TCP/IP

Alexander Zangerl (az@bond.edu.au)

Bond University

TCP/IP

1 / 37

Internet
Denition:
global network of networks, network of connecting hosts

is a public, cooperative, and self-sustaining facility accessible to people worldwide hosts can transparently communicate with each other based on IP packet-switching uses:
IP, Internet Protocol

TCP/IP

2 / 37

TCP/IP Stack
protocol family used on the Internet consists of:
Application Layer Transport Layer Network Layer Interface to Link Layer

TCP/IP

3 / 37

IP, Internet Protocol

is a:
connection-less protocol

used to deliver packets across multiple links Data Link technology independent own logical addressing scheme and path determination packet-switched: every packet carries source and destination address connection-less: no continuing connection between end-hosts, no path is established before transmitting and no context is saved unreliable delivery (reliability provided by transport layer) Features:
delays of packets: router too busy loss of packets: buer overow in router duplication of packets: retransmission by sender out-of-sequence: packets can go dierent path (reordered at transport layer) fragmentation: links with less bandwidth (reassembling of fragmented packets done by IP)
TCP/IP 4 / 37

IP, Internet Protocol (cont.)

is-incarnation
IPv4, IP version 4 IPv6, IP version 6

TCP/IP

5 / 37

packet-switched
Denition:
small units of data called packets are routed through a network based on the destination address contained within each packet

breaking data up into packets allows the same data path to be shared among many users on the network

TCP/IP

6 / 37

connection-less protocol
Denition:
communication method in which communication occurs between hosts with no previous setup

each packet is treated independently and may take dierent routes example
IP, UDP, X.25

TCP/IP

7 / 37

connection-oriented protocol
Denition:
communication method in which communication occurs between hosts only after a connection is established

three well-dened phases: connection establishment, data transfer, connection release virtual circuit between two endpoints features
high level of reliability

example
TCP, FTP

TCP/IP

8 / 37

IPv4, IP version 4
IPv4 was initially deployed on 1 January 1983 widely used version of IP addresses today 32 bit long, split up into classes problems
address shortage problem due to classful addressing wasteful, not all addresses can be used rapid growth in the size of the Internet causes bigger routing tables

TCP/IP

9 / 37

IPv6, IP version 6
Denition:
next generation protocol to replace the current IPv4

deployment of the IPv6 protocol began in 1999 designed to solve problems of IPv4: address depletion, security, auto-conguration, extensibility, and more larger IP address space, addresses are 128 bit long issues
due to longer addresses the packet becomes longer, impact of TCP and timing application programs until now they assume IP address 4 bytes long (rewriting necessary)

http://www.ipv6.org/ http://www.potaroo.net/ispcolumn/ 2003-07-v4-address-lifetime/ale.html

TCP/IP

10 / 37

IP address
logical address used to communicate over the Internet (public IP address) identies network and/or specic host on a network assigning of IP addresses by public and private organisations IPV4: 32-bits (four octets), numeric address, range: 0 to 255.255.255.255 theoretically 4,294,967,296 unique addresses notation
written as four numbers separated by periods: 128.130.123.10 binary : 100000000.10000010.01111011.00001010 decimal: 2156034826

TCP/IP

11 / 37

IP Address Space
is hierarchically ordered (otherwise, everybody would have to know everybody elses IP address + location -> unworkable) hierarchy of IP Networks each of which has specic size old-style: addresses belong to a number of classes which determine size nowadays: every network has its own, specic size currently two types of IP addresses in active use: IPv4 and IPv6 both are assigned in a delegated manner users are assigned IP addresses by ISPs ISPs obtain allocations of IP addresses blocks from a local, national or regional Internet registry (LIR, NIR, RIR)

TCP/IP

12 / 37

IP Address Space (cont.)

http: //www.iana.org/assignments/ipv4-address-space consists of:
Class A Class B Class C Class D Class E Reserved IP addresses Private IP address

