Download Slide 1

CIS 1140 Network Fundamentals
Chapter Four: Introduction to TCP/IP
Protocols
Collected and Compiled
By JD Willard
MCSE, MCSA, Network+,
Microsoft IT Academy Administrator
Computer Information Systems Instructor
Albany Technical College
Attention: Accessing Demos
• This course presents many demos.
• The Demos require that you be logged in to the Virtual
Technical College web site when you click on them to
run.
• To access and log in to the Virtual Technical College
web site:
– To access the site type www.vtc.com in the url window
– Log in using the username: CIS 1140 or ATCStudent1
– *Enter the password: student
• If you should click on the demo link and you get an
Access Denied it is because you have not logged in to
vtc.com or you need to log out and log back in.
*Remember that passwords are case sensitive so enter it in all
lower case letters.
Objectives
• Identify and explain the functions of the core TCP/IP
protocols
• Explain how the TCP/IP protocols correlate to layers of
the OSI model
• Discuss addressing schemes for TCP/IP in IPv4 and
IPv6 protocols
• Describe the purpose and implementation of DNS
(Domain Name System) and DHCP (Dynamic Host
Configuration Protocol)
• Identify the well-known ports for key TCP/IP services
• Describe common Application layer TCP/IP protocols
Network Protocols
• A Protocol is a rule that governs how networks
communicate
• Protocols Define the standards for communication
between network devices
• Protocols vary according to their purpose, speed,
transmission efficiency, utilization of resources, ease of
setup, compatibility, and ability to travel between
different LANs.
• Multiprotocol networks: networks running more than one
protocol
• Most popular protocol suite is TCP/IP
– Others: IPX/SPX, NetBIOS, and AppleTalk
Network Protocols Defined Demo
Understanding Network Protocols Demo
Transport Protocols Demo
TCP/IP
• TCP/IP (Transmission Control Protocol / Internet
Protocol)
• Not one protocol – a suite of specialized
protocols called subprotocols
• TCP, IP, UDP, ARP, ICMP, IGMP etc
• Port hosts address where an application makes
itself available to incoming or outgoing data
Introduction Demo
Overview Demo
TCP IP Basics Demo
TCP/IP Compared to the OSI Model
The TCP/IP suite of protocols can be divided into four layers that
roughly correspond to the seven layers of the OSI Model.
■ Application layer —Applications gain access to the network
through this layer, via protocols such as the File Transfer Protocol (FTP),
Trivial File Transfer Protocol (TFTP), Hypertext Transfer Protocol (HTTP),
Simple Mail Transfer Protocol (SMTP), and Dynamic Host Configuration
Protocol (DHCP).
■ Transport layer — This layer holds the Transmission Control Protocol
(TCP) and User Datagram Protocol (UDP), which provide flow control, error
checking, and sequencing. All service requests use one of these protocols.
■ Internet layer — This layer holds the Internet Protocol (IP), Internet
Control Message Protocol (ICMP), Internet Group Message Protocol
(IGMP), and Address Resolution Protocol (ARP). These protocols handle
message routing and host address resolution.
■ Network Interface layer — This layer handles the formatting of data and
transmission to the network wire.
TCP/IP Fundamentals Demo
The TCP/IP Suite Demo
TCP/IP and OSI Models Demo
The TCP/IP Suite Demo continued
The TCP/IP Suite Demo continued
TCP / IP
(Transmission Control Protocol / Internet Protocol)
•Interoperability: TCP/IP is universal and therefore
pretty much interoperable with anything. The only
noticeable things that it’s not interoperable with
would be technologies where a gateway would be
needed, like SNA (Systems Network Architecture)
which is normally operated via an IBM mainframe.
•Naming conventions: DNS (Domain Name System)
is the lifeline of the Internet; this is how TCP/IP hosts
can communicate via name.
TCP
• TCP is a transport layer protocol that operates
host to host.
• Connection Oriented: A connection is
established, it’s maintained and then TCP
ensures, reliable data transfer, sequencing and
acknowledgements.
• TCP is slower than UDP
Transmission Control Protocol Demo
Connection Controls and Windowing Demo
TCP/IP Demo Pt.1
UDP (User Datagram Protocol)
• UDP is also a transport layer protocol that operates host
to host.
