Transcript Overview of TCP/IP

Overview of TCP/IP Protocols
Computer Network Programming
IP Protocol Header
Version
Hdr
length
identification
Time to leave
Total length
Type of service
Fragment offset
flags
protocol
Header checksum
32 bit source IP address
32 bit destination IP address
Options (if any)
Data
20 byte
Header
• Version is 4 (IPv4)
• Header length is the number of 32 bits in the header
• Type of service field is used to assign priorities to
the packets
• Total length field is the total length of an IP packet
(max 65535).
• Identification field identifies each IP packet sent. It
is used in fragmentation.
• Time-to-live field limits the lifetime of an IP packet
– Each router decrements it.
• Protocol field is used to demultiplex the incoming
packet to the appropriate upper layer: TCP, UDP.
• Header checksum is calculated over the header to
check the integrity of the header.
• Source IP address is the IP address of the sending
machine.
• Destination IP address is the IP address of the
receiving machine.
• Options field can keep additional information. It is
optional.
IPv6
• IPv4 address space is limited and can not
support the ever increasing number of hosts
in the Internet in the future.
• IPv4 does not support Quality of Service
• Ipv6 has more clean and efficient header
• IETF developed IPv6 to address these
problems
• IPv6 is not globally operational. IPv4 is used in
most places. But islands of IPv6 networks exists.
IPv6 Header
Version
Traffic
Class
Flow Label
Payload length
Next Header
128 bit Source Address
128 bit Destination Address
Hop Limit
• Version: 6 for IPv6.
• Traffic Class: identifies different classes and
priorities
• Flow Label: used by the source to label the packets
that makes a stream from source to destination
• Payload Length: the length of the data portion.
• Next Header: identifies the type of the header that is
immediately used after the IPv6 header: TCP, UDP..
• Hop Limit: decremented by 1 by each router that
forwards the packet. If reaches to zero, then the
packet is discarded.
Other Protocols
Application
layer
User
process
User
process
User
process
User
process
User
level
Processes
API
Transport
layer
Network
layer
Link
layer
TCP
ICMP
ARP
UDP
IP
Hardware
İnterface
Ethernet/PPP/...
IGMP
RARP
Physical Media (Ethernet cable, serial line, ….)
Kernel
Applications
(User level
Processes)
Process 1
Process 2
Process N
TCP/IP protocols are implemented inside
the kernel
Operating System Kernel
HW
Demultiplexing
Appl.
Appl.
Appl.
Appl.
Demultiplexing based on port
number in TCP/UDP header
TCP
ICMP
UDP
IGMP
Demultiplexing based
on protocol number in IP header
IP
ARP
RARP
Ethernet
Driver
Incoming frame
Demultiplexing based on
frametype in the ethernet
header
Link Layer
• Two examples of different link layer
protocols
• Ethernet
– protocol that is used in local area networks (for example in
the network in dormitories and departments
– shared pysical link
– responsible from framing.
– implements a MAC protocol
• PPP
– the protocol that is used over telephone lines/serial lines at
your home while getting connected to Internet from home
– dedicated physical link
– no MAC protocol is needed.
– Responsible from framing of IP datagrams (packets) over
byte stream oriented serial lines.
Bilkent Web Server
at the University
Web Server
Bilkent Campus
Router
TCP
Your computer
at home
IP
IP
Ethernet
Web Browser
Ethernet
Wide area
connectivity
Local Area Network at School
TCP
IP
ISP router
IP
PPP
PPP
Internet
Serial line
modem
Telephone
network
Telephone lines
modem
Wide area
connectivity
ISP: Internet service provider
Ethernet
6 bytes
dst
address
6
src
address
2
type
0800
0806
8035
46-1500 bytes
data
4
CRC
IP datagram
ARP packet
RARP packet
Dst and Src addresses are 6 bytes MAC addresses. They are
globally unique.
Example: 00:0e:63:93:2e:86
MTU (maximum tranferable unit) is 1500 bytes.
IP packet should be fragmented to that size if they
are larger than 1500 bytes.
PPP
1
1
1
2
Flag Addr control
Protocol
0x7E 0xFF 0x03
0021
C021
8021
<= 1500
data
2
CRC
1
Flag
0x7E
IP datagram
Link control packet
Network control packet
All occurances of 0x7E is byte stuffed: replaced with 0x7d 0x5e
0x7d is transmitted as 2 byte sequence 0x7d 0x5d.
