qspiders - upper layer-protocols
TRANSCRIPT
UPPER LAYER UPPER LAYER PROTOCOLSPROTOCOLS
What Is TCP/IP?What Is TCP/IP?• A suite of protocols• Rules that dictate how packets of information are sent across multiple networks
• Addressing• Error checking
TCP/IP ProtocolTCP/IP Protocol• The Transmission Control Protocol/Internet
Protocol (TCP/IP) suit was created by the Department of Defense (DoD).
• The Internet Protocol can be used to communicate across any set of interconnected networks.
• TCP/IP supports both LAN and WAN communications.
• IP suite includes not only Layer 3 and 4 specifications but also specifications for common applications like e-mail, remote login, terminal emulation and file transfer.
• The TCP/IP protocol stack maps closely to the OSI model in the lower layers.
The DoD & OSIThe DoD & OSI
Application
Application
PresentationSession
TransportNetwork
Data Link
Physical
Host-to-HostInternet
Network Access
DoD Model OSI Model
TCP/IP Protocol Suit TCP/IP Protocol Suit atat DoD DoDDoD Model
Process /Application
Host-to-Host
Internet
Network Access
TCP/IP Protocol Suit
Telnet FTP LPD SNMP
X WindowNFSSMTPTFTP
TCP UDP
ICMP
Ethernet
ARP RARP
IP
FastEthernet
TokenRing FDDI
BootP
TCP/IP ApplicationsTCP/IP Applications• Application layer
• File Transfer Protocol (FTP)• Remote Login (Telnet)• E-mail (SMTP)
• Transport layer• Transport Control Protocol (TCP)• User Datagram Protocol (UDP)
• Network layer• Internet Protocol (IP)
• Data link & physical layer• LAN Ethernet, Token Ring, FDDI, etc.• WAN Serial lines, Frame Relay, X.25, etc.
Internet Layer Internet Layer OverviewOverview
• In the OSI reference model, the network layer corresponds to the TCP/IP Internet layer.
Internet Protocol (IP)
Internet Control MessageProtocol (ICMP)
Address ResolutionProtocol (ARP)
Reverse AddressResolution Protocol (RARP)
Application
Transport
Internet
Data-Link
Physical
Internet ProtocolInternet Protocol• Provides connectionless, best - effort delivery routing of datagrams.
• IP is not concerned with the content of the datagrams.
• It looks for a way to move the datagrams to their destination.
IP DatagramIP DatagramVersion
(4)
Destination IP Address (32)
Options (0 or 32 if Any)
Data (Varies if Any)
1Bit 0 Bit 15 Bit 16 Bit 31Header
Length (4)Type
of Service (8) Total Length (16)
Identification (16)Flags
(3) Fragment Offset (13)
Time-to-Live (8) Protocol (8) Header Checksum (16)
Source IP Address (32)
20Bytes
IP DatagramIP Datagram• Version – Currently used IP version
• Header Length – Datagram header length
• TOS – Level of importance assigned by a particular upper-layer protocol
• Total Length- Length of packet in bytes including Data and Header
• Identification – Identifies current datagram (Sequence Number)
• Flags – Specifies whether the packet can be fragmented or not
• Fragment Offset – Used to piece together datagram fragments
•TTL – It maintains a counter that gradually decreases, in increments, to zero
• Protocol – It indicates which upper-layer protocol receives incoming packets
• Header Checksum – Calculated checksum of the header to check its integrity
• Source IP Address – Sending node IP Address
• Destination IP Address – Receiving node IP Address
• Options – It allows IP to support various options like security
• Data – Upper layer information (maximum 64Kb)
•Determines destination upper-layer protocol
Protocol FieldProtocol Field
TransportLayer
InternetLayer
TCP UDP
ProtocolNumbers
IP
176
Address Resolution Protocol Address Resolution Protocol (ARP)(ARP)
• ARP works at Internet Layer of DoD Model• It is used to resolve MAC address with the help of a known IP address.
• All resolved MAC addresses are maintained in ARP cache table is maintained.
• To send a datagram this ARP cache table is checked and if not found then a broadcast is sent along with the IP address.
• Machine with that IP address responds and the MAC address is cached.
