Chapter 4: Network Protocols Network+ Guide to Networks Third Edition Chapter 4: Network Protocols

Objectives Identify the characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Understand how key network protocols correlate to layers of the OSI Model Identify the core protocols of the TCP/IP suite and describe their functions Network +

Objectives (continued) Understand the most popular protocol addressing schemes Describe the purpose and implementation of the domain name system Install protocols on Windows XP clients Network +

Introduction To Protocols Protocol is a rule that governs how networks communicate Define the standards for communication between network devices Vary according to their speed, transmission efficiency, utilization of resources, ease of setup, compatibility, and ability to travel between different LANs Network +

Introduction To Protocols Networks running more than one protocol are called multiprotocol networks Network +

Transmission Control Protocol /Internet Protocol (TCP/IP) TCP/IP is not simply one protocol, but rather a suite of specialized protocols—including TCP, IP, UDP, ARP, and many others—called sub protocols Extremely popular because of low cost Network +

TCP/IP (continued) Has ability to communicate between a multitude of dissimilar platforms The core protocols are free and their code is available for anyone to read or modify Its routable, because they carry Network layer addressing information that can be interpreted by a router Network +

TCP/IP (continued) TCP/IP Compared to the OSI Model Has flexibility because it can run on virtually any combination of network operating systems or network media TCP/IP Compared to the OSI Model The TCP/IP suite of protocols can be divided into four layers that roughly correspond to the seven layers of the OSI Model Network +

TCP/IP (continued) TCP/IP Compared to the OSI Model (continued) Application layer Applications gain access to the network through this layer, via protocols Transport layer Holds the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), which provide flow control, error checking, and sequencing Network +

TCP/IP (continued) TCP/IP Compared to the OSI Model (continued) Internet layer Holds the Internet Protocol (IP), Internet Control Message Protocol (ICMP), and Address Resolution Protocol (ARP).These protocols handle message routing, error reporting, delivery confirmation, and logical addressing Network Interface Layer This layer handles the formatting of data and transmission to the network wire Network +

TCP/IP (continued) The TCP/IP Core Protocols Certain sub protocols of the TCP/IP suite Operate in the Transport or Network layers of the OSI Model Network +

TCP/IP (continued) Transmission Control Protocol (TCP) Operates in the Transport layer of both the OSI and the TCP/IP Models and provides reliable data delivery services TCP is a connection-oriented sub protocol Network +

TCP/IP (continued) Fields belonging to a TCP segment are described in the following list: Source port Destination port Sequence number Network +

TCP/IP (continued) Acknowledgment number (ACK) TCP header length Reserved Flags Sliding-window size (or window) Network +

TCP/IP (continued) Checksum - Allows the receiving node to determine whether the TCP segment became corrupted during transmission Urgent pointer - Indicate a location in the data field Options - Used to specify special options Network +

TCP/IP (continued) Padding - Contains filler information to ensure that the size of the TCP header is a multiple of 32 bits Data - Contains data originally sent by the source node and the size of the Data field depends on how much data needs to be transmitted Network +

TCP/IP (continued) User Datagram Protocol (UDP) A connectionless transport service UDP offers no assurance that packets will be received in the correct sequence Network +

TCP/IP (continued) User Datagram Protocol (UDP) Provides no error checking or sequencing More efficient for carrying messages that fit within one data packet Network +

TCP/IP (continued) Internet Protocol (IP) Provides information about how and where data should be delivered, including the data’s source and destination addresses IP is the sub protocol that enables TCP/IP to internetwork Network +

TCP/IP (continued) Internet Protocol (IP) IP datagram acts as an envelope for data and contains information necessary for routers to transfer data between different LAN segments IP is an unreliable, connectionless protocol, which means that it does not guarantee delivery of data Network +

TCP/IP (continued) Internet Control Message Protocol (ICMP) An Internet layer protocol that reports on the success or failure of data delivery ICMP announcements provide critical information for troubleshooting network problems Network +

TCP/IP (continued) Address Resolution Protocol (ARP) An Internet layer protocol that obtains the MAC (physical) address of a host, or node, then creates a database that maps the MAC address to the host’s IP (logical) address Network +

TCP/IP (continued) Address Resolution Protocol (ARP) table Dynamic ARP table entries are created when a client makes an ARP request that cannot be satisfied by data already in the ARP table Static ARP table entries are those that someone has entered manually using the ARP utility ARP can be a valuable troubleshooting tool Network +

TCP/IP (continued) Reverse Address Resolution Protocol (RARP) Allow the client to send a broadcast message with its MAC address and receive an IP address in reply RARP was originally developed as a means for diskless workstations Network +

TCP/IP (continued) Addressing in TCP/IP Two kinds of addresses: Logical or physical Network +

TCP/IP (continued) Logical (or Network layer) can be manually or automatically assigned and must follow rules set by the protocol standards Physical (or MAC, or hardware) addresses are assigned to a device’s network interface card at the factory by its manufacturer Addresses on TCP/IP-based networks are often called IP addresses Network +