• Connectionless.
• UDP ensures nothing.
• No reliable data transfer.
• No sequencing.
• Faster than TCP.
• Useful when large amounts of data need to be
transferred quickly such as with live audio and video
transmissions over the Internet.
User Datagram Protocol Demo
IP (Internet Protocol)
• Internet (Network Layer) Protocol (IP) does the actual
delivery of datagrams.
• Provides information about how and where data should
be delivered
– Data’s source and destination addresses
– Addressing schemes: uses an IP address, such as
10.1.1.1 and a Subnet Mask such as 255.0.0.0
– Enables TCP/IP to internetwork
– Routing: Statically and Dynamically via many routing
protocols; OSPF, BGP, RIP and EIGRP
– Unreliable, connectionless protocol
Internet Protocol Demo
TCP/IP Demo Pt.2
IP Packet
• IP datagram: packet, in context of TCP/IP
– Envelope for data
• IP adds the following header fields to each
packet:
– Source IP Address
– Destination IP Address
– Protocol
– Checksum
– Time to Live (TTL)
ICMP (Internet Control Message Protocol)
When working on a network, it’s important to be able to test
the functionality of that network. How would you know if data
could be transmitted without knowing you have a complete
path from the source to the destination? That being said,
how could you 'test' that path? ICMP allows you to test the
path (among other things). Ping and Tracert are two tools
that can be used to test a path and they both use ICMP.
ICMP packets will be able to help send information about
errors, control, and other informational messages.
• Network layer protocol
– Reports on data delivery success/failure
• Announces transmission failures to sender
– Network congestion
– Data fails to reach destination
– Data discarded: TTL expired
• ICMP cannot correct errors
– Provides critical network problem troubleshooting
information
IGMP
• Network layer protocol
• Manages multicasting
– Allows one node to send data to defined
group of nodes
• Similar to broadcast transmission
• Point-to-multipoint method
• Uses
– Internet teleconferencing, videoconferencing,
routers, network nodes
ARP (Address Resolution Protocol )
• Arp is a network layer protocol used to convert
an IP address into a physical address (called a
MAC address).
• A host wishing to obtain a physical address
broadcasts an ARP request onto the TCP/IP
network. The host on the network that has the IP
address in the request then replies with its
physical hardware address.
• The host then saves the recognized MAC-to-IP
Address mappings on the hard drive in a
database known as an ARP table (ARP Cache).
Address Resolution Protocol Demo
RARP (Reverse Address Resolution
Protocol)
• As there is ARP, there is also
Reverse ARP (RARP) which can be
used by a node on the network to
discover its IP address. In this case,
the host broadcasts its physical
address and a RARP server replies
with the host's IP address.
• Rarely used.
IP Addressing Overview
IP Addressing Demo Pt.1
IP Addressing Demo Pt.2
Addressing in TCP/IP
• To communicate on the Internet, a computer must use
an IP address that is registered with the Internet
Assigned Numbers Authority (IANA).
– In practice, you obtain a valid network address from
your Internet service provider (ISP), not directly from
the IANA.
• The IANA assigns network identifiers only; the
administrator assigns a unique host identifier to each
computer.
• Every host on a TCP/IP network must have a unique IP
address (a 32-bit number that identifies both the host
and the network the host is located on).
IP Address Demo
What is an IP Address? Demo
Adding Protocols Demo
Address Classes
• There are three primary classes of network addresses:
A, B, and C.
– The actual class used is based on the size of the
network.
• An IP address is accompanied by a subnet mask.
• Each address class has a different default
subnet mask.
• IP addresses are expressed in dotted-decimal
format, such as 192.168.123.132.
• Each set of four dotted-decimal numbers represents
eight bits of the binary address.
– The addresses range from 00000000 to 11111111,
or, in decimal notation, from 0 to 255.
