TCP/IP Networking Chapter 13.

TCP/IP Networking Chapter 13

Chapter 13 - TCP/IP Networking
Introduction TCP/IP is the networking protocol suite most commonly used with most operating systems, and it is the native language of the Internet. IP – Internet Protocol TCP – Transmission Control Protocol TCP/IP defines a uniform programming interface to different types of network hardware IP is the suite’s underlying delivery protocol TCP and UDP are transport protocols built on top of IP to deliver packets to specific applications. Chapter 13 - TCP/IP Networking

Introduction TCP is a connection-oriented protocol that facilitates conversation between two programs. It works a lot like a phone call: the words you speak are delivered to the person you called, and vice versa. The connection persists even when neither party is speaking. TCP provides reliable delivery, flow control, and congestion control. Chapter 13 - TCP/IP Networking

Introduction This chapter introduces the TCP/IP protocols in the political and technical context of the Internet. Other network-related chapters in this book include: Chapter 14 Routing Chapter 16 Domain Name System Chapter 20 Network Management and Debugging Chapter 13 - TCP/IP Networking

1. TCP/IP and the Internet
Introduction: TCP/IP and the Internet share a history that goes back several decades. The technical success of the Internet is due largely to the elegant and flexible design of TCP/IP. In turn the Internet has helped TCP/IP prevail over several competing protocol suites that were favored at one time or another for political or commercial reasons. Chapter 13 - TCP/IP Networking

A brief History Lesson Contrary to popular belief, the Internet is not a Microsoft product that debuted in 1995, nor is it the creation of a U.S. vice president. The progenitor of the modern Internet was a network called ARPANET that was established in 1969 by DARPA. ARPANET eventually became the NSFNET backbone, which was connected to supercomputer sites and regional networks. Chapter 13 - TCP/IP Networking

A brief History Lesson (cont) By the end of the 1980s the network was no longer a research project and NSF extracted itself from the networking business. This led to a transition to a commercial Internet over a period of several years. NSFNET was turned off in April 1994 Chapter 13 - TCP/IP Networking

A brief History Lesson (cont) In the Mid 1980s the Internet was essentially the original ARPANET sites and a handful of universities with DEC VAX computers running Berkeley UNIX on 10 Mb/s Ethernets connected by 56 Kb/s leased telephone lines. Chapter 13 - TCP/IP Networking

A brief History Lesson (cont) Every September (when students came back to school) the net would suffer a congestion collapse. This led to algorithms for collision avoidance and retransmissions coming out of the Lawrence Berkeley Labs. Chapter 13 - TCP/IP Networking

A brief History Lesson (cont) Moore’s law (hardware speeds double every 18 months) and market pressure have greatly accelerated the development of the net. Network interfaces have increased by a factor of 1,000 Speed of leased circuits by a factor of 12,000 Total number of hosts by a factor of 50,000 Chapter 13 - TCP/IP Networking

A brief History Lesson (cont) Anyone who has designed software and seen it obsoleted by the next generation of hardware or the next operating system release knows how amazing it is that our Internet is still alive and kicking, running basically the same TCP/IP protocol suite that was designed 25 years ago for a very different Internet. Chapter 13 - TCP/IP Networking

How the Internet is managed today The development of the Internet has always been a cooperative and open effort. Several organizations are involved ICANN – the Internet Corporation for Assigned Names IEFT – the Internet Engineering Task Force Development and Standardization of the technical aspects ISOC – the Internet Society Chapter 13 - TCP/IP Networking

Network standards and documentation The technical activities of the Internet community are summarized in documents known as RFCs An RFC is a Request For Comments Protocol standards, proposed changes, and informational bulletins all usually end up as RFCs RFCs are numbered sequentially (currently there are a little more than 3,000) and they also have descriptive titles. Chapter 13 - TCP/IP Networking

Network standards and documentation (cont) There are also subsets of RFCs FYI – For Your Information BCP – Best Current Practice STD – Standard Numbers RFCs are available from numerous sources. There is a list of actively maintained RFC mirrors at Chapter 13 - TCP/IP Networking