TCP/IP (continued) IP addresses are assigned and used according to very specific parameters Each IP address is a unique 32-bit number, divided into four octets, or sets of 8-bits, that are separated by periods An IP address contains two types of information: network and host From the first octet you can determine the network class Three types of network classes are used on modern LANs: Class A, Class B, and Class C Network +

TCP/IP (continued) IP Addresses specific parameters continued Class D and Class E addresses do exist, but are rarely used Class D addresses are reserved for a special type of transmission called multicasting Multicasting allows one device to send data to a specific group of devices Network +

TCP/IP (continued) IP Addresses specific parameters continued Some IP addresses are reserved for special functions, like broadcasts, and cannot be assigned to machines or devices 127 is not a valid first octet for any IP address The range of addresses beginning with 127 is reserved for a device communicating with itself, or performing loopback communication Network +

TCP/IP (continued) The command used to view IP information on a Windows XP workstation is ipconfig Network +

TCP/IP (continued) Binary and Dotted Decimal Notation A decimal number between 1 and 255 represents each binary octet (for a total of 256 possibilities) The binary system is the way that computers interpret IP addresses In this system every piece of information is represented by 1s and 0s and each 1 or 0 constitutes a bit Network +

TCP/IP (continued) Subnet Mask A special 32-bit number that, when combined with a device’s IP address, informs the rest of the network about the segment or network to which the device is attached A more common term for subnet mask is net mask, and sometimes simply mask Subnetting is a process of subdividing a single class of network into multiple, smaller logical networks, or segments Network +

TCP/IP (continued) Assigning IP Addresses Every node on a network must have a unique IP address If you add a node to a network and its IP address is already in use by another node on the same subnet, an error message will be generated on the new client Network +

TCP/IP (continued) A manually assigned IP address is called a static IP address Most network administrators rely on a network service to automatically assign them Network +

TCP/IP (continued) Two methods of automatic IP addressing: BOOTP and DHCP Bootstrap Protocol (BOOTP), an Application layer protocol, uses a central list of IP addresses and their associated devices’ MAC addresses to assign IP addresses to clients dynamically Network +

TCP/IP (continued) An IP address that is assigned to a device upon request and is changeable is known as a dynamic IP address BOOTP has the potential to issue additional information, such as the client’s subnet mask and requires administrators to enter every IP and MAC address manually into the BOOTP table Network +

TCP/IP (continued) Dynamic Host Configuration Protocol (DHCP) An automated means of assigning a unique IP address to every device on a network DHCP does not require a table of IP and MAC addresses on the server DHCP does require configuration of DHCP service on a DHCP server Network +

TCP/IP (continued) Terminating a DHCP Lease Sockets and Ports A DHCP lease may expire based on the period established for it in the server configuration or it may be manually terminated Sockets and Ports Every process on a machine is assigned a port number and the process’s port number plus its host machine’s IP address equals the process’s socket The use of port numbers simplifies TCP/IP communications and ensures that data are transmitted to the correct application Network +

TCP/IP (continued) Port numbers range from 0 to 65,539 and are divided by IANA into three types: Well Known Ports, Registered Ports, and Dynamic and/or Private Ports Well Known Ports are in the range of 0 to 1023 and are assigned to processes that only the operating system or an Administrator of the system can access Network +

TCP/IP (continued) Registered Ports are in the range of 1024 to 49151. These ports are accessible to network users and processes that do not have special administrative privileges Dynamic and/or Private Ports are those from 49152 through 65535 and are open for use without restriction Network +

TCP/IP (continued) Addressing in IPv6 Known as IP next generation, or Ipng is slated to replace the current IP protocol, IPv4 IPv6 offers several advantages over IPv4, including a more efficient header, better security, better prioritization allowances, and automatic IP address configuration The most valuable advantage IPv6 offers is its promise of billions and billions of additional IP addresses through its new addressing scheme Network +

TCP/IP (continued) Addressing in IPv6 (continued) The most notable difference between IP addresses in IPv4 and IPv6 is their size IPv4 addresses are composed of 32 bits, IPv6 are eight 16-bit fields and total 128 bits IPv4 address contains binary numbers separated by a period, each field in an IPv6 address contains hexadecimal numbers separated by a colon Network +

TCP/IP (continued) Host Names and Domain Name System (DNS) every device on the Internet is technically known as a host and every host can take a host name Network +

TCP/IP (continued) Domain Names every host is a member of a domain, or a group of computers that belong to the same organization and have part of their IP addresses in common A domain name is associated with a company or other type of organization Local host name plus its domain name is a fully qualified host name Network +

TCP/IP (continued) A domain name is represented by a series of character strings, called labels, separated by dots Each label represents a level in the domain naming hierarchy In the domain name, www.novell.com, “com” is the top-level domain (TLD), “novell” is the second-level domain, and “www” is the third-level domain Domain names must be registered with an Internet naming authority that works on behalf of ICANN Network +

TCP/IP (continued) Domain Name System (DNS) A hierarchical way of associating domain names with IP addresses “DNS” refers to both the Application-layer service and the organized system of computers and databases Network +