Classes Demo
Address Classes Demo
Solutions for Classes Demo
Classful Addressing
• Adheres to network class distinctions
– Only Class A, B, and C addresses are recognized
– Network ID limited to first 8 bits in Class A, first 16 bits
in Class B, and first 24 bits in Class C
• Fixed network ID size ultimately limits number of hosts a
network can include
First Octet
1-126
First Octet
128 – 191
First Octet
192 - 223
Components of an IP Address Demo
Reserved Addresses
• Certain types of IP addresses reserved for special
functions
• Network ID Cannot Be 127
– 127 is reserved for lookback functions
• Network ID and Host ID Cannot Be 255 (All Bits Set to 1)
– In broadcast addresses, octet(s) representing host information
set to all 1s (255 in decimal notation)
– 255 is a broadcast address
• Network ID and Host ID Cannot Be 0 (All Bits Set to 0)
– In network IDs, bits for host information set to 0
– 0 means “this network only”
• Host ID Must Be Unique to the Network
IP Address Rules Demo
Addressing in TCP/IP
• ipconfig: Windows NT, XP, 2000, 2003 command to view IP
information
• Winipcfg: Win98, ME
– ifconfig on Unix
and Linux
/all switch
Results of the ipconfig /all command on a
Windows XP or Windows Vista workstation
IPConfig,Ifconfig, Winipcfg Demo
Binary and Dotted Decimal
Notation
• Most common way of expressing IP addresses
• Each number in dotted decimal address has binary
equivalent
• Base 2 Numbering is Binary
–
–
–
–
Consists of ‘0’ and ‘1’.
Computers like Binary!
Bits are either “Off” (0) or “On” (1)
IP Addresses are comprised of four 8 bit octets that are
expressed as a decimal number between 0 and 255
Bit Value 128 64 32 16 8 4 2 1
Bit
1
0
1
1 0 0 1 1 = 179
Separated by period
Binary Addressing Demo
A Binary Lesson Demo
Solutions for Binary Demo
Converting IP Addresses from
Binary to Decimal
Converting the decimal address to a binary format (and vice versa) is a
fairly easy process. The highest decimal number you can represent with
8 bits is 255. This is the case when all bits in an octet are set to 1.
11111111= 255
128
+64
+32
+16
+8
+4
+2
+1
(2^7
2^6
2^5
2^4
2^3
2^2
2^1
2^0)
8 Bits
1
1
1
1
1
1
1
1
128
64
32
16
8
4
2
1
255 Decimal Value
Binary to Decimal Conversions
Bit Number:
8
Binary Equiv: 27
Decimal Equiv: 128
7
26
64
6
25
32
5
24
16
4
23
8
3
22
4
2
21
2
1
20
1
Binary Number: 1
Decimal Equiv: 128+
0
0+
0
0+
1
16+
157
1
8+
1
4+
0
0+
1
1=
1) Determine what decimal numbers in the table will create the number you
want to make.
2) Enter a “1” under each value you must use. Enter a “0” for each value
that is not used in the Binary Number line.
3) The resulting combination of 0’s and 1’s is the binary equivalent of the
number.
Sample Binary to Decimal
Conversion
Convert Decimal 5 to Binary
Bit Number:
8
Binary Equiv: 27
Decimal Equiv: 128
Binary Number: 0
7
26
64
0
6
25
32
0
5
24
16
0
4
23
8
0
3
22
4
1
2
21
2
0
4) Determine what decimal numbers in the table will create the decimal
number 5 (4+1).
5) The resulting combination of 00000101 is the binary equivalent of the
decimal number 5.
1
20
1
1
What Is a Subnet Mask?
