tcp/ip refresher
DESCRIPTION
TCP/IP Refresher. Prabhaker Mateti (ack: Many many sources …). TCP/IP ?. TCP = Transmission Control Protocol IP = Internet Protocol Almost always includes other protocols: UDP, User (Unreliable) Datagram ICMP, Internet Control Message ARP, Address Resolution. What’s a Protocol?. - PowerPoint PPT PresentationTRANSCRIPT
TCP/IP RefresherTCP/IP Refresher
Prabhaker MatetiPrabhaker Mateti
(ack: Many many sources …)(ack: Many many sources …)
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 22
TCP/IP ?TCP/IP ?
TCP = Transmission Control ProtocolTCP = Transmission Control Protocol IP = Internet ProtocolIP = Internet Protocol Almost always includes other protocols:Almost always includes other protocols:
– UDP, User (Unreliable) DatagramUDP, User (Unreliable) Datagram– ICMP, Internet Control MessageICMP, Internet Control Message– ARP, Address ResolutionARP, Address Resolution
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 33
What’s a Protocol?What’s a Protocol?
An agreed upon convention for An agreed upon convention for communication.communication.
Protocols must be formally Protocols must be formally defined and unambiguousdefined and unambiguous
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 44
TCP
UDP
ICMP other
IP layer IP layer IP layer IP layer
Physical Physical Physical Physical Physical Physical
LayersLayers
The relative heights indicate the level of functionality.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 55
Unix is a Layered Unix is a Layered SystemSystem
Applications
Libraries
System Calls
Kernel
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 66
LayersLayers
The routines/methods of Layer N The routines/methods of Layer N will will notnot call Layer N+1. call Layer N+1.
The routines/methods of Layer N The routines/methods of Layer N typically do call the same layer typically do call the same layer methods. methods.
The routines/methods of Layer N The routines/methods of Layer N typically do call Layer N-1 typically do call Layer N-1 methods.methods.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 77
DoD model: Four DoD model: Four LayersLayers1.1. Network Access Layer: Delivery over Network Access Layer: Delivery over
physical media in use.physical media in use.2.2. Internet Layer: Delivery across different Internet Layer: Delivery across different
physical networks that connect source physical networks that connect source and destination machines. and destination machines.
3.3. Host-to-Host Layer: Connection Host-to-Host Layer: Connection rendezvous, flow control, rendezvous, flow control, retransmission of lost data, etc. TCP retransmission of lost data, etc. TCP and UDP protocols are in this layer.and UDP protocols are in this layer.
4.4. Process Layer: User-level functions, Process Layer: User-level functions, such as SMTP, FTP and rlogin.such as SMTP, FTP and rlogin.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 88
OSI Reference ModelOSI Reference Model
Seven LayersSeven Layers7. Application7. Application
6. Presentation6. Presentation
5. Session5. Session
4. Transport4. Transport
3. Network3. Network
2. Data Link2. Data Link
1. Physical1. Physical
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 99
TCP/IP & OSITCP/IP & OSI
In OSI reference model In OSI reference model terminology -the TCP/IP protocol terminology -the TCP/IP protocol suite covers the network and suite covers the network and transport layers. transport layers.
TCP/IP can be used on many data-TCP/IP can be used on many data-link layers (can support many link layers (can support many network hardware network hardware implementations). implementations).
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1010
TCPTCP UDPUDP
IPIP
802.3802.3
Process Layer
Transport Layer
Network Layer
Data-Link Layer
ProcessProcess ProcessProcess
ICMP, ARP &
RARP
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1111
Physical LayerPhysical Layer
Responsibility:Responsibility:– transmission of raw bits over a transmission of raw bits over a
communication channel.communication channel. Issues:Issues:
– mechanical and electrical interfacesmechanical and electrical interfaces– time per bittime per bit– distancesdistances
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1212
Data Link Layer - Data Link Layer - Data Link ControlData Link Control Responsibility:Responsibility:
– provide an error-free communication provide an error-free communication linklink
Issues:Issues:– framing (dividing data into chunks)framing (dividing data into chunks)
header & trailer bitsheader & trailer bits
– addressingaddressing10110110101 01100010011 10110000001
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1313
The Data Link Layer - The Data Link Layer - The MAC sub layerThe MAC sub layer Medium Access Control (MAC) - Medium Access Control (MAC) -
needed by multi-access networks.needed by multi-access networks.
