Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Multiprotocol Label Switching wikipedia , lookup
Deep packet inspection wikipedia , lookup
TCP congestion control wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Internet protocol suite wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
UniPro protocol stack wikipedia , lookup
The Principle of TCP/IP Part 2 2001 Copyright SCUT DT&P Labs 1 The Internet Protocol Suite IP: Internet Protocol; ARP: Address Resolution Protocol; RARP: Reverse Address Resolution Protocol; ICMP: Internet Control Message Protocol. 2001 Copyright SCUT DT&P Labs 2 8. Address Resolution Protocol (ARP) A source must know a destination’s hardware address before it can send an IP packet directly to it ARP is the mechanism that maps IP to hardware addresses. ARP uses a local broadcast to obtain a hardware address ARP stores mappings in cache for future use 2001 Copyright SCUT DT&P Labs 3 8. Address Resolution Protocol (ARP) The ARP is used to get IP addresses mapped onto data link layer addresses (MAC addresses) in a LAN. According to IP addresses, look for MAC addresses. Example 1: Host A (197.15.22.33) wants to send a IP datagram to host F (197.15.22.77), but it don’t know the MAC address of host F. Host A uses ARP to look for it. Host A 197.15.22.33 Host B 197.15.22.44 Host E 197.15.22.36 2001 Copyright Host C 197.15.22.123 Host D 197.15.22.88 Host F 197.15.22.77 SCUT DT&P Labs 4 8. Address Resolution Protocol (ARP) Host A send a ARP request Packet with the MAC broadcast address. 197.15.22.33 MAC header Dest. Source IP header Dest. Source FF.FF.FF.FF.FF.FF 02.60.8C.01.0C.03 197.15.22.77 197.15.22.33 MAC header Dest. Source 02.60.8C.01.0C.03 05.68.7f.99.0B.02 ARP request packet What is your MAC addr.? IP header Dest. Source 197.15.22.33 197.15.22.77 ARP responsion packet This is my MAC addr.. Host F should response by sending back to answer the request. 197.15.22.77 2001 Copyright SCUT DT&P Labs 5 8. Address Resolution Protocol (ARP) Then host A gets host F’s MAC address and can use it to transmit frames to host F. By the way, all other hosts in the same LAN know their MAC addresses. They save the addresses in their ARP table. Each item on the ARP table will be updated termly. If the source and destination hosts are not in the same LAN, the source host would first look for the default router’s MAC address by ARP, then sends the frames (IP packets) to the default router. 2001 Copyright SCUT DT&P Labs 6 8. Address Resolution Protocol (ARP) Example 2 “If your IP address is 160.30.100.10 please send me a reply stating your hardware address” Source 160.30.100.20 00-AA-00-12-34-56 Broadcast Unicast Destination 160.30.100.10 00-A0-C9-78-9A-BC 2001 Copyright SCUT DT&P Labs That’s me and my Hardware address is 00-A0-C9-78-9A-BC 7 8. Address Resolution Protocol (ARP) ARP Packet Structure 32 bits (4 Bytes) Hardware Type HLEN Protocol Type PLEN Operation code Sender’s Hardware Address (Octets 0-3) Sender HA (Octets 4-5) Sender IP (Octets 0-1) Sender IP (Octets 2-3) Target HA (Octets 0-1) Variable Length Target HA (octets 2 - 5) Target IP (octets 0 - 3) 2001 Copyright SCUT DT&P Labs 8 8. Address Resolution Protocol (ARP) Hardware Type (16 bits): This specifies the hardware interface type, for example, Ethernet has a value of 1. Protocol type (16 bits): This specifies the higher-level protocol whose address needs to be mapped onto the hardware, for example, IP - 0800. HLEN, Hardware address LENgth (8 bits): This specifies the length in bytes of the hardware address in this packet, for example, Ethernet - 6. PLEN, Protocol address LENgth (8 bits): This specifies the length in bytes of the protocol address in this packet. For IP this is four. Operation code (16 bits): This specifies whether this is an ARP request (1) or an ARP reply (2). 2001 Copyright SCUT DT&P Labs 9 8. Address Resolution Protocol (ARP) Sender’s hardware address (48 bits): This contains the hardware address of the sender (the ARP requester). Sender’s IP address (32 bits): This contains the protocol address of the sender (the ARP requester). Target’s hardware address (48 bits): This contains the hardware address of the target (the ARP responder). Target’s IP address (32 bits): This contains the protocol address of the sender (the ARP responder). 2001 Copyright SCUT DT&P Labs 10 9. Reverse Address Resolution Protocol Reverse ARP is the mechanism that maps hardware addresses to the IP address RARP protocol allows a newly booted machine to broadcast its Ethernet address The RARP server sees this request and sends back the corresponding IP address 2001 Copyright SCUT DT&P Labs 11 10. Internet Control Message Protocol (ICMP) Reports errors and sends control messages on behalf of IP ICMP messages are encapsulated within an IP packet One of the most frequently used debugging tools uses ICMP It tests whether a destination is reachable and responding, by sending ICMP echo requests and receiving back ICMP echo replies It carries out this test by using the “PING” command 2001 Copyright SCUT DT&P Labs 12 10. Internet Control Message Protocol (ICMP) 10.1 Echo Request and Reply Message Format IP Header...... Type (8 or 0) Code (0) Identifier Checksum Sequence Number Optional Data 2001 Copyright SCUT DT&P Labs 13 10. Internet Control Message Protocol (ICMP) Type (8 bits): This specifies the type of ICMP message; Code (8 bits): This field is always set to 0 in PING messages. Checksum (16 bits): This is a checksum carried out on the ICMP header only. Identifier and Sequence number (16 bits each): These are used by the sender to match replies to requests. Optional Data: This field contains information to be returned to the sender. An Echo reply always returns exactly the same data as was received in the Echo request. 