Introduction to TCP/IP Networking

Thanks to:

Dr. Indrajit Ray, CSU
Dr. James Walden, NKU
Russ Wakefield, CSU

for the contents of these slides.

Communications Architecture

The complexity of the communication task is reduced by using multiple protocol layers:
- Each protocol is implemented independently
- Each protocol is responsible for a specific subtask
- Protocols are grouped in a hierarchy
A structured set of protocols is called a communications architecture or protocol suite

Divide & Conquer

It’s all about divide & conquer, or delegation.
Don’t try to do everything at once.
Break a big problem apart into smaller sub-problems.
Networking is enormously difficult, so we break it into layers.

Layers Example

Back at HP, my boss would trust me to write the program that he wanted.
I trust the compiler to accurately translate my C code to machine language instructions.
I trust the cpu to accurately decode & execute instructions.
The cpu assumes that it will have reliable DC power from the power supply.
The power supply assumes that the outlet will supply 120VAC.
and so on

Each layer assumes that the layer below it will do its job.

TCP/IP Protocol Suite

The TCP/IP protocol suite is the protocol architecture of the Internet
The TCP/IP suite has four layers:
- Application
- Transport
- Network
- Data Link
Mnemonic aids:
- attend (pay attention)
- atoned (they should have atoned for this)
End systems (hosts) implement all four layers.
Gateways (Routers) only have the bottom two layers.

The Layers

Old OSI Model	TCP/IP Hierarchy	Protocols
7: Application Layer	Application Layer	domain (DNS, hostname→IP address) http, https (web pages) pop3, imap, smtp (email) ntp (time synchronization) ssh (remote login/file copy) x11 (X Window System)
6: Presentation Layer
5: Session Layer
4: Transport Layer	Transport Layer	TCP (connection-oriented reliable packets) UDP (hope & luck)
3: Network Layer	Network Layer	IP (it all boils down to this)
2: Link Layer	Link Layer (alias Data Link Layer)	ARP (Mac address→IP address) Ethernet PPP
1: Physical Layer	Link Layer (alias Data Link Layer)	ARP (Mac address→IP address) Ethernet PPP

Functions of the Layers

Application Layer:
- Service: Application specific (delivery of email, retrieval of HTML documents, reliable transfer of file)
- Functions: Application specific
Transport Layer:
- Service: Delivery of data between hosts
- Functions: Connection establishment/termination, error control, flow control
Network Layer:
- Service: Move packets from source host to destination host
- Functions: Routing, addressing
Data Link Layer:
- Service: Reliable transfer of frames over a physical medium
- Functions: Framing, media access control, error checking

Assignment of Protocols to Layers

Application Layer:
- ping application, HTTP, SSH, DNS, SNMP, SMTP, DHCP
Transport Layer:
- TCP, UDP
Network Layer:
- IP, ICMP
Data Link Layer:
- ARP, Ethernet

Layered Communications

An entity of a particular layer can only communicate with:
1. a peer layer entity using a common protocol (Peer Protocol)
2. adjacent layers to provide services and to receive

┌──────────────────┐   Layer N+1 protocol  ┌──────────────────┐
│ Layer N+1 entity │<–––––––––––––––––––––>│ Layer N+1 entity │
└──────────────────┘                       └──────────────────┘
  │             ∧                             │             ∧
  ∨             │                             ∨             │
┌──────────────────┐   Layer N protocol    ┌──────────────────┐
│ Layer N entity   │<–––––––––––––––––––––>│ Layer N entity   │
└──────────────────┘                       └──────────────────┘
  │             ∧                             │             ∧
  ∨             │                             ∨             │
┌──────────────────┐   Layer N-1 protocol  ┌──────────────────┐
│ Layer N-1 entity │<–––––––––––––––––––––>│ Layer N-1 entity │
└──────────────────┘                       └──────────────────┘

Layered Communications

A layer N+1 entity sees the lower layers only as a service provider:

┌──────────────────┐   Layer N+1 protocol  ┌──────────────────┐
│ Layer N+1 entity │<–––––––––––––––––––––>│ Layer N+1 entity │
└──────────────────┘                       └──────────────────┘
  │                                                         ∧
  │                                                         │
  │request                                          indicate│
  │delivery                                         delivery│
  │                                                         │
  ∨                                                         │
┌─────────────────────────────────────────────────────────────┐
│                    Service provider                         │
└─────────────────────────────────────────────────────────────┘

Application View of Networking

Application job: write the web browser (client) or web server (server)

    ┌─────────┐           ┌──────────┐           ┌──────┐
    │ laptop  │           │          │           │      │
    │ running │···········│ Internet │···········│ eBay │
    │ browser │           │          │           │      │
    └─────────┘           └──────────┘           └──────┘

Assume network provides way to send a messages between hosts.

