Network+ Guide to Networks5th Edition
Chapter 4Introduction to TCP/IP Protocols
Objectives
• Identify and explain the functions of the core TCP/IP protocols
• Explain how the TCP/IP protocols correlate to layers of the OSI model
• Discuss addressing schemes for TCP/IP in IPv4 and IPv6 protocols
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Objectives (cont’d.)
• Describe the purpose and implementation of DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol)
• Identify the well-known ports for key TCP/IP services
• Describe common Application layer TCP/IP protocols
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Characteristics of TCP/IP (Transmission Control Protocol/
Internet Protocol)• Protocols : set of instructions designed and coded
by programmers--defines network communication standards
• TCP/IP– Network layer– Protocol Suite– Subprotocols
• TCP, IP, UDP, ARP
– Developed by Department of Defense• ARPANET (1960s) (Internet precursor)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Characteristics of TCP/IP (cont’d.)• Popularity
– Low cost– Communicates between dissimilar platforms– Open nature (free use and modification by
developers)– Routable
• Spans more than one LAN (LAN segment)
• NetBEUI is not routable
– Flexible• Runs on combinations of network operating systems or
network media
• Disadvantage– requires more configuration
Network+ Guide to Networks, 5th Edition modified by Dr. Feda AlShahwan
The TCP/IP Core Protocols
• It is a certain subprotocols of the TCP/IP suite
• Operates in Transport or Network layers of OSI model
• Provide basic services to protocols in other layers
• Most significant core protocols in TCP/IP– TCP– IP
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP (Transmission Control Protocol)
• Transport layer protocol
• Provides reliable data delivery services– Connection-oriented subprotocol
• Establish connection before transmitting, with the TCP Handshake
– Sequencing and checksums– Flow control
• Transmitter waits for ACK before sending more
• TCP segment format– Encapsulated by IP datagram in Network layer
• Becomes IP datagram’s “data”Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP Segment
Figure 4-1 A TCP segment
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP Segment• Source port: Port number at the source node
• Destination port: Port number at the destination node– Port number : 16 bits
• Address on the host where the application makes itself available to incoming or outgoing data.
• 80 is the port number for Web requests via HTTP protocol
• Sequence number: 32 bits– Identifies the data segment’s position in the stream of
data segment already sent.
• Acknowledgement number: 32 bits– Confirms receipt of the data
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP Segment• TCP header length: 4 bits
– Indicates the length of the TCP header
• Reserved: 6 bits– Future use
• Flags : 6 bits– Collection of six 1-bit fields that signal special
conditions.– URG– ACK– PSH– RST– SYN– FIN
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP Segment• Sliding-window size: 16 bits
– Performs flow control– Maximum number of bytes the sender can issue to a
receiver while acknowlegment is outstanding– Ex: 4000 bytes and 1000bytes issues, 250 ack,
buffering 750, remaining:?
• Checksum: 16 bits– Allows receiving node to determine if the TCP
segment is corrupted
• Urgent pointer: 16 bits– Indicates a location in the data field whether urgent
data resides
• Options: 0-32 bits– maximum segment size a network can handle.
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP Segment• Padding: variable
– Contains filler information to ensure that size of TCP segment is multiple of 32 bits
– Often 0
• Sequence number: 32 bits– Identifies the data segment’s position in the stream of
data segment already sent.