MTU is 1500, but can be negotiated
Connection oriented protocol: a PPP connection is established before
you send data. That is why you are waiting for some time when
connecting from home. Dialing time + PPP connection time
Loopback Interface
• There is an other interface on every
computer which is loopback. Its IP address
is always 127.0.0.1
• It does not have any hardware attached to it.
• If you send data to this address, data comes
back to your computer: so it is loopback.
IP
127.0.0.1/8 loopback
ethernet
Network interfaces
• You can have multiple network interfaces
in your computer: loopback, ethernet
interface, token ring interface….
• You will have an IP address and subnet
mask configured for each interface.
• Those machines that have more than one
physical network interface are called
multihomed machines.
ifconfig commad
You can use ifconfig command to see the configured interfaces
in a UNIX machine (ipconfig for WINDOWS). You use the same
command to configure/modify the properties of an interface (assign
IP address/subnet mask etc.)
ifconfig -a gives all the configured interfaces
example:
lo0: flags=849<UP,LOOPBACK,RUNNING,MULTICAST> mtu 8232
inet 127.0.0.1 netmask ff000000
le0: flags=863<UP,BROADCAST,NOTRAILERS,RUNNING,MULTICAST> mtu 1500
inet 139.179.21.217 netmask ffffff00 broadcast 139.179.21.255
Two interfaces are configures for this machine: loopback and an
ethernet interface.
ifconfig le0 gives information only on interface le0.
netstat command
• netstat command gives information about the
network connections that the machine has currently,
the routing table content etc. It is a command that
displays the content of various network related data
structures in the kernel.
netstat -nr shows the content of the routing table on that machine
Example:
aspendos{korpe}:> netstat -nr
Routing Table:
Destination
Gateway
Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ --------139.179.21.0
139.179.21.217
U
3 924 le0
224.0.0.0
139.179.21.217
U
3 0 le0
default
139.179.21.240
UG
0 851
127.0.0.1
127.0.0.1
UH
0 63282 lo0
Delivery of IP datagrams at the
Link layer
129.192.56.10
S
The frames in a LAN
are sent to each other
using MAC addresses as
the identities of the hosts.
Internet
c
Packets are coming for C (dst IP
address = 139.179.10.6)
Router
R
139.179.10.1
IP address of R
00:0e:63:93:2e:86 MAC address of R
LAN(Ethernet)
00:00:20:79:04:14
A
B
C
139.179.10.6
D
Use of MAC (link layer)
addresses
• When stations in a shared LAN send
frames(packets) to eachother, they use the MAC
addresses (link layer addresses) as the destination
address of the frames
• For example, route R will put the IP packet inside an
ethernet frame while sending the packet to host C.
the ethernet frame will contain the MAC address of
C as in its dst address field
• When host A (or B etc.) want to send an IP packet to
C, it does the same thing.
• All stations in a LAN talk to eachother using their
MAC addresses.
The IP packets that is send from Router R to C will be (assume
the packets are originated at computer S) like the following:
IP packet will be put into an Ethernet frame:
Ethernet frame that is originated at router R and destined to C
Dst addr
Src addr
Type
00:00:20:79:04:14 00:0e:63:93:2e:86 0x800
Src address
IP datagram
Dst address
129.192.56.10 139.179.10.6
Other
fields of IP
hdr
data
CRC
Address resolution
• Assume in a LAN a host want to send a
frame to the other host on the same LAN.
• How does the sender host knows the
Ethernet address of the receiving host?
• We need an address resolution protocol
A
C
B
R
D
E
F
A wants to send a frame to E (it can also be router R)
A will build an ethernet frame but it does not know the MAC
addres of E.
Address Resolution Protocol (ARP):
provides mapping from IP addresses to MAC addresses.
ARP and RARP
IP Address
ARP
RARP
MAC Address
RARP: reverse address resolution protocols.
How does ARP work
• Host that want to send a frame, broadcasts
an ARP request packet on the LAN
• The broadcast address is ff:ff:ff:ff:ff:ff (this
will be the dst address field in ethernet
frame)
• The ARP packet contains the IP address that
host wants the MAC address for.
• All hosts on the LAN receive the ARP
request packet.
ARP
• The destination host that has the IP address
matching the IP address in the ARP request
packet, replies back to the sending host with
a ARP replay packet and includes its MAC
address in the packet.
