ENC_254_PPT_ch04.pdf

Network+ Guide to Networks
6th Edition
Chapter 4
Introduction to TCP/IP Protocols

Objectives
• Identify and explain the functions of the core
TCP/IP protocols
• Explain the TCP/IP model and how it
corresponds to the OSI model
• Discuss addressing schemes for TCP/IP in IPv4
and IPv6 and explain how addresses are
assigned automatically using DHCP (Dynamic
Host Configuration Protocol)
Network+ Guide to Networks, 6th Edition 2

Objectives (cont’d.)
• Describe the purpose and implementation of
DNS (Domain Name System)
• Identify the well-known ports for key TCP/IP
services
• Describe how common Application layer TCP/IP
protocols are used

Characteristics of TCP/IP (Transmission
Control Protocol/Internet Protocol)
• Protocol Suite
– Referred to as “IP” or “TCP/IP”
– Subprotocols include TCP, IP, UDP, ARP and many
others
• Developed by US Department of Defense
– ARPANET (1960s)
• Internet precursor

Characteristics of TCP/IP (cont’d.)
• Advantages of TCP/IP
– Open nature
• Costs nothing to use
– Flexible
• Runs on virtually any platform
• Connects dissimilar operating systems and devices
– Routable
• Transmissions carry Network layer addressing
information
• Suitable for large networks

The TCP/IP Model
• Four layers
– Application layer
– Transport layer
– Internet layer
– Network access layer (or Link layer)

Figure 4-1 The TCP/IP model compared with the OSI model
Courtesy Course Technology/Cengage Learning

The TCP/IP Core Protocols
• Certain subprotocols of the TCP/IP suite, called
TCP/IP core protocols.
– Operate in Transport or Network layers of OSI model
– Provide basic services to protocols in other layers
• Most significant protocols in TCP/IP suite
– TCP
– IP

TCP (Transmission Control Protocol)
• Transport layer protocol
• Provides reliable data delivery services
– Connection-oriented subprotocol
• Establish connection before transmitting
• Uses sequencing and checksums
• Provides flow control
• TCP segment format
– Is the entity that becomes encapsulated by the IP
packet in the Network layer (and, thus, becomes the
IP packet’s data)

Figure 4-2 A TCP segment

Table 4-1 Fields in a TCP
segment
Courtesy Course
Technology/Cengage Learning

Figure 4-3 TCP segment data

TCP (cont’d.)
• Three segments establish connection
• Computer A issues message to Computer B
– Sends segment with SYN bit set
• SYN field: Random synchronize sequence number
• Computer B receives message
– Sends segment
• ACK field: sequence number Computer A sent plus 1
• SYN field: Computer B random number

TCP (cont’d.)
• Computer A responds
– Sends segment
• ACK field: sequence number Computer B sent plus 1
• SYN field: Computer B random number
• FIN flag indicates transmission end

Figure 4-4 Establishing a TCP connection

UDP (User Datagram Protocol)
• Transport layer protocol
• Provides unreliable data delivery services
– Connectionless transport service
– No assurance packets received in correct sequence
– No guarantee packets received at all
– No error checking, sequencing
– Lacks sophistication
• More efficient than TCP
• Useful situations
– Great volume of data transferred quickly

Figure 4-5 A UDP segment

IP (Internet Protocol)
• Network layer protocol
– How and where data delivered, including:
• Data’s source and destination addresses
• IP belongs to Internet layer of TCP/IP model
• IP enables TCP/IP to internetwork
– Traverse more than one LAN segment
• More than one network type through router
• Network layer data formed into packets or datagrams
– IP packet
• Data envelope
• Contains information for routers to transfer data between
different LAN segments

IP (cont’d.)
• Two versions
– IPv4: unreliable, connectionless protocol
– IPv6
• Newer version of IPv6
– IP next generation
– Released in 1998
• Advantages of IPv6
– Provides billions of additional IP addresses
– Better security and prioritization provisions

Figure 4-6 An IPv4 packet

Figure 4-8 An IPv6 packet header

IGMP (Internet Group Management
Protocol)
• Operates at Network layer of OSI model
• Manages multicasting on networks running IPv4
• Multicasting
– Point-to-multipoint transmission method
– One node sends data to a group of nodes
– Used for Internet teleconferencing or
videoconferencing