Don’t know or care how the messages are sent.
Do care about:
- Does the network provide a connection or is it connectionless?
- Are messages reliable?
- Who/what provides flow control? (speed of sending messages)

Transport View of Networking

Transport job: implement the connection-(oriented/less) service

    ┌─────────┐           ┌──────────┐           ┌──────┐
    │ laptop  │           │          │           │      │
    │ running │···········│ Internet │···········│ eBay │
    │ browser │           │          │           │      │
    └─────────┘           └──────────┘           └──────┘

Assume application handles message content.
Don’t know or care about the content of the messages.
Don’t know or care how the messages get from source to destination
Do care about:
- How to provide a connection or connectionless service?
- How to make the transport connection reliable?
- How to handle congestion and flow control in the network?

Network Layer View

Network layer job: get a message from a source to a destination

    ┌─────────┐
    │ laptop  │     ┌───────┐    ┌───────┐    ┌───────┐
    │ running │·····│ ISP A │····│ ISP B │····│ ISP C │
    │ browser │     └───────┘    └───────┘    └───────┘
    └─────────┘         :            :            :
        	        :            :            :
                    ┌───────┐    ┌───────┐    ┌───────┐      ┌──────┐
                    │ ISP D │····│ ISP E │····│ ISP F │······│ eBay │
                    └───────┘    └───────┘    └───────┘      └──────┘

Assume higher layers handle message content, reliability.
Care about:
- How to provide a best effort attempt to deliver packets?
- Routing: A→B→C→F→eBay, A→D→E→F→eBay, A→B→E→F→eBay, or what?

Link Layer View of Networking

Link Layer job: get a message sent across some medium

    ┌────────┐                             ┌────────┐
    │ host A │·····························│ host B │
    └────────┘      direct connection      └────────┘

Only care about how to get message from A to B across this link.
Link can be twisted pair, coaxial, fiber optic, radio, infrared, etc.
Has to deal with messy physical stuff:
- voltage levels
- radio signals
- noisy connections

Exchange of Data

The unit of data sent between peer entities is called a Protocol Data Unit (PDU)
For now, let us think of a PDU as a single packet

        ┌─────────┐           ┌───────────┐           ┌─────────┐
      A │ Layer N │           │    PDU    │         B │ Layer N │
        │ entity  │···········│ (layer N) │···········│ entity  │
        └─────────┘           └───────────┘           └─────────┘

Scenario: Layer-N at A sends a layer-N PDU to layer-N at B
What actually happens:
- A’s layer-N passes the PDU to layer-N-1
- Layer-N-1 entity at A constructs its own (layer-N-1) PDU which it sends to the layer-N-1 entity at B
- PDU at layer-N-1 = layer-N-1 Header + layer-N PDU

Love Letters

My wife is visiting her family in France, and I miss her terribly, so I write a passionate love letter:

Dear Wife,

Warmest regards. Lonely Husband

My wife cares only about this three-line message.
Can I just hand this to the postman? No, he wants an envelope!
The postman doesn’t care about the love letter—he only cares about the envelope.
Is that the only wrapper?

Example

Say that a web browser wants to see eBay’s home page. It might construct this 34-byte HTTP request:

GET / HTTP/1.1\r\nHost: ebay.com\r\n\r\n

However, to send this over a TCP connection, the Transport level adds a 20-byte header, so now we have this:

[TCP header][HTTP request]

Example

The Transport level hands this off to the Network level, which will create an IP packet with its own 20-byte header:

[IP header][TCP header][HTTP request]

The Network level hands this off to the Data Link layer, which will add its own overhead, depending on the medium:

[Frame header][IP header][TCP header][HTTP request][Frame footer]

Example

Packet					Protocol Level
			Data		Application
		TCP header	Data		Transport
	IP header	TCP header	Data		Network
Frame header	IP header	TCP header	Data	Frame footer	Data Link

When sending, each level treats the data from the previous level as a black box, an unintelligible blob of stuff, and adds its own header or footer.