TCP/IP (continued) The DNS service does not rely on one file or even one server, but rather on many computers across the globe These computers are related in a hierarchical manner, with thirteen computers, known as root servers, acting as the ultimate authorities Network +

TCP/IP (continued) DNS service is divided into three components: resolvers, name servers, and name space Resolvers are any hosts on the Internet that need to look up domain name information Network +

TCP/IP (continued) Name servers (or DNS servers) are servers that contain databases of associated names and IP addresses and provide this information to resolvers on request The term name space refers to the database of Internet IP addresses and their associated names Network +

TCP/IP (continued) Resource record is a single record that describes one piece of information in the DNS database An address resource record is a type of resource record that maps the IP address of an Internet-connected device to its domain name Approximately 20 types of resource records are currently used Network +

TCP/IP (continued) Some TCP/IP Application Layer Protocols Telnet A terminal emulation protocol used to log on to remote hosts using the TCP/IP protocol suite Using Telnet, a TCP connection is established and keystrokes on the user’s machine act like keystrokes on the remotely connected machine Telnet is notoriously insecure Network +

TCP/IP (continued) Some TCP/IP Application Layer Protocols (continued) File Transfer Protocol (FTP) Used to send and receive files via TCP/IP FTP commands will work from your operating system’s command prompt Many FTP hosts accept anonymous logins Network +

TCP/IP (continued) Trivial File Transfer Protocol (TFTP) Enables file transfers between computers, but it is simpler (or more trivial) than FTP TFTP relies on UDP at the Transport layer TFTP is useful when you need to load data or programs on a diskless workstation TFTP does not require a user to log on to a host Network +

TCP/IP (continued) Network Time Protocol (NTP) Used to synchronize the clocks of computers on a network NTP depends on UDP for Transport layer services NTP is a protocol that benefits from UDP’s quick, connectionless nature at the Transport layer NTP is time-sensitive and cannot wait for the error checking that TCP would require Network +

TCP/IP (continued) Packet Internet Groper (PING) A utility that can verify that TCP/IP is installed, bound to the NIC, configured correctly, and communicating with the network PING uses ICMP services to send echo request and echo reply messages that determine the validity of an IP address By pinging the loopback address, 127.0.0.1, you can determine whether your workstation’s TCP/IP services are running Network +

IPX/SPX Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX) is a protocol originally developed by Xerox Modified and adopted by Novell in the1980s for its NetWare network operating system Microsoft’s implementation of IPX/SPX is called NWLink Network +

IPX/SPX (continued) The IPX and SPX Protocols Internetwork Packet Exchange (IPX) operates at the Network layer of the OSI Model and provides logical addressing and internetworking services, similar to IP in the TCP/IP suite IPX is a connectionless service because it does not require a session to be established before it transmits, and it does not guarantee that data will be delivered in sequence or without errors Network +

IPX/SPX (continued) Sequenced Packet Exchange (SPX) belongs to the Transport layer of the OSI Model A connection-oriented protocol and therefore must verify that a session has been established with the destination node before it will transmit data Network +

IPX/SPX (continued) Addressing in IPX/SPX IPX/SPX-based networks require that each node on a network be assigned a unique address to avoid communication conflicts IPX is the component of the protocol that handles addressing, addresses on an IPX/SPX network are called IPX addresses IPX addresses contain two parts: the network address and the node address Network +

NetBIOS and NetBEUI NetBIOS (Network Basic Input Output System) is a protocol originally designed for IBM to provide Transport and Session layer services for applications running on small, homogenous networks NetBEUI can support only 254 connections, however, and does not allow for good security Because NetBEUI frames include only Data Link layer (or MAC) addresses and not Network layer addresses, it is not routable Network +

NetBIOS and NetBEUI (continued) Windows Internet Naming Service (WINS) - Provides a means of resolving NetBIOS names to IP addresses A computer’s NetBIOS name and its TCP/IP host name are different entities, though you can have the same name for both Network +

NetBIOS and NetBEUI (continued) WINS has the same relationship to NetBIOS as DNS has to TCP/IP WINS does not assign names or IP addresses, but merely keeps track of which NetBIOS names are linked to which IP addresses Network +

Appletalk The protocol suite originally designed to interconnect Macintosh computers An AppleTalk network is separated into logical groups of computers called AppleTalk zones Network +

Appletalk (continued) An AppleTalk node ID is a unique 8-bit or 16-bit number that identifies a computer on an AppleTalk network An AppleTalk network number is a unique 16-bit number that identifies the network to which a node is connected Network +

Binding Protocols on a Windows XP Workstation Binding is the process of assigning one network component to work with another You can manually bind protocols that are not already associated with a network interface Network +

Summary Characteristics of TCP/IP, IPX/SPX, NetBIOS, and AppleTalk Network protocols correlate to layers of the OSI Model Core protocols of the TCP/IP suite and their functions Network +

Summary (continued) The most popular protocol addressing schemes Purpose and implementation of the domain name system Install protocols on Windows XP clients Network +