ARP (Address Resolution Protocol)
• Used with IPv4
• Obtains MAC (physical) address of host or node
• Creates database that maps MAC to host’s IP
address
• ARP table
– Table of recognized MAC-to-IP address mappings
– Saved on computer’s hard disk
– Increases efficiency
– Contains dynamic and static entries

ARP (Cont’d.)
• Dynamic ARP table entries are created when a client makes
an ARP request that cannot be satisfied by data already in the
ARP table.
• Static ARP table entries are those that someone has
entered manually using the ARP utility.
• The ARP utility, accessed via the arp command from a
Windows command prompt, provides a way of obtaining
information from and manipulating a device’s ARP table.
• Using arp -a you can view a Windows workstation’s ARP
table.
• ARP can be a valuable troubleshooting tool for discovering
the identity of a machine whose IP address you know, or for
identifying the problem of two machines trying to use the
same IP address.

ICMP (Internet Control Message
Protocol)
– Reports on data delivery success/failure
• Announces transmission failures to sender
– Network congestion
– Data fails to reach destination
– Data discarded: TTL expired
• ICMP cannot correct errors (TCP do error correction)
– Provides critical network problem troubleshooting
information
• ICMPv6 used with IPv6

Difference between IPv4 and IPv6
• IGMP and ARP, are used only on IPv4 networks. The
functions they provide have become part of the IPv6 protocol
and no longer need to be provided by separate Network layer
protocols.
• IPv6 relies on ICMPv6 (Internet Control Message Protocol
version 6) to perform the functions that ICMP, IGMP, and
ARP perform in IPv4.
• In other words, ICMPv6 detects and reports data transmission
errors, discovers other nodes on a network, and manages
multicasting.

IPv4 Addressing
• Networks recognize two addresses
– Logical (Network layer)
– Physical (MAC, hardware) addresses
• IP protocol handles logical addressing (=> often called IP
address)
• IP addresses are assigned and used according to very
specific parameters.
• Specific parameters
– Unique 32-bit number
• Divided into four octets (sets of eight bits) separated by
periods
• Example: 144.92.43.178
– Network class determined from first octet

Designing TCP/IP-Based Networks
Cont’d.
–Network+ Guide to Networks, 6th Edition –30
- IPv4 has 5 classes:
Class Type Beginning Octet
Class A 1 - 126
Class B 128 - 191
Class C 192 - 223
Class D 224 - 239
Class E 240 - 254

IPv4 Addressing (cont’d.)
• Class D, Class E rarely used (never assigned to
devices on the network)
– Class D: Multicasting
– Class E: Experimental use
• Eight bits have 256 combinations
– Networks use 1 through 254
– 0: reserved as placeholder
– 255: reserved for broadcast transmission

Designing TCP/IP-Based Networks Cont’d.
• Number of Networks = 2
• Number of Hosts/Network = 2 - 2
• 8 bits have 256 possible combinations only 1 → 254 used to identify
networks and hosts in IP address.
• 0 → reserved to act as a placeholder when referring to an entire group
of computers on a network.
Example: 10.0.0.0 represents all of the devices whose first octet is ‘10’.
• 255 → reserved for broadcast transmissions.
Example: sending a message to the address: 255.255.255.255 will send
a message to all devices connected to your network segment.
147.82.255.255 sends a message to all devices connected to the
147.82.0.0 network
(Number of bits in Network ID – Number of bits used to identify class)
Number of bits in Host ID
0
255

Table 4-4 Commonly used TCP/IP classes

• Class A devices
– Share same first octet (bits 0-7)
• Network ID
– Host: second through fourth octets (bits 8-31)
• Class B devices
– Share same first two octet (bits 0-15)
– Host: third through fourth octets (bits 16-31)
• Class C devices
– Share same first three octet (bits 0-23)
– Host: fourth octets (bits 24-31)

Designing TCP/IP-Based Networks
Cont’d.
– Networks may assign IP addresses dynamically

Figure 4-11 IPv4 addresses and their classes

Examples
–Network+ Guide to Networks, 6th Edition – 37
–Figure 9-2 Sample IPv4 addresses with classful addressing
–Courtesy Course Technology/Cengage Learning
. 0 . 0 . 0
. 0 . 0
. 0
IP range : 114.0.0.1 to 114.255.255.254
Broadcast IP : 114.255.255.255
IP range : 147.12.0.1 to 147.12.255.254
Broadcast IP : 147.12.255.255
IP range : 214.57.42.1 to 214.57.42.254
Broadcast IP : 214.57.42.255