2. Networking Road Map Introduction Now that we have provided a bit of context, let’s take a look at the TCP/IP protocols themselves. TCP/IP is a “protocol suite.” It includes several components, each defined by a standards-track RFC or series of RFCs IP – RFC 791 – routes packets ICMP – RFC 792 – low level support for IP (errors, routing, and debugging) ARP – RFC 823 – translate hardware to IP UDP and TCP – RFC 768 and 793 Chapter 13 - TCP/IP Networking

2. Networking Road Map Introduction (cont) TCP/IP is designed around the layering scheme Chapter 13 - TCP/IP Networking

2. Networking Road Map Introduction (cont) Here is how the various components and clients of TCP/IP fit into its general architecture and layering Chapter 13 - TCP/IP Networking

3. Packets and Encapsulation
Introduction UNIX can support a variety of physical networks Ethernet, FDDI, Token Ring, ATM, wireless Ethernet Hardware is managed within the Link layer of the TCP/IP architecture, and higher-level protocols do not know or care about the specific hardware being used Chapter 13 - TCP/IP Networking

Introduction (cont) Data travels on networks in the form of packets Maximum length is imposed by each layer. Each packet consists of a header and a payload Header Tells where it came from and where its going Can also include checksums protocol-specific information, or other handling instructions Payload The data being transferred Chapter 13 - TCP/IP Networking

Introduction (cont) As a packet travels down the protocol stack, each protocol adds its own header information. Each protocol’s finished packet becomes the payload part of the packet generated by the next protocol. For example: A UDP packet being transmitted over Ethernet contains three different wrappers or envelopes UDP, IP, and Ethernet Chapter 13 - TCP/IP Networking

Introduction (cont) Chapter 13 - TCP/IP Networking

The link layer Introduction In this section, we cover several topics that bridge the gap between the lowest layers of the networking software and the network hardware itself Chapter 13 - TCP/IP Networking

The link layer (cont) Ethernet framing standards One of the main chores of the link layer is to add headers to packets and to put separators between them The headers contain the packets’ link-layer addressing information and checksums The separators ensure that receivers can tell where one packet stops and the next one begins. The process of adding these extra bits is known generically as framing. Chapter 13 - TCP/IP Networking

The link layer (cont) Ethernet framing standards (cont) Two different standards for 10 Mb/s Ethernet are in common use: DIX Ethernet II Used by UNIX hosts and CISCO routers IEEE LLC SNAP Novell and IPX UNIX machines can talk to both, Windows can use either but can only talk to machines using the one selected. Chapter 13 - TCP/IP Networking

The link layer (cont) Ethernet cabling and signaling standards The cabling options for 10 Mb/s Ethernet are fairly straightforward, but things got complicated when 100 Mb/s came out. There were 3 basic standards at first. VG – 4 pair CAT 5 – initially pushed by HP (ignored by others) TX – two pair CAT 5 FX – fiber multimode Refer to Chapter 15 – Network Hardware – for more information about the various Ethernet standards Chapter 13 - TCP/IP Networking

The link layer (cont) Wireless networking The IEEE standard attempts to define framing and signaling standards for wireless links. Unfortunately, it was originally vague and included several parameters and options that were not fully specified. One interoperability issue you may need to pay attention to is that of “translation” vs. “encapsulation” Another is power-saving modes in laptops. Chapter 13 - TCP/IP Networking

The link layer (cont) Maximum transfer units The size of packets on a network may be limited both by hardware specifications and protocol conventions. Chapter 13 - TCP/IP Networking

The link layer (cont) Maximum transfer units (cont) In the TCP/IP suite, the IP layer splits packets to conform to the MTU of a particular network link. Fragmentation problems can be insidious. Particularly with VPNs adding their own headers. Consult the ifconfig manpage to see how to set an interface’s MTU Chapter 13 - TCP/IP Networking

Packet addressing Introduction: Like letters or messages, network packets must be properly addressed in order to reach their destinations. Several addressing schemes are used in combination: MAC – for hardware IP – for software Hostname – for people Chapter 13 - TCP/IP Networking

Packet addressing (cont) MAC Addressing – Hardware Ethernet devices are assigned a unique 6-byte hardware address at the time of manufacture The first 3 bytes identify the manufacturer The last 3 are a serial number Some hardware and some OS’s let you change the hardware addresses – Don’t Do That! Chapter 13 - TCP/IP Networking

