Lecture 6 - TCP/IP Protocols and Architectures PDF

Summary

This document provides an outline of TCP/IP protocols and architectures, including the TCP/IP architecture model, transport layer, Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Address Resolution Protocol (ARP), and Internet Control Message Protocol (ICMP). It details the role of the transport layer in end-to-end communication and explains the functionalities and features of TCP and UDP.

Full Transcript

TCP/IP Protocols and Architectures Outline • TCP/IP Architecture Model and the Transport Layer • Transmission Control Protocol (TCP) • User Datagram Protocol (UDP) • Address Resolution Protocol (ARP) • Internet Control Message Protocol (ICMP) 2 TCP/IP Architecture Model and the Transport Layer...

TCP/IP Protocols and Architectures Outline • TCP/IP Architecture Model and the Transport Layer • Transmission Control Protocol (TCP) • User Datagram Protocol (UDP) • Address Resolution Protocol (ARP) • Internet Control Message Protocol (ICMP) 2 TCP/IP Architecture Model and the Transport Layer 3 Network Architecture Models • The Open System Interconnection (OSI) reference model • The Transmission Control Protocol/Internet Protocol (TCP/IP) suite model 4 TCP/IP Architecture Model • The TCP/IP model with 4 layers was created by the Department of Defense of the US in 1970s. • The TCP/IP model describes general guidance for designs and implementations of specific networking protocols for intercommunications • TCP/IP specifies how data should be formatted, addressed, transmitted, routed and received at the destination for end-to-end connectivity. 5 TCP/IP’s Architecture Model 6 The TCP/IP Core Protocols • The core protocols in TCP/IP suite • TCP – Transmission Control Protocol • IP – Internet Protocol • Operate in Transport and Network layers of the OSI model • Provide basic services to protocols in other layers 7 8 Role of the Transport Layer • Responsible for end-to-end communications • Reliability • Interface between the application and the lower layers • Transport layer includes 2 protocols: • Transmission Control Protocol (TCP) • A connection-oriented protocol and is designed for reliable transfer of information • User Datagram Protocol (UDP) • A Connectionless protocol and is designed for efficient communication of generally small amounts of data 9 Working with Segments and Datagrams Transport-layer protocols work with units of data called segments (TCP) or datagrams (UDP) Both TCP and UDP add a header to payload The Transport-layer protocol then passes the segment to the Internetwork protocol (IP) With incoming data, the Transportlayer receives the segment from the Internetwork protocol, processes it, decapsulates it and sends the resulting data up to the Application layer 10 Identifying Source/Destination Processes/Applications A port number is a way to identify a specific process/application to which an Internet or other network message is to be forwarded when it arrives at a server. For TCP and UDP, a port number is a 16-bit integer that is put in the header appended to a message unit. TCP and UDP use port numbers to specify the source and destination Application-layer protocols 11 Detect Data integrity with a Checksum mechanism • To protect data integrity, TCP and UDP provide a checksum like a cyclic redundancy check (CRC) • CRC is an error-detecting code • Intermediate nodes don’t recalculate the checksum in the Transport layer, so if data corruption occurs during transmission, the final receiving host detects the checksum error and discards the data 12 • IP is for host-to-host communications Process-toProcess Communications • Transport layer protocols such as TCP/UDP are for delivery of the message to the appropriate application program, i.e., process-to-process communications • A computer may be running several programs at the same time. To make every connection unique, we need to use • the IP address and the port number to establish a unique identifier on a machine, i.e., to define a socket, end point or socket address 13 Every connection has 2 sockets or endpoints: Source IP: Source port, e.g., • 131.181.143.129:2525 Destination IP: Destination port e.g., • 131.181.118.220: 80 Socket Addresses – Unique Connections The connection creates a unique virtual channel. 