• Loop back address
– First octet equals 127 (127.0.0.1)
• Loopback test
– Attempting to connect to own machine
– Powerful troubleshooting tool
• Windows XP, Vista
– ipconfig command
• Unix, Linux
– ifconfig command

Binary and Dotted Decimal Notation
• Dotted decimal notation
– Common way of expressing IP addresses
– Decimal number between 0 and 255 represents each octet
– Period (dot) separates each decimal
– Example: 131.65.10.18
• Dotted decimal address has binary equivalent
– Convert each octet
– Remove decimal points
– Example:
131.65.10.36 = 10000011 01000001 00001010 00100100

Subnet Mask
• 32-bit number identifying a device’s subnet
• Combines with device IP address
• Informs network about segment, network where
device attached
• Four octets (32 bits)
– Expressed in binary or dotted decimal notation
• Assigned same way as IP addresses
– Manually or automatically (via DHCP)

Subnet Mask (cont’d.)
Table 4-5 Default subnet masks

IPv6 Addressing
• Composed of 128 bits
• Eight 16-bit fields
• Typically represented in hexadecimal numbers (0-9, A-F)
– Separated by a colon (:)
– Example: FE22:00FF:002D:0000:0000:0000:3012:CCE3
• Abbreviations for multiple fields with zero values
– 00FF can be abbreviated FF
– 0000 can be abbreviated 0

IPv4 vs IPv6
– Two IP versions:
• IPv4 (expressed in binary or dotted (.) decimal)
– Four 8-bits octets (or bytes) => 32 bit
– Example: 192.168.70.6
– Loopback address = 127.0.0.1
• IPv6 (expressed in hexadecimal numbers separated by a
colon (:))
– Eight 16-bits fields => 128 bit
– Example: FF22:00FF:002D:0000:0000:0000:3012:CCE3
» = FF22:FF:2D:0:0:0:3012:CCE3
» = FF22:FF:2D::3012:CCE3
– Loopback address = 0:0:0:0:0:0:0:1 = ::1

• Unicast address
– An address that represents a single interface on a device.
– The type of address that would be assigned, for example, to a
workstation’s network adapter.
– unicast says “send to this one address”
• Multicast address
– Used for transmitting data to many different devices
simultaneously
– multicast says “send to every member of this group”
• Anycast address
– Represents any one interface from a group of interfaces
– anycast says “send to any one member of this group”
• Modern devices and operating systems can use both IPv4 and IPv6

• In IPv6, each address contains a Format Prefix, or a
variable-length field at the beginning of the address
that indicates what type of address it is—unicast,
multicast, or anycast.
– Link-local unicast address begins with the hexadecimal
string FE80.
– A site-local unicast address begins with FEC0.
– A multicast address begins with FF0x, where x is a
character that corresponds to a group scope ID.
• Link-local multicast address is FF02
• Global multicast address is FF0E

Assigning IP Addresses
• Government-sponsored organizations
– Dole out IP addresses
– IANA, ICANN, RIRs
• Companies, individuals
– Obtain IP addresses from ISPs
• Every network node must have unique IP address
– Error message otherwise

Assigning IP Addresses (cont’d.)
• Static IP address
– Manually assigned
– To change: modify client workstation TCP/IP
properties
– Human error causes duplicates
• Dynamic IP address
– Assigned automatically
– Most common method
• Dynamic Host Configuration Protocol (DHCP)

DHCP (Dynamic Host Configuration
Protocol)
• Automatically assigns device a unique IP address
• Application layer protocol
• Reasons for implementing
– Reduce time and planning for IP address
management
– Reduce potential for error in assigning IP addresses
– Enable users to move workstations and printers
– Make IP addressing transparent for mobile users

DHCP (cont’d.)
• DHCP leasing process
– Device borrows (leases) an IP address while attached
to network
• Lease time
– Determined when client obtains IP address at log on
– User may force lease termination
• DHCP service configuration
– Specify leased address range
– Configure lease duration
• Several steps to negotiate client’s first lease

Figure 4-14 The DHCP leasing process

DHCP (cont’d.)
• Terminating a DHCP Lease
– Expire based on period established in server
configuration
– Manually terminated at any time
• Client’s TCP/IP configuration
• Server’s DHCP configuration
• Circumstances requiring lease termination
– DHCP server fails and replaced
• DHCP services run on several server types
– Installation and configurations vary

