Академический Документы
Профессиональный Документы
Культура Документы
Phillip Musumeci
April 14, 2002
http://mirriwinni.cs.jcu.edu.au/phillip
JCU
School of InfTech
Contents
Part I
1
Introduction
1.1 Background . . . . . . . . . . . . .
1.2 Network Aims . . . . . . . . . . . .
1.3 Network Use . . . . . . . . . . . . .
1.4 Network Hardware . . . . . . . . .
1.5 Alternative classification criterion .
1.6 LANs . . . . . . . . . . . . . . . . .
1.7 MANs . . . . . . . . . . . . . . . .
1.8 WANs . . . . . . . . . . . . . . . . .
1.9 Internetworks . . . . . . . . . . . .
1.10 Network organisation . . . . . . .
1.11 Example: Message Transfer . . . .
1.12 Network Design Issues . . . . . . .
1.13 Interfaces and Services . . . . . . .
1.14 Types of service . . . . . . . . . . .
1.15 Service Primitives . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
1
1
2
2
3
3
4
5
6
7
8
9
11
11
12
14
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
16
16
17
17
18
18
19
19
20
20
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
21
21
21
22
22
23
23
24
25
26
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
27
27
27
27
28
c
Phillip
Musumeci 2002
JCU
School of InfTech
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
29
29
30
32
34
34
35
35
36
37
37
38
38
39
40
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
42
42
42
43
43
44
46
47
48
49
50
50
51
51
51
52
52
53
53
Part II
6
54
TCP/IP Protocols
6.1 Introduction . . . . . . . . . . . . . . . .
6.2 Review of TCP/IP Layering . . . . . . .
6.3 User Datagram Protocol . . . . . . . . .
6.4 UDP Multiplexing . . . . . . . . . . . . .
6.5 UDP Port Number Allocation . . . . . .
6.6 Reliable Stream Transport Service (TCP)
6.7 Providing Reliability . . . . . . . . . . .
6.8 What does TCP provide? . . . . . . . . .
ii
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
54
54
54
55
57
57
59
60
61
c
Phillip
Musumeci 2002
JCU
6.9
6.10
6.11
6.12
6.13
6.14
6.15
6.16
6.17
6.18
6.19
6.20
6.21
6.22
6.23
7
School of InfTech
TCP Connections . . . . . . . . . . . . .
Segments and Streams . . . . . . . . . .
Variable Window Size and Flow Control
TCP Segment Format . . . . . . . . . . .
6.12.1 Out of Band Data . . . . . . . . .
6.12.2 Maximum Segment Size . . . . .
6.12.3 TCP Checksum Computation . .
Acknowledgements and Retransmission
TCP Timeouts and Retransmission . . .
TCP Links with High Variance in Delay
Response to Congestion . . . . . . . . .
Open and Close of TCP Connections . .
Reset of TCP Connections . . . . . . . .
TCP Protocol FSM . . . . . . . . . . . . .
Forced Data Delivery . . . . . . . . . . .
Reserved TCP Port Numbers . . . . . .
TCP Summary . . . . . . . . . . . . . . .
Further Information . . . . . . . . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
61
62
63
63
64
65
65
66
66
68
69
71
72
72
73
74
76
76
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
77
77
77
78
78
79
81
81
81
82
83
84
84
85
IP Router Operation
8.1 Datagram Delivery . . . . . . . . . . . . . .
8.2 Route Table Completeness . . . . . . . . . .
8.3 Route Optimisation Algorithms . . . . . . .
8.4 Interior Gateway Routing Protocol . . . . .
8.4.1 Routing Information Protocol (RIP)
8.4.2 Open Shortest Path First . . . . . . .
8.5 Exterior Gateway Routing Protocol . . . . .
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
86
86
88
88
89
89
90
91
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
92
92
94
94
95
iii
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
c
Phillip
Musumeci 2002
JCU
School of InfTech
10 Application Layer
10.1 Introduction . . . .
10.2 Email . . . . . . . .
10.3 Network News . .
10.4 Other Applications
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
.
98
98
98
99
100
101
Notes:
1. These lecture notes use diagrams from Computer Networks by Andrew Tanenbaum. They are the result my teaching at RMIT and JCU.
2. Texts:
Computer Networks, 3rd edition, Andrew Tanenbaum, Prentice-Hall, 1996.
ISBN 0-13-394248-1.
See also URL http://www.cs.vu.nl/ast.
Internetworking With TCP/IP Vol. 1, D.E. Comer, 2nd edition, PrenticeHall, 1991.
ISBN 0-13-468505-9. (reference)
Computer Networks and Internets, D.E. Comer, Prentice-Hall, 1997.
ISBN 0-13-599010-6. (reference)
Advanced Programming in the UNIX Environment, W. Richard Stevens,
Addison-Wesley, 1992.
ISBN 0-201-56317-7. (coding)
iv
c
Phillip
Musumeci 2002
JCU
School of InfTech
Introduction
Purpose of networks;
Network structure and organisation;
Reference models and service types;
Internet protocols IP, TCP.
Text:
Andrew Tanenbaum, Computer Networks, 3rd edition, Prentice-Hall, 1996.
ISBN 0-13-394248-1. See URL http://www.cs.vu.nl/ast
1.1 Background
Recent technological developments: 18th century for mechanical machines; 19th
century for steam power;
20th century for electric power and information technology.
Differences between collecting, transporting, storing, and processing information
are rapidly disappearing.
The switch from analogue signal communications systems to digital communications systems means (digital) computer data, documents, speech, images, image
sequences, etc. will eventually be indistinguishable.
The merging of computers and communications has affected the organisation of
computer systems a single large computer has evolved into interconnected
smaller1 computers usually called a computer network.
The way of doing business is changing, in terms of collaboration and in terms of
commerce itself.
1
c
Phillip
Musumeci 2002
JCU
School of InfTech
Server machine
Server
process
Client
process
Network
R eq u e s t
Rep l y
c
Phillip
Musumeci 2002
JCU
School of InfTech
Broadcast networks
contain a single communications channel shared by all machines,
messages are broken into small packets and sent by one machine to all
other machines (which reassemble the message),
an address field specifies the recipient(s).
Communications between pairs of machines is common but it is possible to have 1 bit
in the address field indicate a group address for transmission to multiple recipients
(important for digital HDTV and related payondemand media distribution).
Pointtopoint networks
consist of many connections between individual pairs of machines,
a link between any two machines will often have to pass through intermediate machines so routing of packets is an important issue.
General rule: geographically localised networks tend to use broadcast structures while
geographically spread networks tend to use pointtopoint structures.
c
Phillip
Musumeci 2002
JCU
School of InfTech
Interprocessor
distance
Processors
located in same
0.1 m
Circuit board
System
Multicomputer
1m
10 m
100 m
1 km
10 km
100 km
1,000 km
10,000 km
Example
Room
Local area network
Building
Campus
City
Country
Planet
1.6 LANs
Distinguished from other networks by size, transmission technology, and topology.
Range in size from single building to a few kilometers in size restricted size
means worstcase transmission time is bounded (used in design).
3
T.I. make high speed cross bar switches for variable topology machines and HP make high speed
optical links for PCB use.
c
Phillip
Musumeci 2002
JCU
School of InfTech
Common transmission technology is a single cable to which all machines are attached, with speeds of 10Mbps to 100Mbps. Note: 1Mbps = 220 bps = 1 megabit/sec
= 1048576bps.
Common topologies include bus and ring e.g.
Computer
Cable
Computer
(a)
(b)
1.7 MANs
Like a bigger LAN.
Can support both data and voice (i.e. it is possible to handle delivery time in
speech).
A standard called Distributed Queue Dual Bus (DQDB, IEEE 802.6) developed in
Australia has been agreed upon.
c
Phillip
Musumeci 2002
JCU
School of InfTech
Direction of flow on bus A
Bus A
Computer
...
N
Head end
Bus B
Direction of flow on bus B
1.8 WANs
Spans a large geographical area.
Connects machines (hosts, end systems) running user programs.
Hosts are connected by a communication subnet, or subnet for short, used in the
context of the toplevel view in Figure 1-5.
Subnet
Router
Host
LAN
A subnet consists of: transmission lines, switching elements or switching computers (routers).
6
c
Phillip
Musumeci 2002
JCU
School of InfTech
Routers figure out which transmission link to use, and perform storeandforward
operations.
Subnet ambiguity: the term subnet also has a meaning in terms of addressing.
For pointtopoint subnets, an important design consideration is topology:
(a)
(d)
(b)
(c)
(e)
(f)
1.9 Internetworks
Gateways are used to interconnect networks.