14 The use of ports allow devices to run multiple services/applications 131.181.200.1:6000 (The client talks to the Web server) 131.181.200.1:8000 (The client talks to the Email server) Client socket address 131.181.200.1: 6000 131.181.200.1: 8000 131.181.1.1:80 (Web services) 131.181.1.1:25 (Email services) Server socket address 131.181.1.1: 80 131.181.1.1: 25 IP address + port number = Socket An IP address alone is not sufficient for running network applications, as a host can run multiple applications and/or services. 15 • Port number range: 0 to 65535 Port Numbers • Three types • Well Known Ports • Range: 0 to 1023 • Operating system or administrator use • Registered Ports • Range: 1024 to 49151 • Network users, processes with no special privileges • Dynamic and/or Private Ports • Range: 49152 through 65535 • Normally for a client use • No restrictions 16 Courtesy Course Technology/Cengage Learning 17 TCP Transmission Control Protocol 18 TCP Features Error Control • To retransmit lost segments, TCP uses retransmission timeout (RTO). • When TCP sends a segment the timer starts and stops when the acknowledgment is received. • Checksum to detect errors. Flow Control • Ensures destination doesn’t become overwhelmed. • Only a certain amount of data can be sent at one time, controlled by a Sliding Window mechanism. Retry Mechanism • Can retransmit if no acknowledgment has been received. 19 TCP features (cont.-) TCP is a connection-oriented protocol • Before data transmission: • It establishes a three-way handshake process with the destination, then data is transferred • After data transmission: • The connection is terminated by a four-way handshake process TCP offers full-duplex service • Data can be carried in both directions at the same time 20 TCP Header Source port address (16 bits) Destination port address (16 bits) TCP header Sequence number (32 bits) Acknowledgement number (32 bits) Data Offset (4 bits) Reserved (3 bits) C E N W C S R E U R G A C K P S H R S T S Y N F I N Window size Urgent pointer (If URG set, 16 bits) Checksum (16 bits) Options and Padding 21 TCP Header Fields • 16-bit SOURCE PORT field • Identifies the sending port • 16-bit DESTINATION PORT field • Identifies the receiving port • 32-bit SEQUENCE NUMBER field • Defines the 1st byte number of this datagram • The numbering does not necessarily start from 0 • 32-bit ACKNOWLEDGEMENT NUMBER field • Indicates explicitly that a specific set of data received successfully • Indicates the next byte expected sequence number from the other side of the communication 22 TCP Header Fields (cont.-) • 9-bit Control BITS field: • A set of 6 standard and 3 extended control flags • indicates the purpose and contents of the segment (U) URG Informs the recipient that certain data within a segment is urgent and should be prioritized. The recipient evaluates the urgent pointer. (A) ACK Indicates that the device sending the segment for an acknowledgment (P) PSH Requests a push to send immediately (R) RST Resets the connection (S) SYN Indicates that the segment is being used to initialize a connection (F) FIN Indicates no more data from sender 23 TCP Header Fields (cont.-) • 16-bit WINDOW field • Indicates the size of the TCP receiver buffer in bytes • CHECKSUM 16-bit checksum field: • For the integrity of the header and data • URGENT POINTER 16-bit field • It is used with the URGENT flag to point to the end of urgent data sent in a segment 24 The Three Stages of a TCP Connection 1. Connection establishment with a 3-way handshake 2. Data transfer 3. Connection termination with a 4-way handshake 25 Connection establishment with a 3-way handshake • Because TCP is connection oriented, it needs to first initialise a virtual connection • TCP uses 3-way handshake to initialise and synchronise the connection • This connection remains open for the duration of the interaction between the two ends 26 Connection establishment with a 3-way handshake (cont.-) A client (A) sends a TCP synchronization (SYN) segment to the destination device (B), usually a server • A destination port is specified, and a source port is assigned dynamically Use 3 segments establish a TCP connection • Segment 1: A issues a message to B for initialization • Segment 2: B sends a message to A for initialization and acknowledgement • Segment 3: A sends an acknowledgement to B 27 Connection establishment with a 3-way handshake (cont.