Professional Documents
Culture Documents
TCP/IP
1 / 37
Internet
Denition:
global network of networks, network of connecting hosts
is a public, cooperative, and self-sustaining facility accessible to people worldwide hosts can transparently communicate with each other based on IP packet-switching uses:
IP, Internet Protocol
TCP/IP
2 / 37
TCP/IP Stack
protocol family used on the Internet consists of:
Application Layer Transport Layer Network Layer Interface to Link Layer
TCP/IP
3 / 37
used to deliver packets across multiple links Data Link technology independent own logical addressing scheme and path determination packet-switched: every packet carries source and destination address connection-less: no continuing connection between end-hosts, no path is established before transmitting and no context is saved unreliable delivery (reliability provided by transport layer) Features:
delays of packets: router too busy loss of packets: buer overow in router duplication of packets: retransmission by sender out-of-sequence: packets can go dierent path (reordered at transport layer) fragmentation: links with less bandwidth (reassembling of fragmented packets done by IP)
TCP/IP 4 / 37
TCP/IP
5 / 37
packet-switched
Denition:
small units of data called packets are routed through a network based on the destination address contained within each packet
breaking data up into packets allows the same data path to be shared among many users on the network
TCP/IP
6 / 37
connection-less protocol
Denition:
communication method in which communication occurs between hosts with no previous setup
each packet is treated independently and may take dierent routes example
IP, UDP, X.25
TCP/IP
7 / 37
connection-oriented protocol
Denition:
communication method in which communication occurs between hosts only after a connection is established
three well-dened phases: connection establishment, data transfer, connection release virtual circuit between two endpoints features
high level of reliability
example
TCP, FTP
TCP/IP
8 / 37
IPv4, IP version 4
IPv4 was initially deployed on 1 January 1983 widely used version of IP addresses today 32 bit long, split up into classes problems
address shortage problem due to classful addressing wasteful, not all addresses can be used rapid growth in the size of the Internet causes bigger routing tables
TCP/IP
9 / 37
IPv6, IP version 6
Denition:
next generation protocol to replace the current IPv4
deployment of the IPv6 protocol began in 1999 designed to solve problems of IPv4: address depletion, security, auto-conguration, extensibility, and more larger IP address space, addresses are 128 bit long issues
due to longer addresses the packet becomes longer, impact of TCP and timing application programs until now they assume IP address 4 bytes long (rewriting necessary)
TCP/IP
10 / 37
IP address
logical address used to communicate over the Internet (public IP address) identies network and/or specic host on a network assigning of IP addresses by public and private organisations IPV4: 32-bits (four octets), numeric address, range: 0 to 255.255.255.255 theoretically 4,294,967,296 unique addresses notation
written as four numbers separated by periods: 128.130.123.10 binary : 100000000.10000010.01111011.00001010 decimal: 2156034826
TCP/IP
11 / 37
IP Address Space
is hierarchically ordered (otherwise, everybody would have to know everybody elses IP address + location -> unworkable) hierarchy of IP Networks each of which has specic size old-style: addresses belong to a number of classes which determine size nowadays: every network has its own, specic size currently two types of IP addresses in active use: IPv4 and IPv6 both are assigned in a delegated manner users are assigned IP addresses by ISPs ISPs obtain allocations of IP addresses blocks from a local, national or regional Internet registry (LIR, NIR, RIR)
TCP/IP
12 / 37
TCP/IP
13 / 37
IP Network
contains a number of related IP host addresses relationship: topological neighbours, i.e. in the same LAN benet
IP path determination only requires knowledge of networks, not individual host addresses
like postal addresses: city vs. street number vs. unit number every IP network has start and end address start and end must fall on particular numbers reason:
IP address is split into network and host part at a bit-boundary.
two addresses in every IP net reserved/special purpose: rst (=the net itself), last (=broadcast)
TCP/IP
14 / 37
Network mask
denes where boundary between network and host parts of IP address is (design decision: network part is left part of address, host right) netmask has a binary 1 for network bits, a 0 for host bits result:
IP address AND netmask = network-part of that IP address masks o the network part, host part is zeroed
TCP/IP
16 / 37
Class A
uses rst octet to determine network, remaining octets identify host starts with 0xxxx rst octet from 1 to 126 total number of networks: 127 total number of possible hosts in each network: 16,777,214 class A IP addresses assigned to large corporations (IBM, Xerox, Apple, AT&T, Hewlett Packard,..)
