Download TCP/IP Refresher

TCP/IP Refresher
Prabhaker Mateti
(ack: Many many sources …)
TCP/IP ?



TCP = Transmission Control Protocol
IP = Internet Protocol
Almost always includes other protocols:
– UDP, User (Unreliable) Datagram
– ICMP, Internet Control Message
– ARP, Address Resolution
Mateti, TCP/IP Refresher
2
What’s a Protocol?


An agreed upon convention for
communication.
Protocols must be formally defined
and unambiguous
Mateti, TCP/IP Refresher
3
Layers
TCP
UDP
Physical
ICMP
other
IP layer
IP layer
IP layer
IP layer
Physical
Physical
Physical
Physical
Physical
The relative heights indicate the level of functionality.
Mateti, TCP/IP Refresher
4
Unix is a Layered
System
Applications
Libraries
System Calls
Kernel
Mateti, TCP/IP Refresher
5
Layers



The routines/methods of Layer N will
not call Layer N+1.
The routines/methods of Layer N
typically do call the same layer
methods.
The routines/methods of Layer N
typically do call Layer N-1 methods.
Mateti, TCP/IP Refresher
6
DoD model: Four Layers
1.
2.
3.
4.
Network Access Layer: Delivery over
physical media in use.
Internet Layer: Delivery across different
physical networks that connect source and
destination machines.
Host-to-Host Layer: Connection rendezvous,
flow control, retransmission of lost data,
etc. TCP and UDP protocols are in this layer.
Process Layer: User-level functions, such as
SMTP, FTP and rlogin.
Mateti, TCP/IP Refresher
7
OSI Reference Model
Seven Layers
7. Application
6. Presentation
5. Session
4. Transport
3. Network
2. Data Link
1. Physical
Mateti, TCP/IP Refresher
8
TCP/IP & OSI


In OSI reference model terminology the TCP/IP protocol suite covers the
network and transport layers.
TCP/IP can be used on many data-link
layers (can support many network
hardware implementations).
Mateti, TCP/IP Refresher
9
Process
Process
TCP
UDP
ICMP, ARP
&
RARP
IP
802.3
Mateti, TCP/IP Refresher
Process Layer
Transport Layer
Network Layer
Data-Link Layer
10
Physical Layer

Responsibility:
– transmission of raw bits over a communication
channel.

Issues:
– mechanical and electrical interfaces
– time per bit
– distances
Mateti, TCP/IP Refresher
11
Data Link Layer Data Link Control

Responsibility:
– provide an error-free communication link

Issues:
– framing (dividing data into chunks)

header & trailer bits
– addressing
10110110101
Mateti, TCP/IP Refresher
01100010011
10110000001
12
The Data Link Layer The MAC sub layer


Medium Access Control (MAC) needed by multi-access networks.
MAC provides DLC with “virtual wires”
on multi-access networks.
Mateti, TCP/IP Refresher
13
Ethernet: A Data-Link
Layer






IEEE 802.3
Variety of physical layers.
Multi-access (shared medium).
Interface has a unique 6-byte hardware
address. (E.g. 00-D0-09-E8-08-61)
The broadcast address is all 1’s.
Addresses are assigned to vendors by a
central authority.
Mateti, TCP/IP Refresher
14
An Ethernet Frame
Preamble
8 bytes


Destination Source
Address
Address
6
6
Len
DATA
CRC
2
0-1500
4
Preamble is a sequence of alternating
1’s and 0’s used for synchronization.
CRC is Cyclic Redundancy Check
Mateti, TCP/IP Refresher
15
Ethernet Addressing


Each NIC looks at every frame and
inspects the destination address. If the
address does not match the hardware
address of the interface or the
broadcast address, the frame is
discarded.
Some NICs can be programmed to
recognize multicast addresses.
Mateti, TCP/IP Refresher
16
The Network Layer

Responsibilities:
–
–
–
–

path selection between systems (routing).
subnet flow control.
fragmentation & reassembly
translation between different network types.
Issues:
– packet headers
– virtual circuits
Mateti, TCP/IP Refresher
17
The Transport Layer

Responsibilities:
– provides virtual end-to-end links
between peer processes.
– end-to-end flow control