-) Simplified segment fields Client (1) Request for connection Seq: 8000 SYN segment Server S Seq: 15000 Ack: 8001 A SYN-ACK segment (2) Response S Seq: 8001 (3) Connection established Time ACK segment Ack: 15001 A Time 28 Connection establishment with a 3-way handshake (cont.-) Handshake Message 1: • The client sends to the server the first segment – with a SYN segment • Only the SYN bit is set, ACK bit is NOT set • The value of the sequence number field in this segment is called the Initial Sequence Number (ISN) • The SYN segment is a control segment and carries no data • It consumes one sequence number data transfer from client to server start with sequence number ISN +1 29 Connection establishment with a 3-way handshake (cont.-) Handshake Message 2: • The server responds to the client with a SYN-ACK segment • Both the SYN and ACK bits are set • The segment serves the following functions • The segment provides the ISN for communications from server to client • ISN is incremented for the first data transfer • The segment provides acknowledgement of the receipt of the SYN segment sent by the client 30 Connection establishment with a 3-way handshake (cont.-) Handshake Message 3: • The client replies with an ACK segment • ACK bit set • The segment provides an acknowledgement to the servers’ SYN-ACK segment • The sequence number in this segment is the sequence number added by 1 that is in the client’s initial SYN segment (or as same as the acknowledgement number in the server’s SYN-ACK segment) 31 TCP Data Transfer • Receipt of data must be acknowledged with an ACK that specifies the byte number that the receiver is expecting to receive from the sender • To use sequence number tracking to identify the amount of data transferred and any outof-order packets Simplified segment fields Client Seq: 8001 Ack: 15001 Server A Data Byes: 8001-9000 Seq: 15001 Ack: 9001 A Data Byes: 15001-16000 Seq: 9001 Ack: 16001 A 32 TCP Connection Termination: 4-Way Handshake • Four segments need to be exchanged to terminate a TCP connection • Since a TCP connection is full-duplex, data may flow independently in each direction • Each direction must shut down independently TCP half-close • Each half-close requires a FIN and ACK segment to be sent. 33 TCP Connection Termination: 4-Way Handshake Client Seq: x Server Ack: y FIN F Seq: y Ack: x +1 ACK A Seq Ack FIN F Seq Ack ACK A 34 UDP User Datagram Protocol 35 UDP (User Datagram Protocol) • • • • Connectionless transport protocol Data delivery services is unreliable Simple Useful situations • Great volume of data transferred quickly 36 Courtesy Course Technology/Cengage Learning 37 Features of UDP • No connection handling • Each datagram is an independent message that the sender transmits without UDP providing any way to establish, manage, or close a connection • No delivery guarantees • Datagrams are not sequenced and are not acknowledged • Datagrams are sent without any promise of delivery • Application layer must provide tracking and retransmission mechanisms • No error checking • No guarantee that packets are received at all 38 Format of UDP Messages UDP header Source port number (16 bits) Destination port number (16 bits) Total length (16 bits) Checksum (16 bits) Payload (data) • Each UDP message is called a user datagram • Has a fixed size header of 8 bytes • 16-bit SOURCE / DESTINATION PORT fields • Port number (between 0 and 65535) • Well-known ports 0 ~1023 • Client host’s operating system may randomly choose a port to communicate with a server • Checksum is optional for IPv4 39 UDP is used while error checking and correction is performed by the application, such as Applications based on UDP • Domain Name System (DNS) • Dynamic Host Configuration Protocol (DHCP) • Trivial File Transfer Protocol (TFTP) • IPTV • Voice over IP (VoIP) • Real Time Streaming Protocol • Routing Information Protocol (RIP) • Simple Network Management Protocol (SNMP) 40 ARP Address Resolution Protocol 41 What Does ARP Do? • ARP is used to resolve used to resolve a logical (IP) address to physical (MAC) address for local area network communication. • Operates at both layers 2 and 3 of the OSI model (Layer 2.5) • Every frame contains both physical (MAC) and logical (IP) source and destination addresses • When a packet is ready to be sent to the Network access layer, the destination device’s MAC address must be retrieved before the frame header can be constructed • The source device needs to obtain the MAC address of the destination device to deliver data. 42 What messages does ARP use? • An ARP is a request/reply pair of transmissions on the local network • The originator transmits a broadcast requesting the hardware address of the target host • The target host then replies unicast back to the originator with the hardware address of the target host 43 General operation of ARP • When an originator on an IP-based network has an IP datagram to send to a target host. • It will first check if the target host’s MAC address is in the ARP cache or not, then start the required address resolution process. If the target host is on the same network: • Then it will send a broadcast ARP request to the network and wait for the ARP reply • If the target host is NOT located on the same network • it will send the datagram to one of the default gateway (router) on the network for forwarding data 44 ARP Cache • To avoid sending an ARP request every time an IP packet is sent, devices store learned the mapping of the IP address-MAC address in an ARP cache, a temporary location in RAM. • ARP cache entries are not kept indefinitely. Most devices keep an ARP entry for only a few minutes after it is last used to avoid storing outdated information, which could result from a changed NIC or IP address. • An ARP request is sent as a broadcast message, so that every host on that network records the mapping of requesters’ IP and MAC addresses to its ARP cache table for future reference 45 ARP Frame Format • A MAC (hardware) address is 48 bits long, expressed as 12 hexadecimal digits • The 1st six hexadecimal digits assigned by IEEE to identify manufacturer or vendor, organizational Unique Identifier (OUI) • Remaining 6 hexadecimal digits are assigned by the specific vendor interface serial number • FF:FF:FF:FF:FF:FF is used as Broadcast MAC Address. 0 7 8 15 Hardware Type (e.g. Ethernet =1) Hardware Address length Protocol length 16 23 24 31 Protocol Type (network layer protocol) Operation (Request = 1, Reply = 2) Sender Hardware Address (48 bits = 6 bytes) Target Hardware Address (Empty in request) Target IP address (32 bits) 46 • ARP is a two-step process: a request and a reply. ARP Request • Within a network, when a host (originator) – A, begins a conversation with a target host - B • A is aware of B’s IP address but does not have the B's MAC address. A is unable to send a unicast frame to B. • A sends an ARP broadcast frame to request B’s MAC address. Since it is a broadcast, all hosts on the network receives the ARP request. • All hosts scan the content of the ARP request to determine if they are the intended target. The hosts which are not the intended target discard the broadcast frame. 47 ARP Reply • B is the target of the ARP Request. It sends an ARP Reply back to A. Since B knows who sent the initial ARP Request, it can send the ARP Response unicast, directly back to A. 48 ARP Capture Request & Reply Request Reply 49 Direct delivery (A ð B) • A sends out a broadcast ARP request message • B, C, and D receive this broadcast message • Only B responds with a unique ARP reply message A C ch t i w S B D 50 A Indirect delivery (A ð C) B ch Swit • A sends out a broadcast ARP request message to request the router’s MAC address • The router responds with an ARP reply message via unicast 2 x ARP processes • The router upholds the received data and then processes the relay • The router sends out a broadcast ARP request to request for C’s MAC address • C responds with an ARP reply message via unicast • The router re-packages the data (Layers 3 and 2) and then forward the frame to C ch Swit C 51 ARP Resolving the MAC Address from the IPv4 Address A broadcast request message “What is your MAC address, 10.0.0.5?” 