Address Resolution Address Resolution ProtocolProtocol
172.16.3.1 172.16.3.2
IP: 172.16.3.2 = ???
I need the Ethernet address of 176.16.3.2.
Address Resolution Address Resolution ProtocolProtocol
172.16.3.1 172.16.3.2
IP: 172.16.3.2 = ???
I heard that broadcast. The message is for me. Here is my Ethernet address.
I need the Ethernet address of 176.16.3.2.
Address Resolution Address Resolution ProtocolProtocol
172.16.3.1
IP: 172.16.3.2 Ethernet: 0800.0020.1111
172.16.3.2
IP: 172.16.3.2 = ???
I heard that broadcast. The message is for me. Here is my Ethernet address.
I need the Ethernet address of 176.16.3.2.
Address Resolution Address Resolution ProtocolProtocol
Map IP Ethernet
172.16.3.1
IP: 172.16.3.2 Ethernet: 0800.0020.1111
172.16.3.2
IP: 172.16.3.2 = ???
I heard that broadcast. The message is for me. Here is my Ethernet address.
I need the Ethernet address of 176.16.3.2.
RARP (Reverse ARP)RARP (Reverse ARP)• This also works at Internet Layer. • It works exactly opposite of ARP• It resolves an IP address with the
help of a known MAC addres.• DHCP is the example of an RARP
implementation.• Workstations get their IP address
from a RARP server or DHCP server with the help of RARP.
Reverse ARPReverse ARP
Ethernet: 0800.0020.1111 IP = ???
What is my IP address?
Reverse ARPReverse ARP
Ethernet: 0800.0020.1111 IP = ???
What is my IP address?
I heard that broadcast. Your IP address is 172.16.3.25.
Reverse ARPReverse ARP
Ethernet: 0800.0020.1111IP: 172.16.3.25
Ethernet: 0800.0020.1111 IP = ???
What is my IP address?
I heard that broadcast. Your IP address is 172.16.3.25.
Reverse ARPReverse ARP
•Map Ethernet IP
Ethernet: 0800.0020.1111IP: 172.16.3.25
Ethernet: 0800.0020.1111 IP = ???
What is my IP address?
I heard that broadcast. Your IP address is 172.16.3.25.
Bootstrap Protocol Bootstrap Protocol (BootP)(BootP)
• BootP stands for BootStrap Protocol.• BootP is used by a diskless machine to learn the following:
• Its own IP address• The IP address and host name of a server machine.
• The boot filename of a file that is to be loaded into memory and executed at boot-up.
• BootP is an old program and is now called the DHCP.
Bootstrap Protocol Bootstrap Protocol (BootP)(BootP)
• BootP stands for BootStrap Protocol.• BootP is used by a diskless machine to learn the following:
• Its own IP address• The IP address and host name of a server machine.
• The boot filename of a file that is to be loaded into memory and executed at boot-up.
• BootP is an old program and is now called the DHCP.
DHCP (Dynamic Host DHCP (Dynamic Host Configuration Protocol)Configuration Protocol)
• The DHCP server dynamically assigns IP address to hosts.
• All types of Hardware can be used as a DHCP server, even a Cisco Router.
• BootP can also send an operating system that a host can boot from. DHCP can not perform this function.
• Following information is provided by DHCP while host registers for an IP address:
• IP Address• Subnet mask• Domain name• Default gateway (router)• DNS
Internet Control Internet Control Message Message ProtocolProtocol
Application
Transport
Internet
Data-Link
Physical
Destination Unreachable
Echo (Ping)
Other
ICMP1
•ICMP messages are carried in IP datagrams and used to send error and control messages.
ICMP PingICMP Ping
Transport Layer Transport Layer OverviewOverview
Transmission ControlProtocol (TCP)
User Datagram Protocol (UDP)
Application
Transport
Internet
Data-Link
Physical
Connection-Oriented
Connectionless
Transmission Control Protocol Transmission Control Protocol (TCP)(TCP)
• TCP works at Transport Layer
• TCP is a connection oriented protocol.
• TCP is responsible for breaking messages into segments and reassembling them.
• Supplies a virtual circuit between end-user application.