Issues:
– headers
– error detection
– reliable communication
Mateti, TCP/IP Refresher
18
The Session Layer

Responsibilities:
– establishes, manages, and terminates
sessions between applications.
– service location lookup

Many protocol suites do not include a
session layer.
Mateti, TCP/IP Refresher
19
The Presentation Layer

Responsibilities:
– data encryption
– data compression
– data conversion

Many protocol suites do not include a
Presentation Layer.
Mateti, TCP/IP Refresher
20
The Application Layer

Responsibilities:
– anything not provided by any of the other
layers

Issues:
– application level protocols
– appropriate selection of “type of service”
Mateti, TCP/IP Refresher
21
Layering & Headers


Each layer needs to add control
information.
Typically prefixed to the data before
passing on to the lower layer.
Mateti, TCP/IP Refresher
22
Headers
DATA
Process
H
DATA
Transport
H H
DATA
Network
H H H
DATA
Data Link
Process
Transport
Network
Data
Link
Mateti, TCP/IP Refresher
23
Example Headers


Physical: no header
Data Link:
– address of the receiving endpoints
– address of the sending endpoint
– length of the data
– checksum
Mateti, TCP/IP Refresher
24
Network layer header examples






protocol suite
version
type of service
length of the data
packet identifier
fragment number
time to live
Mateti, TCP/IP Refresher
protocol
 header checksum
 source network
address
 destination network
address

25
Connecting Networks

Repeater:
physical layer

Bridge:
data link layer

Router:
network layer

Gateway:
network layer and above.
Mateti, TCP/IP Refresher
26
Repeater



Copies bits from one network to
another
Does not look at any bits
Allows the extension of a network
beyond physical length limitations
REPEATER
Mateti, TCP/IP Refresher
27
Bridge



Copies frames from one network to another
Can operate selectively - does not copy all
frames (looks at data-link headers).
Extends the network beyond physical length
limitations.
BRIDGE
Mateti, TCP/IP Refresher
28
Router


Copies packets from one network to
another.
Makes decisions about what route a
packet should take (looks at network
headers).
ROUTER
Mateti, TCP/IP Refresher
29
Gateway



Operates as a router
Data conversions above the network layer.
Conversions:
– encapsulation - use an intermediate network
– translation - connect different application
protocols
– encryption - could be done by a gateway
Mateti, TCP/IP Refresher
30
Encapsulation Example
Gateway

Gateway
Provides service connectivity
even though intermediate
network does not support
protocols.
Mateti, TCP/IP Refresher
31
Translation
Gateway

Translate from green protocol to brown
protocol
Mateti, TCP/IP Refresher
32
Encryption gateway
Secure
Network
GW
Encryption/Decryption
Gateways
? ?
?
Secure
Network
GW
Insecure Network
Mateti, TCP/IP Refresher
33
Hardware v. Software




Repeaters are typically hardware devices.
Bridges can be implemented in hardware or
software.
Routers and gateways are typically
implemented in software so that they can
be extended to handle new protocols.
Many workstations can operate as routers or
gateways.
Mateti, TCP/IP Refresher
34
Modes of Service






connection-oriented vs. connectionless
sequencing
error-control
flow-control
byte stream vs. message based
full-duplex vs. half-duplex.
Mateti, TCP/IP Refresher
35
Connection-Oriented
Service



establishment of a logical connection
between two processes.
transfer data
terminate connection.
Mateti, TCP/IP Refresher
36
Connectionless Service

Sends independent messages.
Mateti, TCP/IP Refresher
37
Sequencing


Sequencing provides support for an
order to communications.
A service that includes sequencing
requires that messages (or bytes) are
received in the same order they are
sent.
Mateti, TCP/IP Refresher
38
Error Control



Some services require error detection.
Checksums provide a simple error
detection mechanism.
Error control sometimes involves
notification and retransmission.
Mateti, TCP/IP Refresher
39
Flow Control


Flow control prevents the sending
process from overwhelming the
receiving process.
Flow control can be handled in a
variety of ways.
Mateti, TCP/IP Refresher
40
Byte Stream vs. Message


Byte stream implies an ordered
sequence of bytes with no message
boundaries.
Message oriented services provide
communication service to chunks of
data called datagrams.
Mateti, TCP/IP Refresher
41
Full- v. Half-Duplex


