TCP/IP FUNDAMENTALS

TCP/IP

TCP/IP is so central to the operation of the Internet that a detailed knowledge of it is required.

History

TCP/IP was standardized and adopted for wide use in 1983. Developed at the University of California, Berkeley as part of a larger UNIX project which included TCP/IP as a subset of it's functionality. Unix was given out to numerous Universities for little or no cost therefore TCP/IP was distributed widely. TCP/IP is an open standard which means nobody owns it and it has connectivity to a huge array of equipment and software.

TCP/IP Design Goals

End result was a system that is hardware independent, open standard, routable, efficient and flexible.

TCP/IP and the OSI Model

TCP/IP works at both the Network and Transport layers.

Transmission Control Protocol - Transport layer of the OSI model

Breaks data into pieces, adding routing information.
Wrapped and bundled pieces are called datagrams.
Three most important pieces: source and destination port numbers, sequence number and a checksum.

Source and destination port number ensures that the proper process sends and receives the datagram.
Sequence number allows the datagrams to be reassembled into the original whole object.
Checksum allows the receiving computer to know that it received the data without error.

Once these pieces are together, TCP hands the datagram to IP for routing.

Internet Protocol - Network layer of the OSI model

Connectionless...does not rely on handshaking or acknowledgments before starting a transmission. TCP provides the quality, IP provides the transport. IP adds another header to the datagram that includes the source and destination address, the protocol number and a checksum.

Gateways and Routing

If IP knows the route, it sends the datagram on the way. If it does not know the route it send the datagram to the default gateway. Each gateway has a routing table that tells it where to sent any datagram for further routing. If the gateways does not know where to send the datagram it is forwarded on willy-nilly until a gateway is found that knows where to send the datagram.

Datagrams may take different routes to their destination. Routes can be predetermined and static but usually the routers are dynamic. They respond to changes in the network to route in the most efficient manner they can.

Application Protocols

Simple Network Management Protocol (SNMP)

Allows gathering of information about the network. Information about devices is stored in the Management Information Base (MIB).

File Transfer Protocol (FTP)

Allows single or multiple file transfers between computers on the network. FTP is also the name of the client that uses the protocol. FTP clients contain all the tools needed, as well as a user interface, to transfer files.

Trivial File Transfer Protocol (TFTP)

A reduced FTP protocol. Stripped to a minimum of features it is very small and efficient.

Simple Mail Transfer Protocol (SMTP)

Moves Email from one server to another. The Email servers use POP or IMAP to interface with the Email user.

Post Office Protocol (POP)

Storage mechanism for incoming mail. When the user connects to the Email server all the stored Email messaged are immediately downloaded to the local machine for reading.

Internet Mail Access Protocol (IMAP)

Allows selective downloading of Email Includes search capability, authentication, and security.

Telnet

Terminal emulation package that allows the local machine to look like a terminal connected to the distant mainframe. Emulates the functionality of the terminal.

Internet Control Message Protocol (ICMP)

Works at the IP level. Provides network management function. As an example, routers send messages using ICMP about undeliverable packets. Ping uses ICMP to report back results.

Hypertext Transfer Protocol (HTTP)

Manages communication between a web browser and the web server.

Address Resolution Protocol (ARP)

ARP helps to reference a physical hardware address to its IP address. Addresses are stored in cache on the NIC. If the proper address is found, it is used otherwise a normal ARP request is performed. More later...

Network Time Protocol (NTP)

Synchronizes clocks on the network. Database information needs to be timestamped so a universal time and date are critical. Also time differences may confuse a transaction that sppears to have come from the future.

User Datagram Protocol (UDP)

COnnectionless protocol that offers speed, not reliability.

Ports and Sockets Explained

Data travels from a port on the sending computer to a prot on the receiving computer. Ports identify the application that is sending and receiving the data.
Ports are numbers with a 16 bit address ranging from 0 to 65,535.
In addition, ports are either TCP ports or UDP ports.

Some well known ports:

UDP 15
NETSTAT
TCP 21
FTP
TCP 23
Telnet
TCP 25
SMTP
UDP 53
DNS
UDP 69
TFTP
TCP 70
Gopher
TCP 79
Finger
TCP/UDP 80
HTTP
TCP 110
POP3
UDP 111
RPC
TCP 119
NNTP (Network News Transfer Protocol)
TCP 123
NTP
UDP 137
Netbios Name Service
UDP 161
SNMP Network Monitor
UDP 2049
NFS

Ports can be dynamically allocated when a computer needs to use the same service for two different machine that might be connected (servers). The combination of IP address and Port number is a socket. Two sockets, one on a sending machine and one on a receiver, define a connection.

IP Addressing

Make sure you remember that IP moves data between computer systems iwithin a datagram. A datagram is delivered to a specific port number. Enough information is contained in the header to allow the datagram to be delviered to the correct network as well as the correct host.

Ethernet Addresses Explained

Each NIC has a unique address known as a Media Access Control (MAC) address.
Hard coded into the device.
Programmed by the manufacturer as a unique 40 bit number.
First three parts of the address are organization unique and are supplied by IEEE.
Last three parts of an address are assigned by the manufacturer.
Two addressing schemes exist, IPv4 and IPv6.