Any necessary communications conversions are performed e.g. the networks might
use different rules (protocols) for operation, or data representation might be different.
7
c
Phillip
Musumeci 2002
JCU
School of InfTech
Host 1
Host 2
Layer 5 protocol
Layer 5
Layer 5
Layer 4 protocol
Layer 4
Layer 3 protocol
Layer 3
Layer 2 protocol
Layer 2
Layer 1 protocol
Layer 1
Physical medium
c
Phillip
Musumeci 2002
JCU
School of InfTech
Note: The dashed lines indicate a conversation between peers. The data bits involved circulate down, across the physical medium, and then back up between the
corresponding levels.
Between each adjacent layer is an interface which defines the primitive operations
and services the lower layer offers to the upper layer.
Design concerns the number and purpose of the layers, and a
(wellunderstood) interface between them.
A set of layers and protocols is called a Network Architecture this is enough
information for someone to build hardware and write software to implement each
layer.
Organisation is usually a series of layers or levels. Each layer offers services to
higher layers, shielding those layers from the details of how the services are implemented.
Dashed lines indicate a conversation between peers (local layer n talks to remote
layer n).
Between each adjacent layer is an interface which defines the primitive operations
and services the lower layer offers to the upper layer.
A list of protocols used by a certain system, one protocol per layer, may be called
a small protocol stack.
c
Phillip
Musumeci 2002
JCU
School of InfTech
Layer
Layer 5 protocol
H4
Layer 4 protocol
H4
Layer 3
protocol
3
H3 H4 M1
H3 M2
H3 H4 M1
H3 M2
H2 H3 H4 M1 T2
H2 H3 M2 T2
Layer 2
protocol
2 H2 H3 H4 M1 T2
H2 H3 M2 T2
Source machine
Destination machine
As information is passed down, headers and trailers are added. As packets are
passed up, headers and trailers are removed (and used).
These ideas are not limited to just networking even hardware designers may
implement header and trailer handling functions in hardware for high speed communications on multi-CPU DSP systems (but still with some software component).
Peer processes think of the communication (and coordination) as being horizontal.
10
c
Phillip
Musumeci 2002
JCU
School of InfTech
Access will be via functions such as SendMessage and ReceiveMessage at the top
level, and similar packet oriented functions at lower levels.
11
c
Phillip
Musumeci 2002
JCU
School of InfTech
Service Access Points are the access points in layer n where layer n+1 can access the
services provided4 .
SAP
IDU
SDU
PDU
ICI
IDU
Layer N+1
ICI
SDU
SAP
Interface
Layer N
ICI
SDU
Layer N entities
exchange N-PDUs
in their layer N
protocol
SDU
N-PDU
Header
Some services may be more efficient if they tap into the protocol at a middle layer, so an SAP may
be of use to a user service.
12
c
Phillip
Musumeci 2002
JCU
School of InfTech
Connectionless implies:
each element of data contains a full address;
each element is sent independently of others, meaning that
messages are not guaranteed to arrive in order (in contrast to connectionoriented
services).
Note: connectionoriented services may be built upon lower layers that are connectionless, and viceversa.
Service
Connectionoriented
Connectionless
Example
Sequence of pages
Remote login
Unreliable connection
Digitized voice
Unreliable datagram
Acknowledged datagram
Registered mail
Request-reply
Database query
for higher reliability, the datagram service can become acknowledged the acknowledged datagram service still avoids connection establishment overheads;
c
Phillip
Musumeci 2002
JCU
School of InfTech
1. CONNECT.request
2. CONNECT.indication
3. CONNECT.response
4. CONNECT.confirm
5. DATA.request
6. DATA.indication
7. DISCONNECT.request
8. DISCONNECT.indication
14
c
Phillip
Musumeci 2002
JCU
School of InfTech
AST Figure 1-15 shows typical use over time of these primitives (ignore Millie):
Layer N + 1
7
Computer 1
Layer N
4
1
Layer N + 1
Layer N
6
5
10
Time
5
6
Computer 2
Fig. 1-15. How a computer would invite its Aunt Millie to tea.
The numbers near the tail end of each arrow refer to the eight service primitives discussed in this section.
Review
A service is a set of primitives that a layer provides to the layer above. A protocol
is a set of rules governing the format and meaning of frames, packets, and messages
exchanged by peer entities. An entity uses protocols to implement a service.
15
c
Phillip
Musumeci 2002
JCU
School of InfTech
2.1 Introduction
The ISO Open Systems Interconnection Reference Model has 7 layers chosen according
to the principles:
There exists the OSI model specification document and also ISO layer standards.
16
c
Phillip
Musumeci 2002
JCU
School of InfTech
Layer
Name of unit
exchanged
Application
Application protocol
Application
APDU
Presentation
PPDU
Session
SPDU
Transport
TPDU
Network
Network
Packet
Interface
6
Presentation
Presentation protocol
Interface
5
Session
Transport
Session protocol
Transport protocol
Communication subnet boundary
Internal subnet protocol
Network
Data link
Data link
Data link
Data link
Frame
Physical
Physical
Physical
Physical
Bit
Host A
Router
Router
Host B
Network
c
Phillip
Musumeci 2002
JCU
School of InfTech
This is done by breaking input data into data frames, sending them sequentially,
and processing acknowledgement frames sent back by the receiver;
Since the physical layer appears to be a bit conduit, it is up to the data link layer
to create and recognise frame boundaries this is done by attaching special bit
patterns to the beginning and end of each frame (and handling the case where this
bit pattern needs to be represented within the frame);
Handles data errors e.g. frame retransmission when frames are lost or corrupted,
also handles duplicate frames;
Handles flow control;
Medium access in broadcast networks is handled by the medium access sublayer.
18
c
Phillip
Musumeci 2002
JCU
School of InfTech
19
c
Phillip
Musumeci 2002
JCU
School of InfTech
Receiving
Process
Data
Application
layer
Application protocol
Presentation
layer
Presentation protocol
Session
layer
Transport
layer
Network
layer
Data link
layer
Physical
layer
AH
Network
layer
Data
NH
DH
Transport
layer
Data
TH
Network
protocol
Session
layer
Data
SH
Transport
protocol
Presentation
layer
Data
PH
Session protocol
Application
layer
Data
Data
Bits
DT
Data link
layer
Physical
layer
Fig. 1-17. An example of how the OSI model is used. Some of the
headers may be null. (Source: H.C. Folts. Used with permission.)
Actual data transmission is vertical (apart from the lower physical link);
Each layer is programmed as if it is transferring data with a horizontal peer.
20
c
Phillip
Musumeci 2002
JCU
School of InfTech
3.1 Introduction
The Internet was originally developed using leased telephone lines and later satellite and radio links;
It had to handle connection of multiple networks in a seamless way;
Defined in 1974, design predates OSI.
OSI
TCP/IP
Application
Application
Presentation
Session
Transport
Transport
Network
Internet
Data link
Host-to-network
Physical
Not present
in the model
21
c
Phillip
Musumeci 2002
JCU
School of InfTech
The purpose of this layer is to deliver IP packets hence major issues are: routing,
congestion.
FTP
SMTP
TCP
Protocols
DNS
UDP
Transport
IP
Networks
ARPANET
Network
Packet
radio
SATNET
Application
LAN
Physical +
data link
c
Phillip
Musumeci 2002
JCU
School of InfTech
23
c
Phillip
Musumeci 2002
JCU
School of InfTech
Network layer: OSI provides connectionless and connectionoriented communications while TCP/IP has only connectionless communications;
Transport layer: OSI has connectionoriented communications while TCP/IP has
connectionless and connectionoriented communications.
Reading: AST 1.4.4 Critique of the OSI Models and Protocols and AST 1.4.5 Critique of the TCP/IP Reference Model.
...
File server
SAP
SPX
NCP
IPX
Network
Data link
Ethernet
Token ring
ARCnet
Physical
Ethernet
Token ring
ARCnet
c
Phillip
Musumeci 2002
JCU
School of InfTech
Has a connectionoriented protocol called NCP (network core protocol) providing user data transport and other services (a second protocol SPX provides only
transport).
Servers regularly advertise services (SAP).
PC network protocols are starting to be based on TCP/IP.
Bytes
1 1
12
12
Destination address
Source address
Data
Packet type
Transport control
Packet length
Checksum
3.7.1
Internet Services
Email: basic service allowing messages to be composed, sent, and received. Usually, a mail client handles email composition and reading while an operating system service handles email transfer via the Simple Mail Transfer Protocol (e.g. BSD
Unix sendmail handles SMTP).
News: message transfer system allowing individuals to communicate to groups.