Full-Duplex services support the
transfer of data in both directions.
Half-Duplex services support the
transfer of data in one direction.
Mateti, TCP/IP Refresher
42
End-to-End v. Hop-to-Hop
Service modes, flow control and error
control can be
 Either between endpoints of the
communication.
 Or between consecutive nodes on the
path between the endpoints.
Mateti, TCP/IP Refresher
43
End-to-End
Process A
Process B
Mateti, TCP/IP Refresher
44
Hop-by-Hop
Process A
Process B
Mateti, TCP/IP Refresher
45
Buffering


Buffering can provide more efficient
communications.
Buffering is most useful for byte
stream services.
Process A
Send
Buffer
Mateti, TCP/IP Refresher
Recv.
Buffer
Process B
46
Addresses




Physical Layer: no address necessary
Data Link Layer: address must be able to
select any host on the network.
Network Layer: address must be able to
provide information to enable routing.
Transport Layer: address must identify the
destination process.
Mateti, TCP/IP Refresher
47
Broadcasts



Broadcast = sending a message from
one host to all other hosts on the
network.
A special address called the “broadcast
address” is created.
Some popular network services are
based on broadcasting (YP/NIS,
rup, rusers)
Mateti, TCP/IP Refresher
48
The IP in TCP/IP



IP is the network layer
packet delivery service (host-to-host).
translation between different data-link
protocols.
Mateti, TCP/IP Refresher
49
IP Datagrams



IP provides connectionless, unreliable
delivery of IP datagrams.
Connectionless: each datagram is
independent of all others.
Unreliable: there is no guarantee that
datagrams are delivered correctly or at
all.
Mateti, TCP/IP Refresher
50
IP Addresses


The address must include
information about what network the
receiving host is on. This makes
routing feasible.
IP addresses are not the same as the
underlying data-link (MAC)
addresses.
Mateti, TCP/IP Refresher
51
IP Addresses



Includes a network ID and a host ID.
A Network ID is assigned to an
organization by a global authority
(http://www.iana.org/ )
Host IDs are assigned locally by a
system administrator.
Mateti, TCP/IP Refresher
52
IP Addresses



A single NIC is assigned one IP
address.
A host may have multiple NICs, and
therefore multiple host addresses.
Hosts that share a network all have
the same IP network address (the
network ID).
Mateti, TCP/IP Refresher
53
Subnet Addresses



An organization can subdivide it’s host address
space into groups called subnets.
The subnet ID is generally used to group hosts
based on the physical network topology.
It is possible to have a single wire network with
multiple subnets.
NetID
Mateti, TCP/IP Refresher
SubnetID HostID
54
IP4 Addresses
Class
A 0 NetID
B 10
HostID
NetID
C 110
D 1110
8 bits
Mateti, TCP/IP Refresher
HostID
HostID
NetID
Multicast Address
8 bits
8 bits
8 bits
55
IP Addresses


An IP broadcast address has a hostID of all 1’s.
An IP address that has a host ID of all
0’s is called a network address and
refers to an entire network.
Mateti, TCP/IP Refresher
56
IP Addresses v. MAC
Addresses


IP Addresses are not recognized by NIC.
The process of finding the MAC address of a
host given the IP address is called Address
Resolution.

The process of finding out the IP address of
a host given a hardware address is called
Reverse Address Resolution.
Mateti, TCP/IP Refresher
57
IPv6 addresses

Address is 128 bits long (16 bytes)
Addresses are written in hexadecimal
Addresses can be abbreviated
3FFE:0B00:0000:0000:0000:0000:0000:0001
3FFE:0B00::0001
3FFE:B00::1
There is no broadcast addresses, only multicast.
Loopback address is ::1

Addresses are scoped




– Link-local, site-local, global
Mateti, TCP/IP Refresher
58
IP6 Address
128 bits
3FFE:
0B00:
1234:
0000:
0000:
0000:
0000:
0001
16 bits
Mateti, TCP/IP Refresher
59
IP4-Compatible IP6 Address
80 bits of 0s followed by 16 bits of 0s,
followed by a 32 bit IP4 Address:
0000 . . . 0000
0000
IP4 Address
80 bits
16 bits
32 bits
Mateti, TCP/IP Refresher
60
ARP