MAC provides DLC with “virtual MAC provides DLC with “virtual wires” on multi-access networks.wires” on multi-access networks.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1414
Ethernet: A Data-Link Ethernet: A Data-Link LayerLayer IEEE 802.3IEEE 802.3 Variety of physical layers.Variety of physical layers. Multi-access (shared medium).Multi-access (shared medium). Interface has a unique 6-byte hardware Interface has a unique 6-byte hardware
address. (E.g. 00-D0-09-E8-08-61)address. (E.g. 00-D0-09-E8-08-61) The broadcast address is all 1’s.The broadcast address is all 1’s. Addresses are assigned to vendors by a Addresses are assigned to vendors by a
central authority.central authority.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1515
An Ethernet FrameAn Ethernet Frame
Preamble is a sequence of alternating Preamble is a sequence of alternating 1’s and 0’s used for synchronization.1’s and 0’s used for synchronization.
CRC is Cyclic Redundancy CheckCRC is Cyclic Redundancy Check
8 bytes 6 6 2 0-1500 4
PreambleDestination
AddressSourceAddress
Len CRCDATA
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1616
Ethernet AddressingEthernet Addressing
Each NIC looks at every Each NIC looks at every frameframe and inspects the destination and inspects the destination address. If the address does not address. If the address does not match the hardware address of match the hardware address of the interface or the broadcast the interface or the broadcast address, the frame is discarded.address, the frame is discarded.
Some NICs can be programmed to Some NICs can be programmed to recognize multicast addresses.recognize multicast addresses.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1717
The Network LayerThe Network Layer
Responsibilities:Responsibilities:– path selection between systems (routing).path selection between systems (routing).– subnet flow control.subnet flow control.– fragmentation & reassemblyfragmentation & reassembly– translation between different network translation between different network
types.types. Issues:Issues:
– packet headerspacket headers– virtual circuitsvirtual circuits
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1818
The Transport LayerThe Transport Layer
Responsibilities:Responsibilities:– provides virtual end-to-end links provides virtual end-to-end links
between peer processes.between peer processes.– end-to-end flow controlend-to-end flow control
Issues:Issues:– headersheaders– error detection error detection – reliable communicationreliable communication
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 1919
The Session LayerThe Session Layer
Responsibilities:Responsibilities:– establishes, manages, and establishes, manages, and
terminates sessions between terminates sessions between applications.applications.
– service location lookupservice location lookup
Many protocol suites do not Many protocol suites do not include a session layer.include a session layer.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2020
The Presentation LayerThe Presentation Layer
Responsibilities:Responsibilities:– data encryptiondata encryption– data compressiondata compression– data conversiondata conversion
Many protocol suites do not Many protocol suites do not include a Presentation Layer.include a Presentation Layer.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2121
The Application LayerThe Application Layer
Responsibilities:Responsibilities:– anything not provided by any of the anything not provided by any of the
other layersother layers Issues:Issues:
– application level protocolsapplication level protocols– appropriate selection of “type of appropriate selection of “type of
service”service”
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2222
Layering & Headers Layering & Headers
Each layer needs to add control Each layer needs to add control information. information.
Typically prefixed to the data Typically prefixed to the data before passing on to the lower before passing on to the lower layer.layer.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2323
HeadersHeaders
Process
Transport
Network
Data Link
Process
Transport
Network
Data Link
DATA
DATA
DATA
DATA
H
H
H
H
HH
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2424
Example HeadersExample Headers
Physical: no headerPhysical: no header Data Link: Data Link:
– address of the receiving endpointsaddress of the receiving endpoints– address of the sending endpointaddress of the sending endpoint– length of the datalength of the data– checksumchecksum
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2525
Network layer header - Network layer header - examplesexamples protocol suite protocol suite
versionversion type of service type of service length of the length of the
datadata packet identifierpacket identifier fragment numberfragment number time to livetime to live
protocolprotocol header checksumheader checksum source network source network
addressaddress destination network destination network
addressaddress
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2626
Connecting NetworksConnecting Networks
Repeater: Repeater: physical layerphysical layer
Bridge: Bridge: data link layerdata link layer
Router: Router: network layernetwork layer
Gateway: Gateway: network layer and network layer and
above.above.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2727
RepeaterRepeater
Copies bits from one network to anotherCopies bits from one network to another Does not look at any bitsDoes not look at any bits Allows the extension of a network Allows the extension of a network
beyond physical length limitationsbeyond physical length limitations
REPEATER
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2828
BridgeBridge
Copies frames from one network to Copies frames from one network to anotheranother
Can operate selectively - does not copy Can operate selectively - does not copy all frames (looks at data-link headers).all frames (looks at data-link headers).