An application program handles news composition & reading while a network
service handles news propagation via the Network News Transfer Protocol (NNTP).
File Transfer (FTP): a user client program communicates with a remote application
to provide file transfer.
Remote Procedure Call (RPC): a local program communicates a request to a remote
service provider asking for a remote procedure (program) to run and return the
results.
Remote Login: a user can run a remote shell (CLI session or other task) via tools
such as telnet, rlogin, and rsh.
25
c
Phillip
Musumeci 2002
JCU
School of InfTech
5
Header
48
User data
26
c
Phillip
Musumeci 2002
JCU
School of InfTech
4.2.1
Framing
Framing refers to the technique of identifying the start and end of each packet.
One technique is to use a special flag (bit pattern).
Using bit stuffing for framing allows data frames to contain an arbitrary number
of bits and frees the system from any concept of character size. Each frame begins and ends with the special bit pattern 01111110. A sender DLL encountering 5
27
c
Phillip
Musumeci 2002
JCU
School of InfTech
consecutive 1 bits inserts a 0 in the bit stream, and the receiver DLL removes the
inserted 0.
(a) 0 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 1 0
(b) 0 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 1 1 1 1 1 0 1 0 0 1 0
Stuffed bits
(c) 0 1 1 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 1 0
Fig. 3-5. Bit stuffing. (a) The original data. (b) The data as they
appear on the line. (c) The data as they are stored in the receivers
memory after destuffing.
4.2.2
To ensure delivery of a frame, we need some feedback from the receiver to the
sender to indicate success or failure this will handle errors within a frame.
What if a frame is completely lost (perhaps due to a noise burst)? Start a timer
after each frame is sent and resend if no acknowledgement received within some
time limit.
What if frames arrive twice (ack. was lost) or out of order? Give each frame an ID
number.
DLLs duties include management of timers & frame sequence ID numbers.
Error detection: general idea is to have the TX end append extra bits to the message in such a way that the RX end can detect illegal bit combinations. Mathematically, it is possible to define a measure of distance between the valid message+check
bits we then know how many bit errors can be detected.
Error correction: suppose valid combinations of message+check bits differ in at
least 3 bits and we receive a message+check sequence that differs from the allowed
by only 1 bit. If we think only 1 bit is in error, we can choose the nearest allowed
pattern and fix the error.
28
c
Phillip
Musumeci 2002
JCU
School of InfTech
4.2.3
The sender and receiver of frames may operate at different maximum rates due to
CPU power available, CPU loadings, etc.
Higher speed senders must be prevented from swamping lower speed receivers
in order to prevent frame losses.
Again, a feedback mechanism is employed from receiver to sender.
Can be explicit requests to send n frames, or can be handled by receiver slowing
acknowledgements.
For further information: see AST .
c
Phillip
Musumeci 2002
JCU
School of InfTech
At the destination, the pieces are reassembled into the original datagrams and
passed to the transport layer.
4.3.1
IP Header
32 Bits
Version
IHL
Type of service
Total length
D M
F F
Identification
Time to live
Protocol
Fragment offset
Header checksum
Source address
Destination address
An IP datagram contains a header part and a data part, with fields stored most
significant bit first (bigendian).
Version identifies which version of the protocol is being used this allows protocol changes to be supported.
IHL specifies the header length.
Type of service allows the host to tell the subnet what type of service can choose
from combinations of reliability versus speed.
Current use:
bits 7,6,5 = 3bit priority;
bits 4,3,2 = DTR (what is most important out of delay, throughput, reliability);
bits 1,0 = unused.
At present, routers tend to ignore this field!
Total length = datagram length (header and data).
30
c
Phillip
Musumeci 2002
JCU
School of InfTech
Identification field allows a destination host to determine which datagram a fragment that arrives belongs to (it is reassembling the datagram).
DF indicates a dont fragment request and routers should not fragment this datagram (useful if the destination cannot reassemble it e.g. when a PC is booting and
needs to receive its OS as a single datagram). All systems must be able to accept
fragments of 576 bytes or less.
MF indicates there are more fragments to come.
Fragment Offset says where this fragment belongs in the current datagram. 13 bit
size gives a maximum datagram size of 64K.
Time to live limits packets lifetimes prevents packets wondering around forever.
Usually decremented on each hop packet discarded if 0 and source warned.
Protocol field identifies the protocol: TCP, UDP, others.
Header checksum is the header checksum updated on each hop as time to live is
updated (CPU task).
Addresses specify source and destination.
Options:
Option
Description
Security
Specifies how secret the datagram is
Strict source routing Gives the complete path to be followed
Loose source routing Gives a list of routers not to be missed
Record route
Makes each router append its IP address
Timestamp
Makes each router append its address and timestamp
31
c
Phillip
Musumeci 2002
JCU
School of InfTech
32 Bits
Range of host
addresses
Class
A
10
110
1110
Network
1.0.0.0 to
127.255.255.255
Host
Network
11110
128.0.0.0 to
191.255.255.255
Host
Network
Host
192.0.0.0 to
223.255.255.255
Multicast address
224.0.0.0 to
239.255.255.255
240.0.0.0 to
247.255.255.255
4.4 IP Addresses
Are 32 bits long with the leading bits indicating the class of address.
Class A addresses: bit 31=0, a 7 bit network part, and a 24 bit host part, yielding
an address range
1.0.0.0127.255.255.255.
Class B addresses: bits 31,30=10, a 14 bit network part, and a 16 bit host part,
yielding an address range
128.0.0.0191.255.255.255.
Class C addresses: bits 3129=110, a 21 bit network part, and an 8 bit host part,
yielding an address range
192.0.0.0223.255.255.255.
Class D addresses: bits 3128=1110 and a 28 bit multicast part, yielding an address
range
224.0.0.0239.255.255.255.
Class E addresses are reserved for future use, and: bits 3127=11110
(240.0.0.0247.255.255.255).
Address space is used more efficiently if class A networks migrate to class B or C
(where possible).
32
c
Phillip
Musumeci 2002
JCU
School of InfTech
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
...
0 0
0 0
Host
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1
Network
...
1111
127
(Anything)
This host
1111
Broadcast on the
local network
Broadcast on a
distant network
Loopback
c
Phillip
Musumeci 2002
JCU
School of InfTech
UNIX kernel built with firewall and ipdivert support could also handle
Network Address Translation.
4.5 Subnets
Networking requirements can change, especially in growing organisations.
A range of IP addresses can be broken up into subnets e.g. Fig. 5-49 shows a
class B address in which the original 16 bit host part has been reallocated into a 6
bit subnet part and a 10 bit host part.
This split looks the same from the outside world, so no registrations change.
However, internally, the network has been divided up into smaller subnets (less
collisions, greater total distance can be covered, etc.).
The routers internal to the organisation are simply given new details.
32 Bits
Subnet
mask
10
Network
Subnet
Host
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0
c
Phillip
Musumeci 2002
JCU
School of InfTech
If the network part identifies the local network, it is sent directly to the host (network=0 packets are ignored).
If the network is not found in the tables, the packet is forwarded to a default router
with more extensive tables.
When subnets are added, the router now maintains tables of [network,0],
[this-network,subnet,0] and
[this-network,this-subnet,host].
ANDing the IP address with the subnet mask (Fig. 5-49) gives the particular
subnet. ANDing the IP address with the netmask identifies the network.
3level hierarchy.
c
Phillip
Musumeci 2002
JCU
School of InfTech
4.7.2
The interface board only knows about 48 bit LAN addresses (each board is manufactured with a unique 48 bit address).
Each interface has an IP address.
ARP is a mechanism that allows a host to find out what 48 bit LAN address belongs to an IP address. A system outputs a broadcast packet to every machine on
the network in question, asking who owns this IP address. The owner replies
with their LAN address.
ARP reduces the need for configuration files.
By having hosts cache the results, ARP requests are reduced. However, cache
entries are discarded after a few minutes so that systems that have their LAN
cards replaced due to failure get operating quickly.
It is also possible for hosts to broadcast their mapping when they bootup. No response is expected. However, a machine with the same IP address should respond
in order to prevent the second machine coming on-line and creating chaos!
It is also possible for routers to react to ARP requests for IP information belonging to remote networks. In proxy ARP, routers cooperate by forwarding the ARP
request to the appropriate network for a response to be generated (and returned).
Note: given just an internet name e.g. marlin.jcu.edu.au, another
service called the domain name service can be used to obtain the IP address
corresponding to the name.
36
c
Phillip
Musumeci 2002
JCU
4.7.3
School of InfTech
Reverse Address Resolution Protocol
4.7.4
c
Phillip
Musumeci 2002
JCU
School of InfTech
routers used the best single link and ignored the others). Load spreading is important when routers are connected by multiple PPP links.
