1 / 55

Originally (1/7/01) by: Usha Viswanathan Modified (1/17/03) by: John R. Durrett

TCP/IP. Originally (1/7/01) by: Usha Viswanathan Modified (1/17/03) by: John R. Durrett. Presentation Overview. TCP/IP ideas and origins Conceptual Model: OSI and TCP/IP TCP/IP protocol architecture IP addressing IP Routing TCP Applications IPv6.

flynn-mclaughlin
Download Presentation

Originally (1/7/01) by: Usha Viswanathan Modified (1/17/03) by: John R. Durrett

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TCP/IP Originally (1/7/01) by: Usha Viswanathan Modified (1/17/03) by: John R. Durrett

  2. Presentation Overview • TCP/IP ideas and origins • Conceptual Model: OSI and TCP/IP • TCP/IP protocol architecture • IP addressing • IP Routing • TCP • Applications • IPv6

  3. TCP/IP The “lingua franca” of the Internet.

  4. ISO’s Open Systems Interconnect (OSI) Reference Model • Protocol Layering • Series of small modules • Well defined interfaces, hidden inner processesΔProcess modules can be replaced • Lower layers provide services to higher layers • Protocol Stack: modules taken together • Each layer communicates with its pair on the other machine

  5. Application Application Presentation Presentation Session Session Transport Transport Datalink Datalink Physical Physical The OSI Model Sender Receiver The path messages take Network Network Across Network

  6. Application Presentation Session Transport Network Datalink Physical OSI Layers Communication partners, QoS identified Semantics , encryption compression (gateways) Establishes, manages, terminates sessions Sequencing, flow/error control, name/address resolution Routing, network addresses (routers) MAC address, low level error control (bridges ) Encoding/decoding digital bits, interface card

  7. Application Transport Layer Network Layer Network Layer TCP/IP Application Transport Layer Transport Layer Network Layer Network Layer Network Layer Network Layer Alice Router Bob

  8. Application Presentation Session Transport Network Datalink Physical TCP/IP: The Protocols and the OSI Model TELNET FTP SMTP DNS SNMP DHCP RIP RTP RTCP Transmission Control Protocol User Datagram Protocol OSPF ICMP IGMP Internet Protocol ARP Ethernet Token Bus Token Ring FDDI

  9. Data Encapsulation by Layer Data Application TCP Header TCP Datagram Network Packet Data Link Frame Destination Opens envelopes layer-by-layer

  10. Transmission Control Protocol (TCP) • Traditional TCP/IP Security: None • No authenticity, confidentiality, or integrity • Future: IPSec • Workhorse of the internet • FTP, telnet, ssh, email, http, etc. • The protocol responsible for the reliable transmission and reception of data. • Unreliable service is provided by UDP. • Transport layer protocol. • Can run multiple applications using the same transport. • Multiplex through port numbers

  11. TCP Fields Source port Destination port Sequence number Acknowledgment number Data offset Reserved Window Checksum Urgent pointer Options Padding data U R P A C K P S H R S T S Y N F I N

  12. TCP Connection Establishment • Alice to Bob: SYN with Initial Sequence Number-a • Bob to Alice: ACK ISN-a with ISN-b • Alice to Bob: ISN-b • Connection Established

  13. Source Port Destination Port Message Length Checksum Data … User Datagram Protocol (UDP) • Connectionless • Does not retransmit lost packets • Does not order packets • Inherently unreliable • Mainly tasks where speed is essential • Streaming audio and video • DNS

  14. ICMP: network plumber

  15. Ports “Ports are used in the TCP [RFC793] to name the ends of logical connections which carry long term conversations. For the purpose of providing services to unknown callers, a service contact port is defined. This list specifies the port used by the server process as its contact port. The contact port is sometimes called the "well-known port". • Source port • Destination port • Logical connection • Priviledged – unprivileged ports • Netstat –na

  16. IP Address • uniquely identifies a computer on a network • 32 bits, 4 bytes of 8 bits each: xxxxxxxx.xxxxxxxx.xxxxxxxx.xxxxxxxx • dotted quad notation system • Example 198.113.201.23 • There are five classes of addresses: A - E.