Packet addressing (cont) IP addresses – Software Numbers One 4 byte IP address is assigned to each network interface. IP addresses are globally unique and hardware independent This is a small lie – see NAT discussions IP addresses are discussed in the next section Mapping of IP to MAC is handled at the link layer Chapter 13 - TCP/IP Networking

Packet addressing (cont) Hostname Since IP addresses are long, seemingly random numbers, they are hard for people to remember. UNIX allows one or more hostnames to be associated with an IP address. This mapping can be set up in several ways Static (/etc/hosts) NIS, NIS+ DNS – Domain Name System Chapter 13 - TCP/IP Networking

Ports IP addresses identify machines, or more precisely network interfaces on a machine. They are not specific enough to address particular processes or services TCP and UDP extend IP addresses with the concept know as a “port” A port is a 16 bit number that supplements an IP address. Chapter 13 - TCP/IP Networking

Ports (cont) Standard UNIX services such as , FTP, and the remote login server all associate themselves with “well-known” ports defined in the file /etc/services. To help prevent impersonation of these services, UNIX systems restrict access to port numbers under 1,024 to root. Chapter 13 - TCP/IP Networking

Address types At both the IP layer and the link layer, there are several different types of addresses: Unicast - addresses that refer to a single host (network interface, really) Multicast - addresses that identify a group of hosts Broadcast - addresses that include all hosts on the local network Chapter 13 - TCP/IP Networking

Address types (cont) Multicast addressing facilitates applications such as video conferencing in which the same set of packets must be sent to all participants. At the IP layer, Multicast addresses begin with a byte in the range 224 to 239. Broadcast addresses have a host part that is all 1s Chapter 13 - TCP/IP Networking

4. IP Addresses: The Gory Details
Introduction An IP address, also called an Internet Address, is four bytes long and is divided into a network part and a host part. By convention, IP addresses are written as decimal numbers, one for each byte, separated by periods. Chapter 13 - TCP/IP Networking

Introduction (cont) When 127 is the first byte of an address, it denotes the “loopback network,” a fictitious network that has no real hardware and only one host The loopback address always refers to the current host. Its symbolic name is “localhost” An interface’s IP address and other parameters are set with the ifconfig command. Chapter 13 - TCP/IP Networking

IP Address classes Historically IP addresses were grouped into “classes” depending upon the leftmost byte. These classes determined which bytes of the addresses were in the network portion and which were in the host portion. Classes A, B, and C denote regular IP addresses. Classes D and E are used for multicasting and research purposes. Chapter 13 - TCP/IP Networking

IP Address classes (cont) Chapter 13 - TCP/IP Networking

Subnetting and netmasks It is rare for a single physical network to have more than 100 computers attached to it. Therefor the Class A and Class B networks which allow 16,777,214 and 65,534 hosts per network are really quite silly and wasteful. Most sites that have these addresses use a refinement of the addressing scheme called subnetting Here a portion of the host portion is “borrowed” to extend the network portion. Chapter 13 - TCP/IP Networking

Subnetting and netmasks (cont) For example, the four bytes of a class B address would normally be interpreted as N.N.H.H Subnetting would move the third byte to the network side - N.N.N.H The use of subnetting turns a single class B network address into 246 distinct class-C-like networks, each capable of supporting 254 hosts. ponderosa.cs.unr.edu Chapter 13 - TCP/IP Networking

Subnetting and netmasks (cont) This reassignment is effected by using the ifconfig command to associate an explicit “subnet mask” with a network interface. Each bit of the netmask that corresponds to the network portion of an IP address is set to 1, and the host bits are set to 0. For example, the netmask for the N.N.N.H configuration would be in decimal 0xFFFFFF00 in hex Chapter 13 - TCP/IP Networking

The IP address crisis The Internet community realized in about 1992 that there were three fundamental problems with the original address allocation scheme. First - we were going to run out of class B addresses by mid 1995 At the same time the routing tables were growing so large they would not fit in memory of the routers. Finally IP addresses were assigned on a first-come first-served basis The next number could be next door or across the world. Chapter 13 - TCP/IP Networking