TCP/IP

13 / 37

IP Network
contains a number of related IP host addresses relationship: topological neighbours, i.e. in the same LAN benet
IP path determination only requires knowledge of networks, not individual host addresses

like postal addresses: city vs. street number vs. unit number every IP network has start and end address start and end must fall on particular numbers reason:
IP address is split into network and host part at a bit-boundary.

two addresses in every IP net reserved/special purpose: rst (=the net itself), last (=broadcast)

TCP/IP

14 / 37

Network mask
denes where boundary between network and host parts of IP address is (design decision: network part is left part of address, host right) netmask has a binary 1 for network bits, a 0 for host bits result:
IP address AND netmask = network-part of that IP address masks o the network part, host part is zeroed

can be given in three equivalent ways: mask-length, dotted-quad or binary example:

/27 255.255.255.224 1111 1111 1111 1111 1111 1111 1110 0000

each denes a network with the last 5 bits for hosts

TCP/IP 15 / 37

Network mask (cont.)

result:
each such network has 25=32 addresses (30 host-usable ones)

note: netmask cannot have any holes

TCP/IP

16 / 37

Class A
uses rst octet to determine network, remaining octets identify host starts with 0xxxx rst octet from 1 to 126 total number of networks: 127 total number of possible hosts in each network: 16,777,214 class A IP addresses assigned to large corporations (IBM, Xerox, Apple, AT&T, Hewlett Packard,..)

TCP/IP

17 / 37

Class B
uses rst two octets to determine network, remaining octets identify host starts with 10xx rst octet from 128 to 191 total number of networks: 16,384 total number of possible hosts in each network: 65,534 class B IP addresses assigned to mid-sized corporations

TCP/IP

18 / 37

Class C
uses rst three octets to determine network, remaining octet identies host starts with 110x rst octet from 192 to 223 total number of networks: 2,097,152 total number of possible hosts in each network: 254 class C IP addresses assigned to small companies

TCP/IP

19 / 37

Class D
not available for general use used for multicasting (video conference) starts with 1110 rst octet from 224 to 239

TCP/IP

20 / 37

Class E
starts with 1111 rst octet from 240 to 254 not available for general use experimental purposes only

TCP/IP

21 / 37

Private IP address
rfc
http://www.faqs.org/rfcs/rfc1918.html

are used on private intranets that are isolated from the Internet no router will forward packets with this addresses IANA has reserved blocks of the IP address space for private intranets 10.0.0.0. through 10.255.255.255 172.16.0.0 through 172.31.255.255 192.168.0.0 through 192.168.255.255

TCP/IP

22 / 37

Reserved IP addresses
few IP addresses are reserved for special use by TCP/IP 127.0.0.1: loopback address (indicates your own workstation) commonly used for troubleshooting, local loops and network testing 255.255.255.255: broadcast messages 0.0.0.0: currently unassigned IP address

TCP/IP

23 / 37

IP Packet
consists of:
IP-header Packet payload

TCP/IP

24 / 37

IP-header
header is 20 bytes long (longer if options are present) Parts:
version: IPv4 or IPv6 total length: length of header and data fragment oset: if fragmented when routed over link with less bandwidth time to live: number of hops which the packet may be routed over, decremented by routers to prevent routing loops protocol: type of packet being carried (TCP, UDP, ICMP..) header checksum: covers IP header not data, recalculated when TTL decreases source address and destination address: IP address of the original sender and nal destination

is checked by router to make routing decision addresses never change enroute (unless NAT-ed), TTL and checksum change every time router is passed
TCP/IP 25 / 37

Routing
act of moving information across a network from a source to destination determines optimal routing paths and directs packets through a network default routing: in case destination network unknown, default gateway used host routing: optionally, adds routes for specic hosts

TCP/IP

26 / 37

Routing Decision
decision has to made by every machine sending or forwarding IP packet this includes the originator, too! choice is made based on neighborhood relation with target: question:
is the target in the same IP network or not?

