Identify and explain the functions of the core TCP/IP protocols

Explain how the TCP/IP protocol correlate to the OSI model

Discuss addressing schemes for TCP/IP in IPv4 and IPv6

Describe the purpose and implementation of DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol)

Identify the well-known ports for key TCP/IP services

Describe common application layer TCP/IP protocols

Transmission Control Protocol/Internet Protocol◦Actually a whole suite of Protocols◦Developed in the late 1960s by the

Department of Defense◦Popularity due to

Low costs Communicate between dissimilar platforms Open Source Uses routable protocols Very flexible – can run on any network

Has several “core” protocols

Source PortDestination PortSequence NumberAcknowledgement NumberTCP Header LengthReservedFlags

URGACKPSHRSTSYNFIN

Sliding Window SizeChecksumUrgent PointerOptions Data

◦ Three-way Handshake SYN –

synchronization request for a connection

SYN-ACK – synchronization-acknowledgement confirmation that the distant end node is willing to make the connection

ACK – acknowledgement acknowledges the SYN-ACK

◦ Connection Established Connection Established!

1

2

3

SYN with SEQ# 558

SYN-ACK with SEQ# 669/ACK with SEQ# 559

ACK with SEQ# 559/ACK with SEQ# 670

Has only 4 field in its headerSource portDestination portLengthChecksum

Layer 4 protocolMore efficient that TCPUsed for live audio or video transmissionsNo acknowledgements

UDP Header

Network Layer protocol Contains information on how and where

data should be delivered including the source and destination IP addresses

Subprotocol that allows TCP/IP to traverse more than one LAN segment and more than one type of network through a router

VersionInternet Header LengthDifferentiated ServicesTotal LengthIdentificationFlagsFragment OffsetTime To LiveProtocolHeader ChecksumSource IPDestination IPOptionsPaddingData

Layer 3 protocolReports success or failure of data deliveryOnly provides error detection not correction

Aids in troubleshooting

Ping Command

Layer 3 Protocol Manages multicasting Multicasting allows one node to send

traffic destined for multiple nodes Routers use this protocol to determine

which multicasting group other nodes belong to

Layer 3 Protocol Maps the unknown MAC address to the known

IP address of a given node The requesting node send a broadcast message

that states; “I have this IP address, if this is your IP address please send me your MAC address.”

The node with that IP address replies with its MAC address in a broadcast message

The requesting node then places this information in its ARP table/cache

Two types of ARP table/cache entries Dynamic – created when the makes an ARP request that

cannot be satisfied by searching the ARP table Static – entries that someone has entered manually into

the ARP table

Layer 3 protocol Used in earlier networks when workstations

did not have the memory or processing power of today’s machines

Maps an unknown IP address to a known MAC address

The RARP request is sent to a RARP server that maintains a table of MAC-to-IP address maps

The server queries the RARP table to find the IP address of the associated MAC address

The server then returns the IP address to the requesting node

IP address is a 32 bit number divided into 4 bytes each and separated by periods

192.168.1.10 Each byte equals 8 bits therefore each byte is

referred to as an octet Although 8 bits have 256 possible

combinations only 254 numbers can be used The number 0 is a reserved placeholder and

represents the entire network address The number 255 is reserved for broadcast

transmissions

◦ There are 5 different classes◦ The first three classes are used for LANs◦ The other 2 classes are reserved for

multicasting and experimental use

10.0.0.0 – 10.255.255.255 – Private networks

127.0.0.0 – 127.255.255.255 – Loopback addresses

169.254.0.0 – 169.254.255.255 – Automatic Private IP Addressing

172.16.0.0 -172.31.255.255 – Private networks

192.168.0.0 -192.168.255 – Private networks

From a Windows OS Open a command prompt – Start button > All

Programs > Accessories > Command Prompt Type the command ipconfig /all and press enter

◦ From a UNIX or Linux OS Open a terminal window (shell)

◦ Type ifconfig –a at the shell prompt

◦ The most common way to express an IP address◦ A decimal number from 0-255 (256 possibilities)

represents each binary octet◦ Example:

131.65.10.36

Each dotted decimal notation number has a binary equivalent◦ When we take our example IP address –

136.65.10.36◦ The first octet 136 is converted as follows

The other octets are converted in the same way

The IP address expressed in binary is:

10000011 01000001 00001010 00100100

32 bit number that identifies the network segment or subnet and informs the rest of the network about the segment/subnet (subnet is the common name for network segment)

Used in conjunction with the IP address and is assigned manually or automatically through DHCP (covered in a later slide)

Can be expressed with either binary or dotted decimal notation

Example 255.255.255.0 All of the bits in the first three octets are turned on or have

a value of 1 and represents the network portion of the subnet

The last octet has no bits turned on or a value of 0 and represents the host portion of the subnet

Every node on the LAN or network must have a unique IP address assigned

Can be done manually or automatically

Manual configuration (Static IP address)

Automatic configuration (DHCP)