• Distinguishes the Network ID from the Host ID
• Masks The Network ID with all 1s
• Used to Specify Whether the Destination Host is
Local or Remote (ANDing)
Subnet Masks Demo
Subnet Masks
• Every device on TCP/IP-based network identified by subnet mask
– 32-bit number that, when combined with device’s IP address,
informs rest of network about segment or network to which a
device is attached
• Subnetting, subdividing single class of networks into multiple,
smaller logical networks or segments, depends on subnet masks to
identify how a network is subdivided
– Indicates where network information is located in an IP address
– “1” bits indicate corresponding bits in IP address contain network
information
– “0” bits indicate corresponding bits in IP address contain host
information
• To calculate host’s network ID given IP address and subnet mask,
perform ANDing
Subnet Masks Demo
Solutions for Masks Demo
Anding IP Addresses Demo
Default Subnet Masks (No
Subnetting)
Address
Class
Bits Used for Subnet Mask
Dotted Decimal
Notation
Class A
11111111
00000000 00000000 00000000
255.0.0.0
Class B
11111111
11111111
00000000 00000000
255.255.0.0
Class C
11111111
11111111
11111111
255.255.255.0
00000000
Class B Example
IP Address
131.107. 16.200
Subnet Mask
255.255. 0.0
Network ID
131.107. y.z
Host ID
w.x. 16.200
ADDRESS ASSIGNMENT
Configure TCP/IP Demo
IP Address Assignment Demo Pt.1
BOOTP (Bootstrap Protocol)
• Uses central list of IP
addresses and associated
devices’ MAC addresses to
assign IP addresses to
clients dynamically
– Dynamic IP addresses
– Application layer protocol
– Client broadcasts MAC
address, BOOTP server
replies with:
• Client’s IP address
• IP address of server
• Host name of server
• IP address of a default
router
DHCP (Dynamic Host
Configuration Protocol)
• Automated means of assigning unique IP address to
every device on a network
– Application layer protocol
– Reduces time and planning spent on IP address
management
– Reduces potential for errors in assigning IP
addresses
– Enables users to move workstations and printers
without having to change TCP/IP configuration
– Makes IP addressing transparent for mobile users
IP Address Configuration Demo
Installing and Configuring DHCP Demo
Dynamic Clients Demo
Static Clients Demo
DHCP Leasing Process
• The client goes through a four stage broadcast based process to
obtain an IP Address lease from a DHCP server.
– Step 1: Upon bootup the client sends out a DHCPDISCOVER packet in
broadcast fashion to discover the identity and whereabouts of all DHCP
servers on the broadcast segment.
– Step 2: Upon receiving the broadcast any DHCP servers on that
broadcast segment will respond with their own DHCPOFFER packet.
– Step 3: The client will accept the first offer received and respond with a
DHCPREQUEST broadcast. Other DHCP servers who have made an
offer hear this broadcast and return their IP address to the pool.
– Step 4: The chosen DHCP server responds with an DHCPACK
confirming the clients acceptance of the IP lease along with additional
information such as subnet mask, default gateway and DNS server.
DHCP Leasing Process
DHCPOFFER
BROADCAST
DHCPDISCOVER
BROADCAST
DHCPREQUEST
BROADCAST
DHCP Lease Process Demo
DHCP in a Routed Environment Demo
DHCPACK
BROADCAST
IP Lease Renewal
Terminating a DHCP Lease
• Lease expiration
– Automatic
• Established in server configuration
– Manually terminated at any time
• Client’s TCP/IP configuration
• Server’s DHCP configuration
• Circumstances requiring lease termination
– DHCP server fails and replaced
• Windows: release of TCP/IP settings
• DHCP services run on several server types
– Installation and configurations vary
APIPA (Automatic Private IP Addressing)
• Client cannot communicate without valid IP
address
• What if DHCP server not running?
– Microsoft offers Automatic Private IP Addressing
• Windows 98, Me, 2000, XP, Vista, Windows Server
2003, Windows Server 2008
• Provides IP address automatically
• IANA (Internet Assigned Numbers Authority)
reserved predefined pool of addresses
– 169.254.0.0 through 169.254.255.255
APIPA
•
•
•
•
•
APIPA
– Assigns computer’s network adapter IP address from the pool
– Assigns subnet default Class B network
• 255.255.0.0
– Part of operating system
• No need to register; check with central authority
Disadvantage
– Computer only communicates with other nodes using addresses in APIPA range
APIPA suitable use
– Small networks: no DHCP servers
APIPA unsuitable use
– Networks communicating with other subnets, WAN
APIPA enabled by default: OK
– First checks for DHCP server
• Allows DHCP server to assign addresses
– Does not reassign new address if static
– Works with DHCP clients
– Disabled in registry
IP Address Assignment Demo Pt.2
IPv6 Addressing
•
•
•
•
•
IP next generation (IPng)
– Replacing IPv4 (gradually)
IPv6 support
– Most new applications, servers, network devices
Delay in implementation
– Cost of upgrading infrastructure
IPv6 advantages
– More efficient header, better security, better prioritization provisions,
automatic IP address configuration
– Billions of additional IP addresses
Difference between IPv4 and IPv6 addresses
– Size
• IPv4: 32 bits
• IPv6: eight 16-bit fields (128 bits)
• IPv6: 296 (4 billion times 4 billion times 4 billion) available IP addresses
– Representation
• IPv4: binary numbers separated by period
• IPv6: hexadecimal numbers separated by colon
• IPv6 shorthand: “::” any number of multiple, zero-value fields
IPv6 Addressing (cont’d.)