2001 Copyright SCUT DT&P Labs 14 10. Internet Control Message Protocol (ICMP) 10.2 Reports of Unreachable Destinations Code Value 0 1 2 3 4 5 6 7 8 9 10 11 12 2001 Copyright Meaning Network unreachable Host unreachable Protocol unreachable Port unreachable Fragmentation needed and DF set Source route failed Destination network unknown Destination host unknown Source host isolated Communication with destination network administratively prohibited Communication with destination host administratively prohibited Network unreachable for type of service Host unreachable for type of service SCUT DT&P Labs 15 10. Internet Control Message Protocol (ICMP) 10.2 ICMP Message Types TYPE FIELD 0 3 4 5 8 11 12 13 14 15 16 17 18 2001 Copyright ICMP Message Types Echo Reply Destination Unreachable Source Quench Redirect (change a route) Echo Request Time exceeded for a packet Parameter problem on a packet Timestamp request Timestamp reply Information request (obsolete) Information reply (obsolete) Address mask request Address mask reply SCUT DT&P Labs 16 11. Trace-route Trace-route uses ICMP and the TTL field in the IP header, to let us see the route that IP packets follow from one host to another. Source sends packet with TTL set to 1 First router sends back “time exceeded” message Source increments TTL counter by 1 Second router on path send back “time exceeded” message Process continues until ultimate destination send back “port unreachable” message. Source uses response to display route 2001 Copyright SCUT DT&P Labs 17 12. Bridges 12.1 Transparent Bridging 5 B 1 4 6 A BRIDGE 2 3 2001 Copyright C Source Address table Address Interface 1 A 2 A 3 A 4 B 5 B 6 B 7 C 8 C 9 C SCUT DT&P Labs 8 7 9 18 12. Bridges 12.2 Advantages of Bridging Bridges can connect networks running different protocols without requiring additional software. Bridges form logically single networks. A bridge makes the movement of network devices, e.g. PCs, within the network easy. Bridges are simple to install. Bridges are cheaper than routers. The presence of a bridge is transparent to users from the instant it is first installed, and bridges adapt automatically to network changes. 2001 Copyright SCUT DT&P Labs 19 12. Bridges 12.3 Disadvantages of Bridging Bridges cannot load-share traffic over two paths to a single destination. Bridges cannot prevent a ‘broadcast storm’. Bridges do not provide significant support for fault isolation or other distributed management capabilities. 2001 Copyright SCUT DT&P Labs 20 13. Routers 13.1 Path Taken by an IP Packet in an Internetwork Destination Host (Protocol Address) Destination Host (Physical address) Destination Host (Protocol Address) Router 1 (Physical address) Destination Host (Protocol Address) Router 2 (Physical address) 1 2 3 A 2 3 C B 2001 Copyright SCUT DT&P Labs 21 13. Routers 13.2 Default Gateway IP Address 160.30.100.10 Subnet Mask 255.255.255.0 Default Gateway 160.30.100.1 IP Address 160.30.100.20 Subnet Mask 255.255.255.0 Default Gateway 160.30.100.1 160.30.100.1 160.30.200.1 255.255.255.0 255.255.255.0 IP Address 160.30.200.10 Subnet Mask 255.255.255.0 Default Gateway 160.30.200.1 2001 Copyright SCUT DT&P Labs 22 13.3 Routing Algorithms 13. Routers Distance Vector Algorithms - calculate the best path to each destination separately, usually trying to find a path that minimize a simple metric, such as the number of hop counts to the destination. Example is Routing Information Protocol (RIP). Link State Algorithms - Instead of advertising a list of distances to each known destination, a router running link-state algorithm advertises the states of its local network links. Example is Open Shortest Path First (OSPF). 2001 Copyright SCUT DT&P Labs 23 13. Routers 13.4 Commonly used Metrics in IP Routing Path Length / Hop Count Reliability Delay Bandwidth Load Communications Cost 2001 Copyright SCUT DT&P Labs 24 13. Routers 13.5 Advantages of Routers Flexible - can differentiate between paths using metrics. Can load share over redundant paths. Network Devices understand routers - they understand congestion messages. Easier to administer and control because each segment has a different address. Provide a protective firewall. 2001 Copyright SCUT DT&P Labs 25 13.6 Disadvantages of Routers 13. Routers Because routers are protocol-dependent devices, they require software for each protocol that they run. Routers make movement of network devices between network segments more difficult. Some low level protocols, for example, DEC LAT and NetBIOS cannot be routed because they do not contain a network layer address. 