The IP address crisis (cont) To solve these problems, two solutions were advanced in tandem: one for the immediate future, and one for the long term. Short Term - CIDR Classless Inter-Domain Routing A different way of managing the existing four-byte addresses Long Term - IP v 6 Address space is 16 bytes (basically one address per square meter of the earth’s surface) Chapter 13 - TCP/IP Networking

The IP address crisis (cont) The complexity of IPv6, the efficiency of CIDR and NAT, and the inertia of an Internet that already works pretty well all combine to suggest that it may be a long time before we move to IPv6 Other countries may push it (China and Japan) if they can’t get the IPv4 address space they want. Voice over IP systems would also benefit from IPv6 Chapter 13 - TCP/IP Networking

CIDR: Classless Inter-Domain Routing CIDR eliminates the class system that formerly determined the network portion of an IP mask. With CIDR, several class C networks can be allocated to the same site without requiring the Internet to have separate routing table entries for each one. The site could also be allocated a subspace of a class A or B address Chapter 13 - TCP/IP Networking

Address Allocation In the early days, individual sites applied to the Internet Network Information Center (InterNIC) for address space ARIN has replaced InterNIC in North America Only network numbers are assigned, host numbers are the responsibility of the site. Chapter 13 - TCP/IP Networking

Address Allocation (cont) Administratively ICANN (the Internet Corporation for Assigned Names and Numbers) has delegated blocks of addresses to three regional Internet Registries Chapter 13 - TCP/IP Networking

Private addresses and NAT Another temporary solution to address space depletion is the use of private IP address spaces RFC1918 sets aside 1 class A, 16 class B and 256 class C networks that will never be used and can be used internally by any site The catch is that packets bearing those addresses must never be allowed to sneak out onto the Internet. Chapter 13 - TCP/IP Networking

Private addresses and NAT (cont) To allow hosts that use these private addresses to talk to the Internet, the site’s border router runs a system called a NAT (Network Address Translation) NAT intercepts packets addressed with these internal-only addresses and rewrites their source addresses using a real external IP address and perhaps a different source port number. It also maintains a table for reverse addressing. Chapter 13 - TCP/IP Networking

IPv6 addressing An IPv6 address is 128 bits long They were originally designed to solve the problem of IP address exhaustion Now that they are here (almost) they are being exploited to help with the issues of routing, mobility, and locality of reference. Chapter 13 - TCP/IP Networking

IPv6 addressing (cont) Chapter 13 - TCP/IP Networking

IPv6 addressing (cont) Here are some useful sources of IPv6 information: the IPv6 test bed a world-wide IPv6 research and educational network FAQs and technical information marketing folks and IPv6 propaganda Chapter 13 - TCP/IP Networking

IPv6 addressing (cont) One major advantage of IPv6 is that it solves the renumbering issue. In the IPv4 world, ISPs allocate address space to customers, but the addresses are not portable; when a customer leaves an ISP they must return their addresses and renumber with addresses from their new ISP. With IPv6, the ISP gives you a new address prefix that you simply prepend to the local parts of the address (similar to a NAT) Chapter 13 - TCP/IP Networking

5. Routing Introduction The process of directing a packet through the maze of networks that stand between the source and its destination. In the TCP/IP system, it is similar to asking for directions in an unfamiliar country. The first person might point you to the right city, the second the right street, and eventually someone can tell you the right building. Chapter 13 - TCP/IP Networking

5. Routing Introduction (cont) TCP/IP routing information takes the form of rules (“routes”) such as To reach network A, send packets through machine C There can also be a default route that tells what to do with packets bound for a network to which there is no explicit route Chapter 13 - TCP/IP Networking

5. Routing Introduction (cont) Routing information is stored in a table in the kernel. Each table entry has several parameters, including a netmask for each listed network. To route a packet the kernel picks the most specific of the matching routes If the kernel finds no relevant route and no default route, then it returns a “network unreachable” ICMP error to the sender. Chapter 13 - TCP/IP Networking

5. Routing Introduction (cont) The word “routing” is commonly used to mean two distinct things Looking up a network address in the routing table to forward a packet towards its destination. Building the routing table in its first place Chapter 13 - TCP/IP Networking

