 Topics Covered Dynamic Routing Protocols Interior dynamic routing protocols within an autonomous system –RIP, OSPF, EIGRP Exterior dynamic routing protocols between autonomous systems –BGP Address Resolution Protocol –Router knows the IP address of the next-hop router or destination host –Must learn the data link layer address as well

8-128 Topics Covered Multiprotocol Label Switching –Routing decisions are based on labels rather than destination IP addresses –Reduces routing costs Domain Name System (DNS) –General hierarchical naming system for the Internet Internet Control Message Protocol (ICMP) –General supervisory protocol at the internet layer –Error advisements and Pings (echo requests/replies)

8-129 Topics Covered The Internet Protocol (IP) –Detailed look at key fields –Protocol field lists contents of the data field –32-bit IP addresses –IPv4 is the current version –IPv6 offers 128-bit IP addresses to allow many more IP addresses to serve the world

8-130 Topics Covered The Transmission Control Protocol (TCP) –Sequence and acknowledgement numbers –Flag fields that are set or not set –Window size field allows flow control –Options are common –Three-way openings (SYN, SYN/ACK, and ACK) –Four-way normal closings (FIN, ACK, FIN, ACK) –One-way abrupt closing (RST)

8-131 Topics Covered The User Datagram Protocol (UDP) –Simple four-field header Port Numbers and Sockets in TCP and UDP –Applications get well-known port numbers on servers –Connections get ephemeral port numbers on clients –Socket is an IP address, a colon, and a port number –This designates a specific application (or connection) on a specific server (or client) Layer 3 Switches –Fast, inexpensive, and limited routers