2001 Copyright SCUT DT&P Labs 26 14. Autonomous System (AS) An autonomous system (AS) is defined as a logical portion of larger IP networks that are administered by a single authority. The AS would normally comprise the internetwork within an organization. Gateway (router) protocols are referred to as interior or exterior, depending on whether they are used within or between ASs. 2001 Copyright SCUT DT&P Labs 27 14. Autonomous System (AS) 14.1 IP Routing Protocol Hierarchies Router 1 Router 6 H2 Router 8 Router 2 Router 3 Router 7 Area 1 Area 2 Router 4 Area 0 (Backbone) Router 9 Router 10 Router 11 Router 5 H1 Router 12 Router 13 Area 3 2001 Copyright SCUT DT&P Labs 28 15. Routing Algorithms 15.1 Static Routing Static routing requires that routes be configured manually for each router. Static Routing can be attractive in the following cases: To define a default route; To supplement or replace exterior gateway protocols for some special purposes: To avoid the cost of routing protocol traffic; To implement complex routing policies. 2001 Copyright SCUT DT&P Labs 29 15.2 Distance Vector Routing 15. Routing Algorithms 1. Each router in an AS maintains the distance table vector table which determines the distance from the router to every known routers. 2. The sequence of operations for maintaining the table: Each router is configured with an identifier and a cost for each of its network links; Each router initializes with a distance vector table containing 0 for itself, 1 for directly attached networks , and infinity for every other destination. Each router periodically transmits its distance vector table to each of its neighbors. 2001 Copyright SCUT DT&P Labs 30 15.2 Distance Vector Routing 15. Routing Algorithms Each router uses the information to calculate its own distance vector table. The total cost to each destination is calculated by adding the cost reported to it in a neighbors’s distance vector table to the cost of the link to that neighbor. The distance vector table for the router is then created by taking the lowest cost calculated for each destination. The Count-to-Infinity Problem: it occurs when a network becomes unreachable, but erroneous routes to that network persist because of the time for the distance vector tables to converge. 2001 Copyright SCUT DT&P Labs 31 15.2 Distance Vector Routing 15. Routing Algorithms To prevent the Count-to-Infinity Problem Split Horizon: a route to a destination is never reported back in the distance vector table that is sent to the neighbor from which the route was learned. Split Horizon with Poison Reverse: Poison reverse is an enhancement to split horizon, whereby routes learned from a neighbor router are reported back to it, but with a metric of infinity. Triggered Updates: when a router changes the cost for a route in its distance vector table, it must send the modified table immediately. 2001 Copyright SCUT DT&P Labs 32 15. Routing Algorithms 15.3 Link-State Routing An LSPs (Link-State Packet) must be received successfully and must be explicitly acknowledged. A scheme called flooding is employed to distributed LSPs to all routers in a network. All LSPs are sequenced and time-stamped to ensure duplicates are not received and retransmitted. 2001 Copyright SCUT DT&P Labs 33 15.3 Link-State Routing 15. Routing Algorithms The principle of Link-State Routing Routers are responsible for contacting neighbors and learning their identities. Routers construct link-state packets that contain lists of network links and their associated costs. Link-state packets are transmitted to all routers in a network. All router therefore have an identical list of links in a network and construct identical list of links in a network and can construct identical topology maps. The maps are used to compute the best routes to all destinations. 2001 Copyright SCUT DT&P Labs 34 15. Routing Algorithms 15.3 Link-State Routing Link-state information is sent in the form of link-state packets (LSPs) and under the following specific circumstance: When a router discovers a new neighbor; When a link to a neighbor goes down; When the cost of a link changes; When basic refresh packets are sent every 30 minutes 2001 Copyright SCUT DT&P Labs 35 16 Routing Information Protocol (RIP) RIP is a very simple protocol of the distance vector family. RIP was documented in RFC-1058 in June 1988 . RIP messages can be broadly classified into two types: Routing information messages and messages used to request information. RIP uses a very simple metric - the hop count. RIP packets are carried over User Data Protocol (UDP) and IP. The RIP processes uses UDP port number 520. RIP updates are normally sent every 30 seconds by default. Every entry has a timer (180 seconds by default) associated with it and on expiry the distance for that entry is set to infinity. 2001 Copyright SCUT DT&P Labs 36 16. RIP 16.1 Advantages of RIP RIP automatically creates and maintains a network of routes. Since RIP uses a single metric it is very easy to configure. 