10.0.0.1 Not me!! Not me!! 10.0.0.2 10.0.0.3 A unicast reply message: “My MAC is 0012 3122 56 77” Not me!! 10.0.0.5 10.0.0.4 n ARP message n n ARP Broadcast ARP Reply 52 ICMP Internet Control Message Protocol 53 When Communications Go Wrong • The destination host is unreachable • the IP address is wrong, or the host does not exist • The destination port is unknown • There is no application that matches the TCP port number • The destination network is unknown • IP address is wrong • A datagram on the network is too long • Time to Live value expires • Congestion occurs at intermediate routers… 54 Character of ICMP • ICMP reports errors, but does not correct errors • ICMP always reports back to the originator • Generally, IP does not keep track of which routers have been • Error correction is left to high-level protocols Value of protocol field is 1 for ICMP messages ICMP messages include first 8 bytes (data area) of problem datagram to allow originator to identify the cause of the problem 55 Where is ICMP Positioned • ICMP is a network layer protocol • Companion to IP ICMP IP ARP 56 ICMP Encapsulation • ICMP messages are encapsulated inside of IP datagrams before going down to the data link layer IP Header Frame Header ICMP header + data = IP data Frame data Trailer 57 Types of ICMP Destination Unreachable Source Quench Error Reporting Time Exceeded Param Problem ICMP Redirect … Echo Query Timestamp ... 58 ICMP • Assists the diagnosis of some network problems • Performs error reporting and query/reply for the Internet Protocol • Often occurs in pairs: queries and replies • Returns error messages back to the originator • Assists in obtaining specific information from routers/hosts • Is used by routers and hosts • Reports errors • Invalid IP address • Invalid port address • TTL=0 of the packet • … • Applications • ping • tracert 59 Destination Unreachable • When a router cannot forward a datagram, it sends a destination unreachable message to the originator and then discards the datagram. Code Meaning 0 Network is unreachable – possible hardware failure – generated by routers 1 Host is unreachable – possible hardware failure – generated by routers 2 Protocol is unreachable – upper layer protocol data is destined for cannot be reached for delivery – generated by destination host 3 Port is unreachable – application program process not currently running 4 Fragmentation required for routing but DF (do not fragment) bit is set by sender 60 61 Time-Exceeded • Incorrect configurations can lead to packets traveling in endless loops (routing cycle) • The ICMP Time Exceeded message is issued: • When a packet is sent, its TTL is decremented by 1 at each hop. If the TTL reaches 0, the packet is dropped. The router that dropped the IP packet for which the TTL reached 0 sends a TimeExceeded message to the originator • If destination does not receive all fragments in a set time, it drops any received fragments and sends a TimeExceeded message back to the originator 62 Echo Request/Reply • A host or router that receives an echorequest message creates an echo-reply message and returns it to the originator • echo-request and echo-reply messages can be used to help diagnose some network problems • e.g., communication status between two devices • Testing destination reachability and providing status is achieved by invoking a ping command • Creates a series of echo-request and echo-reply messages providing statistical information 63 ICMP applications ping and tracert utility 64 traceroute and tracert Traceroute shows the path how a packet traverses to its destination It provides names of all intermediate routers of the path It determines the path by sending a series of packets with TTL fields of 1, 2, 3, 4 etc. It causes each intermediate router on the path to send a Time-Exceeded message back to originator 65 Illustration: TTL=1 A Create a probe packet IP TTL=1 ICMP Router X B IP Time Exceeded Packet will be discarded TTL=0 Router Z Router Y P7.66 Illustration: TTL=2 A Create a probe packet IP B TTL=2 Packet will be discarded Router X IP TTL=1 IP TTL=0 Router Z ICMP Router Y P7.67 Illustration: TTL=3 Create a probe packet A B IP TTL=3 IP Router X IP TTL=2 TTL=0 Router Z ICMP IP TTL=1 Router Y P7.68 Illustration: TTL=4 Create a probe packet A B IP Hop Limit=4 IP Router X IP Hop Limit =3 IP Hop Limit=2 TTL =1 Router Z Router Y P7.69 Summary ICMP • ICMP provides a way to report errors to originator • ICMP provides: • Error information - delivery errors • IP routing behavior • Reachability • ICMP reports on errors, but it is up to the IP host that receives the incoming ICMP messages to act on the reported error 70 End of Lecture

Use Quizgecko on...
Browser
Browser