•
Difference between IPv4 and IPv6 addresses (cont’d.)
– Representation (cont’d.)
• IPv6 loopback address is 0:0:0:0:0:0:0:1
• Abbreviated loopback address ::1
– Scope
• IPv6 addresses can reflect scope of transmission’s recipients
• Unicast address represents single device interface
• Multicast address represents multiple interfaces (often on multiple
devices)
– Scope (cont’d.)
• Anycast address represents any one interface from a group of
interfaces
• Any one can accept transmission
– Format Prefix (IPv6)
• Beginning of address
• Variable-length field
• Indicates address type: unicast, multicast, anycast
IP Version 6 Demo
Ports and Sockets
• Every process on a machine assigned a port number 0 to 65535
• Process’s port number plus host machine’s IP address equals
process’s socket
Example:10.216.5.1:53
– Ensures data transmitted to correct application
• Well Known Ports: in range 0 to 1023
– Assigned to processes that only the OS or system administrator
can access
• Registered Ports: in range 1024 to 49151
– Accessible to network users and processes that do not have
special administrative privileges
• Dynamic and/or Private Ports: in range 49152 through 65535
– Open for use without restriction
Ports and Sockets Demo
Sockets and Ports
Commonly used TCP/IP port numbers
Name Resolution Overview
Name Resolution Overview Demo
NetBIOS Name Resolution Demo
Resolving a Host Name Demo
DHCP/ DNS/WINS Servers Demo
Host Names and DNS (Domain
Name System): Domain Names
• Every host can take a host name
Host Naming Demo
• Every host is member of a domain
– Group of computers belonging to same organization
and has part of their IP addresses in common
– Domain name usually associated with company or
other type of organization
• Fully qualified host name: local host name plus domain
name
• Domain names must be registered with an Internet
naming authority that works on behalf of ICANN
What is DNS? Demo
Structure of DNS Demo
Host Files
• ASCII text file called HOSTS.TXT
– Associate host names with IP addresses
– Growth of Internet made this arrangement impossible
to maintain
Figure 4-13: Example host file
Host Name Resolution Demo
DNS (Domain Name System)
•
•
•
•
Hierarchical method of associating domain names with IP addresses
– Refers to Application layer service that accomplishes association and
organized system of computers and databases making association
possible
– Relies on many computers around world
Thirteen root servers
Three components
– Resolvers
• Any hosts on Internet needing to look up domain name information
– Name servers (DNS servers)
• Databases of associated names, IP addresses
• Provide information to resolvers on request
– Namespace
• Abstract database of Internet IP addresses, associated names
• Describes how name servers of the world share DNS information
Resource record
– Describes one piece of DNS database information
– Many different types
• Dependent on function
Domain Namespace
The domain namespace is the naming scheme that
provides the hierarchical structure for the DNS database.
The domain is the basic unit of the DNS namespace.
A domain's name identifies its position in the DNS
hierarchy.
As you add domains to the hierarchy, the name of the
parent domain is appended to its child domain (called a
subdomain).
The domain namespace consists of a root domain, toplevel domains, second-level domains, and host names.
The DNS Namespace Demo
Domain Name Space
Root-Level Domain
Top-Level Domain
Countries
New Zealand (NZ)
COM
EDU
ORG
Second-Level Domain
Seattle
Student
microsoft
compaq
purdue
Root Domain
• The root domain is at the top of the DNS
hierarchy.
• It is represented as a period (.).
• Although it is rarely written as such, every
fully qualified domain name (FQDN)
should end with a period, representing the
root domain.
– For example: sales.microsoft.com.