Sockets and Ports
• Processes assigned unique port numbers
• Process’s socket (Port number + IP address)
– Port number plus host machine’s IP address
– Sockets form virtual connections between a process on
one computer and the same process running on another
computer
• Port numbers
– Simplify TCP/IP communications
– Ensures data transmitted correctly to the correct
application
• Example
– Telnet port number: 23
– IPv4 host address: 10.43.3.87
– Socket address: 10.43.3.87:23

Figure 4-15 A virtual connection for the telnet service

Sockets and Ports (cont’d.)
• Port number range: 0 to 65535
• Divided by IANA into three types:
– Well Known Ports
• Range: 0 to 1023
• Operating system or administrator use
• The earliest TCP/IP protocols use Well know ports,
such as TCP, UDP, Telnet, and FTP
– Registered Ports
• Range: 1024 to 49151
• Network users, processes with no special privileges
– Dynamic and/or Private Ports
• Range: 49152 through 65535
• No restrictions

Table 4-6 Commonly used TCP/IP port numbers
→
→
→
→
→
→

Sockets and Ports (cont’d.)
• Port numbers are assigned either by the operating system or
by software programs that rely on them.
• Servers maintain an editable, text-based file of port numbers
and their associated services.
• If you have administrative you can change which port number
a service uses.
– Example, change the default port number for Telnet on your
server from 23 to 2330.
– This is rarely a good idea because it violates the standard and
means that processes programmed to use a standard port will
not be able to communicate with your machine.
– Nevertheless, some network administrators who are preoccupied
with security may change their servers’ port numbers in an
attempt to confuse people with malicious intent who try
connecting to their devices through conventional sockets.

Host Names and DNS
(Domain Name System)
• TCP/IP addressing
– Long, complicated numbers
– Good for computers
• People remember words better
– Internet authorities established Internet node naming
system
• Host
– Internet device
• Host name
– Name describing device
– Example: “Huda Ahmed” might name her workstation as
“Huda.”

Domain Names
• Domain
– Every host is a member of a domain
– Domain is group of computers belonging to same organization
– Share common part of IP address
• Domain name
– Identifies domain
– Associated with company, university, government organization
– Example:
• IBM’s domain name is ibm.com
• United States Library of Congress’s domain name is loc.gov
• Fully qualified host name = local host name + its domain name
– Also known as its fully qualified domain name (FQDN(.
– Example: The fully qualified host name for the Library of
Congress’s blog Web site is blogs.loc.gov

Domain Names (cont’d.)
• A domain name is represented by a series of character
strings, called labels.
• Label
– Separated by dots
– Each label represents a level in domain naming hierarchy
• Example: www.google.com
– Top-level domain (TLD): com
– Second-level domain: google
– Third-level domain: www
• Second-level domain
– May contain multiple third-level domains
– Example: Google owns the following domains:
www.google.com, news.google.com, maps.google.com,
and mail.google.com.
• ICANN established domain naming conventions

Table 4-7 Some well-known top-level domains
→
→
→
→
→
→
→
→

Domain Names (cont’d.)
• ICANN approved over 240 country codes
• Host and domain names restrictions
– Any alphanumeric combination up to 253 characters
– Include hyphens (-), underscores (_), periods (.) in
name
– No other special characters

Host Files
• The entire network relied on HOSTS.TXT to associate host
names with IP addresses
• Advanced Research Projects Agency Network (ARPAnet)
used HOSTS.TXT file
– Associated host names with IP addresses
– Host matched by one line
• Identifies host’s name, IP address
• Alias provides nickname
• UNIX-/Linux-based computer
– Host file called hosts, located in the /etc directory
• Windows computer
– Host file called hosts
– Located in Windowssystem32driversetc folder

Figure 4-16 Sample host file

Host Files (Cont’d.)
• A simple host file can satisfy the needs of a small
organization
• However, it is not sufficient for large organizations,
much less for the Internet. Instead, an automated
solution is mandatory.