OSPF works by having adjacent routers exchange information with acknowledgement and timestamping hence, routers have up-to-date knowledge of costs etc.
In normal operation, a router floods link state update messages to its neighbours.
To minimise overall coordination traffic, one router is elected to be the designated
router and it is considered to be adjacent to all other routers.
As the routers all belong to a single organisation, they can trust one another!
Message type
Description
Used to discover who the neighbors are
Hello
4.7.5
c
Phillip
Musumeci 2002
JCU
School of InfTech
The group ID has 28 bits for > 250, 000, 000 groups.
Packets addressed to multicast addresses get best effort delivery with no guarantees.
Address can be permanent e.g.
224.0.0.1 = all systems on a LAN
224.0.0.2 = all routers on a LAN
224.0.0.5 = all OSPF routers on a LAN
224.0.0.6 = all designated OSPF routers on a LAN
Temporary addresses are available to processes running on the computers. A process can ask to join a group and leave a group.
A host must therefore handle traffic to group address(es) as well as its own IP
address(es), and keep track of which groups it has processes belonging to.
Multicasting is supported by special multicast routing.
Internet Gateway Management Protocol (IGMP) allows routers to track which
groups are active on their subnet.
39
c
Phillip
Musumeci 2002
JCU
School of InfTech
Router work is easy with respect to identifying the region on Earth, but then a
large database of information must be (quickly) accessed to determine final packet
routes. This requires a router to have higher computational power and more internal storage (the usual ...).
4.10 IPv6
Development of IPv6 stated in 1990.
Aims: support of billions of hosts; simplify routing tables; simplify protocols; better authentication and privacy; be more responsive to type of service; allow scope
of multicasting to be specified; support mobile IP addresses; allow future protocol
evolution; and have old and new protocols coexist.
Multimedia support was important.
IPv6 is compatible with TCP, UDP, ICMP, IGMP, OSPF, BGP, and DNS.
It is not directly compatible with IPv4 since it has a different header with less fields
to simply processing (and bigger addresses too).
Less fields simplify router work, although routers will have to handle both versions for maybe a decade (probably not a problem given VLSI advances).
The version field is 6 for IPv6.
Priority values 0 . . . 7 are for traffic that can be slowed down given congestion,
while 8 . . . 15 is for realtime traffic.
Addresses are 16 bytes long, with the first group of reserved addresses allocated
to IPv4.
Address use will not be efficient, but will allow fast routing.
40
c
Phillip
Musumeci 2002
JCU
School of InfTech
32 Bits
Version
Priority
Flow label
Payload length
Next header
Hop limit
Source address
(16 bytes
Destination address
(16 bytes)
c
Phillip
Musumeci 2002
JCU
School of InfTech
Introduction
Transport protocols (TPs) are the most important part of a communications system
(AST says the heart of the protocol hierarchy).
Its task is to provide reliable, cost-effective data transport from the source machine
to the destination machine, independent of the physical network(s) in use.
A TP shields the user from the details and characteristics of the layers below it.
The TP is complex.
Transport protocols provide the basic end-to-end service of transferring data between users. This is achieved by communication with a remote peer, and using
the services of the network layer.
The hardware and/or software within the transport layer that does the work is
called the transport entity.
Host 1
Application
(or session)
layer
Transport
address
Transport
entity
Network
address
Network layer
Host 2
Application
(or session)
layer
Application/transport
interface
TPDU
Transport
protocol
Transport/network
interface
Transport
entity
Network layer
c
Phillip
Musumeci 2002
JCU
School of InfTech
The transport layer offers independence from the actual network layer available.
This leads to a view of the lower 4 layers as being the transport service provider and
the upper layers as the transport service user.
The transport layer can also be viewed as a way of enhancing quality of service
(QoS).
c
Phillip
Musumeci 2002
JCU
School of InfTech
Transit Delay delay between message being sent by the transport user at
source and it being received by the transport user at the destination machine
(bidirectional);
Residual error ratio lost or garbled messages that were not fixed;
Priority levels allow higher priority links to be serviced in the event of
congestion;
A transport protocol is limited by the nature of the underlying network, and not
all QoS may be possible.
There is also a trade-off between reliability, delay, throughput and service cost.
Sample applications QoSs:
File transfer low errors and high throughput;
Remote procedure calls low delay;
Email transfer priority levels.
Either a transport protocol provides different QoS via option negotiation, or there
are different TPs for different classes of traffic.
5.1.4
44
c
Phillip
Musumeci 2002
JCU
School of InfTech
Primitive
TPDU sent
Meaning
LISTEN
(none)
Block until some process tries to connect
CONNECT
CONNECTION REQ.
Actively attempt to establish a connection
SEND
DATA
Send information
RECEIVE
(none)
Block until a DATA TPDU arrives
DISCONNECT DISCONNECTION REQ. This side wants to release the connection
LISTEN a server executes a listen primitive and waits (is blocked) until a connection is established.
CONNECT a client executes a connect primitive when it wants to talk to the
server. The transport entity carries out this primitive by making the caller wait
(blocking) and sending a packet containing a transport layer message to the servers
transport entity.
CONNECTION REQUEST arrives at the server and the transport entity checks to
see if there is a server blocked on a LISTEN. If there is, it is unblocked and the
transport entity sends CONNECTION ACCEPTED message back to the client.
Data can now be exchanged between the client and the server.
A TPDU (transport protocol data unit) is a message sent from transport entity to
transport entity.
Frame
header
Packet
header
TPDU
header
TPDU payload
Packet payload
Frame payload
45
c
Phillip
Musumeci 2002
JCU
School of InfTech
Note: transport service users do not need to know about the packet nesting and
associated error detection/correction mechanisms present they simply see a
reliable link.
DISCONNECT can be asymmetric, where either transport user can issue a disconnect primitive, or symmetric, where each direction is closed separately.
Termination may be abrupt (with loss of data), or graceful. Some TPs allow fullduplex and half-duplex connections.
Primitive
Meaning
SOCKET
BIND
LISTEN
ACCEPT
CONNECT
SEND
RECEIVE
CLOSE
Berkeley UNIX (BSD) developed the sockets interface for users to program at the
transport service level.
A successful socket call returns an ordinary file descriptor for use in following
calls (i.e. network access is file system mapped).
A server would execute the first 4 calls in the order shown, starting with a SOCKET
create call. The BIND call assigns an address for the socket.
A client also creates a socket and then does a CONNECT call in an attempt to access
a remote server (of known address).
Once a link is established, the client and server exchange data.
46
c
Phillip
Musumeci 2002
JCU
School of InfTech
When finished, both must execute a CLOSE to release the symmetric connection.
5.1.6
Addressing
Host 1
Host 2
Application
process
TSAP 6
Network
connection
starts here
Transport
connection
starts here
Application
layer
Transport
layer
NSAP
Network
layer
Server
TSAP 122
NSAP
Data link
layer
Physical
layer
Phys
ATM uses (AAL, SAP); AAL = ATM adaptation layer, SAP = Service Access Point.
47
c
Phillip
Musumeci 2002
JCU
School of InfTech
Host 1
Host 2
Host 1
Host 2
Time
of day
server
Layer
Process
Server
User
Process
Server
User
TSAP
(a)
(b)
If a name server is used, then new services will require a means of registering their
availability to the name server.
5.1.7
Multiplexing
If there are multiple users on one station, the TP must differentiate data to/from
each user and each connection.
48
c
Phillip
Musumeci 2002
JCU
School of InfTech
5.1.8
49
c
Phillip
Musumeci 2002
JCU
School of InfTech
32 Bits
Source port
Destination port
Sequence number
Acknowledgement number
U A P R S F
R C S S Y I
G K H T N N
TCP
header
length
Checksum
Window size
Urgent pointer
Options (0 or more 32-bit words)
Data (optional)
As TCP uses IP, which also has a 20 byte header, the header overhead per packet
is 40 bytes, not including data link layer headers.
Introduction
50
c
Phillip
Musumeci 2002
JCU
School of InfTech
Similarly, a server is any program that waits for an incoming communication
request from a client, and then performs any necessary computation in order
to send a reply.
5.2.2
Servers may provide controlled access to information that belongs to the operating
system or users, hence protection of data is essential.
Authentication verifying the identity of the client.
Authorisation determining whether a particular client is permitted access to a
particular service.
Data security do not want data unintentionally revealed or compromised.
Privacy.
Protection guarantee network applications cannot abuse system resources.