5. Routing Introduction (cont) In this section we examine the forwarding function and look at how routes can be manually added to or deleted from the routing table. We defer the more complicated topic of routing protocols that build and maintain the routing table until Chapter 14. Chapter 13 - TCP/IP Networking

5. Routing Routing tables You can examine a machine’s routing table with netstat -r on all systems. netstat is discussed in more detail in Chapter 20 Chapter 13 - TCP/IP Networking

5. Routing Routing tables (cont) Example from cortex fredh]$ netstat -r Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface * U eth1 * U eth1 * U eth0 * U lo * U eth0 default gw40.net.unr.ed UG eth1 Chapter 13 - TCP/IP Networking

5. Routing Routing tables (cont) Routing tables can be configured statically or dynamically (or a combination) A static route is entered with the route command The local host route is configured at boot time. In Chapter 14, the dynamic routing daemon routed and gated are discussed. Chapter 13 - TCP/IP Networking

5. Routing ICMP redirects When routing tables are messed up (or wrong) an ICMP redirect packet can be sent with an update message. Once receiving this message, the naïve host updates its routing table. Redirects are generally ignored by Linux and BSD kernels It is not a good idea to let untrusted hosts modify your routing tables Chapter 13 - TCP/IP Networking

6. ARP: The Address Resolution Protocol
Introduction Even though IP packets are usually thought of in terms of IP addresses, hardware addresses must be used to actually transport data across a network’s link layer. ARP discovers the hardware address associated with a particular IP address. ARP uses broadcast packets and can only find things on the local network. Chapter 13 - TCP/IP Networking

7. DHCP: The Dynamic Host Configuration Protocol
Introduction The Dynamic Host Configuration Protocol enables DHCP clients to “lease” a variety of network and administrative parameters from a central server Leasabel parameters include IP addresses and netmasks Gateways DNS name servers Syslog hosts Other servers (WINS, X font, proxy, NTP, TFTP,…) Chapter 13 - TCP/IP Networking

7. DHCP: The Dynamic Host Configuration Protocol
DHCP software ISC, the Internet Software Consortium, has built a reference implementation of the DHCP protocol. The server, client, and relay agent are available from ftp.isc.org Chapter 13 - TCP/IP Networking

8. PPP: the Point-to-Point Protocol
Introduction PPP, the Point-to-Point Protocol, is a serial line encapsulation protocol that specifies how IP packets must be encoded for transmission on a slow (and often unreliable) serial line. The PPP device driver takes care of encoding and decoding packets on the serial line. It adds a link-level header and markers that separate packets. Chapter 13 - TCP/IP Networking

Introduction (cont) PPP has three main components A method for encapsulating datagrams over serial links A Link Control Protocol (LCP) for establishing, configuring, and testing the data link connection A family of Network Control Protocols (NCPs) for establishing, and configuring different network-layer protocols. Chapter 13 - TCP/IP Networking

Introduction (cont) Chapter 13 - TCP/IP Networking

Addressing PPP performance issues PPP provides the functionality of Ethernet, but at much slower speeds. To improve interactive performance, you can set the MTU of the point-to-point quite low. It normally defaults to 512 bytes; Try 128 if you are doing interactive work. Chapter 13 - TCP/IP Networking

9. Security Issues Introduction Security is addressed as a topic of its own in Chapter 21, but several security issues relevant to IP networking merit discussion here. In this section, we briefly look at a few networking features that have acquired a reputation for causing security problems. Chapter 13 - TCP/IP Networking

9. Security Issues IP forwarding If a UNIX box has IP forwarding enabled it can act as a router. Unless your system has multiple network interfaces and is supposed to function as a router, it’s advisable to turn this feature off. This feature can be used to make external packets appear to have come from within the network This can help them evade network scanners and packet filters. Chapter 13 - TCP/IP Networking

9. Security Issues ICMP redirects ICMP redirects can be used to maliciously reroute traffic and mess with your routing tables. We recommend that you configure your routers (and hosts acting as routers) to ignore (and perhaps log) ICMP redirects. Chapter 13 - TCP/IP Networking

9. Security Issues Source routing IP’s source routing mechanism lets you specify an explicit series of gateways for a packet to transit on the way to its destination. This bypasses the next-hop routing algorithm that is normally run at each gateway. It was primarily used for testing We recommend that you neither accept nor forward source-routed packets. Chapter 13 - TCP/IP Networking