Extends the network beyond physical Extends the network beyond physical length limitations.length limitations.
BRIDGE
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 2929
RouterRouter
Copies packets from one network Copies packets from one network to another.to another.
Makes decisions about what route Makes decisions about what route a packet should take (looks at a packet should take (looks at network headers).network headers).
ROUTERROUTER
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3030
GatewayGateway
Operates as a routerOperates as a router Data conversions above the network Data conversions above the network
layer.layer. Conversions:Conversions:
– encapsulation - use an intermediate encapsulation - use an intermediate network network
– translation - connect different application translation - connect different application protocolsprotocols
– encryption - could be done by a gatewayencryption - could be done by a gateway
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3131
Encapsulation ExampleEncapsulation Example
Gateway Gateway
Provides service connectivity Provides service connectivity even though intermediate even though intermediate network does not support network does not support protocols.protocols.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3232
TranslationTranslation
Translate from green protocol to Translate from green protocol to brown protocolbrown protocol
Gateway
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3333
Encryption gatewayEncryption gateway
SecureNetwork
Secure NetworkEncryption/Decryption
Gateways
GWGW ? ??
Insecure Network
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3434
Hardware v. SoftwareHardware v. Software
Repeaters are typically hardware Repeaters are typically hardware devices.devices.
Bridges can be implemented in hardware Bridges can be implemented in hardware or software.or software.
Routers and gateways are typically Routers and gateways are typically implemented in software so that they can implemented in software so that they can be extended to handle new protocols.be extended to handle new protocols.
Many workstations can operate as Many workstations can operate as routers or gateways. routers or gateways.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3535
Modes of ServiceModes of Service
connection-oriented vs. connection-oriented vs. connectionlessconnectionless
sequencingsequencing error-controlerror-control flow-controlflow-control byte stream vs. message basedbyte stream vs. message based full-duplex vs. half-duplex.full-duplex vs. half-duplex.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3636
Connection-Oriented Connection-Oriented ServiceService establishment of a logical establishment of a logical
connection between two connection between two processes.processes.
transfer datatransfer data terminate connection.terminate connection.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3737
Connectionless ServiceConnectionless Service
Sends independent messages.Sends independent messages.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3838
SequencingSequencing
Sequencing provides support for Sequencing provides support for an order to communications.an order to communications.
A service that includes A service that includes sequencing requires that sequencing requires that messages (or bytes) are received messages (or bytes) are received in the same order they are sent.in the same order they are sent.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 3939
Error ControlError Control
Some services require error Some services require error detection.detection.
Checksums provide a simple error Checksums provide a simple error detection mechanism.detection mechanism.
Error control sometimes involves Error control sometimes involves notification and retransmission.notification and retransmission.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4040
Flow ControlFlow Control
Flow control prevents the sending Flow control prevents the sending process from overwhelming the process from overwhelming the receiving process.receiving process.
Flow control can be handled in a Flow control can be handled in a variety of ways.variety of ways.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4141
Byte Stream vs. Byte Stream vs. MessageMessage Byte stream implies an ordered Byte stream implies an ordered
sequence of bytes with no sequence of bytes with no message boundaries.message boundaries.
Message oriented services Message oriented services provide communication service to provide communication service to chunks of data called chunks of data called datagramsdatagrams. .
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4242
Full- v. Half-DuplexFull- v. Half-Duplex
Full-Duplex services support the Full-Duplex services support the transfer of data in both directions.transfer of data in both directions.
Half-Duplex services support the Half-Duplex services support the transfer of data in one direction.transfer of data in one direction.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4343
End-to-End v. Hop-to-End-to-End v. Hop-to-HopHop
Service modes, flow control and Service modes, flow control and error control can be error control can be
Either between endpoints of the Either between endpoints of the communication.communication.
Or between consecutive nodes on Or between consecutive nodes on the path between the endpoints.the path between the endpoints.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4444
End-to-EndEnd-to-End
Process A
Process B
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4545
Hop-by-HopHop-by-Hop
Process A
Process B
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4646
BufferingBuffering
Buffering can provide more efficient Buffering can provide more efficient communications. communications.