2001 Copyright SCUT DT&P Labs 37 16. RIP 16.2 Disadvantages of RIP The diameter of the internetwork is limited to 15 router hops. Network administrators cannot take into account such factors as bandwidth or delay when configuring their routing systems using RIP. Each routing entry is updated every 30 seconds or so, regardless whether there has been a change in the network topology or not. 2001 Copyright SCUT DT&P Labs 38 16. RIP 16.3 Slow Convergence Problem A B Network Hops C Network Hops D Network Hops A 1 A 2 A 3 B 1 B 1 B 2 C 2 C 1 C 1 D 3 D 2 D 1 2001 Copyright SCUT DT&P Labs 39 17. OSPF 17 Open Shortest Path First (OSPF) A more descriptive routing metric was introduced OSPF can discover multiple best paths to a given destination OSPF supports a 2 level routing hierarchy OSPF supports Variable Length Subnet Masks (VLSM) OSPF packets have a space reserved for authentication OSPF is an example of a link state algorithm that adjusts to network changes quicker than RIP and is more robust 2001 Copyright SCUT DT&P Labs 40 17. OSPF 17.1 Hierarchical OSPF Internetwork (2 level) Router 1 Router 6 H2 Router 8 Router 2 Router 3 Router 7 Area 1 Area 2 Router 4 Area 0 (Backbone) Router 9 Router 10 Router 11 Router 5 H1 Router 12 Router 13 Area 3 2001 Copyright SCUT DT&P Labs 41 17. OSPF 17.2 OSPF Packet Header Format 24 byte header 0 8 Version(1) 16 Type 24 31 Message Length Router IP address Area ID Checksum Authentication Type Authentication (octets 0-3) Authentication (octets 4-7) Type 1 2 3 4 5 Meaning Hello Database description Link status request Link status update Link status acknowledgement IP Packet IP protocol 89 2001 Copyright SCUT DT&P Labs 42 17.3 Sending and Receiving an OSPF Packet Version(1) Type 13. OSPF Message Length Router IP address Area ID Checksum Authentication Type Authentication (octets 0-3) Authentication (octets 4-7) Version = 2 Check on IP level Type = 1 (hello) Check IP protocol number (89) Length = entire length OSPF version must be 2 Router IP address = 192.168.10.1 IP address must be on same network as receiving interface Area ID = 3.0.0.0 Area ID must be = 3.0.0.0 Checksum = 16 bit checksum of entire packet Checksum must be successful Authentication = 64 bits 2001 Copyright Authentication must be successful SCUT DT&P Labs 43 17.4 The Protocols within OSPF 17. OSPF Hello protocol -To check that the links are operational. -To elect the Designated Router (DR) and the Backup Designated Router (BDR). Exchange protocol -Performs initial OSPF database synchronisation between two adjacent routers. Flooding protocol -The flooding protocol is used to maintain the two databases in adjacent routers in synchronisation 2001 Copyright SCUT DT&P Labs 44 17.5 Advantages of OSPF 17. OSPF OSPF is a standard protocol that all vendors can implement interoperability. It provides rapid, deterministic calculation of internet routes. It uses Link State Advertisements. It facilitate separate administration of differing parts of the internet. It facilitate hiding of detailed information about the internet. It provides a more advanced use of metrics. With OSPF one can isolate misconfigured or malfunctioning routers in the internet and route around them. OSPF provides for the effective use of information derived from other routing protocols 2001 Copyright SCUT DT&P Labs 45 17.6 Disadvantages of OSPF 17. OSPF Link-state protocols use large amounts of router memory to store topological databases, as each router keeps a map of the entire network. When a network experiences frequent changes, linkstate routers use a large portion of network bandwidth by sending out LSPs at each network change. 2001 Copyright SCUT DT&P Labs 46 The TCP & UDP Protocol 2001 Copyright SCUT DT&P Labs 47 The Transmission Control Protocol (TCP) 2001 Copyright SCUT DT&P Labs 48 1. Transmission Control Protocol (TCP) Connection-oriented Provides logical connections between pair of processes: These are uniquely identified using sockets Socket = IP address & port number, e.g. FTP is port 21 End-to-End reliable delivery Implements Flow Control 2001 Copyright SCUT DT&P Labs 49 1. Transmission Control Protocol (TCP) Units of data transferred between two devices running TCP software are called “segments” Segments are exchanged to do the following: Establish a connection Agree window size Transfer data Send acknowledgements Close connection 2001 Copyright SCUT DT&P Labs 50 2. TCP Packet Structure 31 Bit 0 Source port Destination port Sequence number Acknowledgement number TCP Header length UAPRS F RCSSY I GKHTNN Checksum Window size Urgent point Options (0 or more 32-bit words) Data 2001 Copyright SCUT DT&P Labs 51 2. TCP Packet Structure 2.1 The Header Parameters of the TCP Packet Source port & Destination port: these fields identify the local end points of the connection. A port plus its host’s IP address forms a 48-bit unique TSAP (Transport Service Access Point). Each host may decide for itself how to allocate its own ports staring at 256. Sequence number & Acknowledgement number: they perform the packet sequence control and receiving acknowledgement functions, respectively. TCP header length: it tells how many 32-bit works are contained in the TCP header. 