9. Security Issues Broadcast pings and other forms of directed broadcast Ping packets addressed to the networks broadcast address will typically be delivered to every host on the network. These have been used in denial of service attacks It is usually possible to convince your TCP/IP stack to ignore broadcast packets that come from afar. But since this has to be set on each interface, this can be a nontrivial task. Chapter 13 - TCP/IP Networking

9. Security Issues Virtual private networks Uses the Internet as if it were part of their private network by establishing a series of secure, encrypted “tunnels” among their various locations. Some use IPSEC and others use proprietary solutions that do not interoperate. Chapter 13 - TCP/IP Networking

9. Security Issues IPSEC: secure IP IPSEC is an end-to-end authentication and encryption system. Its deployment has been hampered by the US encryption laws which prohibit the export of strong encryption software. As might be expected, IPSEC reduces the performance of the networking stack. Chapter 13 - TCP/IP Networking

9. Security Issues IPSEC: secure IP (cont) Chapter 13 - TCP/IP Networking

10. Addition of Machines to a Network
Introduction Only a few steps are involved in adding a new machine to an existing local area network, But some vendors hide the files you must modify and generally make the chore difficult. Others provide a setup script that prompts for the networking parameters that are needed. Which is fine until you need to undo something or move a machine. Chapter 13 - TCP/IP Networking

Introduction (cont) The basic steps are: Assign an IP address and hostname Set up the new host to configure its network interfaces at boot time. Set up a default route and perhaps fancier routing. Point to a DNS name server, to allow access to the rest of the internet. Chapter 13 - TCP/IP Networking

Assigning hostnames and IP addresses Administrators have various theories about how the mapping from hostnames to IP addresses is best maintained at a local site: the hosts file, NIS or NIS+, the DNS system, or perhaps a combination of those sources. Chapter 13 - TCP/IP Networking

Assigning hostnames and IP addresses (cont) The /etc/hosts file is the oldest and simplest way to map names to IP addresses. Each name starts with an IP address and continues with various symbolic names by which the address is known. # # Internet host table localhost ponderosa.cs.unr.edu ponderosa pinon.cs.unr.edu pinon ultra6.cs.unr.edu ultra6 banyan.cs.unr.edu banyan loghost Chapter 13 - TCP/IP Networking

Assigning hostnames and IP addresses (cont) /etc/hosts (cont) /etc/hosts is important during the boot process because DNS is not yet available It must contain at least the mapping for the host itself and for the loopback address. In addition it should probably contain the mappings for the default gateway and the name server. Chapter 13 - TCP/IP Networking

ifconfig: configure network interfaces ifconfig enables or disables a network interface, sets its IP address and subnet mask, and sets various other options and parameters. It is usually run at boot time (with command line parameters taken from config files), but it can also make changes on the fly. Chapter 13 - TCP/IP Networking

route: configure static routes The route command defines static routes, explicit routing table entries that never change, even if you run a routing daemon. When you add a new machine to a local network, you usually only need to specify a default route. Chapter 13 - TCP/IP Networking

Default routes A default route causes all packets whose destination network is not found in the kernel’s routing table to be sent to the indicated gateway. Chapter 13 - TCP/IP Networking

Configuring DNS To configure a machine as a DNS client, you only need to edit one or two files All systems require /etc/resolve.conf to be modified, and some require you to modify a “service switch” file as well. Chapter 13 - TCP/IP Networking

11. Vendor Specific Network Configuration
Introduction Chapter 13 - TCP/IP Networking

16. Recommended Reading Introduction Any book by Stevens TCP/IP Illustrated (vol 1 & 2) UNIX Network Programming (vol 1 & 2) Any book by Tannenbaum Computer Networks Any book by O’Reilly & Associates TCP/IP Network Administration Chapter 13 - TCP/IP Networking

TCP/IP Networking Chapter 13.

Similar presentations

Presentation on theme: "TCP/IP Networking Chapter 13."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

TCP/IP Networking Chapter 13.

Similar presentations

Presentation on theme: "TCP/IP Networking Chapter 13."— Presentation transcript:

Similar presentations

About project

Feedback