• Data: variable– Contains original sent data – Size depends on
• Size of data sent
• Constrains on TCP segment size network type
• Segment limitation IP datagram
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Important TCP Header Fields• Flags, especially SYN and ACK
– Indicates purpose of segment
• Source Port and Destination Port– Guides data to the correct process on the destination
computer
• SEQ number and ACK number– Used to arrange segments in the correct order
• Data Analyzer : is a program that translates the unlabeled hexadecimal TCP packet into user friendly form
• Example : text book p140
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TCP Handshake• Computer A sends SYN to Computer B
– SYN flag set• SEQ field: Random initial sequence number (ISN)
• ACK field: Empty (zeroes)
• Computer B replies with SYN/ACK– SYN and ACK flags set
• SEQ field: Computer B's random initial sequence number (ISN)
• ACK field: Computer A's ISN plus 1
• Computer A responds with ACK– ACK flag set
• SEQ field: Computer A's ISN plus 1 (Computer B ACK)
• ACK field: Computer B's ISN plus 1
• FIN flag indicates transmission endNetwork+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Figure 4-3 Establishing a TCP connection
SYN with SEQ=937013558
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Wireshark Demonstration
• Relative SEQ and ACK numbers at top
• Absolute SEQ and ACK values at bottom, in hexadecimal
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
UDP (User Datagram Protocol)
• Transport layer protocol
• Provides unreliable data delivery services– Connectionless transport service
• No assurance packets received in correct sequence• No guarantee packets received at all• No error checking, sequencing
– Lacks sophistication• More efficient than TCP
• Useful situations– Great volume of data transferred quickly(live
audio/video over Internet)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
UDP (cont’d.)
Figure 4-4 A UDP segment
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IP (Internet Protocol)• Network layer protocol
– Routes packets using IP addresses– Provides information on how and where data should
be delivered (source and destination addresses)• Enables TCP/IP to internetwork
– Traverses more than one LAN segment and more than one type of network through a router
• Unreliable, connectionless protocol– No guaranteed data delivery, no handshake
• Some higher level protocols provide reliability, like TCP/IP suite
• use IP to ensure that data packets are delivered to the right address
• Checksum: integrity of the routing information in the IP header
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IP (cont’d.)
Figure 4-5 An IP datagram
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Important IP Header Fields• Version
– Version number of the protocol (IPv4 or IPv6)– Most networks support IPv4 thus it is 4 bits long
• IHL (Internet Header Length)– Identifies the IP header length– Indicates to the receiver where data will begin – Minimum 5 blocks
• DiffServ (Differentiated Services) Informs the router what level of precedence they should apply when processing the incoming packet
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Important IP Header Fields
• Total Length– The total IP datagram (header + data) length– Maximum 65535 bytes
• Identification– Identifies the message to which a datagrams belongs
and enables reassembly of fragmented packets
• Flags – Indicates whether a message is fragmented and
whether it is the last in the fragment
• Fragment offset– Indicates where the datagram belongs in the incoming
set of fragmentsNetwork+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Important IP Header Fields• TTL (Time to Live)
– Indicates the maximum time the datagram remains in the network before it is discarded
– Measured in number of times a datagram has been forwarded by a router or the number of router hops
– Decreases by one for each router the packet passes through (a "hop")
– When TTL reaches zero, the packet is discarded
• Protocol – Identifies the type of Transport layer protocol that will
receive the datagram (TCP or UDP)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Important IP Header Fields• Header Checksum
– Allows the receiver to calculate whether the IP header has been corrupted during transmission
• Source Destination IP Addresses– Used to deliver packet and response
• Options– Used to specify special options
• Padding– Contains filler information to ensure that the size of the
TCP header is a multiple of 32 bits
• Data – Contains data originally sent by the source , in addition
to the information added in the transport layer.