Buffering is most useful for byte stream services.Buffering is most useful for byte stream services.
Process A Process BSendBuffer
Recv.Buffer
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4747
AddressesAddresses
Physical Layer: no address necessaryPhysical Layer: no address necessary Data Link Layer: address must be able Data Link Layer: address must be able
to select any host on the network.to select any host on the network. Network Layer: address must be able Network Layer: address must be able
to provide information to enable to provide information to enable routing.routing.
Transport Layer: address must identify Transport Layer: address must identify the destination process.the destination process.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4848
BroadcastsBroadcasts
Broadcast = sending a message Broadcast = sending a message from one host to all other hosts from one host to all other hosts on the network.on the network.
A special address called the A special address called the “broadcast address” is created.“broadcast address” is created.
Some popular network services Some popular network services are based on broadcasting are based on broadcasting ((YP/NIS, rup, rusersYP/NIS, rup, rusers))
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 4949
The IP in TCP/IPThe IP in TCP/IP
IP is the network layerIP is the network layer packet delivery service (host-to-packet delivery service (host-to-
host).host). translation between different translation between different
data-link protocols.data-link protocols.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5050
IP DatagramsIP Datagrams
IP provides connectionless, IP provides connectionless, unreliable delivery of IP unreliable delivery of IP datagrams.datagrams.
Connectionless: each datagram is Connectionless: each datagram is independent of all others.independent of all others.
Unreliable: there is no guarantee Unreliable: there is no guarantee that datagrams are delivered that datagrams are delivered correctly or at all.correctly or at all.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5151
IP AddressesIP Addresses
The address must include The address must include information about what information about what networknetwork the receiving host is on. This the receiving host is on. This makes routing feasible.makes routing feasible.
IP addresses are not the same IP addresses are not the same as the underlying data-link as the underlying data-link (MAC) addresses.(MAC) addresses.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5252
IP AddressesIP Addresses
Includes a network ID and a host Includes a network ID and a host ID.ID.
A Network ID is assigned to an A Network ID is assigned to an organization by a global authority organization by a global authority ((http://www.iana.org/http://www.iana.org/ ) )
Host IDs are assigned locally by a Host IDs are assigned locally by a system administrator.system administrator.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5353
IP AddressesIP Addresses
A single NIC is assigned one IP A single NIC is assigned one IP address. address.
A host may have multiple NICs, A host may have multiple NICs, and therefore multiple and therefore multiple hosthost addresses.addresses.
Hosts that share a network all Hosts that share a network all have the same IP have the same IP networknetwork address (the network ID).address (the network ID).
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5454
Subnet AddressesSubnet Addresses
An organization can subdivide it’s host An organization can subdivide it’s host address space into groups called subnets.address space into groups called subnets.
The subnet ID is generally used to group The subnet ID is generally used to group hosts based on the physical network hosts based on the physical network topology.topology.
It is possible to have a single wire network It is possible to have a single wire network with multiple subnets.with multiple subnets.
NetIDNetID SubnetIDSubnetID HostIDHostID
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5555
IP4 AddressesIP4 Addresses
ClassClass
00 NetIDNetID
1010
110110 NetIDNetID
1110 Multicast Address
HostIDHostID
NetIDNetID HostIDHostID
HostIDHostID
AA
BB
CC
DD8 bits 8 bits 8 bits8 bits
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5656
IP AddressesIP Addresses
An IP An IP broadcastbroadcast address has a address has a host- ID of all 1’s.host- ID of all 1’s.
An IP address that has a host ID An IP address that has a host ID of all 0’s is called a of all 0’s is called a networknetwork address and refers to an entire address and refers to an entire network.network.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5757
IP Addresses v. MAC IP Addresses v. MAC AddressesAddresses IP Addresses are not recognized by IP Addresses are not recognized by
NIC.NIC. The process of finding the MAC The process of finding the MAC
address of a host given the IP address address of a host given the IP address is called is called Address Resolution.Address Resolution.
