TCP/IP

What is TCP/IP?
The Transmission Control Protocol/Internet Protocol (TCP/IP) suite of protocols was developed as part of the research done by the Defense Advanced Research Projects Agency (DARPA). The internet protocols can be used to communicate across any set of interconnected networks. They are equally well-suited for both LAN and WAN communication.

Examining the TCP/IP Protocol Stack The TCP/IP protocol stack maps closely to the OSI reference model in the lower layers. All standard physical and datalink protocols are supported.

The physical and data link layers of the TCP/IP stack are sometimes called the network interface layer.

TCP/IP Datagrams
TCP/IP information is transferred in a sequence of datagrams. One message may be transmitted as a series of datagrams that are reassembled into the message at the receiving location.

TCP/IP Protocol Layers

 IP provides connectionless. It is not concerned with the content of the datagrams. Instead, it looks for a way to move the datagrams to their destination. ICMP provides control and messaging capabilities. ARP determines the data link layer address for known IP addresses. RARP determines network addresses when data link layer addresses are known.

Examining TCP
TCP is a connection-oriented, reliable protocol located in the transport layer of the TCP/IP Protocol Stack.

Functions of TCP
The following are general functions of the TCP Protocol:
TCP is responsible for breaking messages into segments, reassembling them at the destination station, resending anything that is not received, and reassembling messages from the segments. TCP supplies a virtual circuit between enduser applications

TCP Segment
Field definitions in the TCP segment follow:

Source Port - Number of the calling port (16 bits) Destination Port - Number of the called port (16 bits) Sequence Number - Number used to ensure correct sequencing of the arriving data (32 bits) Acknowledgment Number - Next expected TCP octet (32 bits) Header Length - Number of 32-bit words in the header (32 bits) Reserved - Set to zero (6 bits)

Code Bits - Control functions such as setup and termination of a session (6 bits) Window - Number of octets that the device is willing to accept (16 bits) Checksum - Calculated checksum of the header and data fields (16 bits) Urgent - Indicates the end of the urgent data (16 bits) Options - One currently defined: maximum TCP segment size (0 or 32 bits if any) Data - Upper-layer protocol data (varies)

 The TCP header is 20 bytes. Transporting multiple packets with small data fields will result in less efficient use of available bandwidth than transporting the same amount of data with fewer, larger packets.

Examining UDP
UDP is a TCP/IP Transport Layer protocol designed for applications that provide their own error recovery process. It trades reliability for speed.

Characteristics of UDP
The following are characteristics associated with UDP:
UDP is simple and efficient, but not reliable. UDP is connectionless and unacknowledged.

UDP Segment
The UDP header length is always 64 bits.

UDP Applied Protocols

Protocols that use UDP include SNMP, Network File System (NFS), and Domain Name System (DNS).

Examining Port Numbers

Both TCP and UDP use port (or socket) numbers to pass information to the upper layers. Port numbers are used to keep track of different conversations crossing the network at the same time.

Well-Known Port Numbers

Application software developers agree to use well-known port numbers that are controlled by the Internet Assigned Numbers Authority (IANA). For example, any conversation bound for the FTP application uses the standard port number 21.

Port Number Range

Some ports are reserved in both TCP and UDP, but applications might not be written to support them. Port numbers have the following assigned ranges: Numbers below 1024 are considered well known ports. Numbers above 1024 are dynamically assigned ports. Registered ports are those registered for vendor specific applications. Most are above 1024.

How TCP Connections are Established

TCP is connection oriented, so it requires connection establishment before data transfer begins.

Synchronization
For a connection to be established or initialized, the two hosts must synchronize on each other's Initial Sequence Numbers (ISN) .

Three-Way Handshake
The synchronization requires each side to send its own initial sequence number and to receive a confirmation of it in acknowledgement (ACK) from the other side. Each side must also receive the other side's initial sequence number and send a confirming ACK. This exchange is called the three-way handshake.The sequence follows:

 Host A begins by sending a SYN segment indicating that host A will use sequence numbers starting with sequence number 100

 Host B sends an ACK and acknowledges the SYN it received from host A. Host B also sends a SYN. Note that the acknowledgment field indicates host B is now expecting to hear sequence 101, acknowledging the SYN that occupied sequence 100.

 In the next segment, host A sends some data. Note that the sequence number of the segment in step 3 is the same as the ACK in step 2.

TCP Simple Acknowledgment

The window size determines how much data the receiving station can accept at one time. With a window size of one, each segment must be acknowledged before another segment is transmitted, which results in inefficient use of bandwidth by the hosts. The following slideshow is an example of simple acknowledgement

 The window size is the number of messages transmitted before the sender must wait for an acknowledgment. In the initial state, no messages are being sent.

 Data message 1 sent. (Send 1, Receive 1)

 Acknowledgment message 2 sent. (Send ACK 2, Receive ACK 2)

 Data message 2 sent. (Send 2, Receive 2)

 ACK for message 2. (Send ACK 3, Receive ACK 3)

 Given a window size of 3, the source, in this case a router, sends 3 data segments to the destination. The destination sends an acknowledgement asking for the next set.