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
ICMP (Internet Control Message Protocol)
• Network layer protocol– Reports on data delivery success/failure
• Announces transmission failures to sender– Network congestion– Data fails to reach destination– Data discarded: TTL expired
• ICMP cannot correct errors– Provides critical network problem troubleshooting
information (TCP corrects)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IGMP (Internet Group Management Protocol)
• Network layer protocol
• Manages multicasting– Multicasting: is a transmission method that allows one
node to send data to defined group of nodes not like broadcast
• Uses– Internet teleconferencing or videoconferencing– Routers sending traffic reports to each other
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
ARP (Address Resolution Protocol)
• Network layer protocol
• Obtains a MAC address from an IP address and then creates a database that maps the MAC address to the host’s IP(logical) address
• Broadcast is used to know addresses
• ARP table (ARP cache)– Computers store recently-used MAC-to-IP address
mappings on their storage devices– Increases efficiency– Two entry types: dynamic and static
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
ARP Demonstration
– Dynamic ARP table entries: entries that are created when a client makes an ARP request that can not be satisfied by data already in the ARP table
– Static ARP table entries: entries that are created manually using ARP utility
• ARP utility is controlled by ARP command :used for troubleshooting
• ARP -D * – Clears the ARP cache
• ARP -A– Shows the ARP cache
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
ARP
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
RARP (Reverse Address Resolution Protocol)
• Converts MAC address to IP Address– Obsolete—replaced by DHCP
• Used if a node does not know its IP address
• Broadcast message with its MAC address
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing
IPv4 Addressing• Networks recognize two addresses
– Logical (Network layer)automatically or manually set using protocol standard rules
– Physical (MAC, hardware) addresses ->by NIC’s manufacturer at factory
• IP protocol responsible to handle logical addressing address on TCP/IP networks called IP addresses
• IP addresses are assigned and used according to very specific parameters
• Unique 32-bit number• Divided into four octets/bytes (sets of eight bits)
• Separated by periods
• Example: 144.92.43.178Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)
• IP address information– An IP Address contains two types of information
network (network to which computer is attached) and host (a computer within that network)
– Network Class determined by first octet (seeTable4-1)• Class A, Class B, Class C
Table 4-1 Commonly used TCP/IP classes
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)• Class D, Class E rarely used (never assigned to
devices on our network)– Class D: value between 224 and 239
• Multicasting– Class E: value between 240 and 254
• Experimental use by IETF (Internet Engineering Task Force)
• Each of the other three octets consists of eight bits -256 combinations– Networks use 1 through 254– 0: reserved as placeholder when referring to an entire
group of computers on a network• 10.0.0.0 all devices whose first octet is 10
– 255: reserved for broadcast transmission• 255.255.255.255 all devices on the network segment
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)• Class A devices
– Net work ID share same first octet (bits 0-7)– Host: second through fourth octets (bits 8-31)– Large companies and government organizations
early Internet users such as IBM
• Class B devices– Share same first two octet (bits 0-15)– Host: second through fourth octets (bits 16-31)– Midsized organizations
• Class C devices– Share same first three octet (bits 0-23)– Host: second through fourth octets (bits 24-31)– Smaller organizations colleges
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Figure 4-8 IP addresses and their classes
• Running out of addresses– IPv6 (next generation IP) incorporates new
addressing scheme
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)
• Loopback address– First octet equals 127 (127.0.0.1)
• Loopback test– Attempting to connect to own machine (device
communicating with itself)– Powerful troubleshooting tool
• A positive response from a loopback test means the TCP/IP core protocols are installed and in use on the workstation.
• Windows XP, Vista/ ipconfig command /IP/ /all
• Unix, Linux/ ifconfig command / innet /-s
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)
Figure 4-9 Results of the ipconfig /all command on a Windows XP or Windows Vista workstation
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)
Figure 4-10 Results of the ifconfig -a command on a UNIX workstation
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Binary and Dotted Decimal Notation
• Decimal number between 0 and 255 represents each binary octet
• Period (dot) separates each decimal
• Dotted decimal address has binary equivalent– Converting each octet– Remove decimal points
• Example :– 131.65.10.36– 100000011 01000001 00001010 00100100
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Subnet Mask
• A special 32-bit number (net mask) that identifies device’s subnet through combining it with device IP address.