5.2.3
Standard applications services consist of those services that are defined by TCP/IP
and are assigned wellknown, universally recognised protocol port identifiers.
All other services may be considered to be locallydefined application services or
nonstandard services.
See definitions in file /etc/services on BSD UNIX hosts (sample also available
at
http://mirriwinni.cs.edu.au/phillip/intro2cn/services ).
5.2.4
If the client and server communicate using UDP (User Datagram Protocol), the
interaction is connectionless.
If the client and server communicate using TCP (Transfer Control Protocol), the
interaction is connectionoriented and error detection and correction is handled.
51
c
Phillip
Musumeci 2002
JCU
5.2.5
School of InfTech
Program Interface to Protocols
Loosely specified protocol software interface details of how applications software should interface with TCP/IP protocol software is not specified, but the required functionality is suggested.
Only a few interfaces exist one is the socket interface (or sockets) defined for the
Berkeley UNIX Operating System (BSD), and another is the TLI (Transport Layer
Interface) defined by AT&T.
In the PC world, the winsock library originally provided access to Berkeley style
sockets.
5.2.6
Interface Functionality
52
c
Phillip
Musumeci 2002
JCU
5.2.7
School of InfTech
System Calls
A system call can be thought of as a function call made with a subroutine supplied
as part of the operating system.
The system subroutine was written as part of the OS so it should be able to protect
itself and the network from incorrect calls.
Design approaches: create new system calls, or extend existing system calls to
handle networking.
The BSD sockets interface extends the file system handling system calls to also
handle networking in a openreadwriteclose paradigm.
Sample source code, based on examples given in the text of Douglas Comer &
David Stevens, is available at URL
http://mirriwinni.cs.edu.au/phillip/intro2cn/tcpip-demo
5.2.8
BSD Tutorial
http://mirriwinni.cs.edu.au/phillip/intro2cn/BSD
53
c
Phillip
Musumeci 2002
JCU
School of InfTech
TCP/IP Protocols
6.1 Introduction
We consider the following topics:
Additional References:
Internetworking With TCP/IP Vol. 1, D.E. Comer, 2nd edition, Prentice-Hall,
1991.
ISBN 0-13-468505-9.
Computer Networks and Internets, D.E. Comer, Prentice-Hall, 1997. ISBN 0-13599010-6.
54
c
Phillip
Musumeci 2002
JCU
School of InfTech
55
c
Phillip
Musumeci 2002
JCU
School of InfTech
When communicating with a remote port, each message carries a destination port
number on the foreign machine and a source port number on the source machine
to which replies are to be addressed.
Thus, any task that receives a message can also reply.
The User Datagram Protocol (UDP) provides unreliable connectionless delivery
service using IP to transfer messages between hosts. It adds the ability to distinguish among multiple destinations within a single host.
An application that uses UDP must handle the problem of reliability, including
message loss, duplication, delay, out-of-order delivery, etc.
These problems are often underestimated by developers who prototype on highly
reliable, low delay private LANs.
Conceptual layering:
Application
User Datagram (UDP)
Internet (IP)
Network Interface
Format of UDP Messages:
UDP Source Port [0-15]
UDP Destination Port [16-31]
UDP Message length [0-15]
UDP Checksum [16-31]
Data [0-31]
...
A 64-bit header is followed by data.
Four 16-bit fields specify source and destination port numbers, the message length
(bytes in header+data), and checksum.
The source port is optional used only if replies are needed.
The checksum is optional however, as IP does not compute a checksum on its
data payload, this checksum should be used if data integrity is to be checked.
A UDP datagram is encapsulated inside an IP datagram for transmission i.e. UDP
prepends a header to user data and passes this new packet to the IP layer, which
prepends an IP header and passes this new(er) packet to the network layer.
As usual, the layered structure provides a (fairly) clear separation of duties:
56
c
Phillip
Musumeci 2002
JCU
School of InfTech
57
c
Phillip
Musumeci 2002
JCU
School of InfTech
1/udp
#TCP Port Service Multiplexer
7/udp
9/udp
sink null
11/udp
users
#Active Users
13/udp
20/udp
#File Transfer [Default Data]
21/udp
#File Transfer [Control]
22/udp
#Secure Shell Login
23/udp
24/udp
any private mail system
25/udp
mail
#Simple Mail Transfer
37/udp
timserver
42/udp
name
#Host Name Server
43/udp
whois
52/udp
#XNS Time Protocol
53/udp
#Domain Name Server
63/udp
66/udp
#Oracle SQL*NET
67/udp
dhcps
#Bootstrap Protocol Server
68/udp
dhcpc
#Bootstrap Protocol Client
69/udp
#Trivial File Transfer
79/udp
80/udp
www www-http
#World Wide Web HTTP
88/udp
kerberos
# krb5 # Kerberos (v5)
101/udp
hostnames
#NIC Host Name Server
109/udp
postoffice
#Post Office Protocol - Version 2
110/udp
#Post Office Protocol - Version 3
111/udp
rpcbind
#SUN Remote Procedure Call
118/udp
#SQL Services
119/udp
usenet
#Network News Transfer Protocol
6000-6063/udp
X Window System
You can list port numbers on BSD (and compatible) operating systems with a command such as fgrep udp /etc/services. See also http://www.isi.edu/innotes/iana/
assignments/port-numbers
58
c
Phillip
Musumeci 2002
JCU
School of InfTech
Notice UDP port 1 is titled TCP Port Service Multiplexer. Connections on this fixed
port number are used to organise dynamic port numbers.
Notice the UDP port range 6000-6063. This entry is commented out but it reminds
users that the X-windows system is allocated TCP ports in this range. As we shall
see, TCP provides similar port multiplexing and the convention is that UDP and
TCP port numbers are allocated the same.
59
c
Phillip
Musumeci 2002
JCU
School of InfTech
Unstructured Stream
Application programs must agree on the structure of the data transferred.
Full Duplex Connection
concurrent data transfer can occur in both directions.
9 10
2 3 4 5 6 7 8 9
10
Varying delays might mean a packet could be resent and two copies be received.
60
c
Phillip
Musumeci 2002
JCU
School of InfTech
Network utilisation is much improved as the protocol can essentially keep the
network saturated with packets.
Application
Reliable Stream (TCP) User Datagram (UDP)
Internet (IP)
Network Interface
c
Phillip
Musumeci 2002
JCU
School of InfTech
An application at one end performs a passive open by informing its OS that it will
accept an incoming connection. The OS assigns a TCP port number (and allocates
necessary resources).
An application at the other end can then perform an active open request to establish
the connection.
Current Window
B1
B2 B3 B4 B5 B6 B7 B8 B9
B10
The pointer at the left separates bytes on the left that have been sent and acknowledged. The pointer at the right marks the right of the sliding window, indicating
the highest byte in the window that could be sent. The middle pointer separate
bytes sent from those not yet sent.
The protocol sends bytes in the window as soon as possible, so the window shown
here moves rapidly to the right.
Recall that acknowledgements travel back from the receiver to the transmitter, in
a reverse link. In effect, each end must manage two sets of sliding windows
62
c
Phillip
Musumeci 2002
JCU
School of InfTech
one set for its outgoing data (where it determines what to send or resend next),
and one set for its incoming data (where at a minimum it determines what to
acknowledge).
63
c
Phillip
Musumeci 2002
JCU
School of InfTech
SOURCE PORT
DESTINATION PORT
SEQUENCE NUMBER
ACKNOWLEDGEMENT NUMBER
HLEN/RESERVED/CODE BITS
WINDOW
CHECKSUM
URGENT POINTER
OPTIONS (if any)
PADDING
DATA
Fields SOURCE PORT and DESTINATION PORT contain TCP port numbers which
identify the application programs at the end points.
The SEQUENCE NUMBER identifies the position in the senders byte stream of the
data in this segment.
The ACKNOWLEDGEMENT NUMBER identifies the number of the octet that the source
expects to receive next (i.e. earlier bytes are OK).
The HLEN integer specifies the segment header length in units of 32-bits, because
the OPTIONS field (and header) has variable length.
The 6-bit CODE BITS specify the purpose and contents of the segment. From left
to right, these bits are:
1. URG - urgent pointer field is valid
2. ACK - acknowledgement field is valid
3. PSH - this segment requests a push
4. RST - reset the connection
5. SYN - synchronise sequence numbers
6. FIN - sender has reached end of its byte stream
The WINDOW field advertises how much data the sender of the packet is willing to
receive.
6.12.1
Out of band data is data that the sender wishes to have handled as soon as possible
i.e. out of order.
Examples use: typing an interrupt command in a telnet window linked to a remote
Unix host.