DNS (Domain Name System)
• DNS is a hierarchical way of associating domain names with
IP addresses
• Also called Domain Name Service
• DNS refers to both:
– Application layer service accomplishing association
– Organized system of computers, databases making
association possible
• DNS redundancy
– The DNS service does not rely on one file or even one
server, but rather on many computers across the globe
– Many computers across globe related in hierarchical
manner
– Root servers
• 13 computers (ultimate authorities)

DNS (cont’d.)
• DNS service is divided into three components:
– Resolvers
• Any hosts on Internet needing to look up domain name
information
– Name servers (DNS servers)
• Are servers that contain databases of associated
names, IP addresses
• Provide information to resolvers on request
– Namespace
• Abstract database of Internet IP addresses, associated
names
• Describes how name servers of the world share DNS
information
• DNS namespace relies on multiple sources to resolve
host names and IP addresses.

Courtesy Course
Technology/Cengage Learning
Figure 4-17 Domain name
resolution

DDNS (Dynamic DNS)
• Used in Website hosting
– Manually changing DNS records unmanageable
• Process
– In DDNS, a service provider runs program on user’s
computer
• Notifies service provider when IP address changes
– Service provider’s server launches routine to automatically
update DNS record
• Effective throughout Internet in minutes
• DDNS is not DNS replacement but is an additional
service.
• Larger organizations buy statically assigned IP address
because of the slight delay in DNS record propagation
caused each time an IP address changes

Application Layer Protocols
• Application layer protocols work over TCP or UDP
plus IP
– Translate user requests into format readable by
network
• HTTP
– Application layer protocol central to using Web
• DHCP
– Automatic address assignment
• Additional Application layer protocols exist

Telnet
• Terminal emulation protocol
– Log on to remote hosts
• Using TCP/IP protocol suite
– TCP connection established
• Keystrokes on user’s machine act like keystrokes on
remotely connected machine
• Often connects two dissimilar systems
• Can control remote host
• Drawback
– Notoriously insecure

FTP (File Transfer Protocol)
• Send and receive files via TCP/IP
• In FTP exchanges, a host running the FTP server
portion accepts commands from another host
running the FTP client portion.
• FTP clients come with a set of simple commands
that make up their user interfaces.
• To exchange data, the client depends on an FTP
server that is always waiting for requests. After a
client connects to the FTP server, FTP data are
exchanged via TCP, which means that FTP provides
some assurance of delivery.

FTP (Cont’d.)
• FTP commands will work from your operating
system’s command prompt; they do not require
special client software.
• FTP hosts allow anonymous logons
• Secure FTP (SFTP)
– More secure version of FTP
– Will be covered in Chapter 11

TFTP (Trivial File Transfer Protocol)
• Enables file transfers between computers
– Simpler (more trivial) than FTP
• TFTP relies on Transport layer UDP
– Connectionless
– Does not guarantee reliable data delivery
• No ID or password required
– Security risk
• No directory browsing allowed
• Useful to load data, programs on diskless
workstation

NTP (Network Time Protocol)
• Synchronizes network computer clocks
• Depends on UDP Transport layer services
– Benefits from UDP’s quick, connectionless nature
• NTP is time sensitive and cannot wait for error checking
• Time synchronization importance
– Routing
– Time-stamped security methods
– Maintaining accuracy, consistency between multiple
storage systems

PING (Packet Internet Groper)
• Provides verification
– TCP/IP installed, bound to NIC, configured correctly,
communicating with network
– Host responding
• Uses ICMP services
– Send echo request and echo reply messages
• Determine IP address validity
• Ping IP address or host name: ping 192.168.80.5
ping www.cnn.com
• Ping loopback address: ping 127.0.0.1
– Determine if workstation’s TCP/IP services running

PING (cont’d.)
• Operating system determines PING command
options, switches, syntax
Figure 4-19 Output from successful and unsuccessful PING

Summary
• Protocols define standards for network
communication
– TCP/IP suite most popular
• TCP: connection-oriented subprotocol
• UDP: efficient, connectionless service
• IP provides information about how and where to
deliver data
• IPv4 addresses: unique 32-bit numbers
• IPv6 addresses: composed of eight 16-bit fields
• DHCP assigns addresses automatically
• DNS tracks domain names and their addresses

ENC_254_PPT_ch04.pdf

Recommended

Recommended

More Related Content

Similar to ENC_254_PPT_ch04.pdf

Similar to ENC_254_PPT_ch04.pdf (20)

Recently uploaded

Recently uploaded (20)

ENC_254_PPT_ch04.pdf