• Informs network about segment, network where device attached
• Distinguishes Network ID from the Host ID
• Four octets (32 bits)– Expressed in binary or dotted decimal notation
• Assigned same way as IP addresses– Manually, or automatically (via DHCP)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
• Subnetting– The process of subdividing network single class into
multiple, smaller logical networks (segments)• Control network traffic• Make best use of limited number of IP addresses
– Subnet mask varies depending on subnetting method
• Nonsubnetted networks use defaults
Table 4-2 Default subnet masks
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Assigning IP Addresses
Assigning IP Addresses• Government-sponsored organizations
– Dole out IP address blocks to ISPs and other network providers
– IANA, ICANN, RIRs
• Companies, individuals– Obtain IP addresses from ISPs
• Every network node must have unique IP address– Otherwise it cannot send or receive Internet packets– Error message generated on the new client and its
TCP/IP services are disabled– Existing host may receive an error message but can
continue to functionNetwork+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Static and Automatic IP Address Assignment
• Static IP address– Manually typed into each device– Modify client workstation TCP/IP properties
• Only way to change
– Human error cause duplicates
• Automatic IP addressing– BOOTP and DHCP– Reduce duplication error
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
BOOTP (Bootstrap Protocol)• To facilitate IP address management Administrating
each configuration file (manual static addresses) that is stored on the hard disk of each networked computer
• Developed in Mid-1980s• Application layer protocol• Central list of IP addresses, associated devices’ MAC
addresses – Assign client IP addresses dynamically
• Dynamic IP address– Assigned to device upon request
– Changeable
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
BOOTP (cont’d.)
• BOOTP process– Client connects to network– Sends broadcast message asking for IP address
• Includes client’s NIC MAC address– BOOTP server looks up client’s MAC address in
BOOTP table– Responds to client
• Client’s IP address• Server IP address• Server host name • Default router IP address
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
BOOTP (cont’d.)• Process resembles RARP
– Difference• RARP requests, responses not routable (RARP server
for every LAN)• RARP only capable of issuing IP address to client but
BOOTP may issue additional information (client’s subnet mask)
• BOOTP surpassed by DHCP (Dynamic Host Configuration Protocol)– More sophisticated IP addressing utility– DHCP requires little intervention
• BOOTP difficult to maintain on large networks but useful for networked diskless workstations.
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DHCP (Dynamic Host Configuration Protocol)
• Assigns network device unique IP address– Automatically
• Application layer protocol• Developed by IETF (BOOTP replacement)• Operation
– Similar to BOOTP– Lower administrative burden
• Administrator does not maintain table but only requires DHCP service on DHCP server
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Reasons to Use DHCP
• Saves time spent assigning IP addresses
• Prevents accidental duplicate IP addresses
• Allows users to move devices (like laptops) without having to change their TCP/IP configuration as long as a workstation is configured to obtain its IP address from a central server.
• Makes IP addressing transparent for mobile users
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DHCP Leasing Process• Device borrows (leases) IP address
– Devices use IP address temporarily for a specific time limit
• Lease time– Determine when client obtains IP address at log on– Lease time length depends on DHCP server and
client configuration– User may force lease termination at client or network
administrator at server
• DHCP service configuration– Specify leased address range– Configure lease duration
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DHCP Leasing Process
• Several steps to negotiate client’s first lease that include four exchanged packets
• IP address remains in the client’s TCP/IP setting even after it shuts down or reboot
• IP address is changed only if the lease duration is terminated or it moves to another network
• Steps for lease Process:– Client connects to the network then sends broadcast
DHCP discover packet via UDP protocol to DHCP/BOOTP server
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DHCP Leasing Process
– The broadcast message is received by every server on the same subnet and responds with available IP address, subnet mask, DHCP address and lease duration as broadcast message as well (client does not have IP address)
– The client accepts the first received IP, responds with a broadcast confirmation message (the IP address is accepted) and each other server returns the IP address they have reserved for the client to their pool of available addresses.
– Finally the selected server replies to the client with an acknowledgement message and provides more information such as DNS, subnet mask, gateway address.
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DHCP Leasing Process (cont’d.)
Figure 4-11 The DHCP leasing process
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Terminating a DHCP Lease• Lease expiration
– Automatic• Established in server configuration (lease duration)
– Manually terminated at any time• Client’s TCP/IP configuration• Server’s DHCP configuration
• Circumstances requiring lease termination– DHCP server fails and replaced
• Windows: release of TCP/IP settings by typing ipconfig /release in command prompt
• DHCP services run on several server types– Installation and configurations vary
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
APIPA (Automatic Private IP Addressing)
• Client cannot communicate without valid IP address
• What if DHCP server not running?– Microsoft Windows offers Automatic Private IP
Addressing• Provides IP address automatically
• IANA (Internet Assigned Numbers Authority) reserved predefined pool of addresses– 169.254.0.0 through 169.254.255.255
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
APIPA (cont’d.)
