Chapter Eleven
An Introduction to TCP/IP
Objectives
• To compare TCP/IP’s layered structure to OSI
• To review the structure of an IP address
• To look at some of the different protocols in the suite
• To learn a bit about address translation in TCP/IP
TCP/IP and Layers
• TCP/IP has four layers– Compared to OSI’s seven layers
• For the most part, map cleanly to OSI layers
The Four TCP/IP Layers
• Process/Application
• Host-to-Host
• Internet
• Network Access
Process Application
Host to Host
Internet
Network Access
Application
Presentation
Session
Transport
Network
Data Link
Physical
Mapping TCP/IP Layers to OSI
Reviewing IP Address Structure
• IPv4 uses a 32-bit address.• IPv6 uses a 128-bit address.• IPv4 addresses are broken down into classes.• One address identifies both the network and
host address.• A subnet mask separates the network portion
from the host portion of the address.
IP Address Classes
• Class A– 1 octet for network, 3 for host
• Class B– 2 octets for network, 2 for host
• Class C– 3 octets for network, 1 for host
• Class D – multicasts• Class E – experimental
TCP/IP Protocol Suite
• Different protocols work at different layers.
• Different functions exist at each protocol layer.
• No protocols exist at the Network Access layer that I will discuss here.
Process Application Protocols
• FTP/TFTP
• HTTP
• Telnet
• SMTP/POP
• IMAP4
• SNMP
• NFS
FTP/TFTP• File Transfer Protocol/Trivial File Transfer
Protocol– Both function to transfer complete files over the
network– FTP is a connection-oriented protocol
• Port 20 for user data and Port 21 for control data
– TFTP is a connectionless protocol• Port 69 for user data, no control data passed
HTTP and HTTPS
• Hypertext Transfer Protocol and Hypertext Transfer Protocol Secure– Used for interpreting and moving hypermedia
over a network– HTTP uses Port 80; HTTPS uses Port 443.– HTTPS uses the secure socket layer (SSL) and
encryption algorithms in order to increase security.
Telnet
• Creates a virtual terminal on the network
• Allows a user to take control of a device remotely
• Uses Port 23
• Used by many routers and switches for configuration
SMTP and POP
• The protocols of email– Simple Mail Transfer Protocol for outgoing– Post Office Protocol for incoming
• SMTP uses Port 25
• POP3 uses Port 110 (older POP2 uses 109)
IMAP4
• Internet Message Access Protocol, Version 4
• A more advanced protocol for sending email messages
• Allows users to create and maintain folders on the remote server
• Uses Port 220
SNMP• Simple Network Management Protocol
– Allows network administrators to gather information about the network and to perform routine maintenance functions remotely
– SNMP manager runs on the administrator machine and the agent on the user’s machine
– Uses Port 161 for general messages and 162 for trap messages
NFS
• Network File System– Allows the network to be browsed like a disk
drive– Uses Port 2049
Host-to-Host Protocols
• TCP
• UDP
• DNS
TCP
• Transmission Control Protocol– Manages point-to-point movement of data from
source to target– Connection-oriented protocol– Handles flow control, multiplexing, data transfer,
and error correction/detection
UDP
• User Datagram Protocol
• Connectionless protocol
• Useful for broadcast messages and/or small data packages
DNS
• Domain Name Services– Resolves Internet domain names to IP
addresses– Acts as the core protocol for active directory
Structure of a DNS Domain Name• The “dot” server
– .com, .gov, .org and so on and so forth– The dot points to the DNS root.– A different set of servers, called root servers, maintains database of
each type of DNS root.• The top level domain
– Country code (.us, .uk, .jp, and so forth)– Generic domains (.com, .gov, .biz, and so forth)– Infrastructure domains (.arpa) the address routing domain
DNS at Work• Each workstation must be configured with the address
of a DNS server.
• You type in a universal resource locator (URL) and your computer can’t resolve it.
• The request is forwarded to the DNS server configured in TCP/IP.
• If the DNS server has no record, it forwards the request to the appropriate root server.
Types of DNS Query• Recursive
– If the DNS server cannot resolve the request, it will forward it to the next level.
– When the next level replies, the server adds the information to its database.
• Iterative– The request MUST be fulfilled on the local server.– It responds with all it knows and that’s all she wrote.
Internet Layer Protocols
• IP
• BootP
• DHCP
• ICMP
• ARP
• RARP
IP
• Handles addressing between different networks
• Provides for fragmentation of data over a network connection
• Handles all routing functions
• Tracks packet time to live
BootP
• It allows a computer to boot up using files that are stored on a remote device.
• The bootstrap loader directs its boot request to the boot PROM on the NIC.
• The request is forwarded through Port 67.• A BootP server sends back a boot reply packet
with the data it needs to locate the boot files.
DHCP
• Dynamic Host Configuration Protocol– It configures a client computer with all of its
TCP/IP information.– This information is “leased” for a certain time.– DHCP can configure IP address, subnet mask,
DNS server, and several other items.
ICMP
• Internet Control Message Protocol– Announces network errors– Announces conditions of network congestion– Announces when a packet has timed out– Is the core protocol for PING
ARP
• Address Resolution Protocol and Reverse Address Resolution Protocol– ARP sends out a packet to the target device
requesting a reply.– The reply has the machine’s IP address and
MAC address in the header.
RARP
• It requires that RARP server be configured.
• A client machine broadcasts its IP address.
• The RARP server responds with an IP address.
Address Resolution in TCP/IP
• WINS
• HOSTS
• LMHOSTS
WINS
• Windows Internet Name Service– Resolves a NetBIOS name to an IP address– Requires that a WINS server be configured on
the network– Is old and graying, but not dead just yet
The HOSTS and LMHOSTS File
• Both are text files stored in the root directory.
• HOSTS maps a DNS name to an IP address.
• LMHOSTS maps a NetBIOS name to an IP address.