Root Domain Name Servers Demo
Top-Level Domains
Top-level domains
Second-Level Domains
• Second-level domain names must be registered
with an Internet registrar, such as Network
Solutions, Inc.
• There are millions of second-level domains in
use by individuals and organizations.
• A second-level domain can contain both hosts
and subdomains.
• Once you register a second-level domain name,
you can create as many subdomains and hosts
as you want in that domain.
Name Servers
• A DNS name server stores the zone database file.
• A name server can store data for one zone or multiple
zones.
• There must be at least one name server for a zone,
although a zone can have multiple servers.
– One of these servers contains the master zone
database file, also called the primary zone database
file.
– Any other servers associated with the zone contain a
secondary zone database file.
DNS Records Demo
DNS Resolution Process
Resolving
www.microsoft.com
Name Resolution Demo
The DNS Request Process Demo
DDNS (Dynamic DNS)
• Used in Website hosting
– Manually changing DNS records unmanageable
• Process
– Service provider runs program on user’s
computer
• Notifies service provider when IP address
changes
– Service provider’s server launches routine to
automatically update DNS record
• Effective throughout Internet in minutes
• Not DNS replacement
• Larger organizations pay for statically assigned IP
address
Integrating DHCP DDNS Demo
Zeroconf (Zero Configuration)
• Collection of protocols designed by IETF to simplify
setup of nodes on TCP/IP networks
– Assigns IP address
– Resolves node’s host name and IP address without
requiring DNS server
– Discovers available services
– Enables directly connected workstations to
communicate without relying on static IP addressing
– IP addresses are assigned through IPv4LL (IP
version 4 Link Local)
– Not used on larger networks
– Especially useful with network printers
Some TCP/IP
Application Layer Protocols
Other Protocols Built on TCP/IP Demo
• Telnet: terminal emulation protocol used to log on to
remote hosts using TCP/IP protocol suite
– TCP connection established
– Keystrokes on user’s machine act like keystrokes on
remotely connected machine
The Concept of Telnet Demo
• FTP (File Transfer Protocol): Application layer protocol
used to send and receive files via TCP/IP
– Server and clients
– FTP commands work from OS’s command prompt
– Anonymous logons
Some TCP/IP Application Layer
Protocols (continued)
• Trivial File Transfer Protocol (TFTP): enables file
transfers between computers
– Simpler than FTP
– Relies on UDP at Transport layer
• Connectionless
• Network Time Protocol (NTP): Application layer protocol
used to synchronize clocks of computers
• Network News Transfer Protocol (NNTP): facilitates
exchange of newsgroup messages between multiple
servers and users
PING and TraceRT
•
•
Packet Internet Groper (PING): utility that can verify that TCP/IP is installed, bound to
the NIC, configured correctly, and communicating
Pinging:
– Echo request and echo reply
– Can ping either an IP address or a host name
– Pinging loopback address, 127.0.0.1, to determine whether workstation’s TCP/IP
services are running
– Many useful switches
• e.g., -?, -a, -n, -r
Ping Demo
TraceRT Demo
Binding Protocols on a
Windows XP Workstation
• Windows Internet Naming Service (WINS): process of
assigning one network component to work with another
• Core Network and Transport layer protocols normally
included with OS
– When enabled, attempt to bind with network
interfaces on computer
• For optimal network performance, bind only protocols
absolutely needed
• Possible to bind multiple protocols to same network
adapter
Bindings Demo
Summary
• Protocols define the standards for communication
between nodes on a network
• TCP/IP is most popular protocol suite, because of its low
cost, open nature, ability to communicate between
dissimilar platforms, and routability
• TCP provides reliability through checksum, flow control,
and sequencing information
• IP provides information about how and where data
should be delivered
• Every IP address contains two types of information:
network and host
Summary (continued)
• Subnetting is implemented to control network traffic and
conserve a limited number of IP addresses
• Dynamic IP address assignment can be achieved using
BOOTP or the more sophisticated DHCP
• A socket is a logical address assigned to a specific
process running on a host
• IPv6 provides several other benefits over IPv4
• A domain is a group of hosts that share a domain name
and have part of their IP addresses in common
• DNS is a hierarchical way of tracking domain names and
their addresses
The End