TCP Segment FormatTCP Segment Format
Source Port (16) Destination Port (16)
Sequence Number (32)
HeaderLength (4)
Acknowledgment Number (32)
Reserved (6) Code Bits (6) Window (16)
Checksum (16) Urgent (16)
Options (0 or 32 if Any)
Data (Varies)
20Bytes
Bit 0 Bit 15 Bit 16 Bit 31
TCP Segment FormatTCP Segment Format• Source port – Number of the calling port
• Destination Port – Number of the called port
• Sequence Number – Number used to ensure correct sequencing of the arriving data
• Acknowledgement Number – Next expected TCP octet
• Header Length – Length of the TCP header
• Reserved – Set to zero
• Code Bits – Control Functions (setup and termination of a session)
• Window – Number of octets that the sender is willing to accept
• Checksum – Calculated checksum of the header and data fields
• Urgent Pointer – Indication of the end of the urgent data
• Options – One option currently defined (maximum TCP segment size)
• Data – Upper layer protocol data
Port NumbersPort Numbers
TCP
Port Numbers
FTP
TransportLayer
TELNET
DNS
SNMP
TFTP
SMTP
UDP
ApplicationLayer
21 23 25 53 69 161
RIP
520
TCP Port NumbersTCP Port NumbersSource
PortDestination
Port …
Host A
1028 23 …SP DP
Host ZTelnet Z
Destination port = 23.Send packet to my
Telnet application.
Send SYN (seq = 100 ctl = SYN)
SYN Received
Send SYN, ACK (seq = 300 ack = 101 ctl = syn,ack)
Established(seq = 101 ack = 301 ctl = ack)
Host A Host B
1
2
3
SYN Received
TCP Three-Way TCP Three-Way Handshake/Open ConnectionHandshake/Open Connection
• Window Size = 1
Sender Receiver
Send 1 Receive 1
Receive ACK 2 Send ACK 2
Send 2Receive 2
Receive ACK 3Send ACK 3
Send 3Receive 3
Receive ACK 4 Send ACK 4
TCP Simple TCP Simple AcknowledgmentAcknowledgment
TCP Sequence and TCP Sequence and Acknowledgment Acknowledgment
NumbersNumbersSource
PortDestination
Port …Sequence Acknowledgment
1028 23
Source Dest.
1111
Seq.
2
Ack.
1028 23
Source Dest.
1010
Seq.
1
Ack.
102823
Source Dest.
1111
Seq.
1
Ack.
.
I just got number10, now I need number 11.
I justsent number10
Window Size = 3Send 2
TCP WindowingTCP WindowingSender Window Size = 3
Send 1
Window Size = 3Send 3
ACK 3Window Size = 2
Packet 3 IsDropped
Window Size = 3Send 4
Window Size = 3Send 3
ACK 5Window Size = 2
ReceiverWindow Size = 3
UDP (User Datagram UDP (User Datagram Protocol)Protocol)
• A connectionless and unacknowledged protocol.• UDP is also responsible for transmitting messages.• But no checking for segment delivery is provided. • UDP depends on upper layer protocol for reliability.• TCP and UDP uses Port no. to listen to a particular
services.
• No sequence or acknowledgment fields
UDP Segment UDP Segment FormatFormat
Source Port (16) Destination Port (16)
Length (16)
Data (if Any)
1Bit 0 Bit 15 Bit 16 Bit 31
Checksum (16)
8Bytes
UDP Segment UDP Segment FormatFormat
• Source port – Number of the calling port
• Destination Port – Number of the called port
• Length – Number of bytes, including header and data
• Checksum – Calculated checksum of the header and data fields
• Data – Upper layer protocol data
Application Layer Application Layer OverviewOverview
*Used by the Router
Application
Transport
Internet
Data-Link
Physical
File Transfer- TFTP*- FTP*- NFS
E-Mail- SMTP
Remote Login- Telnet*- rlogin*
Network Management- SNMP*
Name Management- DNS*
TelnetTelnet• Telnet is used for Terminal Emulation. • It allows a user sitting on a remote machine to access the resources of another machine.
• It allows you to transfer files from one machine to another.
• It also allows access to both directories and files.
• It uses TCP for data transfer and hence slow but reliable.
Network File System Network File System (NFS)(NFS)
• It is jewel of protocols specializing in file sharing.• It allows two different types of file systems to interoperate.• This is striped down version of FTP.• It has no directory browsing abilities.• It can only send and receive files.