• The sending host takes the unicast reply and
learns the MAC address of the destination
• Note that the ARP reply is not broadcasted
but directly sent to the sender of the ARP
request packet.
ARP Cache
• When the sender host learns the MAC
address of the receiver host, it stores this
mapping in its cache (ARP table).
• All subsequent frames that are destined to
this host use this MAC address (without
invoking the ARP protocol)
• The mapping is stored for some period of
time (like 20 minutes) and then deleted.
arp command
arp allows you to display and modify (if you
are a superuser in UNIX) the ARP table
arp -a shows the content of the table
aspendos{korpe}:> arp -a
Net to Media Table
Device IP Address
Mask
Flags Phys Addr
------ -------------------- --------------- ----- --------------le0 hitit
255.255.255.255
00:40:61:00:3e:2a
le0 cisco3
255.255.255.255
00:e0:63:93:2e:86
le0 gordion
255.255.255.255
08:00:20:79:04:14
le0 pcmfbe.ef.bilkent.edu.tr 255.255.255.255
00:05:1c:01:d1:28
le0 139.179.54.1
255.255.255.255
00:e0:63:93:2e:86
le0 best.ee.bilkent.edu.tr 255.255.255.255
00:40:61:00:0d:c2
le0 didim.ee.bilkent.edu.tr 255.255.255.255
08:00:20:73:99:b6
le0 ph-mali.bcc.bilkent.edu.tr 255.255.255.255
00:e0:63:93:2e:86
le0 139.179.13.1
255.255.255.255
00:e0:63:93:2e:86
le0 pcscanner
255.255.255.255
00:80:ad:b7:c3:34
ARP Packet format
Ethernet
Header
ARP
request/reply
packet format
Ether dst addess
Ether src addess
Ether frame type
6 bytes
6
Sender Ether address
2
2
2
1
1
6
Sender Sender IP address
4
Target Ether address
6
Target IP address
4
Hw type
Prot Type
Hw Size
Proto Size
Example - ARP request
Frame 5 (42 on wire, 42 captured)
Arrival Time: Feb 19, 2002 22:48:18.612874000
Time delta from previous packet: 1.356006000 seconds
Time relative to first packet: 5.372405000 seconds
Frame Number: 5
Packet Length: 42 bytes
Host 139.179.137.84
Capture Length: 42 bytes
wants to learn the MAC
Ethernet II
Destination: ff:ff:ff:ff:ff:ff (ff:ff:ff:ff:ff:ff)
address of the router whose
Source: 08:00:46:48:43:9f
IP address is 139.179.137.1
Type: ARP (0x0806)
Address Resolution Protocol (request)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: request (0x0001)
Sender hardware address: 08:00:46:48:43:9f
Sender protocol address: 139.179.137.84
Target hardware address: 00:00:00:00:00:00
Target protocol address: 139.179.137.1
Example continued - ARP reply
Frame 6 (60 on wire, 60 captured)
Arrival Time: Feb 19, 2002 22:48:18.613552000
Time delta from previous packet: 0.000678000 seconds
Time relative to first packet: 5.373083000 seconds
Frame Number: 6
Packet Length: 60 bytes
Capture Length: 60 bytes
Ethernet II
Destination: 08:00:46:48:43:9f
Source: 00:e0:63:90:b7:9a (CABLETRO_90:b7:9a)
Type: ARP (0x0806)
Trailer: 00000000000000000000000000000000...
Address Resolution Protocol (reply)
Hardware type: Ethernet (0x0001)
Protocol type: IP (0x0800)
Hardware size: 6
Protocol size: 4
Opcode: reply (0x0002)
Sender hardware address: 00:e0:63:90:b7:9a
Sender protocol address: 139.179.137.1
Target hardware address: 08:00:46:48:43:9f
Target protocol address: 139.179.137.84
Answer comes
here
RARP protocol
• A diskless system like an X-terminal want
to learn its IP address automatically when
booted.
• It sends an RARP request, requesting the IP
address corresponding to its MAC address.
• A RARP server that keeps all the mapping
of MAC addresses to IP addresses replies
back with the corresponding IP address for
the diskless system
RARP
• The diskless system sends the RARP
request to the broadcast address.
ff:ff:ff:ff:ff:ff
• Only the RARP server replies back and it
replies back directly to the diskless system.