netmask is used to get network part of target IP if same as our network part: target is a neighbor! instances:
Direct Transmission Forwarding to other Router Dropping the packet

TCP/IP

27 / 37

Direct Transmission
if the target is nearby, we can talk to it directly nearby: member of the same IP network, i.e. same LAN result:
Layer 2 is used to send the packet directly

TCP/IP

28 / 37

Forwarding to other Router

if we cant reach the target directly, but if we know somebody who might: the packet can be forwarded to that intermediary result:
Layer 2 is used to send the packet to this router

note: most hosts know up to one router, aka. default gateway

TCP/IP

29 / 37

Dropping the packet

if we cant reach the target directly, and if we know no router to help us out: only remaining choice is failure result:
the packet is dropped, lost.

optionally an ICMP error indication can be sent to originator

TCP/IP

30 / 37

Router
Denition:
device which determines the next network point to which a packet should be forwarded toward its destination

uses network part of destination IP address and routing table to determine next hop routes networks only (keeps routing table smaller) connects (at least 2) networks can be special hardware or software for home users rst router will be at ISP, for company within its network

TCP/IP

31 / 37

Routing Table
allows router to determine best path to destination address entries: network, network mask, next router, cost default gateway: in case network completely unknown static routing uses precongured entries, have to be changed manually dynamic routing uses routing protocols (RIP, OSPF,...) for periodically updating routes known by peer routers

TCP/IP

32 / 37

Subnetting
Denition:
dividing network into subnets and still be connected to the Internet with a single shared network address

Purpose:
useful for security and performance reasons trac can be better controlled

closest router uses subnet mask to route packets from subnet to subnet tutorial
http://www.ralphb.net/IPSubnet/subnet.html

Procedure:
bits from host portion are borrowed to identify subnets: -> losing addresses subnet mask tells how many bits are used for subnetting rst address on each subnet cannot be used: represents subnet itself last address on each subnet cannot be used: is broadcast address
TCP/IP 33 / 37

CIDR, Classless Inter-Domain Routing

addressing scheme for the Internet which allows for more ecient allocation of IP addresses performs route aggregation single route can cover the address space of several old-style network numbers 32-bit IP address and information on how many bits are used for the network prex (e.g. 206.13.01.48/25) ISPs have pool of IP addresses from which customer gets a portion (block) distant routers route only IP address blocks, not individual networks ISP routes then to its customers observation
the bigger the ISP the larger the blocks

history
in 90ies ISPs collected IP addresses back from their users and reallocated them 91 /8 blocks are available in 2003

http: //www.iana.org/assignments/ipv4-address-space
TCP/IP 34 / 37

cidr-example
4 sequential class C networks used as block 192.60.128.0 192.60.129.0 192.60.130.0 192.60.131.0 supernetting address: 192.60.128.0/22 22 bits have been used for network addressing hosts from 192.60.128.0 to 192.60.131.255 block starts with 192.60.128.0

TCP/IP

35 / 37

NAT, Network Address Translation

Denition:
maps local private network address(es) to one or more public IP address(es) unmaps back incoming packets

Purpose:
security: hiding internal addresses gain IP space by using private IP addresses

Procedure:
outgoing: replace private IP address with public and forward packet incoming: replacing public IP address with private IP address and forward packet keep a connection table for this mapping external trac uses public IP

TCP/IP

36 / 37

Tunneling
Denition:
connection, usually encrypted, that connects two computers across another, usually untrusted network

generally done by encapsulating the private network data within the public network transmission unit (wrap x in y) observation
routing nodes on the public network are unaware that the transmission is part of a private network

original entire packet (incl. header) is encrypted, put into another packet and sent over Internet example
Generic Routing Encapsulation (GRE) Protocol PPTP extension of PPP, mostly for Windows IPSEC (Internet Security Protocol): supports secure exchange of packets at the IP layer deployed widely to implement VPN

TCP/IP

37 / 37