2001 Copyright SCUT DT&P Labs 52 2. TCP Packet Structure 2.1 The Header Parameters of the TCP Packet (continued) URG is set to 1 if the Urgent point is in use. Urgent point: it is used to indicate a byte offset from the current sequence number at which urgent data are to be found. ACK bit is set to 1 to indicate that the Acknowledgement number is valid. PSH bit indicates PuSHed data. The receiver is hereby kindly requested to deliver the data to the application upon arrival and not buffer it until a full buffer has been received. SYN bit is used, together with ACK, to establish connection. 2001 Copyright SCUT DT&P Labs 53 2. TCP Packet Structure 2.1 The Header Parameters of the TCP Packet (continued) FIN bit is used to release a connection. Window size: it is used to data flow control. This field tells how many bytes may be sent starting at the bytes acknowledged. Checksum is provided for extreme reliability. Options: this filed was designed to provide a way to add extra facilities not covered by regular header. The most important option is the one that allows each host to specify the maximum TCP payload it is willing to accept. 2001 Copyright SCUT DT&P Labs 54 3. TCP Connection Management Connections are established in TCP using the threeway handshake: Host 1 Host 2 SYN (SEQ=x) SYN (SEQ=y, ACK=x+1) SYN (SEQ=x+1, ACK=y+1) 2001 Copyright SCUT DT&P Labs 55 3. TCP Connection Management Example: Establishing a TCP Connection Client Server SYN SEQ # 1,000 Window 8,760 bytes Max segment 1,460 bytes SYN SEQ # 3,000 ACK # 1,001 Window 8,760 bytes Max segment 1,460 bytes SEQ # 1001 ACK # 3001 2001 Copyright SCUT DT&P Labs ACK 56 3. TCP Connection Management 3.1 TCP Connection Management (continued) Three-way handshake can solve the effects and problems such as Old duplicate CONNECT REQUEST appearing out of nowhere; Duplicate CONNECTION REQUEST and duplicate ACK. 2001 Copyright SCUT DT&P Labs 57 4. Positive Acknowledgement with Retransmit Events at Sender Site Network Messages Events at Receiver Site Packet lost Send Packet 1 Start Timer Packet should arrive ACK should be sent ACK would normally arrive at this time Timer Expires Retransmit Packet 1 Start Timer Receive Packet 1 Send ACK 2 Receive ACK 2 Cancel Timer 2001 Copyright SCUT DT&P Labs 58 5. Sliding Window Protocol Initial window Segments 1, 2 and 3 acknowledged Window Slides 2001 Copyright SCUT DT&P Labs 59 5.1 Sliding Window Protocol Send Segment 1 Receive Segment 1 Send Segment 2 Receive Segment 2 Send ACK 3 for next segment expected Send Segment 3 Receive Segment 3 Send ACK 4 for next segment expected 2001 Copyright SCUT DT&P Labs 60 5.2 Example: TCP Transmission Policy The Flow Control based on Shift Window Mechanism in TCP: Application does a 2k write Sender 2K, SEQ=0 ACK=2048, WIN=2048 Application does a 3k write Sender is blocked Sender may send up to 2K 2K, SEQ=2048 ACK=4096, WIN=0 ACK=4096, WIN=2048 1K, SEQ=4096 2001 Copyright SCUT DT&P Labs Receiver Receiver’ buffer 0 4K Empty 2K Full Application reads 2k 2K 1K 2K 61 6. Well-known Port Numbers Port Number 7 20 21 23 25 53 80 160 -223 2001 Copyright Description Echo File transfer protocol (FTP) data File transfer protocol (FTP)control Telnet Simple mail transfer protocol (SMTP) Domain name server (DNS) World wide web (WWW) Reserved SCUT DT&P Labs 62 7. TCP Congestion Control The Congestion Algorithm in TCP: Congestion Window Congestion Window (KByte) 40 Timeout 35 Threshold 30 25 Threshold 20 15 10 5 0 0 5 10 15 Transmission Number 20 25 Transmission Window=Min(Sliding Window, Congestion Window) 2001 Copyright SCUT DT&P Labs 63 7.1 Congestion Avoidance Allowed-window = minimum of receiver_advertisement and congestion window Steady state: congestion window = receiver_advertisement Congestion occurs: reduce the congestion window by half each time a segment is lost down to a minimum of one segment Congestion clears: increase the congestion window by one each time an acknowledgement is received (“Slow start”) The congestion window is flow control imposed by the sender, while the advertised window is flow control imposed by the receiver. 2001 Copyright SCUT DT&P Labs 64 The UDP Protocol 2001 Copyright SCUT DT&P Labs 65 UDP 1. User Datagram Protocol (UDP) Connectionless No session is established Does not guarantee delivery No sequence numbers No acknowledgements Reliability is the responsibility of the application Uses port numbers as end points to communicate 2001 Copyright SCUT DT&P Labs 66 UDP 2 The Header of the UDP Packet 31 0 Source port Destination port UDP length UDP checksum 2001 Copyright SCUT DT&P Labs 67 UDP 2. The Header of the UDP Packet (continued) Source port & Destination port: these fields identify the local and the end points of the connection. UDP length : the length of the header and data. Checksum is provided for extreme reliability, it include the pseudo-header. 