  17. Identifying a Class Address Identifier Network Address Host Address 16,277,214 hosts per network ID Class A 0-126 7 bits of network address 24 bits of host address 0 Last three bytes First byte 65,354 hosts Class B 128-191 14 bits of network address 10 16 bits of host address First two bytes Last two bytes 254 hosts Class C 192-223 8 bits of host address 21 bits of network address 110 First three bytes Last byte 224-239 Class D 1110 Multicast address in the range of 224.0.0.0 - 239.255.255.255 Class E 240-255 11110 Class E - Reserved for future use

  18. Subnetting Customer Site • Each address consists of two components:Network address and Host address • Determined by Netmask • 10.21.41.3 = 00001010 00010101 00101001 00000011 • 255.255.0.0 = 11111111 11111111 00000000 00000000 • Network address is IP XORed with netmask 130.1.1.0 130.1.2.0 130.1.3.0 . . . . . . . 130.1.255.0 130.1.0.0 Internet

  19. Masks and Prefixes • The addresses 210.10.40.0/24 and 210.10.40.0/255.255.255.0 mean the exact same thing. IP Network Address Prefix Subnet Mask 128.1.0.0 /16 255.255.0.0 190.1.8.0 /21 255.255.248.0 207.16.16.128 /25 255.255.255.128

  20. IP Addressing Customer can split the network into multiple subnets, each with an entry in the local router table. One entry in the Global Routing Tables 150.1.4.0 150.1.10.0 150.1.12.0 150.1.1.0 150.1.5.0 Internet 150.1.9.0 150.1.11.0 150.1.17.0 Router 150.1.2.0 150.1.0.0 150.1.6.0 150.1.15.0 150.1.3.0 150.1.16.0 150.1.14.0 150.1.7.0 150.1.8.0 1501.13.0 Autonomous System (Typical Customer Network)

  21. Address Allocation (The Internet Registry) IANA InterNIC America RIPE Europe APNIC Asia National Regional Consumer

  22. Domain Name Service (DNS) (1) Name Query “Sun_Server” TELNET Sun_server (2) Query Response “198.1.1.1” • Provides a naming service for TCP/IP. • Provides many functions related to IP addresses and names • Three components • A name server, a name resolver, and a database (3) Connection Name Server 110001 101010 198.1.1.1 198.1.1.2 Database containing the mapping for Sun_Server 198.1.1.1 DNS Resolver

  23. DNS Structure • Hierarchical in structure. • Each level provides further definition. • Each branch is called a level (63 characters in length). • Internet Registry provides uniqueness in names. • A single domain is assigned and may be further defined by the local site.

  24. Domain Structure Root Server com edu com gov mil net .firm .arts .nom .rec .info .web .store The extra top-level domains (TLDs) that are shown as the bottom set of boxes are proposed, they are shown here as examples, and as of this writing have not been adopted.

  25. Network Address Translation (NAT) • Illegal Addresses • Unroutable addresses: 10.0.0.0 192.168.0.0 • Limited address space in IP V4 • NAT maps bad to valid addresses • Mapping to single external address • One-to-One mapping • Dynamically allocated addresses 12.13.4.5 10.0.0.5 Router

  26. Name Servers Query “labhost.bnr.ca.us” Root server Referral to us server Query “labhost.bnr.ca.us” .us server Query “labhost.bnr.ca.us” Referral to ca.us server Query “labhost.bnr.ca.us” Name Server .ca.us server IP address of “labhost.bnr.ca.us” Referral to bnr.ca.us server Query “labhost.bnr.ca.us” bnr.ca.us server IP address of “labhost.bnr.ca.us”

  27. Logical Structure of the Internet Protocol Suite SNMP FTP TFTP TELNET DNS HTTP User Datagram Protocol Transmission Control Protocol Connectionless Connection Oriented IP (ICMP,IGMP) Internet Addressing ARP RARP Physical Layer

  28. Address Resolution Protocol (ARP) Maps IP addresses to MAC addresses When host initializes on local network: • ARP broadcast : IP and MAC address • If duplicate IP address, TCP/IP fails to initialize Address Resolution Process on Local Network • Is IP address on local network? • ARP cache • ARP request • ARP reply • ARP cache update on both machines

  29. ARP Operation Here is my MAC address Give me the MAC address of station 129.1.1.4 ARP Request Not me Not me B 129.1.1.1 C 129.1.1.4 ARP Response Accepted Request Ignored Request Ignored That’s me

  30. Address Resolution on Remote Network • IP address determined to be remote • ARP resolves the address of each router on the way • Router uses ARP to forward packet Router Network B Network A