• It uses UDP for data transfer and hence faster but not reliable.
LPD (Line Printer LPD (Line Printer Daemon)Daemon)
• The Line Printer Protocol is designed for Printer sharing.
• The LPD along with the LPR (Line Printer Program) allows print jobs to spooled and sent to the network’s printers using TCP/IP.
X Window• X-windows defines a protocol for the
writing of graphical user interface-based client/Server application.
Simple Network Simple Network Management ProtocolManagement Protocol• SNMP enable a central management of
Network.• Using SNMP an administrator can watch the
entire network.• SNMP works with TCP/IP.• IT uses UDP for transportation of the data.
DNS (Domain Name DNS (Domain Name Service)Service)
• DNS resolves FQDNs with IP address.• DNS allows you to use a domain name to
specify and IP address.• It maintains a database for IP address and
Hostnames.• On every query it checks this database and
resolves the IP.
© 2002, Cisco Systems, Inc. All rights reserved.
– Unique addressing allows communication between end stations.
– Path choice is based on destination address.• Location is represented by an address
Introduction to TCP/IP Introduction to TCP/IP AddressesAddresses
172.18.0.2
172.18.0.1
172.17.0.2172.17.0.1
172.16.0.2
172.16.0.1
SA DAHDR DATA
10.13.0.0 192.168.1.010.13.0.1 192.168.1.1
IPv4 AddressingIPv4 Addressing
• 32-bit addresses• Commonly expressed in dotted
decimal format (e.g., 192.168.10.12)• Each “dotted decimal” is commonly
called an octet (8 bits)
IP AddressingIP Addressing
255 255 255 255
DottedDecimal
Maximum
Network Host
32 bits
IP AddressingIP Addressing
255 255 255 255
DottedDecimal
Maximum
Network Host
128 64 32 16 8 4 2 1
11111111 11111111 11111111 11111111Binary
32 bits
1 8 9 16 17 24 25 32
128 64 32 16 8 4 2 1
128 64 32 16 8 4 2 1
128 64 32 16 8 4 2 1
IP AddressingIP Addressing
255 255 255 255
DottedDecimal
Maximum
Network Host
128 64 32 16 8 4 2 1
11111111 11111111 11111111 11111111
10101100 00010000 01111010 11001100
Binary
32 bits
172 16 122 204ExampleDecimalExampleBinary
1 8 9 16 17 24 25 32
128 64 32 16 8 4 2 1
128 64 32 16 8 4 2 1
128 64 32 16 8 4 2 1
•Class A:
•Class B:
•Class C:
•Class D: Multicast
•Class E: Research
IP Address ClassesIP Address ClassesNetwork Host Host Host
Network Network Host Host
Network Network Network Host
8 bits 8 bits 8 bits 8 bits
IP Addressing—Class IP Addressing—Class AA
• 10.222.135.17• Network # 10• Host # 222.135.17• Range of class A network IDs: 1–126• Number of available hosts: 16,777,214
IP Addressing—Class IP Addressing—Class BB
• 128.128.141.245• Network # 128.128• Host # 141.245• Range of class B network IDs:
128.1–191.254• Number of available hosts: 65,534
IP Addressing—Class IP Addressing—Class CC
• 192.150.12.1• Network # 192.150.12• Host # 1• Range of class C network IDs:
192.0.1–223.255.254• Number of available hosts: 254
IP Network Address IP Network Address ClassesClasses
0000000001111111
10111111
1111111111011111
00000000 00000000
11111111
11111111 00000000 00000000
00000000
# Networks
126
16,384
2,097,152
# Hosts
254
65,534
16,777,214
Class
ABC
Class A 35.0.0.0
Class B 128.5.0.0
Class C 132.33.33.0 Network Address Space
Host Address Space
Example
IP Address ClassesIP Address Classes1
Class A:Bits:
0NNNNNNN Host Host Host8 9 16 17 24 25 32
Range (1-126)1
Class B:Bits:
10NNNNNN Network Host Host8 9 16 17 24 25 32
Range (128-191)1
Class C:Bits:
110NNNNN Network Network Host
8 9 16 17 24 25 32
Range (192-223)1
Class D:Bits:
1110MMMM Multicast Group Multicast Group Multicast Group
8 9 16 17 2425 32
Range (224-239)
Private Private AddressesAddresses
• Class A – 10.0.0.0 to 10.255.255.255• Class B – 172.16.0.0 to 172.31.255.255• Class C – 192.168.0.0 to 192.168.255.255
11111111
Determining Available Determining Available Host AddressesHost Addresses
172 16 0 0
10101100 00010000 00000000 0000000016 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1
Network Host
00000000 00000001
11111111 11111111 11111111 11111110
...... 00000000 00000011
11111101
123
655346553565536-
...