2001 Copyright SCUT DT&P Labs 68 UDP 2. The Header of the UDP Packet (continued) The pseudo-header includes in the TCP or UDP checksum Source address Destination address 00000000 2001 Copyright Protocol # TCP/UDP segment length SCUT DT&P Labs 69 UDP 3. The Computation of the TCP/UDP Checksum It checksums the header, the data and the conceptual pseudo-header of the packet. The checksum algorithm is simply to add up all the 16-bit words and then to take 1’s complement of the sum. When the receiver performs the calculation on the entire segment, including the checksum field, the result should be zero. 2001 Copyright SCUT DT&P Labs 70 The Transport Layer Service Primitives 2001 Copyright SCUT DT&P Labs 71 The Transport Layer Service Primitives 1. Transport service •Transport service primitives allow transport users (e.g., application programs) to access the transport service . •The application programs assume the connection between them is perfect. They do not want to know about acknowledgements, lost packets, congestion, or anything like that. •The connection-oriented transport service hides the imperfections of the network service so that user processes can just assume the existence of an error-free bit stream. 2001 Copyright SCUT DT&P Labs 72 The Transport Layer Service Primitives •The transport layer can also provide unreliable (datagram) service. In such case, the application layer is responsible for error control, flow control, etc. . •The network service is used only by the transport entities. Many programs (and thus the programmers) see only the transport primitives. 2001 Copyright SCUT DT&P Labs 73 The Transport Layer Service Primitives 2. Berkeley Sockets Primitive Meaning SOCKET : Create a new communication end point. BIND: Attach a local addresser to a socket. LISTEN: Announce willingness to accept connections; give queue size. ACCEPT: Block the caller until a connection attempt arrives. CONNECT: Actively attempt to establish a connection. SEND: Send some data over the connection. RECEIVE: Receive some data from the connection. CLOSE: Release the connection. 2001 Copyright SCUT DT&P Labs 74 The Transport Layer Service Primitives 3. Server side •The SOCKET primitive creates a new end point and allocates table space for it within the transport entity. •The parameters of the call (SOCKET) specify (1) the addressing format to be used, (2) the type of service desired (e.g. reliable byte stream); (3) the protocol. •The BIND primitive (call) is used to assign an address and a port number to a socket; 2001 Copyright SCUT DT&P Labs 75 The Transport Layer Service Primitives •The LISTEN primitive allocates space to queue incoming calls for the case that several clients try to connect at the same time. •The ACCEPT primitive is executed by a server to block waiting for an incoming connection. 2001 Copyright SCUT DT&P Labs 76 4. Client side: The Transport Layer Service Primitives •A socket must first be created using the SOCKET primitive; •The CONNECT primitive (it contains the address and port number) is to block the caller and actively starts the connection process. •When an appropriate TPDU is received from the server, the client process is unblocked and the connection is established. •Both sides can now use SEND and RECEIVE to transmit and receive data over the full-duplex connection. 2001 Copyright SCUT DT&P Labs 77 5. Connectionless (UDP) communication operation Server Client socket() socket() bind() bind() recvfrom() sendto() request for data send data closesocket() 2001 Copyright recvfrom() sendto() closesocket() SCUT DT&P Labs 78 6.Connection-oriented (TCP) communication operation Server socket() bind() Client listen() socket() accept() read() request for connection request for data connect() write() send data 2001 Copyright write() read() closesocket() closesocket() SCUT DT&P Labs 79 The Application layer Protocol of TCP/IP 2001 Copyright SCUT DT&P Labs 80 The Application layer Protocol of TCP/IP The application layer supports addressing protocols and network management. It also has protocols for file transfer, e-mail, and remote login. File Transfer : TFTP ; FTP E-Mail : SMTP Remote Login : Telnet ; FTP Network Management : SNMP Name Management : DNS 2001 Copyright SCUT DT&P Labs 81 DNS- Domain Name System Protocol software Humans 185.26.69.125 ? Kiss.val.com Internet addresses are hard for humans to remember - Easy for protocol software to work with. Symbolic names are more natural for humans - Hard for protocol software to work with. 2001 Copyright SCUT DT&P Labs 82 Internet Domain Name Space Generic int com edu tcl Oxford eng CS gov Countries mil org net ie se Pizza cookie eng 4Star Krusty ai Linda Burger robot 2001 Copyright us SCUT DT&P Labs 83 Domain Name Resolution . com Juniper TCL eng 2001 Copyright sales SCUT DT&P Labs ACC research 84 Domain Name Resolution 1 Root Name Server 2 3 4 Com Name Server 5 Local Name Server 6 tcl.com 7 Recursive query 1 8 10 eng.tcl.com 9 DNS Client 2001 Copyright SCUT DT&P Labs 85 Domain Name Resolution 2 Edu Name Server UV CS Name Server Originator 1 2 Cs.vu.nl Flits.cs.vu.nl 8 7 Yale CS Name Server Yale Name Server 3 Edu-server .net 4 Yale.edu 6 Cs.yele.edu 5 How the originator (flits.cs.vu.nl) gets the IP address of the host, ai.cs.yale.edu. 2001 Copyright SCUT DT&P Labs 86 DNS Caching Internet name servers use name caching to reduce the traffic on the internet and improve performance. Servers report