TCP/IP
17 / 37
Class B
uses rst two octets to determine network, remaining octets identify host starts with 10xx rst octet from 128 to 191 total number of networks: 16,384 total number of possible hosts in each network: 65,534 class B IP addresses assigned to mid-sized corporations
TCP/IP
18 / 37
Class C
uses rst three octets to determine network, remaining octet identies host starts with 110x rst octet from 192 to 223 total number of networks: 2,097,152 total number of possible hosts in each network: 254 class C IP addresses assigned to small companies
TCP/IP
19 / 37
Class D
not available for general use used for multicasting (video conference) starts with 1110 rst octet from 224 to 239
TCP/IP
20 / 37
Class E
starts with 1111 rst octet from 240 to 254 not available for general use experimental purposes only
TCP/IP
21 / 37
Private IP address
rfc
http://www.faqs.org/rfcs/rfc1918.html
are used on private intranets that are isolated from the Internet no router will forward packets with this addresses IANA has reserved blocks of the IP address space for private intranets 10.0.0.0. through 10.255.255.255 172.16.0.0 through 172.31.255.255 192.168.0.0 through 192.168.255.255
TCP/IP
22 / 37
Reserved IP addresses
few IP addresses are reserved for special use by TCP/IP 127.0.0.1: loopback address (indicates your own workstation) commonly used for troubleshooting, local loops and network testing 255.255.255.255: broadcast messages 0.0.0.0: currently unassigned IP address
TCP/IP
23 / 37
IP Packet
consists of:
IP-header Packet payload
TCP/IP
24 / 37
IP-header
header is 20 bytes long (longer if options are present) Parts:
version: IPv4 or IPv6 total length: length of header and data fragment oset: if fragmented when routed over link with less bandwidth time to live: number of hops which the packet may be routed over, decremented by routers to prevent routing loops protocol: type of packet being carried (TCP, UDP, ICMP..) header checksum: covers IP header not data, recalculated when TTL decreases source address and destination address: IP address of the original sender and nal destination
is checked by router to make routing decision addresses never change enroute (unless NAT-ed), TTL and checksum change every time router is passed
TCP/IP 25 / 37
Routing
act of moving information across a network from a source to destination determines optimal routing paths and directs packets through a network default routing: in case destination network unknown, default gateway used host routing: optionally, adds routes for specic hosts
TCP/IP
26 / 37
Routing Decision
decision has to made by every machine sending or forwarding IP packet this includes the originator, too! choice is made based on neighborhood relation with target: question:
is the target in the same IP network or not?
netmask is used to get network part of target IP if same as our network part: target is a neighbor! instances:
Direct Transmission Forwarding to other Router Dropping the packet
TCP/IP
27 / 37
Direct Transmission
if the target is nearby, we can talk to it directly nearby: member of the same IP network, i.e. same LAN result:
Layer 2 is used to send the packet directly
TCP/IP
28 / 37
TCP/IP
29 / 37
TCP/IP
30 / 37
Router
Denition:
device which determines the next network point to which a packet should be forwarded toward its destination
uses network part of destination IP address and routing table to determine next hop routes networks only (keeps routing table smaller) connects (at least 2) networks can be special hardware or software for home users rst router will be at ISP, for company within its network
TCP/IP
31 / 37
Routing Table
allows router to determine best path to destination address entries: network, network mask, next router, cost default gateway: in case network completely unknown static routing uses precongured entries, have to be changed manually dynamic routing uses routing protocols (RIP, OSPF,...) for periodically updating routes known by peer routers
TCP/IP
32 / 37
Subnetting
Denition:
dividing network into subnets and still be connected to the Internet with a single shared network address
Purpose:
useful for security and performance reasons trac can be better controlled
closest router uses subnet mask to route packets from subnet to subnet tutorial
http://www.ralphb.net/IPSubnet/subnet.html
Procedure:
bits from host portion are borrowed to identify subnets: -> losing addresses subnet mask tells how many bits are used for subnetting rst address on each subnet cannot be used: represents subnet itself last address on each subnet cannot be used: is broadcast address
TCP/IP 33 / 37
history
in 90ies ISPs collected IP addresses back from their users and reallocated them 91 /8 blocks are available in 2003
http: //www.iana.org/assignments/ipv4-address-space
TCP/IP 34 / 37
cidr-example
4 sequential class C networks used as block 192.60.128.0 192.60.129.0 192.60.130.0 192.60.131.0 supernetting address: 192.60.128.0/22 22 bits have been used for network addressing hosts from 192.60.128.0 to 192.60.131.255 block starts with 192.60.128.0
TCP/IP
35 / 37
Purpose:
security: hiding internal addresses gain IP space by using private IP addresses
Procedure:
outgoing: replace private IP address with public and forward packet incoming: replacing public IP address with private IP address and forward packet keep a connection table for this mapping external trac uses public IP
TCP/IP
36 / 37
Tunneling
Denition:
connection, usually encrypted, that connects two computers across another, usually untrusted network
generally done by encapsulating the private network data within the public network transmission unit (wrap x in y) observation
routing nodes on the public network are unaware that the transmission is part of a private network
original entire packet (incl. header) is encrypted, put into another packet and sent over Internet example
Generic Routing Encapsulation (GRE) Protocol PPTP extension of PPP, mostly for Windows IPSEC (Internet Security Protocol): supports secure exchange of packets at the IP layer deployed widely to implement VPN
TCP/IP
37 / 37