265534
N
2N-2 = 216-2 = 65534
Subnet MaskSubnet Mask
172 16 0 0
255 255 0 0
255 255 255 0
IPAddress
DefaultSubnet
Mask
8-bitSubnet
Mask
Network Host
Network Host
Network Subnet Host
Also written as “/16” where 16 represents the number of 1s in the mask.
Also written as “/24” where 24 represents the number of 1s in the mask.
11111111 11111111 00000000 00000000
Decimal Equivalents of Bit Decimal Equivalents of Bit PatternsPatterns
1 0 0 0 0 0 0 0 = 128
1 1 0 0 0 0 0 0 = 192
1 1 1 0 0 0 0 0 = 224
1 1 1 1 0 0 0 0 = 240
1 1 1 1 1 0 0 0 = 248
1 1 1 1 1 1 0 0 = 252
1 1 1 1 1 1 1 0 = 254
1 1 1 1 1 1 1 1 = 255
128 64 32 16 8 4 2 1
16
Network Host
172 0 0
10101100
11111111
10101100
00010000
11111111
00010000
00000000
00000000
10100000
00000000
00000000
•Subnets not in use—the default
00000010
Subnet Mask without Subnet Mask without SubnetsSubnets
172.16.2.160
255.255.0.0
NetworkNumber
•Network number extended by eight bits
Subnet Mask with Subnet Mask with SubnetsSubnets
16
Network Host
172.16.2.160
255.255.255.0
172 2 0
10101100
11111111
10101100
00010000
11111111
00010000
11111111
00000010
10100000
00000000
00000000
00000010
Subnet
NetworkNumber
128
192
224
240
248
252
254
255
Subnet Mask with Subnets Subnet Mask with Subnets (cont.)(cont.)
Network Host
172.16.2.160
255.255.255.192
10101100
11111111
10101100
00010000
11111111
00010000
11111111
00000010
10100000
11000000
10000000
00000010
Subnet
•Network number extended by ten bits
16172 2 128NetworkNumber
128
192
224
240
248
252
254
255
128
192
224
240
248
252
254
255
Addressing Summary Addressing Summary ExampleExample
16172 2 160
10101100 00010000 1010000000000010 Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
4
1
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
00010000
11111111 11111111
10100000
11000000
00000010 Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
00010000
11111111 11111111
10100000
11000000
00000010 Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
3
7
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
00010000
11111111 11111111
10100000
11000000
10000000
00000010 Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
3
4
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
00010000
11111111 11111111
10100000
11000000
10000000
00000010
10111111
Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
3
4
56
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
00010000
11111111 11111111
10100000
11000000
10000000
00000010
10111111
10000001
Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
3
4
56
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
00010000
11111111 11111111
10100000
11000000
10000000
00000010
10111111
10000001
10111110
Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
3
4
56
7
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
10101100
00010000
11111111
00010000
11111111
00000010
10100000
11000000
10000000
00000010
10101100 00010000 00000010 10111111
10101100 00010000 00000010 10000001
10101100 00010000 00000010 10111110
Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
1
2
3
4
56
7
8
16172 2 160
Addressing Summary Addressing Summary ExampleExample
10101100
11111111
10101100
00010000
11111111
00010000
11111111
00000010
10100000
11000000
10000000
00000010
10101100 00010000 00000010 10111111
10101100 00010000 00000010 10000001
10101100 00010000 00000010 10111110
Host
Mask
Subnet
Broadcast
Last
First
172.16.2.160
255.255.255.192
172.16.2.128
172.16.2.191
172.16.2.129
172.16.2.190
1
2
3
4
56
7
89
16172 2 160