The process of finding out the IP The process of finding out the IP address of a host given a hardware address of a host given a hardware address is called address is called Reverse Address Reverse Address Resolution.Resolution.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5858
IPv6 addressesIPv6 addresses
Address is 128 bits long (16 bytes)Address is 128 bits long (16 bytes) Addresses are written in hexadecimalAddresses are written in hexadecimal Addresses can be abbreviatedAddresses can be abbreviated
3FFE:0B00:0000:0000:0000:0000:0000:0003FFE:0B00:0000:0000:0000:0000:0000:00011
3FFE:0B00::00013FFE:0B00::00013FFE:B00::13FFE:B00::1
There is no broadcast addresses, only multicast.There is no broadcast addresses, only multicast. Loopback address is ::1Loopback address is ::1 Addresses are scopedAddresses are scoped
– Link-local, site-local, globalLink-local, site-local, global
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 5959
IP6 AddressIP6 Address
16 bits
3FFE: 0B00: 1234: 0000: 0000: 0000: 0000: 0001
128 bits
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6060
IP4-Compatible IP6 Address
0000 . . . 0000 IP4 Address0000
80 bits 32 bits16 bits
80 bits of 0s followed by 16 bits of 0s, followed by a 32 bit IP4 Address:
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6161
ARPARP
ARP is a broadcast protocol. Each host ARP is a broadcast protocol. Each host checks the request against its own host checks the request against its own host addresses - the matched one responds.addresses - the matched one responds.
Hosts remember the hardware Hosts remember the hardware addresses of others.addresses of others.
ARP protocol specifies that the receiving ARP protocol specifies that the receiving host should also remember the IP and host should also remember the IP and hardware addresses of the sending host.hardware addresses of the sending host.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6262
Services provided by Services provided by IPIP Connectionless Delivery (each Connectionless Delivery (each
datagram is treated individually).datagram is treated individually). Unreliable (delivery is not Unreliable (delivery is not
guaranteed).guaranteed). Fragmentation / Reassembly Fragmentation / Reassembly
(based on hardware MTU).(based on hardware MTU). Routing.Routing. Error detection.Error detection.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6363
IP DatagramIP Datagram
VERS HLFragment Offset
Fragment LengthServiceDatagram ID FLAG
TTL Protocol Header ChecksumSource IP Address
Destination IP AddressOptions (if any)
(TCP) Data
1 byte1 byte 1 byte 1 byte
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6464
IP Datagram IP Datagram FragmentationFragmentation Fragmentation can happen when Fragmentation can happen when
datagrams are forwarded through a datagrams are forwarded through a network for which they are too big. network for which they are too big.
IP specifies that datagram reassembly IP specifies that datagram reassembly is done only at the destination (not on is done only at the destination (not on a hop-by-hop basis).a hop-by-hop basis).
If any of the fragments are lost the If any of the fragments are lost the entire datagram is discarded (and an entire datagram is discarded (and an ICMP message is sent to the sender).ICMP message is sent to the sender).
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6565
ICMP (ICMP (Internet Control Message Protocol)
ping www.yahoo.comping www.yahoo.com ICMP uses IP to deliver messages.ICMP uses IP to deliver messages. ICMP messages are usually ICMP messages are usually
generated and processed by the generated and processed by the IP layer, not the user process.IP layer, not the user process.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6666
ICMPICMP
If packets arrive too fast the If packets arrive too fast the receiver discards excessive packets receiver discards excessive packets and sends an ICMP message to the and sends an ICMP message to the sender (SOURCE QUENCH).sender (SOURCE QUENCH).
If an error is found (header If an error is found (header checksum problem, say) the packet checksum problem, say) the packet is discarded and an ICMP message is discarded and an ICMP message is sent to the sender.is sent to the sender.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6767
ICMP Message TypesICMP Message Types
Echo RequestEcho Request Echo ResponseEcho Response Destination UnreachableDestination Unreachable RedirectRedirect Time ExceededTime Exceeded Redirect (route change)Redirect (route change) more ...more ...
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6868
UDP (User Datagram UDP (User Datagram Protocol)Protocol) UDP is a transport protocolUDP is a transport protocol Uses IP to deliver datagrams Uses IP to deliver datagrams Connectionless, Unreliable, Connectionless, Unreliable,
MinimalMinimal UDP uses UDP uses portsports to provide to provide
communication services to communication services to individual processes.individual processes.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 6969
PortsPorts
Port Port : an abstract destination : an abstract destination point. point.
Ports are identified by a positive Ports are identified by a positive 16-bit integer.16-bit integer.