Similarly, when receiving, each level removes its overhead.

Layers in the Example

┌──────────┐                                        ┌──────────┐
│   HTTP   │                                        │   HTTP   │
└──────────┘                                        └──────────┘
     │                                                   │
┌──────────┐                                        ┌──────────┐
│   TCP    │                                        │   TCP    │
└──────────┘                                        └──────────┘
     │                                                   │
┌──────────┐              ┌──────────┐              ┌──────────┐
│   IP     │              │    IP    │              │   IP     │
└──────────┘              └──────────┘              └──────────┘
     │                      │      │                     │
┌──────────┐      ┌──────────┐    ┌──────────┐      ┌──────────┐
│   Link   │······│   Link   │    │   Link   │······│   Link   │
└──────────┘      └──────────┘    └──────────┘      └──────────┘
   ct320-1           router	     acushla            salem
192.168.110.101  192.168.110.1    129.82.45.35      129.82.44.169

Layers and Services

Service provided by TCP to HTTP:
- reliable transmission of data over a logical connection
Service provided by IP to TCP:
- unreliable transmission of IP datagrams across an IP network
Service provided by Ethernet to IP:
- transmission of a frame across an Ethernet segment
Other services:
- DNS: translation between domain names and IP addresses
- ARP: Translation between IP addresses and MAC addresses

IP: Internet Protocol

0	1	2	3	4	5	6	7	8	9	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31
Version				IHL				Type of service								Total length
Identification																Flags				Fragment offset
Time to live								Protocol								Header checksum
Source IP address
Destination IP address
Options (optional)
IP data payload (many bytes)

Unreliable connectionless datagram delivery service
Responsible for routing of data through intermediate networks and computers

Protocol: 1=ICMP, 6=TCP, 17=UDP

IP Routing

┌─────────────┐                                   ┌─────────────┐
│ Application │                                   │ Application │
├─────────────┤                                   ├─────────────┤
│  Transport  │                                   │  Transport  │
├─────────────┤          ┌─────────────┐          ├─────────────┤
│   Network   │          │   Network   │          │   Network   │
├─────────────┤          ├─────────────┤          ├─────────────┤
│     Link    │··········│     Link    │··········│     Link    │
└─────────────┘          └─────────────┘          └─────────────┘

Every device that supports the Network Layer must have a Routing Table.
It’s a series of entries (a table) where each entry contains:
- Destination IP address (or range or pattern)
- IP address of a next-hop router
- Flags
- Network interface specification

ICMP : Internet Control Message Protocol

Used to report problems with delivery of IP Datagrams within an IP network
Used by ping, traceroute commands

ICMP Message
20 bytes	1 byte	1 byte	2 bytes	more bytes
IP header	Type	Code	Checksum	ICMP data

Echo Request (type=8, code=0)
Echo Reply (type=0, code=0)
Destination Unreachable (type=3, code=various)
Time Exceeded (type=11, code=0) : Time-To-Live=0

TCP : Transmission Control Protocol

0	1	2	3	4	5	6	7	8	9	10	11	12	13	14	15	16	17	18	19	20	21	22	23	24	25	26	27	28	29	30	31
Source port																Destination port
Sequence number
Acknowledgement number
Data offset				-	-	-	-	CWR	ECNE	URG	ACK	PSH	RST	SYN	FIN	Window
Checksum																Urgent pointer
Options (0–10 32-bit words)
TCP payload (many bytes)

Reliable transmission, based on unreliable IP packets.
Keep trying until it works.
Fragment/reassemble if needed.
Contains no IP addresses—that’s the IP layer’s problem.

IP Addressing: Review

┌─────────────────┐       ┌───────────────┐       ┌───────────────┐
│     ct320-1     │  lan1 │    router     │       │     boise     │
│ 192.168.110.101 │·······│ 192.168.110.1 │   ····│ 129.82.44.133 │
└─────────────────┘   :   ├ ─ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
┌─────────────────┐   :   │    acushla    │   :   ┌───────────────┐
│     ct320-2     │   :   │ 129.82.45.35  │·······│     salem     │
│ 192.168.110.102 │····   └───────────────┘  lan2 │ 129.82.44.169 │
└─────────────────┘                               └───────────────┘

IP address: 32-bit identifier for host, router interface
interface: connection between host/router and physical link
- routers typically have multiple interfaces
- host may have multiple interfaces
- IP addresses associated with each interface

IP Addresses

IP (Version 4) addresses are 32 bits long
- How many IPv4 addresses can exist?
  - 4,294,967,296
- How many IPv4 addresses are there per person?
IPv6 addresses are 128 bits long
- How many IPv6 addresses can exist?
  - 340,282,366,920,938,463,463,374,607,431,768,211,456
- How many IPv6 addresses per person?
IP addresses assigned statically or dynamically (DHCP)

Subnets

┌─────────────────┐       ┌───────────────┐       ┌───────────────┐
│     ct320-1     │  lan1 │    router     │       │     boise     │
│ 192.168.110.101 │·······│ 192.168.110.1 │   ····│ 129.82.44.133 │
└─────────────────┘   :   ├ ─ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
┌─────────────────┐   :   │    acushla    │   :   ┌───────────────┐
│     ct320-2     │   :   │ 129.82.45.35  │·······│     salem     │
│ 192.168.110.102 │····   └───────────────┘  lan2 │ 129.82.44.169 │
└─────────────────┘                               └───────────────┘

IP address:
- subnet part (high order bits)
- host part (low order bits)
What’s a subnet?
- device interfaces with same subnet part of IP address
- can physically reach each other without intervening router

Subnets

┌─────────────────┐       ┌───────────────┐       ┌───────────────┐
│     ct320-1     │  lan1 │    router     │       │     boise     │
│ 192.168.110.101 │·······│ 192.168.110.1 │   ····│ 129.82.44.133 │
└─────────────────┘   :   ├ ─ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
┌─────────────────┐   :   │    acushla    │   :   ┌───────────────┐
│     ct320-2     │   :   │ 129.82.45.35  │·······│     salem     │
│ 192.168.110.102 │····   └───────────────┘  lan2 │ 129.82.44.169 │
└─────────────────┘                               └───────────────┘

To determine the subnets, detach each interface from its host or router, creating islands of isolated networks. Each isolated network is a subnet.
The left subnet is 192.168.110/24 or perhaps 192.168.110.0/25.
The right subnet is 129.82.44/23.
The router will not forward 192.168/16 packets to the right, or 129.82/16 packets to the left. Less LAN traffic! ☺

Why Have Subnets?

Why bother with routers or subnets? Just put all of your computers on one giant LAN, and be done with it!

Remember, Ethernet is shouting-based (broadcast).
Only one device can talk on Ethernet at once.
If A & B are exchanging a lot of data, so are C & D, then it’s best if A & B are on one LAN, and C & D are on another.

Getting a datagram from source to destination

Consider this unusual network. In the center is a router, with several LAN ports, connecting three LANs. Note that 203.0.113.12 and 203.0.113.66 are also connected by a dedicated super-high-speed LAN, because they exchange tons of data.

                                          ┌───────────────┐
┌───────────┐       ┌─────────────┐   :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1   │   ·   └───────────────┘
└───────────┘   :   ├ ─ ─ ─ ─ ─ ─ ┤   :   ┌───────────────┐
┌───────────┐   :   │ 203.0.113.1 │···:···│ 203.0.113.12  │
│ 10.12.1.5 │···:   ├ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
└───────────┘   :   │ 192.0.2.7   │   :          :
┌───────────┐   :   └─────────────┘   :          :
│ 10.12.1.6 │····         :           :   ┌───────────────┐
└───────────┘             :           ····│ 203.0.113.66  │
		      to Comcast          └───────────────┘

Getting a datagram from source to destination

                                          ┌───────────────┐
┌───────────┐       ┌─────────────┐   :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1   │   ·   └───────────────┘
└───────────┘   :   ├ ─ ─ ─ ─ ─ ─ ┤   :   ┌───────────────┐
┌───────────┐   :   │ 203.0.113.1 │···:···│ 203.0.113.12  │
│ 10.12.1.5 │···:   ├ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
└───────────┘   :   │ 192.0.2.7   │   :          :
┌───────────┐   :   └─────────────┘   :          :
│ 10.12.1.6 │····         :           :   ┌───────────────┐
└───────────┘             :           ····│ 203.0.113.66  │
		      to Comcast          └───────────────┘

How would 203.0.113.66 send data to:

203.0.113.252?
203.0.113.12?
10.12.1.5?
198.51.100.123?

How’s it supposed to know all that‽

Routing Tables

                                          ┌───────────────┐
┌───────────┐       ┌─────────────┐   :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1   │   ·   └───────────────┘
└───────────┘   :   ├ ─ ─ ─ ─ ─ ─ ┤   :   ┌───────────────┐
┌───────────┐   :   │ 203.0.113.1 │···:···│ 203.0.113.12  │
│ 10.12.1.5 │···:   ├ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
└───────────┘   :   │ 192.0.2.7   │   :          :
┌───────────┐   :   └─────────────┘   :          :
│ 10.12.1.6 │····         :           :   ┌───────────────┐
└───────────┘             :           ····│ 203.0.113.66  │
		      to Comcast          └───────────────┘

Routing Table for 203.0.113.66
Destination	Cost	Interface
203.0.113.12/32	1	top
203.0.113/24	2	left
gateway	3	left

Each host (both end-user computers and routers) has a routing table.

Is the second entry really needed? Note the the table does not try to get a packet all the way to 10.12.1.5; it only specifies the next hop.

Routing Tables

                                          ┌───────────────┐
┌───────────┐       ┌─────────────┐   :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1   │   ·   └───────────────┘
└───────────┘   :   ├ ─ ─ ─ ─ ─ ─ ┤   :   ┌───────────────┐
┌───────────┐   :   │ 203.0.113.1 │···:···│ 203.0.113.12  │
│ 10.12.1.5 │···:   ├ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
└───────────┘   :   │ 192.0.2.7   │   :          :
┌───────────┐   :   └─────────────┘   :          :
│ 10.12.1.6 │····         :           :   ┌───────────────┐
└───────────┘             :           ····│ 203.0.113.66  │
		      to Comcast          └───────────────┘

Routing Table for the router
Destination	Cost	Interface
203.0.113/24	1	right
10/8	1	left
gateway	2	bottom

There is not one giant routing table for everything. No single host has the big picture. Nobody has the big picture.

Instead, each host minds its own business, and has its own routing table, which tells that host where packets should go.

Routing Tables

                                          ┌───────────────┐
┌───────────┐       ┌─────────────┐   :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1   │   ·   └───────────────┘
└───────────┘   :   ├ ─ ─ ─ ─ ─ ─ ┤   :   ┌───────────────┐
┌───────────┐   :   │ 203.0.113.1 │···:···│ 203.0.113.12  │
│ 10.12.1.5 │···:   ├ ─ ─ ─ ─ ─ ─ ┤   :   └───────────────┘
└───────────┘   :   │ 192.0.2.7   │   :          :
┌───────────┐   :   └─────────────┘   :          :
│ 10.12.1.6 │····         :           :   ┌───────────────┐
└───────────┘             :           ····│ 203.0.113.66  │
		      to Comcast          └───────────────┘

Routing Table for 10.12.1.6
Destination	Cost	Interface
gateway	1	right

It only has one LAN interface. Everything’s got to go through that! Once a (non-local) packet gets to the router, then it’s the router’s task to figure out where it should go next.

Actual example

$ ssh acushla ip route
Host key verification failed.

The first line shows the default gateway, to be used if all else fails.
- google.com requests would go there; they match no other rules.
Other lines map CIDR network ⇒ interface & new source IP addr.
Which line handles our lab?
What is 169.254.0.0?
This is just routing—the firewall applies to packet types & ports.

IP addresses: Allocation

How does a host get an IP address?
hard-coded by system admin in a file
- Windows control-panel → network → configuration → TCP/IP → properties
- Linux: It depends on the distro
DHCP: Dynamic Host Configuration Protocol:, DHCP dynamically get address from a DHCP server (often the router)
- “plug-and-play”

CT320: Network and System Administration

Fall 2017

TCP-IP

Introduction to TCP/IP Networking

Communications Architecture

Divide & Conquer

Layers Example

TCP/IP Protocol Suite

The Layers

Functions of the Layers

Assignment of Protocols to Layers

Layered Communications

Layered Communications

Application View of Networking

Transport View of Networking

Network Layer View

Link Layer View of Networking

Exchange of Data

Love Letters

Example

Example

Example

Layers in the Example

Layers and Services

IP: Internet Protocol

IP Routing

ICMP : Internet Control Message Protocol

TCP : Transmission Control Protocol

IP Addressing: Review

IP Addresses

Subnets

Subnets

Why Have Subnets?

Getting a datagram from source to destination

Getting a datagram from source to destination

Routing Tables

Routing Tables

Routing Tables

Actual example

IP addresses: Allocation