ARP is a broadcast protocol. Each host
checks the request against its own host
addresses - the matched one responds.
Hosts remember the hardware addresses of
others.
ARP protocol specifies that the receiving
host should also remember the IP and
hardware addresses of the sending host.
Mateti, TCP/IP Refresher
61
Services provided by IP





Connectionless Delivery (each
datagram is treated individually).
Unreliable (delivery is not guaranteed).
Fragmentation / Reassembly (based
on hardware MTU).
Routing.
Error detection.
Mateti, TCP/IP Refresher
62
IP Datagram
1 byte
1 byte
1 byte
1 byte
VERS HL
Service
Fragment Length
Datagram ID
FLAG Fragment Offset
TTL
Protocol
Header Checksum
Source IP Address
Destination IP Address
Options (if any)
(TCP) Data
Mateti, TCP/IP Refresher
63
IP Datagram
Fragmentation



Fragmentation can happen when datagrams
are forwarded through a network for which
they are too big.
IP specifies that datagram reassembly is
done only at the destination (not on a hopby-hop basis).
If any of the fragments are lost the entire
datagram is discarded (and an ICMP
message is sent to the sender).
Mateti, TCP/IP Refresher
64
ICMP (Internet Control
Message Protocol)



ping www.yahoo.com
ICMP uses IP to deliver messages.
ICMP messages are usually generated
and processed by the IP layer, not the
user process.
Mateti, TCP/IP Refresher
65
ICMP


If packets arrive too fast the receiver
discards excessive packets and sends
an ICMP message to the sender
(SOURCE QUENCH).
If an error is found (header checksum
problem, say) the packet is discarded
and an ICMP message is sent to the
sender.
Mateti, TCP/IP Refresher
66
ICMP Message Types







Echo Request
Echo Response
Destination Unreachable
Redirect
Time Exceeded
Redirect (route change)
more ...
Mateti, TCP/IP Refresher
67
UDP (User Datagram
Protocol)




UDP is a transport protocol
Uses IP to deliver datagrams
Connectionless, Unreliable, Minimal
UDP uses ports to provide
communication services to individual
processes.
Mateti, TCP/IP Refresher
68
Ports



Port : an abstract destination point.
Ports are identified by a positive 16-bit
integer.
Operating systems provide some
mechanism that processes use to
specify a port.
Mateti, TCP/IP Refresher
69
Ports
Host A
Host B
Process
Process
Process
Process
Process
Process
Mateti, TCP/IP Refresher
70
UDP Datagram Format
Source Port
Destination Port
Length
Checksum
Data
Mateti, TCP/IP Refresher
71
Sockets
Mateti, TCP/IP Refresher
72
Sockets


An active socket is connected to a
remote active socket. Closing the
connection destroys the active sockets
at each endpoint.
A passive socket is not connected, but
rather awaits an incoming connection,
which will spawn a new active socket.
Mateti, TCP/IP Refresher
73
Sockets v. Ports


A socket is not a port. A socket is
associated with a port. This is a manyto-one relationship.
Each port can have a single passive
socket, awaiting incoming connections,
and multiple active sockets, each
corresponding to an open connection
on the port.
Mateti, TCP/IP Refresher
74
TCP

Transmission Control Protocol :
Connection-oriented
 Reliable
 Full-duplex
 Byte-Stream

Mateti, TCP/IP Refresher
75
Connection


Four Numbers: Source IP Address,
Source Port, Destination IP Address,
Destination Port
“connection is established”: Operating
Systems of both source and
destination hosts are maintaining
“state information” re the connection.
Mateti, TCP/IP Refresher
76
Connection-Oriented



Connection oriented means that a
virtual connection is established before
any payload data is transferred.
If the connection cannot be
established the user program is
notified.
If the connection is ever interrupted
the user program is notified.
Mateti, TCP/IP Refresher
77
Connection establishment


Connection establishment phase is
required
Ensures that the receiving process
is available and to synchronize
sequence numbers, etc.
Mateti, TCP/IP Refresher
78
TCP State Diagram
Mateti, TCP/IP Refresher
79
Reliable