Operating systems provide some Operating systems provide some mechanism that processes use to mechanism that processes use to specify a port. specify a port.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7070
PortsPorts
Host AHost A Host BHost B
Process
Process
Process
Process
Process
Process
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7171
UDP Datagram FormatUDP Datagram Format
Source Port Destination Port
Length Checksum
Data
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7272
SocketsSockets
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7373
SocketsSockets
An An active socketactive socket is connected to a is connected to a remote active socket. Closing the remote active socket. Closing the connection destroys the active connection destroys the active sockets at each endpoint. sockets at each endpoint.
A A passive socketpassive socket is not is not connected, but rather awaits an connected, but rather awaits an incoming connection, which will incoming connection, which will spawn a new active socket.spawn a new active socket.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7474
Sockets v. PortsSockets v. Ports
A socket is not a port. A socket is A socket is not a port. A socket is associatedassociated with a port. This is a with a port. This is a many-to-one relationship. many-to-one relationship.
Each port can have a single Each port can have a single passive socket, awaiting incoming passive socket, awaiting incoming connections, and multiple active connections, and multiple active sockets, each corresponding to an sockets, each corresponding to an open connection on the port. open connection on the port.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7575
TCPTCP
Transmission Control Protocol :Transmission Control Protocol : Connection-orientedConnection-oriented ReliableReliable Full-duplexFull-duplex Byte-StreamByte-Stream
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7676
ConnectionConnection
Four Numbers: Source IP Address, Four Numbers: Source IP Address, Source Port, Destination IP Source Port, Destination IP Address, Destination PortAddress, Destination Port
““connection is established”: connection is established”: Operating Systems of both source Operating Systems of both source and destination hosts are and destination hosts are maintaining “state information” maintaining “state information” re the connection.re the connection.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7777
Connection-OrientedConnection-Oriented
Connection oriented Connection oriented means that a means that a virtual connection is established virtual connection is established before any payload data is before any payload data is transferred. transferred.
If the connection cannot be If the connection cannot be established the user program is established the user program is notified. notified.
If the connection is ever interrupted If the connection is ever interrupted the user program is notified.the user program is notified.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7878
Connection Connection establishmentestablishment Connection establishment phase Connection establishment phase
is required is required Ensures that the receiving Ensures that the receiving
process is available and to process is available and to synchronize sequence numbers, synchronize sequence numbers, etc. etc.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 7979
TCP State DiagramTCP State Diagram
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8080
ReliableReliable
Every transmission of data is Every transmission of data is acknowledged by the receiver. acknowledged by the receiver.
If the sender does not receive If the sender does not receive ACK within a specified amount of ACK within a specified amount of time, the sender retransmits the time, the sender retransmits the data. data.
ACK can be piggybacked on data.ACK can be piggybacked on data.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8181
Byte StreamByte Stream
StreamStream means that the means that the connection is treated as a stream connection is treated as a stream of bytes. of bytes.
The user application does not The user application does not need to package data in need to package data in individual datagrams (as with individual datagrams (as with UDP).UDP).
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8282
BufferingBuffering
TCP is responsible for buffering TCP is responsible for buffering data and determining when it is data and determining when it is time to send a datagram. time to send a datagram.
It is possible for an application to It is possible for an application to tell TCP to send the data it has tell TCP to send the data it has buffered without waiting for a buffered without waiting for a buffer to fill up.buffer to fill up.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8383
Full DuplexFull Duplex
TCP provides transport in both TCP provides transport in both directions.directions.
To the application program these To the application program these appear as two unrelated data appear as two unrelated data streams, although TCP can streams, although TCP can piggyback control and data piggyback control and data communication by providing control communication by providing control information (such as an ACK) along information (such as an ACK) along with user data.with user data.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8484
TCP PortsTCP Ports
Interprocess communication via Interprocess communication via TCP is achieved with the use of TCP is achieved with the use of ports (just like UDP). ports (just like UDP).
UDP ports have no relation to TCP UDP ports have no relation to TCP ports (different name spaces).ports (different name spaces).
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8585
TCP/UDP PortsTCP/UDP Ports
Reserved Ports less than 1024: Only Reserved Ports less than 1024: Only root can bind to these ports.root can bind to these ports.
Local Port of a process that requested Local Port of a process that requested the connection. Usually a random the connection. Usually a random number, 0-65535.number, 0-65535.
