bembry.org
Home / Technology / Inet
Directory_Logo

TCP/IP Basics

The following set of notes corresponds to teh TCP/IP module of the Internet Design course, providing students an outline of the information they are expected to understand. The corresponding reading for this module is chapter three of i-Net+ Study Guide by David Groth, et. al., pages 90-125.

TCP/IP Overview

  • A protocol is a set of rules on how data will be packaged and transferred between computers.
  • TCP/IP (Transmission Control Protocol / Internet Protocol) is the main suite of protocols used for the Internet. This set of protocols includes TCP, IP, HTTP, FTP, PPP, and many others.
  • TCP/IP was designed as an open standard, to be capable of implementation on all types of hardware and software systems.

Transmission Control Protocol

  • TCP is responsible for taking the data to be transmitted, breaking it down into packages called datagrams,encoding the datagrams with special codes to ensure its safe delivery, keeping track of the datagrams that have been successfully transferred, retransmitting datagrams that have been lost, and reassembling all the datagrams once they have safely reached their destination.
  • TCP is a connection-oriented protocol, since it has methods of assuring the delivery of data.
  • TCP header data, the data that TCP adds at the beginning of each datagram, includes the following information:
    • Source port number and destination port number. This information assures that the data sent connects to the correct process on each computer.
    • Since TCP breaks data into smaller units, the header includes a sequence number identifying which order the packets should be reassembled in.
    • To make sure the received data has not been corrupted, TCP places in the header a checksum, which is a value based on the number of bits in the data package. The receiving computer will calculate the checksum again, and if the checksum numbers do not match, the system will assume that the data has been corrupted.
    • The acknowledgement number is a number that the receiving computer sends back to the source computer to confirm that this particular datagram has been received correctly. If the source computer does not receive this acknowledgement number back within a specified period, then it will assume the datagram has been lost and re-transmit it.

Internet Protocol

  • The IP protocol is responsible for routing the packages created by TCP.
  • IP is a connectionless protocol. It is not concerned with whether or not the data actually reaches the recipient, just with moving that data to its designated destination.
  • IP adds a header to the datagram created by TCP, resulting in a total of two different headers added to the original source data.
  • The IP header includes the following information:
    • A checksum to provide a means of checking data integrity at each stopover point.
    • A hop count or time to live, which determines the maximum number of hops a package can make.
    • Both source and destination addresses are also included in the IP header.
  • The IP protocol is used to determine the route a data packet will take to its destination. If the destination IP address is not known by the local gateway, that gateway will pass the packet on to its default gateway. This process will continue until the desired destination is reached.
  • Using IP, different datagrams from a single data source may take different routes to their destination, thus causing some packets to arrive out of order.To avoid this randmoness, it is also possible to prescribe a set route for the data to take.

IP Addressing

  • In order to participate in a TCP/IP network, each computer (or host) must have a unique IP address. These addresses may be automatically assigned using DHCP (Dynamic Host Configuration Protocol) or manually entered into the host computer.
  • An IP address is made up of a single 32-bit number (meaning it has 32 ones or zeros). This number is usually divided into four 8-bit segments separated by dots. Each 8-bit segment has a value between 0 and 255.
    Example: 011111111.00111111.00011111.00000111 = 127.63.31.7.
  • Dotted decimal notation refers to writing IP addresses using four decimal numbers (numbers between 0 and 255) separated by dots.
  • The first portion of an IP address is usually used to identify the network, while the second portion identifies a particular machine within that network.
  • An IP address composed of the network portion of the IP followed by all zeros identifies the network itself. Example: 192.168.0.0 refers to the 192.168 network.
  • An IP address composed of the network portion of the IP followed by all 255s is called a broadcast address. Example: A packet addressed to 192.168.255.255 would be delivered to every machine on the 192.168 network.
  • The IP address 192.168.x.x is reserved for private networks.
  • The current version of IP addressing is IPv4 (version 4) and allows over 17 million address, which is proving insufficient. A new version, called IPng (IP next generation) or IPv6 is currently being phased in and will provide more IP addresses (over 70 octillion).
  • IP addresses are divided into the following classes:
    • Class A: Highest-order bit set to zero; IP address range from 1.x.x.x to 126.x.x.x; first octet makes up the network portion of the IP address. There may be 127 class A networks, each having up to 16,777,214 connected hosts. All Class A networks are currently taken.
    • Special: The address 127.0.0.1 is reserved for loopback tests.
    • Class B: Highest order bit set to 10; IP address range from 128.0.x.x to 191.255.x.x; first two octets make up the network portion of the IP address. There are no Class B addresses free.
    • Class C: Highest order bits set to 110; IP address range from 192.0.0.x to 223.255.255.x; first three octets determine network portion of IP address.
    • Class D: Highest order bits set to 1110; used exclusively for multicasting (delivery to a group of host computers.
    • Class E: Highest order bits set to 1111; reserved for experimental use.
  • A new addressing scheme called CIDR (Classless Inter-Domain Routing Scheme) breaks down IP addresses into segments smaller than class C to fit the needs of different companies.