Every transmission of data is
acknowledged by the receiver.
If the sender does not receive ACK
within a specified amount of time, the
sender retransmits the data.
ACK can be piggybacked on data.
Mateti, TCP/IP Refresher
80
Byte Stream


Stream means that the connection is
treated as a stream of bytes.
The user application does not need to
package data in individual datagrams
(as with UDP).
Mateti, TCP/IP Refresher
81
Buffering


TCP is responsible for buffering data
and determining when it is time to
send a datagram.
It is possible for an application to tell
TCP to send the data it has buffered
without waiting for a buffer to fill up.
Mateti, TCP/IP Refresher
82
Full Duplex


TCP provides transport in both
directions.
To the application program these
appear as two unrelated data streams,
although TCP can piggyback control
and data communication by providing
control information (such as an ACK)
along with user data.
Mateti, TCP/IP Refresher
83
TCP Ports


Interprocess communication via TCP is
achieved with the use of ports (just
like UDP).
UDP ports have no relation to TCP
ports (different name spaces).
Mateti, TCP/IP Refresher
84
TCP/UDP Ports



Reserved Ports less than 1024: Only root
can bind to these ports.
Local Port of a process that requested the
connection. Usually a random number, 065535.
Remote Port: What application accepted
the connection. Usually a known number.
/etc/services. E.g.,
– 80 for HTTP
– 143 for IMAP
– 443 for HTTP/SSL
Mateti, TCP/IP Refresher
85
TCP Segments


The chunk of data that TCP asks IP to
deliver is called a TCP segment.
Each segment contains:
– data bytes from the byte stream
– control information that identifies the
data bytes
Mateti, TCP/IP Refresher
86
TCP Segment Format
1 byte
1 byte
1 byte
1 byte
Source Port
Destination Port
Sequence Number
Request Number
offset Res
Control
Window
Checksum
Urgent Pointer
Options (if any)
Data
Mateti, TCP/IP Refresher
87
Sequence Number



The “positional” number of the first
data byte in this segment, except
when SYN control flag is 1.
If SYN is 1 the sequence number is
the initial sequence number (ISN).
32 bit unsigned integer
Mateti, TCP/IP Refresher
88
Sequence Number


Initial Sequence Number (ISN) is
randomly generated.
What if ISN is not random?
– You can hijack and kill arbitrary
connections!
Mateti, TCP/IP Refresher
89
Acknowledgment Number
If the ACK control bit is set, this field
contains the value of the next
sequence number the sender of the
segment is expecting to receive. Once
a connection is established this is
always included.
Mateti, TCP/IP Refresher
90
Control Bits






URG: Urgent Pointer field significant
PSH: Push Function
ACK: Acknowledgment field significant
RST: Reset the connection
SYN: Synchronize sequence numbers
FIN: No more data from sender
Mateti, TCP/IP Refresher
91
TCP v. UDP



Q: Which protocol is better ?
A: It depends on the application.
TCP provides a connection-oriented,
reliable byte stream service (lots of
overhead).
UDP offers minimal datagram delivery
service (as little overhead as possible).
Mateti, TCP/IP Refresher
92
TCP three-way handshake

1.
2.
3.
Establishes a connection.
A: “I would like to talk to you B.”
A sends a SYN packet to B
B: “Ok, let's talk.”
B sends a SYN-ACK packet to A
A: “Thanks for agreeing.”
A sends ACK to B
Mateti, TCP/IP Refresher
93
TCP three-way handshake
Flags
SYN
SYN-ACK
ACK
Mateti, TCP/IP Refresher
src
1037
80
1037
dst
80
1037
80
seq
102723769
1527857206
102723770
ack
0
102723770
1527857207
94
Four-Way Handshake

1.
2.
3.
4.
The Four-Way Handshake terminates
a previously established connection:
A to B: FIN
B to A: ACK
B to A: FIN
A to B: ACK
Mateti, TCP/IP Refresher
95
Connection Resetting

Host X sends an RST packet resetting
the connection if:
– Y requested a connection to a nonexistent port P on host X, or
– For whatever reason (idle for a long time,
or an abnormal condition, ...), the host X
(client or the sever) wishes to close the
connection.

Resetting is unilateral.
Mateti, TCP/IP Refresher
96