Remote Port: What application Remote Port: What application accepted the connection. Usually a accepted the connection. Usually a known number. /etc/services. E.g.,known number. /etc/services. E.g.,
– 80 for HTTP80 for HTTP– 143 for IMAP143 for IMAP– 443 for HTTP/SSL443 for HTTP/SSL
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8686
TCP SegmentsTCP Segments
The chunk of data that TCP asks The chunk of data that TCP asks IP to deliver is called a IP to deliver is called a TCP TCP segmentsegment..
Each segment contains:Each segment contains:– data bytes from the byte streamdata bytes from the byte stream– control information that identifies control information that identifies
the data bytes the data bytes
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8787
TCP Segment Format TCP Segment Format
Destination Port
Options (if any)
Data
1 byte 1 byteSource Port
Sequence NumberRequest Number
1 byte 1 byte
offset Res Control WindowChecksum Urgent Pointer
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8888
Sequence NumberSequence Number
The “positional” number of the The “positional” number of the first data byte in this segment, first data byte in this segment, except when SYN control flag is except when SYN control flag is 1. 1.
If SYN is 1 the sequence number If SYN is 1 the sequence number is the initial sequence number is the initial sequence number (ISN). (ISN).
32 bit unsigned integer32 bit unsigned integer
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 8989
Sequence NumberSequence Number
Initial Sequence Number (ISN) is Initial Sequence Number (ISN) is randomly generated.randomly generated.
What if ISN is not random?What if ISN is not random?– You can hijack and kill arbitrary You can hijack and kill arbitrary
connections!connections!
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9090
Acknowledgment Acknowledgment NumberNumber
If the ACK control bit is set, this If the ACK control bit is set, this field contains the value of the field contains the value of the next sequence number the next sequence number the sender of the segment is sender of the segment is expecting to receive. Once a expecting to receive. Once a connection is established this is connection is established this is always included. always included.
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9191
Control BitsControl Bits
URG: Urgent Pointer field significant URG: Urgent Pointer field significant PSH: Push Function PSH: Push Function ACK: Acknowledgment field ACK: Acknowledgment field
significantsignificant RST: Reset the connection RST: Reset the connection SYN: Synchronize sequence numbersSYN: Synchronize sequence numbers FIN: No more data from sender FIN: No more data from sender
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9292
TCP v. UDPTCP v. UDP
Q: Which protocol is better ? Q: Which protocol is better ? A: It depends on the application.A: It depends on the application.
TCP provides a connection-TCP provides a connection-oriented, reliable byte stream oriented, reliable byte stream service (lots of overhead).service (lots of overhead).
UDP offers minimal datagram UDP offers minimal datagram delivery service (as little delivery service (as little overhead as possible).overhead as possible).
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9393
TCP three-way TCP three-way handshake handshake Establishes a connection.Establishes a connection.
1.1. A: A: “I would like to talk to you B.”“I would like to talk to you B.”
A sends a SYN packet to B A sends a SYN packet to B
2.2. B: B: “Ok, let's talk.”“Ok, let's talk.”
B sends a SYN-ACK packet to A B sends a SYN-ACK packet to A
3.3. A: A: “Thanks for agreeing.”“Thanks for agreeing.”
A sends ACK to B A sends ACK to B
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9494
TCP three-way TCP three-way handshakehandshakeFlags src dst seq ack Flags src dst seq ack
SYN 1037 80 SYN 1037 80 102723769102723769 0 0
SYN-ACK 80 1037 SYN-ACK 80 1037 15278572061527857206 102723770102723770
ACK 1037 80 ACK 1037 80 102723770102723770 15278572071527857207
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9595
Four-Way Handshake Four-Way Handshake
The Four-Way Handshake The Four-Way Handshake terminates a previously terminates a previously established connection: established connection:
1.1. A to B: FINA to B: FIN
2.2. B to A: ACKB to A: ACK
3.3. B to A: FINB to A: FIN
4.4. A to B: ACKA to B: ACK
Mateti, TCP/IP RefresherMateti, TCP/IP Refresher 9696
Connection ResettingConnection Resetting
Host X sends an RST packet Host X sends an RST packet resetting the connection if:resetting the connection if:– Y requested a connection to a non-Y requested a connection to a non-
existent port P on host X, or existent port P on host X, or – For whatever reason (idle for a long For whatever reason (idle for a long
time, or an abnormal condition, ...), time, or an abnormal condition, ...), the host X (client or the sever) the host X (client or the sever) wishes to close the connection. wishes to close the connection.
Resetting is unilateral.Resetting is unilateral.