The URG bit is used to indicate that urgent data is present, with its location in the
window given by the URGENT POINTER.
64
c
Phillip
Musumeci 2002
JCU
School of InfTech
6.12.2
Both ends need to agree on the maximum segment size they will transfer (impacts
on resource allocation at the end points).
The OPTIONS header field is used in negotiations, where each end specifies the
maximum segment size (MSS) that it is willing to receive.
For better efficiency, an MSS should be chosen so that the resulting IP datagram
matches the MTU of the underlying network.
If an MSS is chosen too small: network utilisation suffers (a segment size of 41
bytes of which 40 bytes are header is very inefficient).
If an MSS is chosen too large: the segment, which is encapsulated in an IP datagram (which is itself encapsulated in a network frame), may need to be fragmented in order to fit into the datagram. This results in extra frag/defrag overheads and a single lost fragment means the whole segment must be resent (recall
that the TCP window mechanism operates on segments).
An optimum segment size S occurs when the IP datagrams carrying the segments
are as large as possible without requiring fragmentation anywhere along the path
from the source to the destination.
Can an optimal S be found?
There is no probing mechanism built into TCP.
Also, the network routes can be time varying, in response to topology changes
(nodes may fail or come on-line) or congestion avoidance (time outs cause alternative routes to be used).
There is currently no standard way to find S.
6.12.3
A 16-bit arithmetic checksum of a segment allows the receiver to verify that the
TCP header and data has been received without error.
To allow the TCP protocol to verify the correct source and destination host, the
following information is prepended to the segment for the purposes of checksum
calculations:
65
c
Phillip
Musumeci 2002
JCU
School of InfTech
SOURCE IP ADDRESS
DESTINATION IP ADDRESS
ZERO PROTOCOL
TCP LENGTH
SOURCE PORT
DESTINATION PORT
SEQUENCE NUMBER
ACKNOWLEDGEMENT NUMBER
remainder of segment follows
66
c
Phillip
Musumeci 2002
JCU
School of InfTech
TCP monitors the performance of each connection and deduces reasonable values
for timeouts. As the characteristics of the link change, TCP updates its timeout
values.
By measuring the time between segment transmission and segment acknowledgement, TCP obtains a sample round trip time or round trip sample. A new sample value
allows the estimate of round trip time (RTT) to be updated.
An early method to update RTT was to use an exponential forgetting factor, which
gives a response curve like a first order RC circuit discharge:
RT Ti+1 = RT Ti + (1 )RT Tsample
i.e. the applied to the ith RTT discharges it (scales it down) to give the historical
contribution to the (i + 1)th RTT for < 1; and
(1 ) scales the contribution of the sample measurement to RTTi+1 .
An early method to determine the timeout used a scaled value of RTT i.e. Timeout
= RTT. Originally, was set to 2 (too close to 1 and retransmission might occur
too easily).
From a control theory point of view, these techniques are very simple but they do
allow a system to operate reasonably well in the face of random noise and other
unmodelled disturbances.
RTT sample measurements can be ambiguous when a late segment is received,
is it the result of a timeout triggered retransmission or did it just take a very long
time to arrive?
If the segment is the original that was in transit for a long time, but the receiver
assumes it is a retransmission (with smaller transit time), then the updated RTT
will be smaller (even though RTT is actually large).
If the received segment is assumed to be from a retransmit but it is not, RTT update
is again incorrect.
How can we avoid incorrect updates to RTT?
Karns algorithm allows the previous RTT updates to only occur on timing data
from unambiguous acknowledgments10 .
10
Phil Karn is an amateur radio enthusiast who developed this algorithm to allow TCP operation across
a high loss packet radio link.
67
c
Phillip
Musumeci 2002
JCU
School of InfTech
To handle sharp increases in actual round trip time, Karns algorithm also has a
timer backoff strategy whereby, if a retransmission occurs:
new timeout = old timeout
where is typically 2.
The systems updates are now chosen according to the internets behaviour.
When the internet is well behaved, the terms and control updates of RTT and
Timeout.
When the internet misbehaves, Karns algorithm uses to control timeout updates. This decouples the estimate of timeout from round trip travel time. Only
when an acknowledgement arrives does the update of timeout become linked to
RTT estimates.
1
;0 L 1
1L
c
Phillip
Musumeci 2002
JCU
School of InfTech
RT Ti+1 = RT Ti + (1 ) RT Tsample
DEVi+1 = DEVi + (1 ) |RT Ti RT Tsample |
where is a smoothing factor that controls how much weight is given to an old
ith value when producing a new (i + 1)th value, and the (1 ) factor controls the
weight of new information;
DEV is an estimate of standard deviation which works well (it is actually the
deviation smoothed).
Implementation efficiency: use = a fraction composed of 1/2, 1/4, 1/8 etc. so
integer arithmetic can be used.
This discussion has focussed on how to determine RTT and timeout values in a
real network. Question: what should be done when congestion occurs?
Internet Control Message protocol (ICMP) allows gateways and hosts to exchange error and control
messages.
69
c
Phillip
Musumeci 2002
JCU
School of InfTech
In practice, TCP maintains a second limit called the congestion window limit.
TCP operates with an Allowed window = min{ advertised window, congestion window }. The congestion window is shrunk during times of congestion.
Multiplicative decrease Congestion Avoidance: Upon loss of a segment, reduce the
congestion window by half (minimum 1). For segments remaining in the allowed
window, backoff the retransmission timer exponentially.
If congestion is assumed, TCP reduces traffic volume exponentially. If loss continues, the result is TCP attempting to send a single datagram (with exponentially
increasing timeout).
The idea is to provide significant and fast load reductions to the gateways.
Slow-Start Recovery: Whenever starting traffic on a new connection or increasing
traffic after a period of congestion, start the congestion window at the size of a single segment and increase the window by 1 segment after each acknowledgement
arrives.
Once the window reaches half of the advertised size, a congestion avoidance phase
is entered and subsequent increases in window size occur only if all segments in
the window are acknowledged.
AST Figure 6-32 shows a system that started out with a congestion window size =
64K when a timeout occurred. The threshold is set to half this value (32K) while
the congestion window size shrinks to 1K at transmission number 0.
The window then grows to 2K, 4K, 8K, 16K, 32K until at transmission 5 congestion
avoidance mode starts.
Window size then grows linearly up to 40K when a timeout occurs after transmission 13. The congestion window size is then set to 40K/2=20K and transmission
resumes. If no more problems occur, the window size can grow as large as the
advertised window size.
70
c
Phillip
Musumeci 2002
JCU
School of InfTech
44
Timeout
40
36
Threshold
32
28
Threshold
24
20
16
12
8
4
0
0
10
12
14
Transmission number
16
18
20
22
24
TCP Open
Events at site 1
Send SYN seq=x
Events at site 2
&
Receive SYN segment
Send SYN seq=y, ACK x+1
.
71
c
Phillip
Musumeci 2002
JCU
School of InfTech
TCP Close:
Note that TCP connections are full duplex and we can think of them as two unidirection independent streams. Once a link is closed, data can no longer travel in
that direction (but control segments can still travel in the opposite direction, as can
data until that link is also closed).
One further point is that the end which is told to close sends back two messages,
one to acknowledge the request, and one to confirm that there is no more data
present once the application has been informed.
TCP Close
Events at site 1
Send SYN seq=x
Events at site 2
&
.
c
Phillip
Musumeci 2002
JCU
School of InfTech
When the link is shutdown, the FSM performs waits (longer than twice the segment lifetime) to avoid interference between links.
(Start)
CONNECT/SYN
CLOSED
CLOSE/
LISTEN/
CLOSE/
SYN/SYN + ACK
LISTEN
SYN
RCVD
RST/
SEND/SYN
SYN/SYN + ACK
(simultaneous open)
SYN
SENT
ESTABLISHED
CLOSE/FIN
CLOSE/FIN
SYN + ACK/ACK
(Step 3 of the three-way handshake)
FIN/ACK
(Passive
(Active close)
FIN/ACK
FIN
WAIT 1
CLOSE
WAIT
CLOSING
ACK/
CLOSE/FIN
ACK/
FIN + ACK/ACK
FIN
WAIT 2
Close)
FIN/ACK
LAST
ACK
TIMED
WAIT
(Timeout/)
CLOSED
ACK/
Fig. 6-28. TCP connection management finite state machine. The heavy solid line is the
normal path for a client. The heavy dashed line is the normal path for a server. The
light lines are unusual events.