• APIPA – Assigns a random IP address from the 169.254.y.x
range– Assigns default Class B subnet mask
• 255.255.0.0
• Disadvantage – Computer only communicates with other nodes using
addresses in APIPA range– Cannot normally connect to the Internet or any other
WAN with a 169.254.y.z address
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
APIPA (cont’d.)
• APIPA suitable use– Small networks: no DHCP servers
• APIPA unsuitable use– Networks communicating with other subnets, WAN
• APIPA enabled by default: OK– First checks for DHCP server
• Allows DHCP server to assign addresses
– Does not reassign new address if static– Works with DHCP clients– Disabled in registry
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)
• Addressing Guidelines– First octet represents the Class– Host ID and Network ID depend on the Class used– Network ID can not be 127 (127 is reserved for
loopback test)– Network ID and Host ID can not be 255 (broadcast)– Network ID and Host ID can not be 0 (this network
only) – IP can not be 255.0.0.0, 255.255.0.0, 255.255.255.0
(subnet mask)– Host ID must be unique within a network
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv4 Addressing (cont’d.)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IP 169.131.45.13 196.131.54.123
Class
Network ID Host ID
Binary notation
Subnet mask
Same network
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IP 193.56.124.3 193.56.123.4
Class
Network ID Host ID
Binary notation
Subnet mask
Same network
IP 220.56.124.3 220.56.124.4
Class
Network ID Host ID
Binary notation
Subnet mask
Same network
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IP 127.123.45.7 127.123.65.8
Class
Network ID Host ID
Binary notation
Subnet mask
Same network
IPv6 Addressing
IPv6 Addressing
• IPv6, IP next generation or IPng– Replacing IPv4 (gradually)
• IPv6 support– Most new applications, servers, network devices
• Delay in implementation– Cost of upgrading infrastructure
• IPv6 advantages– More efficient header, better security, better
prioritization provisions, automatic IP address configuration and additional IP addresses
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv6 Addressing (cont’d.)
• Difference between IPv4 and IPv6 addresses– Size
• IPv4: 32 bits
• IPv6: 128 bits (eight 16-bit fields)
• IPv6: 296 (4 billion times 4 billion times 4 billion) available IP addresses
– Representation• IPv4: binary numbers separated by period
• IPv6: hexadecimal numbers separated by colon
• IPv6 shorthand: “::” any number of multiple, zero-value fields, but zeroes substituted only once
• IPv6 loopback address is 0:0:0:0:0:0:0:1 not 127.0.0.1
• Abbreviated loopback address ::1Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv6 Addressing (cont’d.)– Scope
• IPv6 addresses can reflect scope of transmission’s recipients (single node, group, special kind of group)
• Unicast address represents single device interface – ex: workstation’s NIC, loopback
• Multicast address represents multiple interfaces (often on multiple devices)
– ex: point-to-multipoint, same data to several devices– Global (broadcast) or link-local (computers share same
link as the sender)
• Anycast address represents any one interface from a group of interfaces
– Any one can accept transmission– Identifying all routers that belong to one ISP faster – Not assigned to hosts (servers, workstations)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
IPv6 Addressing (cont’d.)
– Format Prefix (IPv6)• Beginning of address
• Variable-length field
• Indicates address type: unicast, multicast, anycast
• FE80 or FEC0 unicast or anycast
• FF0x muticast , where x is a character that corresponds to a group scope ID. (ex FF02 link-local and FF0E global)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Sockets and Ports
Sockets and Ports
• Processes assigned unique port numbers• Process’s socket
– Port number plus host machine’s IP address• Port numbers
– Simplify TCP/IP communications – Ensures data transmitted correctly (correct
application)• Example
– Telnet port number: 23– IPv4 host address: 10.43.3.87– Socket address: 10.43.3.87:23
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Sockets and Ports (cont’d.)
Figure 4-12 A virtual connection for the Telnet service
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Sockets and Ports (cont’d.)• