Show Lecture.TCP-IP as a slide show.
CT320 TCP-IP
Thanks to:
- Dr. Indrajit Ray, CSU
- Dr. James Walden, NKU
- Russ Wakefield, CSU
for the contents of these slides.
Communications Architecture
- The complexity of the communication task is reduced by using
multiple protocol layers:
- Each protocol is implemented independently
- Each protocol is responsible for a specific subtask
- Protocols are grouped in a hierarchy
- A structured set of protocols is called a
communications architecture or protocol suite
Divide & Conquer
- It’s all about divide & conquer, or delegation.
- Don’t try to do everything at once.
- Break a big problem apart into smaller sub-problems.
- Networking is enormously difficult, so we break it into layers.
Layers Example
- Back at HP, my boss would trust me to write the program that he wanted.
- I trust the compiler to accurately translate my C code to
machine language instructions.
- I trust the cpu to accurately decode & execute instructions.
- The cpu assumes that it will have reliable DC power from the power supply.
- The power supply assumes that the outlet will supply 120VAC.
- and so on
Each layer assumes that the layer below it will do its job.
TCP/IP Protocol Suite
- The TCP/IP protocol suite is the protocol architecture of the Internet
- The TCP/IP suite has four layers:
- Application
- Transport
- Network
- Data Link
- Mnemonic aids:
- attend (pay attention)
- atoned (they should have atoned for this)
- End systems (hosts) implement all four layers.
- Gateways (Routers) only have the bottom two layers.
The Layers, with the IP Hourglass
| Old OSI Model
| TCP/IP Hierarchy
| Protocols
|
|---|
| 7: Application Layer
| Application Layer
|
- domain (DNS, hostname→IP address)
- http, https (web pages)
- pop3, imap, smtp (email)
- ntp (time synchronization)
- ssh (remote login/file copy)
- x11 (X Window System)
|
| 6: Presentation Layer
|
| 5: Session Layer
|
| 4: Transport Layer
| Transport Layer
|
- TCP (connection-oriented reliable packets)
- UDP (hope & luck)
- ICMP
|
| 3: Network Layer
| Network Layer
|
- IP (it all boils down to this)
|
| 2: Link Layer
| Link Layer
(alias Data Link Layer)
|
- ARP (Mac address→IP address)
- Ethernet
- PPP
|
| 1: Physical Layer
|
Functions of the Layers
- Application Layer:
- Service: Application specific (delivery of email,
retrieval of HTML documents, reliable transfer of file)
- Functions: Application specific
- Transport Layer:
- Service: Delivery of data between hosts
- Functions: Connection establishment/termination, error control,
flow control
- Network Layer:
- Service: Move packets from source host to destination host
- Functions: Routing, addressing
- Data Link Layer:
- Service: Reliable transfer of frames over a physical medium
- Functions: Framing, media access control, error checking
Assignment of Protocols to Layers
- Application Layer:
- ping application, HTTP, SSH, DNS, SNMP, SMTP, DHCP
- Transport Layer:
- Network Layer:
- Data Link Layer:
Layered Communications
- An entity of a particular layer can only communicate with:
- a peer layer entity using a common protocol (Peer Protocol)
- adjacent layers to provide services and to receive
┌──────────────────┐ Layer N+1 protocol ┌──────────────────┐
│ Layer N+1 entity │<–––––––––––––––––––––>│ Layer N+1 entity │
└──────────────────┘ └──────────────────┘
│ ∧ │ ∧
∨ │ ∨ │
┌──────────────────┐ Layer N protocol ┌──────────────────┐
│ Layer N entity │<–––––––––––––––––––––>│ Layer N entity │
└──────────────────┘ └──────────────────┘
│ ∧ │ ∧
∨ │ ∨ │
┌──────────────────┐ Layer N-1 protocol ┌──────────────────┐
│ Layer N-1 entity │<–––––––––––––––––––––>│ Layer N-1 entity │
└──────────────────┘ └──────────────────┘
Layered Communications
A layer N+1 entity sees the lower layers only as a service provider:
┌──────────────────┐ Layer N+1 protocol ┌──────────────────┐
│ Layer N+1 entity │<–––––––––––––––––––––>│ Layer N+1 entity │
└──────────────────┘ └──────────────────┘
│ ∧
│ │
│request indicate│
│delivery delivery│
│ │
∨ │
┌─────────────────────────────────────────────────────────────┐
│ Service provider │
└─────────────────────────────────────────────────────────────┘
Application View of Networking
Application job: write the web browser (client) or web server (server)
┌─────────┐ ┌──────────┐ ┌──────┐
│ laptop │ │ │ │ │
│ running │···········│ Internet │···········│ eBay │
│ browser │ │ │ │ │
└─────────┘ └──────────┘ └──────┘
Assume network provides way to send a messages between hosts.
- Don’t know or care how the messages are sent.
- Do care about:
- Does the network provide a connection or is it connectionless?
- Are messages reliable?
- Who/what provides flow control? (speed of sending messages)
Transport View of Networking
Transport job: implement the connection-(oriented/less) service
┌─────────┐ ┌──────────┐ ┌──────┐
│ laptop │ │ │ │ │
│ running │···········│ Internet │···········│ eBay │
│ browser │ │ │ │ │
└─────────┘ └──────────┘ └──────┘
- Assume application handles message content.
- Don’t know or care about the content of the messages.
- Don’t know or care how the messages get from source to destination
- Do care about:
- How to provide a connection or connectionless service?
- How to make the transport connection reliable?
- How to handle congestion and flow control in the network?
Network Layer View
Network layer job: get a message from a source to a destination
┌─────────┐
│ laptop │ ┌───────┐ ┌───────┐ ┌───────┐
│ running │·····│ ISP A │····│ ISP B │····│ ISP C │
│ browser │ └───────┘ └───────┘ └───────┘
└─────────┘ : : :
: : :
┌───────┐ ┌───────┐ ┌───────┐ ┌──────┐
│ ISP D │····│ ISP E │····│ ISP F │······│ eBay │
└───────┘ └───────┘ └───────┘ └──────┘
- Assume higher layers handle message content, reliability.
- Care about:
- How to provide a best effort attempt to deliver packets?
- Routing: A→B→C→F→eBay, A→D→E→F→eBay, A→B→E→F→eBay, or what?
Link Layer View of Networking
Link Layer job: get a message sent across some medium
┌────────┐ ┌────────┐
│ host A │·····························│ host B │
└────────┘ direct connection └────────┘
- Only care about how to get message from A to B across this link.
- Link can be twisted pair, coaxial, fiber optic, radio, infrared, etc.
- Has to deal with messy physical stuff:
- voltage levels
- radio signals
- noisy connections
Exchange of Data
- The unit of data sent between peer entities is called a Protocol
Data Unit (PDU)
- For now, let us think of a PDU as a single packet
┌─────────┐ ┌───────────┐ ┌─────────┐
A │ Layer N │ │ PDU │ B │ Layer N │
│ entity │···········│ (layer N) │···········│ entity │
└─────────┘ └───────────┘ └─────────┘
- Scenario: Layer-N at A sends a layer-N PDU to layer-N at B
- What actually happens:
- A’s layer-N passes the PDU to layer-N-1
- Layer-N-1 entity at A constructs its own (layer-N-1) PDU
which it sends to the layer-N-1 entity at B
- PDU at layer-N-1 = layer-N-1 Header + layer-N PDU
Love Letters
My wife is visiting her family in France, and I miss her terribly,
so I write a passionate love letter:
Dear Wife,
Warmest regards.
Lonely Husband
- My wife cares only about this three-line message.
- Can I just hand this to the postman? No, he wants an envelope!
- The postman doesn’t care about the love letter—he only cares about
the envelope.
- Is that the only wrapper?
Example
Say that a web browser wants to see eBay’s home page.
It might construct this 34-byte HTTP request:
GET / HTTP/1.1\r\nHost: ebay.com\r\n\r\n
However, to send this over a TCP connection, the Transport level
adds a 20-byte header, so now we have this:
[TCP header][HTTP request]
Example
The Transport level hands this off to the Network level, which will
create an IP packet with its own 20-byte header:
[IP header][TCP header][HTTP request]
The Network level hands this off to the Data Link layer, which
will add its own overhead, depending on the medium:
[Frame header][IP header][TCP header][HTTP request][Frame footer]
Example
| Packet
| Protocol Level
|
|---|
|
| Data
|
| Application
|
|
| TCP header
| Data
|
| Transport
|
|
| IP header
| TCP header
| Data
|
| Network
|
| Frame header
| IP header
| TCP header
| Data
| Frame footer
| Data Link
|
When sending, each level treats the data from the previous level as a
black box, an unintelligible blob of stuff, and adds its own header or
footer.
Similarly, when receiving, each level removes its overhead.
Layers in the Example
┌──────────┐ ┌──────────┐
│ HTTP │ │ HTTP │
└──────────┘ └──────────┘
│ │
┌──────────┐ ┌──────────┐
│ TCP │ │ TCP │
└──────────┘ └──────────┘
│ │
┌──────────┐ ┌──────────┐ ┌──────────┐
│ IP │ │ IP │ │ IP │
└──────────┘ └──────────┘ └──────────┘
│ │ │ │
┌──────────┐ ┌──────────┐ ┌──────────┐ ┌──────────┐
│ Link │······│ Link │ │ Link │······│ Link │
└──────────┘ └──────────┘ └──────────┘ └──────────┘
ct320-1 router acushla salem
192.168.110.101 192.168.110.1 129.82.45.35 129.82.44.169
Layers and Services
Stalin says that “Quanity has a quality all its own”
- Service provided by TCP to HTTP:
- reliable transmission of data over a logical connection
- Service provided by IP to TCP:
- unreliable transmission of IP datagrams across an IP network
- Service provided by Ethernet to IP:
- transmission of a frame across an Ethernet segment
- Other services:
- DNS: translation between domain names and IP addresses
- ARP: Translation between IP addresses and MAC addresses
IP: Internet Protocol
| 0
| 1
| 2
| 3
| 4
| 5
| 6
| 7
| 8
| 9
| 10
| 11
| 12
| 13
| 14
| 15
| 16
| 17
| 18
| 19
| 20
| 21
| 22
| 23
| 24
| 25
| 26
| 27
| 28
| 29
| 30
| 31
|
| Version
| IHL
| Type of service
| Total length
|
| Identification
| Flags
| Fragment offset
|
| Time to live
| Protocol
| Header checksum
|
| Source IP address
|
| Destination IP address
|
| Options (optional)
|
| IP data payload (many bytes)
|
- Unreliable connectionless datagram delivery service
- Responsible for routing of data through intermediate
networks and computers
- Protocol:
IP Routing
┌─────────────┐ ┌─────────────┐
│ Application │ │ Application │
├─────────────┤ ├─────────────┤
│ Transport │ │ Transport │
├─────────────┤ ┌─────────────┐ ├─────────────┤
│ Network │ │ Network │ │ Network │
├─────────────┤ ├─────────────┤ ├─────────────┤
│ Link │··········│ Link │··········│ Link │
└─────────────┘ └─────────────┘ └─────────────┘
- Every device that supports the Network Layer must have a Routing Table.
- It’s a series of entries (a table) where each entry contains:
- Destination IP address (or range or pattern)
- IP address of a next-hop router
- Flags
- Network interface specification
ICMP : Internet Control Message Protocol
ICMP Message
| 20 bytes | 1 byte | 1 byte | 2 bytes | more bytes |
| IP header | Type | Code | Checksum | ICMP data |
- Used to report problems with delivery of IP Datagrams within an IP network
- Used by ping, traceroute commands
- Echo Request (type=8, code=0)
- Echo Reply (type=0, code=0)
- Destination Unreachable (type=3, code=various)
- Time Exceeded (type=11, code=0) : Time-To-Live=0
TCP : Transmission Control Protocol
| 0
| 1
| 2
| 3
| 4
| 5
| 6
| 7
| 8
| 9
| 10
| 11
| 12
| 13
| 14
| 15
| 16
| 17
| 18
| 19
| 20
| 21
| 22
| 23
| 24
| 25
| 26
| 27
| 28
| 29
| 30
| 31
|
| Source port
| Destination port
|
| Sequence number
|
| Acknowledgement number
|
| Data offset
| -
| -
| -
| -
| CWR
| ECNE
| URG
| ACK
| PSH
| RST
| SYN
| FIN
| Window
|
| Checksum
| Urgent pointer
|
| Options (0–10 32-bit words)
|
| TCP payload (many bytes)
|
- Reliable transmission, based on unreliable IP packets.
- Keep trying until it works.
- Fragment/reassemble if needed.
- Contains no IP addresses—that’s the IP layer’s problem.
IP Addressing: Review
┌─────────────────┐ ┌───────────────┐ ┌───────────────┐
│ ct320-1 │ lan1 │ router │ │ boise │
│ 192.168.110.101 │·······│ 192.168.110.1 │ ····│ 129.82.44.133 │
└─────────────────┘ : ├ ─ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
┌─────────────────┐ : │ acushla │ : ┌───────────────┐
│ ct320-2 │ : │ 129.82.45.35 │·······│ salem │
│ 192.168.110.102 │···· └───────────────┘ lan2 │ 129.82.44.169 │
└─────────────────┘ └───────────────┘
- IP address: 32-bit identifier for host, router interface
- interface: connection between host/router and physical link
- routers typically have multiple interfaces
- host may have multiple interfaces
- IP addresses associated with each interface
IP Addresses
- IP (Version 4) addresses are 32 bits long
- How many IPv4 addresses can exist?
- How many IPv4 addresses are there per person?
- IPv6 addresses are 128 bits long
- How many IPv6 addresses can exist?
- 2128 = 340,282,366,920,938,463,463,374,607,431,768,211,456
- How many IPv6 addresses per person?
- IP addresses assigned statically or dynamically (DHCP)
Subnets
┌─────────────────┐ ┌───────────────┐ ┌───────────────┐
│ ct320-1 │ lan1 │ router │ │ boise │
│ 192.168.110.101 │·······│ 192.168.110.1 │ ····│ 129.82.44.133 │
└─────────────────┘ : ├ ─ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
┌─────────────────┐ : │ acushla │ : ┌───────────────┐
│ ct320-2 │ : │ 129.82.45.35 │·······│ salem │
│ 192.168.110.102 │···· └───────────────┘ lan2 │ 129.82.44.169 │
└─────────────────┘ └───────────────┘
- IP address:
- subnet part (high order bits)
- host part (low order bits)
- What’s a subnet?
- device interfaces with same subnet part of IP address
- can physically reach each other without intervening router
Subnets
┌─────────────────┐ ┌───────────────┐ ┌───────────────┐
│ ct320-1 │ lan1 │ router │ │ boise │
│ 192.168.110.101 │·······│ 192.168.110.1 │ ····│ 129.82.44.133 │
└─────────────────┘ : ├ ─ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
┌─────────────────┐ : │ acushla │ : ┌───────────────┐
│ ct320-2 │ : │ 129.82.45.35 │·······│ salem │
│ 192.168.110.102 │···· └───────────────┘ lan2 │ 129.82.44.169 │
└─────────────────┘ └───────────────┘
- To determine the subnets, detach each interface from its host
or router, creating islands of isolated networks.
Each isolated network is a subnet.
- The left subnet is 192.168.110/24 or perhaps 192.168.110.0/25.
The right subnet is 129.82.44/23.
- The router will not forward 192.168/16 packets to the right,
or 129.82/16 packets to the left. Less LAN traffic! ☺
Why Have Subnets?
Why bother with routers or subnets? Just put all of your computers
on one giant LAN, and be done with it!
- Remember, Ethernet is shouting-based (broadcast).
- Only one device can talk on Ethernet at once.
- If A & B are exchanging a lot of data, so are C & D,
then it’s best if A & B are on one LAN, and C & D are on another.
Getting a datagram from source to destination
Consider this unusual network. In the center is a router,
with several LAN ports, connecting three LANs.
Note that 203.0.113.12 and 203.0.113.66
are also connected by a dedicated super-high-speed LAN,
because they exchange tons of data.
┌───────────────┐
┌───────────┐ ┌─────────────┐ :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1 │ · └───────────────┘
└───────────┘ : ├ ─ ─ ─ ─ ─ ─ ┤ : ┌───────────────┐
┌───────────┐ : │ 203.0.113.1 │···:···│ 203.0.113.12 │
│ 10.12.1.5 │···: ├ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
└───────────┘ : │ 192.0.2.7 │ : :
┌───────────┐ : └─────────────┘ : :
│ 10.12.1.6 │···· : : ┌───────────────┐
└───────────┘ : ····│ 203.0.113.66 │
to Comcast └───────────────┘
Getting a datagram from source to destination
┌───────────────┐
┌───────────┐ ┌─────────────┐ :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1 │ · └───────────────┘
└───────────┘ : ├ ─ ─ ─ ─ ─ ─ ┤ : ┌───────────────┐
┌───────────┐ : │ 203.0.113.1 │···:···│ 203.0.113.12 │
│ 10.12.1.5 │···: ├ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
└───────────┘ : │ 192.0.2.7 │ : :
┌───────────┐ : └─────────────┘ : :
│ 10.12.1.6 │···· : : ┌───────────────┐
└───────────┘ : ····│ 203.0.113.66 │
to Comcast └───────────────┘
How would 203.0.113.66 send data to:
- 203.0.113.252?
- 203.0.113.12?
- 10.12.1.5?
- 198.51.100.123?
How’s it supposed to know all that‽
Routing Tables
┌───────────────┐
┌───────────┐ ┌─────────────┐ :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1 │ · └───────────────┘
└───────────┘ : ├ ─ ─ ─ ─ ─ ─ ┤ : ┌───────────────┐
┌───────────┐ : │ 203.0.113.1 │···:···│ 203.0.113.12 │
│ 10.12.1.5 │···: ├ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
└───────────┘ : │ 192.0.2.7 │ : :
┌───────────┐ : └─────────────┘ : :
│ 10.12.1.6 │···· : : ┌───────────────┐
└───────────┘ : ····│ 203.0.113.66 │
to Comcast └───────────────┘
Routing Table for 203.0.113.66
| Destination | Cost | Interface |
|---|
| 203.0.113.12/32 | 1 | top |
| 203.0.113/24 | 2 | left |
| gateway | 3 | left |
Each host (both end-user computers and routers) has a routing table.
Is the second entry really needed? Note the the table does not
try to get a packet all the way to 10.12.1.5; it only specifies
the next hop.
Routing Tables
┌───────────────┐
┌───────────┐ ┌─────────────┐ :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1 │ · └───────────────┘
└───────────┘ : ├ ─ ─ ─ ─ ─ ─ ┤ : ┌───────────────┐
┌───────────┐ : │ 203.0.113.1 │···:···│ 203.0.113.12 │
│ 10.12.1.5 │···: ├ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
└───────────┘ : │ 192.0.2.7 │ : :
┌───────────┐ : └─────────────┘ : :
│ 10.12.1.6 │···· : : ┌───────────────┐
└───────────┘ : ····│ 203.0.113.66 │
to Comcast └───────────────┘
Routing Table for the router
| Destination | Cost | Interface |
|---|
| 203.0.113/24 | 1 | right |
| 10/8 | 1 | left |
| gateway | 2 | bottom |
There is not one giant routing table for everything.
No single host has the big picture. Nobody has the big picture.
Instead, each host minds its own business, and has its own routing table,
which tells that host where packets should go.
Routing Tables
┌───────────────┐
┌───────────┐ ┌─────────────┐ :···│ 203.0.113.252 │
│ 10.12.1.3 │·······│ 10.12.1.1 │ · └───────────────┘
└───────────┘ : ├ ─ ─ ─ ─ ─ ─ ┤ : ┌───────────────┐
┌───────────┐ : │ 203.0.113.1 │···:···│ 203.0.113.12 │
│ 10.12.1.5 │···: ├ ─ ─ ─ ─ ─ ─ ┤ : └───────────────┘
└───────────┘ : │ 192.0.2.7 │ : :
┌───────────┐ : └─────────────┘ : :
│ 10.12.1.6 │···· : : ┌───────────────┐
└───────────┘ : ····│ 203.0.113.66 │
to Comcast └───────────────┘
Routing Table for 10.12.1.6
| Destination | Cost | Interface |
|---|
| gateway | 1 | right |
It only has one LAN interface. Everything’s got to go through that!
Once a (non-local) packet gets to the router, then it’s the router’s
task to figure out where it should go next.
Actual example
$ ssh acushla ip route
Host key verification failed.
- The first line shows the default gateway, to be used if all else fails.
google.com requests would go there; they match no other rules.
- Other lines map CIDR network ⇒ interface & new
source IP addr.
- Which line handles our lab?
- What is 169.254.0.0?
- This is just routing—the firewall applies to packet types & ports.
IP addresses: Allocation
- How does a host get an IP address?
- hard-coded by system admin in a file
- Windows control-panel → network → configuration → TCP/IP → properties
- Linux: It depends on the distro
- DHCP: Dynamic Host Configuration Protocol:, DHCP
dynamically get address from a DHCP server (often the router)