 If the destination doesn't receive all three of the negotiated data segments, for example, due to a buffer overflow, it sends no acknowledgment. Since the source does not receive an acknowledgment, it knows the data segments should be retransmitted and the transmission should be slowed.

TCP Sequence and Acknowledgment Numbers

TCP provides sequencing of segments with a forward reference acknowledgment.

Each datagram is numbered before transmission. At the receiving station, TCP reassembles the segments into a complete message. If a sequence number is missing in the series, that segment is retransmitted. Segments that are not acknowledged within a given time period result in retransmission.

 The following slideshow gives an example of this numbering scheme:

First, you see that the sequence number is 10.

 The acknowledgment number for 10 is 11

 The next sequence number is 11.

The acknowledgment number for 11 is 12.

Variable Window Sizes

TCP window sizes are variable during the lifetime of a connection. Each acknowledgement contains a window advertisement that indicates how many bytes the receiver can accept. TCP also maintains a congestion control window, which is normally the same size as the receiver's window, but is cut in half when a segment is lost (for example, when there is congestion). This approach permits the window to be expanded or contracted as necessary to manage buffer space and processing.

Examining IP
IP provides connectionless, best-effort delivery routing of datagrams. It is not concerned with the content of the datagrams. Instead, it looks for a way to move the datagrams to their destination.

IP Datagram

Version - Version number (4 bits) Header Length - Header length in 32bit words (4 bits) Priority and Type of Service - How the datagram should be handled. The first 3 bits are priority bits (8 bits). Total Length - Total length (header + data) (16 bits) Identification - Unique IP datagram value (16 bits) Flags - Specifies if fragmenting should occur (3 bits)

Fragment Offset - Provide fragmentation of datagrams to allow differing MTUs in the internet (13 bits) TTL - Time-To-Live (8 bits) Protocol - Upper-layer (Layer 4) protocol sending the datagram (8 bits) Header Checksum - Integrity check on the header (16 bits) Source IP Address - 32-bit source IP addresses (32 bits) Destination IP Addresses - 32-bit destination IP addresses (32 bits) IP Options - Network testing, debugging, security, and others (0 or 32 bits if any) Data - Upper-layer protocol data (varies)

Other Internet Layer Protocols

The Internet Layer implements three additional protocols besides IP. These include ICMP, ARP and RARP

ICMP
The Internet Control Message Protocol (ICMP) is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams and are used to send error and control messages.

Address Resolution Protocol

Address Resolution Protocol (ARP) is used to resolve or map a known IP address to a MAC sublayer address to allow communication on a multiaccess medium such as Ethernet. To determine a destination address for a datagram, the ARP cache table is checked. If the address is not in the table, ARP sends a broadcast looking for the destination station. Every station on the network receives the broadcast.

Reverse ARP
Reverse Address Resolution Protocol (RARP) relies on the presence of a RARP server with a table entry or other means to respond to these requests.

What is an IP Address?
In a TCP/IP environment, end stations communicate seamlessly with servers or other end stations. This communication occurs because each node using the TCP/IP protocol suite has a unique 32-bit logical IP address.

Purpose of IP Address
Each IP datagram includes the source IP address and destination IP address that identifies the source and destination network and host.

Host and Network Address

Each company listed on the internetwork is seen as a single network that must be reached before an individual host within that company can be contacted.

Examining IP Address Classes

When IP was first developed, there were no classes of addresses. Now, for ease of administration, the IP addresses are broken up into classes.

Three Central Classes

Listed below are the five classes of IP. The first three with visual description are the most commonly used in networking.

 Class D and E addresses are also defined. Class D addresses start at 224.0.0.0 and are used for multicast purposes. Class E addresses start at 240.0.0.0 and are used for experimental purposes.

 Class A addresses include the following: The first bit is 0. Range of network numbers: 1.0.0.0 to 126.0.0.0 Number of possible networks: 127 (1-126 usable, 127 is reserved) Number of possible values in the host portion: 16,777,216 (The number of usable hosts is two less than the number of possible because the host portion must be nonzero and cannot be all ones.)

 Class B addresses include the following: The first two bits are 10. Range of network numbers: 128.0.0.0 to 191.255.0.0 Number of possible networks: 16,384 Number of possible values in the host portion: 65,536 (The number of usable hosts is two less than the number of possible because the host portion must be nonzero and cannot be all ones.)

 Class C addresses include the following: The first three bits are 110. Range of network numbers: 192.0.0.0 to 223.255.255.0 Number of possible networks: 2,097,152 Number of possible values in the host portion: 256 (The number of usable hosts is two less than the number of possible because the host portion must be nonzero and cannot be all ones.)

 Class D addresses include the following: Range of network numbers: 224.0.0.0 to 239.255.255.255