  31. Reverse Address Resolution Protocol (RARP) RARP Response Give me my IP address 129.1.1.1 Not me Not me RARP Request Diskless Workstation RARP Server B C RARP Response Accepted Request Ignored Request Ignored • Same packet type used as ARP • Only works on local subnets • Used for diskless workstations 31

  32. The Internet Protocol (IP) • IP’s main function is to provide for the interconnection of subnetworks to form an internet in order to pass data. • The functions provided by IP are: • Addressing • Routing • Fragmentation of datagrams

  33. Host Name Resolution Standard Resolution • Checks local name • Local HOSTS file • DNS server Windows NT Specific Resolution • NetBIOS cache • WINS server • b-node broadcasts • LMHOSTS file (NetBIOS name)

  34. Routing Packets • Process of moving a packet from one network to another toward its destination • RIP, OSPF, BGP • Dynamic routing • Static routing • Source routing

  35. IP Routing • IP routing is the process by which packets are routed and delivered between networks • Local vs remote networks • Router vs default gateway • Static vs dynamic routing • Two types: direct and indirect. • Two types of protocols IGP and EGP. • IGP provides for routing within a single AS • EGP provides for routing between ASs

  36. Direct and Indirect Routing Direct Routing • Network numbers must match for direct routing. • Different network numbers for indirect routing. • Remote nodes may use a combination of both direct and indirect routing. Direct Routing Station A 140.1.1.1 Station B 140.1.2.1 Station C 140.1.3.1 Indirect Routing Station D 140.2.1.1

  37. Hubs & Switches • Hub: • broadcasts information received on one interface to all other physical interfaces • Switch: • does not broadcast • Uses MAC address to determine correct interface

  38. Firewalls • Control the flow of traffic between networks • Internal, External, Server, Client Firewalls • Traditional Packet filters • Stateful Packet filters • Proxy-based Firewalls

  39. Traditional Packet Filters • Analyses each packet to determine drop or pass • SourceIP, DestinationIP, SrcPort, DestPort, Codebits, Protocol, Interface • Very limited view of traffic

  40. Stateful Packet Filters • Adds memory of previous packets to traditional packet filters • When packet part of initial connection (SYN) it is remembered • Other packets analyzed according to previous connections

  41. Proxy-based (Application) Firewalls • Focus on application to application • Can approve: • By user • By application • By source or destination • Mom calls, wife answers, etc.

  42. IP Address Allocation • Automatic Allocation: permanently assigns an IP address to a station. • Dynamic Allocation: assigns an IP address to a requesting station for specified amount of time. • Manual Allocation: preconfigure the server to give the requesting station the same IP address every time it requests it.

  43. Security • Encryption: Symmetric vs Asymmetric, hash codes • Application Layer • PGP, GnuPG, S/MIME, SSH • Session Layer: Secure Socket Layer (SSL) • Digital certificates to authenticate systems and distribute encryption keys • Transport Layer Security (TLS) • Network-IP Layer Security (IPSec) • AH: digital signatures • ESP: confidentiality, authentication of data source, integrity

  44. IPSec Authentication Header (AH)

  45. IPSec: Encapsulating Security Payload (ESP)

  46. Introduction to the TCP/IP Standard Applications • DHCP–Provides for management of IP parameters. • TELNET–Provides remote terminal emulation. • FTP–Provides a file transfer protocol. • TFTP–Provides for a simple file transfer protocol. • SMTP–Provides a mail service. • DNS–Provides for a name service.

  47. DHCP Operation DHCP Server B DHCP Server A DHCP Client FFFFFF DHCP Discover DHCP A Offer (IP addr) DHCP B Offer (IP addr) DHCP Request (A) DHCP A ACK

  48. TELNET TELNET server TELNET server Host TELNET client

  49. File Transfer Protocol (FTP) Host Storage Client (TFTP – uses UDP)

  50. Simple Mail Transfer Protocol (SMTP) • Today known as Electronic Mail, or email. • RFCs 821, 822, 974. • Email still cannot transport packages and other items. • Email is very fast and guarantees delivery. • Three protocols are used for today’s email. • SMTP–operates over TCP • POP–operates over TCP • DNS–operates over UDP • SMTP allows for the sending/receiving of email. • POP allows us to intermittently retrieve email. • DNS makes it simple.

More Related