IP Addresses Explained

IPv4
32 bit number.
4 parts separated by a dot.
Each octet can have a value between 0and 255.
Classes later...
Subnets later...
Reserved host addresses: 0 and 255. 9 represents the network and 255 is used for broadcast messages.

IPv6
128 bit addressing
Uses 8 sets of 4 hexadecimal digits.
3FFE:0B00:0800:0002:0000:0000:0000:000C

IPv4 Address Classifications

There are several classes of IP address that were originally planned. Model is archaic due to the limited number of addresses available. Sadly you need to know the classes and subnets in order to get the Network plus certification.

Class A - High order bit is always 0, therefore 127 neworks can be defined. 16,777,214 hosts on each Class A network. No more Class A addresses are available.

Class B - Two high order bits are 10 (one, zero), the remaining bits can be used to define 16,384 networks. 65,534 hosts on each Class B network. No more Class B networks are available.

Class C - Three high order bits are always 110 therefore 2,097,152 networks may be defined with a maximimum of 254 hosts. Class C addresses are available.

Class D - Four high order bits are 1110. Special multicast address. Cannot be used for networks.

Class E - High order bits are 1111. Used for experimental purposes

Loopback - (0111.1111) Unused

The Chart!

Class
 High Bits
Network
Host
 Starting address
A
 0
7 bits
24 bits
 126 or less
B
 10
14 bits
16 bits
 128 - 191
C
 110
21 bits
8 bits
 192 - 223
D
 1110
Multicast Addresses
 Fugetaboutit
E
 1111
Experimental
 Fugetaboutit
Loopback
 0111.1111
Unused
 127.0.0.1

 

Understanding Subnets

This is complicated stuff...Because we are running out of IP addresses, the concept of subnetting was developed. An IP subnet modifies the IP address by using HOST address bits as additional NETWORK address bits. This essentially moves the host address further to the right within a particular IP address. This has the effect of creating additional network addresses that may contain reduced numbers of hosts.

A subnet is a mask that cancels out unwanted bits and leaves behind the bits of interest. A subnet is only understood locally. Subnets are not used on the rest of the Internet. The good news is that generally you will only use one subnet mask on your network.

Subnet mast has 4 octets but defines three elements: network, subnet, host. If a subnet mask contains a 1 then that bit identifies a network. If 0 then that bit identifies a host.

Subnet Masks for Standard Classes

Class
Subnet Mask Bit Pattern
Subnet Mask
A
11111111 00000000 00000000 00000000
255.0.0.0
B
11111111 11111111 00000000 00000000
255.255.0.0
C
11111111 11111111 11111111 00000000
255.255.255.0

 

Advantages of Subnetting

  • Minimizes network traffic.
  • Reduces routing table size.
  • Isolates one network from another.
  • Maximizes performance.
  • Optimizes IP address space.
  • Enhances the ability to secure a network.

 

Subnetting a Class C Network

Let's see if I can explain this...and all examples use Class C networks only since this is the only class you are likely to see.

Example 1: Network ID - 192.100.100.0, Subnet - 255.255.255.0

This means that the network ID is 192.100.100 and the hosts on the network will be ID'd with numbers between 1 through 254 (remember that 255 is reserved for broadcast use and the first ID is reserved for the router). With this plan all traffic is on one segment and a router is not needed internally to segment traffic. So, to summarize...

Network ID - 192.100.100.0 (11000000.01100100.01100100.00000000)
Subnet - 255.255.255.0 (11111111.11111111.11111111.00000000)
Router Address - 192.100.100.1 (11000000.01100100.01100100.00000001)
Broadcast Address - 192.100.100.255 (11000000.01100100.01100100.11111111)
Hosts - 192.100.100.2 through 192.100.100.254

Example 2: Network ID - 192.100.100.0, Subnet - 255.255.255.128

This means that the network ID is 192.100.100 and the subnet divides the network into two sub-networks.

So, to summarize...

Network ID - 192.100.100.0 (11000000.01100100.01100100.00000000)
Subnet - 255.255.255.128 (11111111.11111111.11111111.10000000)


Network 1 ID - 192.100.100.0 (11000000.01100100.01100100.00000000)
Router 1 Address - 192.100.100.1 (11000000.01100100.01100100.00000001)
Broadcast 1 Address - 192.100.100.127 (11000000.01100100.01100100.01111111)
Host 1 Addresses - 192.100.100.2 through 192.100.100.126

Network 2 ID - 192.100.100.128 (11000000.01100100.01100100.10000000)
Router 2 Address - 192.100.100.129 (11000000.01100100.01100100.10000001)
Broadcast 2 Address - 192.100.100.255 (11000000.01100100.01100100.11111111)
Host 2 Addresses - 192.100.100.130 through 192.100.100.254

Example 3: Network ID - 192.100.100.0, Subnet - 255.255.255.224

This means that the network ID is 192.100.100 and the subnet divides the network into eight sub-networks.

So, to summarize...