73
c
Phillip
Musumeci 2002
JCU
School of InfTech
tcpmux
echo
discard
systat
daytime
chargen
ftp-data
ftp
ssh
telnet
smtp
nameserver
nicname
domain
bootps
bootpc
tftp
gopher
finger
http
kerberos-sec
hostname
pop2
pop3
sunrpc
audionews
nntp
ntp
imap
snmptrap
xdmcp
bgp
ris
appleqtc
kpasswd5
1/tcp
7/tcp
9/tcp
11/tcp
13/tcp
19/tcp
20/tcp
21/tcp
22/tcp
23/tcp
25/tcp
42/tcp
43/tcp
53/tcp
67/tcp
68/tcp
69/tcp
70/tcp
79/tcp
80/tcp
88/tcp
101/tcp
109/tcp
110/tcp
111/tcp
114/tcp
119/tcp
123/tcp
143/tcp
162/tcp
177/tcp
179/tcp
180/tcp
458/tcp
464/tcp
#Active Users
ttytst source
#Character Generator
#File Transfer [Default Data]
#File Transfer [Control]
#Secure Shell Login
mail
#Simple Mail Transfer
name
#Host Name Server
whois
#Domain Name Server
dhcps
#Bootstrap Protocol Server
dhcpc
#Bootstrap Protocol Client
#Trivial File Transfer
www www-http
#World Wide Web HTTP
kerberos
# krb5 # Kerberos (v5)
hostnames
#NIC Host Name Server
postoffice
#Post Office Protocol - Version 2
#Post Office Protocol - Version 3
rpcbind
#SUN Remote Procedure Call
#Audio News Multicast
usenet
#Network News Transfer Protocol
#Network Time Protocol
imap2 imap4 #Interim Mail Access Protocol v2
snmp-trap
#X Display Manager Control Protocol
#Border Gateway Protocol
#Intergraph
#apple quick time
# Kerberos (v5)
74
c
Phillip
Musumeci 2002
JCU
School of InfTech
klogin
kshell
dhcpv6-client
dhcpv6-server
imap4-ssl
nfsd
hylafax
543/tcp
544/tcp
546/tcp
547/tcp
585/tcp
2049/tcp
4559/tcp
# Kerberos (v4/v5)
krcmd
# Kerberos (v4/v5)
#DHCPv6 Client
#DHCPv6 Server
#IMAP4+SSL (use of 585 is not recommended,
nfs
# NFS server daemon
#HylaFAX client-server protocol
c
Phillip
Musumeci 2002
JCU
School of InfTech
76
c
Phillip
Musumeci 2002
JCU
School of InfTech
7.1 Background
We know that servers can perform passive opens and wait for a client to perform
an active open thus creating the TCP link between two particular applications on
two hosts.
In UNIX, file IO employs a open-read-write-close paradigm i.e. a file is opened (the
user is provided with an integer file descriptor ID), some data reads and/or writes
occur, and then the file is closed.
The socket abstraction allows a programmer to access TCP/UDP in a way that is
similar to file IO (whenever it makes sense).
In fact, 4.4BSD uses sockets for local interprocess communication (UNIX domain)
and interhost/interprocess communication (INET domain).
The API design provides access similar to file IO although opening a socket may
require more information than opening a file (instead of a file name argument, we
need the transport protocol name, a remote machine address, a client/server flag,
etc.).
The system call socket() creates a socket and returns the socket ID number.
Argument af specifies the protocol family, which is AF INET for internet protocol
(others may include protocols from Xerox, Apple, CCITT, ISO).
Argument type specifies the type of communication desired e.g. SOCK STREAM
is reliable stream service, SOCK DGRAM is connectionless datagram delivery, and
there is also SOCK RAW for privileged programs to access low-level protocols or
network interfaces.
Argument protocol allows for multiple versions of a particular af/type combination. Example: the TCP/IP protocol suite include the protocol TCP.
77
c
Phillip
Musumeci 2002
JCU
School of InfTech
7.4 Binding
Communicating processes are bound by an association. In the Internet domain,
an association is composed of local and foreign addresses, and local and foreign
ports.
The bind() function call allows a process to specify half of an association i.e. the
local address and local port.
The general form of bind() is bind( socket, localaddr, addrlen ) where
socket is a descriptor previously created (but not bound), localaddr is a structure specifying the local address to be assigned to the socket, and addrlen is an
integer specifying the length of the address structure.
The generic format of the address structure is:
c
Phillip
Musumeci 2002
JCU
School of InfTech
char
sa_data[14];
};
where sa len specifies the length of the address structure, sa family specifies
the family to which the address belongs (e.g. AF INET), and sa data contains
the address.
The internet version of this address structure is:
asks the operating system to build a separate request queue for the previously
bound socket.
79
c
Phillip
Musumeci 2002
JCU
School of InfTech
caddress, caddresslen );
asks the operating system to return with a socket associated with the next request
in the queue.
The accept() call blocks (waits) until a request arrives.
Variable newsock is in fact a descriptor of a new socket that was created by accept() and bound in the same way as socket (in effect, duplicated). The server
task now uses newsock for its work while socket remains available for accepting new requests.
The following extract is from BSD rlogind:
...
f = socket(AF INET, SOCK STREAM, 0);
...
if (bind(f, (struct sockaddr ) &sin, sizeof (sin)) < 0) {
...
}
...
listen(f, 5);
for (;;) {
int g, len = sizeof (from);
accept:
%m");
if (fork() == 0) {
close(f);
doit(g, &from);
}
close(g);
80
c
Phillip
Musumeci 2002
JCU
School of InfTech
In effect, connect() is the function call that a client uses to connect to a server
that has called accept().
Note: connect() may also be used for connectionless protocols as it records the
servers address in the socket thereby allowing the client to send many messages
to the same server without having to specify the destination address with each
message.
81
c
Phillip
Musumeci 2002
JCU
School of InfTech
As these are (by design) compatible with the descriptors used for sockets, a single
application program can process local data (files) or remote data (data accessed
via sockets).
#include <sys/time.h>
#include <sys/types.h>
...
fd set read template;
struct timeval wait;
...
for (;;) {
wait.tv sec = 1;
/ one second /
82
c
Phillip
Musumeci 2002
JCU
School of InfTech
wait.tv usec = 0;
FD ZERO(&read template);
FD SET(s1, &read template);
FD SET(s2, &read template);
nb = select( FD SETSIZE,
&read template,
(fd set ) 0, (fd set ) 0,
&wait );
if (nb 0) {
/ An error occurred during the select,
or the select timed out. /
}
if (FD ISSET(s1, &read template)) {
/ Socket #1 is ready to be read from /
}
if (FD ISSET(s2, &read template)) {
/ Socket #2 is ready to be read from /
}
}
Note: read template is cleared and re-initialised at the beginning of every main
loop for(;;) traversal.
= ntohl( netlong );
= htonl( locallong );
83
c
Phillip
Musumeci 2002
JCU
School of InfTech
84
c
Phillip
Musumeci 2002
JCU
School of InfTech
The TCPMUX service allows a user to add locally developed protocols without
needing an official TCP port assignment. The TCPMUX protocol is described in
RFC-1078:
A TCP client connects to a foreign host on TCP port 1. It sends the service name followed by
a carriage-return line-feed (CRLF). The service name is never case sensitive. The server replies
with a single character indicating positive (+) or negative (-) acknowledgment, immediately followed by an optional message of explanation, terminated with a CRLF. If the reply was
positive, the selected protocol begins; otherwise the connection is closed.
85
c
Phillip
Musumeci 2002
JCU
School of InfTech
IP Router Operation
We now consider higher level operation of the Internet.
Address Resolution Protocol (ARP) allows a host to find a hardware address from an IP address.
86
c
Phillip
Musumeci 2002
JCU
School of InfTech
An IP routing algorithm employs an IP routing table on each node to hold information about possible destinations and how to reach them. A typical routing table
contains pairs (N,G) where N = IP address of destination network and G is the IP
address of the gateway along the path to network N.
Based on the network portion of its own address, a node can easily identify datagrams for which indirect delivery is necessary. The table provides an IP address
for the gateway node so the datagram, with its IP addresses unchanged, is encapsulated in a new frame with a 48-bit hardware address chosen for the next gateway.
If the destination network is not found in the routing table, the packet is forwarded
to a default router with more extensive tables. If no default route is defined, a
routing error has occurred.
In some instances, particular routes may be defined for some nodes.
We can summarise the IP routing algorithm
Route IP Datagram( datagram,routing table ) as:
Extract destination IP address, ID , from datagram;
Compute IP address of destination network, IN ;
if IN matches any directly connected network address, send datagram to destination over that network (this involved resolving ID to a physical address, encapsulating the datagram, and sending the frame);
else if ID appears as a host-specific route, use that;
else if IN appears in routing table, use the table route;
else if a default route has been specified, use that;
else declare a routing error.