cached information to clients, but mark it as a nonauthoritative binding, If efficiency is important, the client will choose to accept the nonauthoritative answer and proceed. If accuracy is important the client will choose to contact the authority and verify that the binding between name and address is still valid. Whenever an authority responds to a request, it includes a Time To Live (TTL) value in the response that specifies how long it guarantees the binding to remain 2001 Copyright SCUT DT&P Labs 87 TCP and UDP port numbers The concept of the Well-Known Port Number Application Layer F T P 21 Transport Layer 2001 Copyright T e l n e t S N M P D N S T F T P 23 25 53 69 TCP UDP SCUT DT&P Labs S N M P 161 Port number 88 Telnet Remote terminal protocol which allows a user at one site to establish a TCP connection to a login server at another Defines a network virtual terminal that provides a standard interface to remote systems Includes a mechanism that allows the client and server to negotiate options, and it provides a set of standard options Treats both ends of the connection symmetrically 2001 Copyright SCUT DT&P Labs 89 Telnet (Contd) Local directly attached Client Remote Telnet Client Remote Login SERVER Local Login LAN 2001 Copyright SCUT DT&P Labs 90 Network Virtual Terminal (NVT) Telnet Client Client system format used ASCII Control code NUL TCP Connection Telnet Server NVT format used Decimal Assigned meaning value 0 No operation (has no effect on output) BEL 7 Produce audible signal BS 8 Move left one character position HT 9 Move right to the next horizontal tab stop LF 10 Move down (vertically) to the next line VT 11 Move down to the next vertical tab stop FF 12 Move to the top of the next page CR 13 Move to the left margin on the current line 2001 Copyright Server system format used SCUT DT&P Labs 91 Telnet Command Codes Decimal Command Assigned Meaning Value SE 240 End of option sub-negotiation NOP 241 No operation DM 242 Data mark BRK 243 Break IP 244 Interrupt process AO 245 Abort output AYT 246 Are you there EC 247 Erase character EL 248 Erase line GA 249 Go ahead SB 250 Begin sub-negotiation WILL 251 Sender request enabling option WONT 252 Sender rejects enabling option DO 253 Sender requests other side enabling option DONT 254 Sender rejects other side enabling option IAC 255 Interpret next octet as command 2001 Copyright SCUT DT&P Labs 92 Telnet (Contd) Telnet command codes are one or more octets in length, and are preceded by an interpret as command (IAC) character,which is an octet with each bit set equal to one (FF hex). If an octet equal to FF hex occurs in real date, it must be preceded by an IAC character in order to prevent it being mistaken as an IAC character. Example: IAC IP ----- 255 followed by 244. 2001 Copyright SCUT DT&P Labs 93 Telnet Options Name Code RFC Assigned meaning Transmit Binary 0 856 Change transmission to 8-bit binary Echo 1 857 Allow one side to echo data it receives Suppress-GA 3 858 Suppress go-ahead signal after data Status 5 859 Request for status of a Telnet option from remote site Timing-mark 6 860 Request timing mark to be inserted in return stream Terminal-type 24 884 Exchange info.. about the terminal type being used End-of-record 25 885 Terminate data sent with EOR code Linemode 34 1116 Send complete lines instead of individual characters 2001 Copyright SCUT DT&P Labs 94 File Transfer Protocol (FTP) FTP is the Internet standard for file transfer. FTP is used to copy a complete file from one system to another system. FTP also offers other facilities beyond the transfer function itself: Interactive access Format specification Authentication control 2001 Copyright SCUT DT&P Labs 95 File Transfer Protocol - (FTP) FTP control (port 21) FTP data (port 20) 2001 Copyright SCUT DT&P Labs 96 FTP Commands Command Description ABOR LIST filelist PASS password PORT n1,n2,n3,n4,n5,n6 QUIT RETR filename STOR filename SYST TYPE type USER username Abort previous FTP command and any data transfer List files or directories Password on server Client IP address (n1.n2.n3.n4) and port (n5 * 256 + n6) Logoff from server Retrieve (get) a file Store (put) a file Server returns system type Specify file type: A for ASCII, I for image Username on server 2001 Copyright SCUT DT&P Labs 97 FTP Replies Reply Description 1yz Positive preliminary reply. The action is being started, but expect another reply, before sending another command. 2yz Positive completion reply. A new command can be sent. x0z Positive intermediate reply. The command has been accepted but another command must be sent. Transient negative completion reply.The requested action did not take place, but the error condition is temporary so the command can be reissued later. Permanent negative completion reply. The command was not accepted and should not be retried. Syntax errors x1z Information x2z Connections; Replies referring to the control or data connections. x3z Authentication and accounting. Replies for the login or accounting commands. x4z Unspecified x5z Filesystem status 3yz 4yz 5yz 2001 Copyright SCUT DT&P Labs 98 FTP Example > ftp rs.internic.net Connected to rs.internic.net. 220-*****Welcome to the InterNIC Registration Host ***** *****Login with username "anonymous" *****You may change directories to the following: policy templates netinfo domain - Registration Policies - Registration Templates - NIC Information Files - Root Domain Zone Files 220 And more! User (rs.internic.net:(none)): anonymous 331 Guest login ok, send your complete e-mail address as password. Password:xxxxxxxxxxxx 230 Guest login ok, access restrictions apply. ftp> cd rfc 250 CWD command successful. ftp> get rfc1878.txt 200 PORT command successful. 