Subnet Masks

  • A subnet mask is a way of dividing a single network into multiple physical networks by reallocating the hosts portion of the IP addressing scheme. The new IP address scheme has a network portion, a subnet portion, and a host address that is shorter than under the original scheme.
  • Subnets help reduce network traffic by keeping local traffic on one side of a router and isolating the information from the LAN on the other side of the router.
  • A router must be used to implement a subnet scheme.
  • To define a subnet mask, convert the network portion of the IP address into binary notation. Next, select the number of binary digits to use for the subnet mask. Finally, calculate the new dotted decimal ranges available under each subnet.
    Example:
    • Key:Network; Subnet; Host
    • IP Network Address:
      172.25.16.x
    • Binary IP Network Address:
      10101100 00011001 00010000 xxxxxxxx
    • Add Subnet Mask:
      10101100 00011001 0001000
      • 11xxxxxx
    • Four New Subnets Available:
      A.10101100 00011001 0001000
      • 00xxxxxx
      B.10101100 00011001 0001000 01xxxxxx
      C.10101100 00011001 0001000 10xxxxxx
      D. 10101100 00011001 0001000 11xxxxxx
    • Dotted Decimals of New Subnets:
      A.172.25.16.0 to 172.25.16.63
      B.172.25.16.64 to 172.25.16.127
      C.172.25.16.128 to 172.25.16.191
      D.172.25.16.192 to 172.25.16.255
  • On a subnet, the first available address in the subnet class is the new network number and the last available address is the new broadcast number.
    Example: In subnet A above, 172.25.16.0 is the network number and 172.25.16.63 is the subnet broadcast number.

DHCP

  • DHCP (Dynamic Host Configuration Protocol)dynamically assigns IP addresses to hosts as they log onto a network, then revokes those addresses when the hosts log off. This method of allocating IP addresses makes administration easier and allows a network that has more computers than available IP addresses to continue to function.
  • DHCP servers are configured with a range of addresses they are permitted to lease out to client computers. The server then keeps track of which addresses have been leased and which are still available.
  • When a network client boots up, it sends out a broadcast message to discover the DHCP server. The DHCP server responds with an offer of an available IP address, the appropriate subnet mask, and data defining how long the address lease is good for. The client host accepts the IP address and returns a request to the DHCP server for the lease of the IP address offered and any other needed information. The DHCP finalizes the assignment by returning an acknowledgement packet containing all the pertinent network information.
  • DCHP leases can be configured to expire within a certain period of time or to not expire at all.
  • When half of a DHCP lease period has expired, the client sends a message requesting a lease renewal. The server again responds with an acknowledgement.

Port Numbers

  • A port is a TCP/IP identifier that indicates what application or process a request is associated with. On the server, an application like Telnet monitors its assigned port number for activity, then communicates with the remote computer using this port.
  • Well Known Port Numbers include the following:
    • 20: FTP Data (File Transfer Protocol)
    • 21: FTP Control (File Transfer Protocol)
    • 22: SSH (Secure Shell, an encrypted telnet session)
    • 23: Telnet
    • 25: SMTP (Simple Mail Transfer Protocol)
    • 53: DNS (Domain Name Server)
    • 80: HTTP (Hyptertext Transfer Protocol)
    • 110: POP3 (Post Office Protocol 3)
    • 119: NNTP (Network News Transfer Protocol)
  • For a more exhaustive list of port numbers see here.
  • Some systems are capable of dynamically allocating port numbers. If a port is currently busy when a new request is received, the system can assign a different port number to handle the request.
  • An IP address combined with a port number creates a socket.Two sockets (one sending, one receiving) are required to establish a TCP connection.

Other Protocols

  • SLIP(Serial Line Internet Protocol) is a protocol used to transmit over serial lines, such as with a modem over phone lines. SLIP is a simpler protocol that has a low overhead, but its lack of some desired features (such as password encryption and error checking) has caused it to be largely replaced by PPP.
  • PPP (Point-to-Point Protocol) is commonly used to establish remote connections to Internet service providers or LANs. PPP can run over various types of connections, provides error correction, supportsauotmatic TCP/IP configuration, and provides a number of other benefits above SLIP, although it does demand higher overhead.
  • With PPTP (Point-to-Point Tunneling Protocol)is a Microsoft-created protocol that uses PPP to create a Virtual Private Network (VPN). To use PPTP, a user establishes a PPP connection to the desired server, then launches a PPTP connection. In effect, the user is then connected to the server via PPP, but is able to transfer information securely from within the PPP connection thanks to the PPTP session. PPTP is currently not standard and not supported by all operating systems.
  • HTTP, or Hyptertext Transfer Protocol, is used to communicate between a web browser and a web server. Web pages are transmitted over HTTP.
  • FTP (File Transfer Protocol) is used to transfer files between two computers. FTP requires users to authenticate with a user name and password, while a similar protocol, TFTP (Trivial File Transfer Protocol) works the same without requiring user authentication.
  • SMTP (Simple Mail Transfer Protocol) moves mail from one mail server to another, or from an email client to an email server. Either way, SMTP is the way to get email onto a mail server.
  • POP3 (Post Office Protocol 3), on the other hand, is used to get mail off of a mail server. When used by an email client, POP3 downloads all the client messages avaialable from the server. The IMAP (Internet Message Access Protocol) is a different protocol for retrieving mail off an email server; however, IMAP supports downloading selected messages only, and leaving the rest on the server.
  • The NNTP (Network News Transfer Protocol) provides the facilities for transferring information on newsgroups (Usenet news). The protocol allows posting, distribution, and retrieval of the messages among both clients and servers.
  • LDAP (Lightweight Directory Access Protocol)is an open protocol for accessing information directories, which supply such data as email addresses and names.
  • Gopher was a method for organizing and displaying files on an Internet server before the advent of the World Wide Web. This system has largely been replaced by the web.
  • TELNET is a protocol used mostly on Unix servers which allows users to log onto a remote computer and use it as they were sitting at the console themselves.
  • LPR (Line Printer Remote) allows a user to send a print file to a remote server for printing.
Restricted access