Older protocol developed in the mid 1980s Application Layer protocol Used a central list of IPs and the associated MAC

address of each device and assigned IPs automatically – dynamically assigns the IP address also called dynamic IP

When a BOOTP client connects The client sends a broadcast message that contains its

MAC address to the BOOTP server requesting an IP address The BOOTP server looks up the client’s MAC address in ts

BOOTP table The BOOTP server responds with

Client’s IP address Server IP address Server’s host name Default router IP address

Application Layer protocol Developed by the IETF to replace BOOTP Dynamically assigns IP addresses Does not use an IP address table like BOOTP Does require a DHCP server to be configured Reasons to use DHCP

Reduce management time on assigning and planning IP addresses

Reduce potential errors Enables flexibility in client’s location Makes IP addressing transparent to users

Client request an IP address in a UDP DHCP discover packet - broadcast message

All DHCP servers on the network get the broadcast All DHCP servers respond with an available IP address and

reserves this IP information so that other clients can’t get it The response message contains

The IP address Subnet mask IP address of the DHCP server Lease duration

The client accepts the first IP address it receives And responds with another broadcast message confirming

the IP address All other DHCP servers receive the message and release

their IP addressed reserved for the client back to their DHCP pool

Windows OS feature that assigns an IP address in the range of 169.254.0.0 – 169.254.255.255 and a subnet mask of 255.255.0.0

Allows communication only with nodes on the same LAN and hare automatically assigned an address in the APIPA address range

Used when DHCP services are temporarily unavailable

When DHCP services are restored the APIPA address is released

Advantages over IPv4 More efficient header than IPv4 Better security Better prioritization provisions 128 bits long increase amount of addresses to 296

(4 billion x 4 billion x 4 billion) Expressed in 8 hexadecimal 16 bit fields separated

by a (:) Example – F:F:0:0:0:0:3012:0CE3

Can be written in shorthand – all multiple fields that have a value of 0 can be abbreviated with a (::)

IPv6 Loopback is 0:0:0:0:0:0:0:1 Shortened IPv6 Loopback is ::1

Unicast – an address that represents a single interface – Prefix: FEC0 or FE80

Multicast – represents multiple interfaces normally on multiple devices…point-to-multipoint – Prefix: FF0x where x is a number that corresponds to a group scope ID – global multicast prefix : FF0E

Anycast – represents any one interface from a group of interfaces and any interface in that group can act on the message

Sockets represent a single connection between two network applications. A socket is the process port number and the host machines IP address

An example is The Telnet port number, 23, and the host machines IP address 131.10.25.5 with the port number following the IP address and a colon (:)

The above example is written as follows :

131.10.25.5:23

Simplifies TCP/IP and ensures that data transmitted is transmitted to the correct application

Port numbers range 0 to 65535

Well known ports range from 0 to 1023

Registered ports range 1024 to 49151

Dynamic or Private ports range 49152 to 65535

Click Here for Well Known Port List

A hostname is a specific name pointing to a specific device

A domain name is identifies a domain. A domain name is usually associated with some type of organization

Is represented by character strings called label Each label represents a level in the domain naming

hierarchy and is separated with dots An example is www.ctcd.edu

“.edu” is the top-level domain “.ctcd” is the second-level domain “www” is the third-level domain

Fully Qualified Domain Name (FQDN) the hostname followed by the domain name separated with a dot “.”

Predecessor to DNS An ASCII text file called HOSTS.TXT Mapped host names to IP addresses Used in early networks when they were

small Not practical in large networks or the

Internet

Hierarchal system developed in the mid 1980s that gave a more automated approach to domain names than the HOSTS.TXT file

Also known as Domain Name Service Relies on global DNS servers All servers are hierarchically related to 13 root servers Because it is distributed, it cannot fail catastrophically Divided into 3 components

Resolvers – any host on the Internet that needs to look up domain name information

Name servers – also called DNS servers contain databases of associated names and IP addresses and provide this information to the resolvers

Namespace – refers to the database of Internet IP addresses and their associated names

DDNS If IP addresses change frequently DNS becomes

unmanageable DDNS is a for-fee service that a service provider

runs on the user’s computer that informs the service provider of an IP change

The service provider’s server launches a routine that updates the DNS servers

Zeroconf A collection of protocols that simplify the setup of

nodes on a TCP/IP network IPv4 Local Link (IPv4LL) is a protocol that automatically

assigns IP addresses on locally connected nodes

Telnet – terminal emulation protocol used to logon to remote hosts using TCP/IP suite

File Transfer Protocol (FTP) – used to send and receive files via TCP/IP

Trivial File Transfer Protocol (TFTP) – Simplified transfer of files using UDP

Network Time Protocol (NTP) – Synchronizes clocks on computers on a network

Network News Transfer Protocol (NNTP) – Facilitates the exchange of news group messages

Packet Internet Groper (Ping) – a utility that verifies that TCP/IP is working, and configured correctly

For more information on this lesson, See Chapter

4 in the text book or email the Professor

**All Slides and graphics were produced by Professor Patrick Hughes**