150 Opening ASCII mode data connection for rfc1878.txt (19414 bytes). 226 Transfer complete. ftp: 19865 bytes received in 85.02Seconds 0.23Kbytes/sec. 2001 Copyright SCUT DT&P Labs 99 FTP Example (Contd) Client Server USER anonymous PASS guest TYPE ASCII 200 Command OK MODE STREAM 200 Command OK STRU FILE 200 Command OK RETR 200 Port Command OK 150 Opening data connection for... 226 Transfer complete QUIT 2001 Copyright SCUT DT&P Labs 100 TFTP- Trivial File Transfer Protocol TFTP is an extremely simple protocol to transfer files Communication between a TFTP client and server uses UDP (port 69) not TCP TFTP does not have authorisation TFTP always sends 512 byte blocks of data 2001 Copyright SCUT DT&P Labs 101 TFTP Process TFTP Client TFTP Server WRQ (WRQ) ACK (ACK) DATA (DATA) ACK 512 octets (ACK) DATA (DATA) ACK < 512 octets (ACK) 2001 Copyright SCUT DT&P Labs 102 Format of TFTP Messages 2 octets Read request (1) n octets 1 octet Filename 0 n octets 1 octet Filename 0 2 octets Write request (2) 2 octets Data (3) 2 octets Ack (4) 2 octets Error (5) n octets Mode n octets Mode 1 octet 0 1 octet 0 Up to 512 octets 2 octets Block number Data 2 octets Block number 2 octets Error code 2001 Copyright n octets Error message SCUT DT&P Labs 0 103 Simple Mail Transfer Protocol (SMTP) SMTP is the Internet standard mail service Uses TCP port 25 SMTP TCP IP Network Interface (data-link & physical) 2001 Copyright SCUT DT&P Labs 104 SMTP Process User User agent accepts the message and formats it builds list of destinations sends list and message to a queue for the client Client interactively creates the message establishes TCP connection with remote SMTP servers sends addresses to the relevant servers sends single copy of message to each server Server constructs a header (which includes pointer to user’s text) for each address places header in the queue of the appropriate mailbox 2001 Copyright SCUT DT&P Labs 105 SMTP Process (Contd) User terminal A User terminal B Port 25 SMTP Client SMTP Server Port 25 SMTP Server TCP/IP Internet SMTP Client SMTP System 1 2001 Copyright User terminal C SMTP System 2 SCUT DT&P Labs 106 SMTP Commands HELO sent by an SMTP agent to initialise a connection and identify the SMTP client. format: “HELO(SP){domain host name}(CRLF)”. MAIL identifies the sender format: “MAIL(SP)<reverse path>(CRLF)”. RCPT identifies the recipient format: “RCPT(SP)TO:<forward path>(CRLF)”. 2001 Copyright SCUT DT&P Labs 107 SMTP Commands (Contd) DATA informs the SMTP server that the phase of sending forward paths is complete implies the next communication is data. format: “DATA(CRLF)” SEND identifies an individual terminal to receive the mail format: “SEND(SP)TO:<reverse path>(CRLF)”. QUIT advises the SMTP server that the SMTP client is finished format: “QUIT(CRLF)”. 2001 Copyright SCUT DT&P Labs 108 Reply Codes Reply Code Reply Code Meaning Meaning 211 System status 500 Syntax error, command unrecognised 214 Human information about how to use SMTP 501 Syntax error, in parameters or arguments 220 <domain> service ready 502 Command not implemented 221 <domain> service closing channel 503 Bad sequence number 250 Requested mail action okay, completed 504 Command parameter not implemented 251 User not local, forwarded to forward path 550 Requested action not taken; mailbox unavailable 354 Start mail input, end with <CRLF>.<CRLF> 551 Requested action not taken; error in processing 421 <domain> Service not available 552 User not local; please try <forward path> 450 Requested action aborted; mailbox unavailable 553 Action not taken; mailbox name not allowed 451 Requested action aborted; error in processing 554 Transaction failed 452 Requested action aborted; insufficient storage 2001 Copyright SCUT DT&P Labs 109 SMTP Protocol Example Number Client/Server 1 Server 220 {Server Name B} Mail Transfer Service Ready 2 Client HELO {Host Name A} 3 Server 250 {Service Name B} 4 Client MAIL FROM:<[email protected]> 5 Server 250 OK 6 Client RCPT TO:<[email protected]> 7 Server 250 OK 2001 Copyright Reply code communication SCUT DT&P Labs 110 SMTP Protocol Example (Contd) Number Client/Server 8 Client RCPT TO:<[email protected]> 9 Server 550 No such user here 10 Client RCPT TO:<[email protected]> 11 Server 250 OK 12 Client DATA 13 Server 354 Start mail input; end with <CRLF>.<CRLF> 14 Client {ASCII character text} 15 Client <CRLF>.<CRLF> 16 Server 250 OK 17 Client QUIT 18 Server 221 {Host Name B} Service closing channel 2001 Copyright Reply code communication SCUT DT&P Labs 111 The end of part 2 2001 Copyright SCUT DT&P Labs 112