How is the routing table determined?
For simple networks, a static routing table is feasible.
In large networks, a dynamic routing table is required in order that the network may
adapt to changes e.g. gateway failures can be worked around, etc.
87
c
Phillip
Musumeci 2002
JCU
School of InfTech
88
c
Phillip
Musumeci 2002
JCU
School of InfTech
8.4.1
c
Phillip
Musumeci 2002
JCU
School of InfTech
RIP uses a hop count metric. A datagram direct delivery corresponds to one hop.
A hop count does not take into account link speed e.g. 3 hops across fast networks
would most likely be faster than 2 hops via PPP links. RIP implementations may
advertise artificially high hop counts for slow links in order to optimise routing.
Both active and passive RIP participants listen to all broadcast messages and update their tables when better routes are found. Each route in the table has associated with it a timer so that it is automatically dropped should a gateway providing
the route fail. Routes become invalid after 180 seconds.
Note that this means that good news (fast routes) travels quickly while bad news
(failed routes) travels slowly. This slow convergence problem is addressed by techniques such as triggered updates which force a gateway to immediately broadcast
bad news. An avalanche of updates can also cause problems.
8.4.2
The early algorithms suffered as networks grew so the Internet Engineering Task
Force developed the OSPF (Open Shortest Path First) standard in 1990. It is published hence open.
It can handle metrics such as physical distance, time delay, and others.
It is dynamic hence can adapt to changes in topology automatically.
Supports routing based on service i.e. the type of service field is inspected so that it
is possible to handle realtime traffic (multimedia), etc.
It can do load balancing hence routers connected by multiple pathways can have
their traffic spread across the pathways to maximise performance (previously,
routers used the best single link and ignored the others). Example: a router can
balance traffic on multiple PPP pathways forming a link to maximise performance.
OSPF works by having adjacent routers exchange information with acknowledgement and timestamping hence, routers have up-to-date knowledge of costs etc.
In normal operation, a router floods link state update messages to its neighbours.
To minimise overall coordination traffic, one router is elected to be the designated
router and it is considered to be adjacent to all other routers.
As the routers all belong to a single organisation, they can trust one another!
90
c
Phillip
Musumeci 2002
JCU
School of InfTech
Message type
Description
Used to discover who the neighbors are
Hello
91
c
Phillip
Musumeci 2002
JCU
School of InfTech
8 15
16 23
24 31
TYPE CODE
CHECKSUM
Further ICMP Information
IP datagrams carrying an ICMP message are not allowed to trigger error report
messages (as this could cause error messages about error messages about ...).
Principal ICMP message types:
92
c
Phillip
Musumeci 2002
JCU
School of InfTech
Message type
Description
Destination unreachable Packet could not be delivered
Time exceeded
Time to live field hit 0
Parameter problem
Invalid header field
Source quench
Choke packet
Redirect
Teach a router about geography
Echo request
Ask a machine if it is alive
Echo reply
Yes, I am alive
Timestamp request
Same as Echo request, but with timestamp
Timestamp reply
Same as Echo reply, but with timestamp
c
Phillip
Musumeci 2002
JCU
School of InfTech
datagram and also sends a redirect message to the host. Thus, a host can boot up
knowing only a default gateway and then optimise its routing.
Echo Request and Echo Reply allows destinations to be checked for reachability and
timestamping allows performance measurement. On UNIX hosts, the ping command uses these messages to display network performance while the traceroute can identify the route in use.
A Timestamp Request leads to a Timestamp Reply to allow datagram transit times to
be computed.
94
c
Phillip
Musumeci 2002
JCU
School of InfTech
A diskless machine about to boot up will know its 48-bit LAN address but will not
know its IP address.
An RARP sends out a broadcast packet (with all 32 address bits = 1) saying what
its LAN address is, and an RARP server responds with the IP address.
This allows the diskless machine to share boot files with other machines while
retaining its unique identity.
Broadcast packets with all address bits = 1 are not propagated by routers to avoid
unwanted traffic, and RARP servers must exist on any subnet needing them.
On UNIX, rarpd can be handled by daemons that starts at boot time.
95
c
Phillip
Musumeci 2002
JCU
School of InfTech
Examples on Unix:
nslookup cay.cs.jcu.edu.au
returns the IP address of cay;
nslookup -q=mx cay.cs.jcu.edu.au
returns the Mail eXchange records for email addressed to cay (this MX mapping
allows us to direct email to a main server and backup servers);
nslookup -q=mx cs.jcu.edu.au
returns the Mail eXchange records for host independent CSE email.
Some domain name system record types:
type A consists of a hostname and its IP address;
type CNAME gives the canonical hostname for an alias;
type MX gives a 16 bit preference and name of host that acts as a mail exchanger
for the domain;
type NS is the name of the authorative server for the domain;
type SOA is the statement of authority which describes which parts of the naming
hierarchy a server implements.
The cost of lookup for non-local names can be high so nameservers will maintain
a cache of recently used names when queried, a reply from a remote server will
be marked authorative while an answer from a locally cached (previous) query will
be marked non-authorative.
Each response from a remote server will include a time to live value set by the
authority at the remote site this means that server lookups for hosts whose
IP address does not change can be minimised, while improved correctness can
be obtained for entries that are expected to change by assigning them short TTL
values.
Before an organisation is granted authority for an official domain, it must agree to
operate a domain name server that meets Internet standards.
For robustness, a site must also find a separate non-dependent site to act as a
backup server. A backup server is best physically separate, running on a different
power supply.
Administration information for the .au domain may be found at
http://www.auda.org.au.
96
c
Phillip
Musumeci 2002
JCU
School of InfTech
97
c
Phillip
Musumeci 2002
JCU
10
School of InfTech
Application Layer
10.1 Introduction
Recall that UNIX Internet daemons such as inetd can simplify the setup of service provision.
In particular, a server task can be written with its client communication mapped
to stdin/stdout IO.
In practice, lightly loaded services are started by inetd as needed while more
heavily used server tasks may be run permanently as daemons in their own right.
10.2 Email
Simple Mail Transfer Protocol (SMTP) is used to transfer email .
On UNIX, the mail delivery daemon is sendmail (or one of a number of new
alternatives such as vmail) which listens on TCP port 25 for connections from
remote machines. On Unix, see telnet <host> 25.
SMTP is a simple ASCII (text) transmission protocol described by RFC 821. Recently, extended SMTP (ESMTP) has been defined in RFC 1425 to handle issues
such as larger message length, different timeouts, and prevention of infinite mailstorms (email loops).
Typical RFC 822 header fields (AST):
Header
Meaning
To:
Email address(es) of primary recipient(s)
Cc:
Email address(es) of secondary recipient(s)
Bcc:
Email address(es) for blind carbon copies
From:
Person or people who created the message
Sender:
Email address of the actual sender
Received: Line added by each transfer agent along the route
Return-Path:
Can be used to identify a path back to the sender
c
Phillip
Musumeci 2002
JCU
School of InfTech
Fig. 7-43. Some fields used in the RFC 822 message header.
RFCs 1341 and 1521 have added language extensions and MIME (Multipurpose
Internet Mail Extensions). In effect, RFC 822 header types have been extended to
include MIME-Version:, Content-Type:, Content-Transfer-Encoding:,
etc.
Other recent developments have included PGP (Pretty Good Privacy) which supports text compression, secrecy, and digital signatures.
99
c
Phillip
Musumeci 2002
JCU
School of InfTech
100
c
Phillip
Musumeci 2002
JCU
School of InfTech
c
Phillip
Musumeci 2002
JCU
School of InfTech
Carrier
detected
Both sides
agree on options
Establish
Authentication
successful
Authenticate
Failed
Dead
Failed
Terminate
Carrier
dropped
Network
Open
NCP
configuration
Done
c
Phillip
Musumeci 2002
JCU
School of InfTech
NCP protocol then invoked;
Data transfer occurs.
Note: the LCP protocol only defines how the negotiation is conducted, not what is
negotiated. See Figure 3.29.
Name
Direction
Description
Configure-request I R
List of proposed options and values
Configure-ack
I R
All options are accepted
Configure-nak
IR
Some options are not accepted
Configure-reject I R
Some options are not negotiable
Terminate-request I R
Request to shut the line down
Terminate-ack
I R
OK, line shut down
Code-reject
I R
Unknown request received
Protocol-reject
IR
Unknown protocol requested
Echo-request
I R
Please send this frame back
Echo-reply
I R
Here is the frame back
Discard-request
IR
103
c
Phillip
Musumeci 2002