Network ID - 192.100.100.0 (11000000.01100100.01100100.00000000)
Subnet - 255.255.255.224 (11111111.11111111.11111111.11100000)


Network 1 ID - 192.100.100.0
Router 1 Address - 192.100.100.1
Broadcast 1 Address - 192.100.100.31
Host 1 Addresses - 192.100.100.2 through 192.100.30

Network 2 ID - 192.100.100.32
Router 2 Address - 192.100.100.33
Broadcast 2 Address - 192.100.100.63
Host 2Addresses - 192.100.100. 34 through 192.100.100.62

Network 3ID - 192.100.100.64
Router 3 Address - 192.100.100.65
Broadcast 3 Address - 192.100.100.95
Host 3 Addresses - 192.100.100.66 through 192.100.100.94

Network 4 ID - 192.100.100.96
Router 4 Address - 192.100.100.97
Broadcast 4 Address - 192.100.100.127
Host 4 Addresses - 192.100.100.98 through 192.100.100.126

Network 5 ID - 192.100.100.128
Router 5 Address - 192.100.100.129
Broadcast 5 Address - 192.100.100.159
Host 5 Addresses - 192.100.100.130 through 192.100.100.158

Network 6 ID - 192.100.100.160
Router 6Address - 192.100.100.161
Broadcast 6 Address - 192.100.100.191
Host 6 Addresses - 192.100.100. 162 through 192.100.100.190

Network 7 ID - 192.100.100.192
Router 7 Address - 192.100.100.193
Broadcast 7 Address - 192.100.100.223
Host 7 Addresses - 192.100.100.194 through 192.100.100.222

Network 8 ID - 192.100.100.224
Router 8 Address - 192.100.100.225
Broadcast 8 Address - 192.100.100.255
Host 8 Addresses - 192.100.100. 226 through 192.100.100.254

Classless Internetwork Domain Routing (CIDR)

A, B, C classifications no longer used.
CIDR networks are described as "slash X" where the X represents the number of bits that InterNIC controls.

Examples of CIDR Network Types

InterNIC Network Type
Subnet Mask
Approx Number of IP Addresses
slash 8
255.0.0.0
16,000,000
slash 12
255.240.0.0
1,000,000
slash 16
255.255.0.0
65,536
slash 20
255.255.240.0
4096
slash 21
255.255.248.0
2048
.
.
.
.
.
.
.
.
.
slash 30
255.255.255.254
4

More to come...

 

IP Proxy Servers Explained

A proxy server is a program that handles traffic to external host systems on behalf of the client software running on the protected network. Like a one way mirror...clients can see out, the outside world cannot see in. To the user and the external host the proxy server is transparent. Because it examines all traffic, the proxy server can control the type of traffic that passes. May offer different users differing levels of capability.

Proxy Server Caching

Active caching...going out and getting docuumwents that might be needed (during periods of low activity).
Passive Caching...Waits until the user makes a request then decides whether to store the document for future use.

Internet Cache Protocol (ICP)

Communicates between two proxy servers about whether a page is available or not. Each proxy server manages its own cache resulting in multiple messages tracks between multiple cache servers. For this reason it is not scalable for large operations.

Cache Array Routing Protocol (CARP)

Multiple proxy servers within a single cache. Since multiple serves use the same cache, redundant documents are eliminated. Scalable...

Name Resolution Methods

Converts an IP address to a Fully Qualified Host Name (FQDN). Three methods: HOSTS file, DNS, WINS.

Internet Domain Organization

This book is dated...

There are seven top level domain names currently used:

com
edu
gov
int
mil
net
org

InterNIC assigns all domain names and ensures that there are no duplicates. Names are first-come, first-served. If name is trademarked the assignment to you will be rescinded.

Using HOSTS

An ascii file is created on your computer called HOSTS that lists the domain name and address. Easy and quick on single machine but would need to be on every machine within a network. Maintenance would be very high.

Using DNS

Domain Name Service. DNS server is an integral part of any TCP/IP network. May be a separate machine. Contains different records: A record for host anme to address, MX record for mail exchanger, CNAME record which is an alias record that might be used for ftp address..

Using WINS

Microsoft product. Microsoft uses NetBIOS and Net BEUI to build their networks. TCP/IP does not understand NetBIOS names so WINS provides the translation between NetBIOS names and IP addersses (DNS crossreferences TCP/IP names to IP addresses. Most netwrokd use both DNS and WINS. WINS builds its tables automatically while DNS is not automatic

Configuring TCP/IP on Windows Workstations

 

TCP/IP Properties

 

The IP Address Tab

 

The Bindings Tab

 

The Gateway Tab

 

The Advanced Tab

 

The WINS Configuration Tab

The DNS Configuration Tab

 

The Windows Registry

All TCP/IP configuration info is stored in the Registry. Most characteristic of TCP/IP can be changed through applets in the control panel Occasionally you need to edit the registry directly using REGEDIT.EXE.

Virtual LANs (VLANs)

Network within a network. Workstations connected to a public network that behave as though they are on a private LAN. Made possible by use of routers that have the capability to create VLAN.

 

 

 

Vocabulary

Return to Net+ Main Page.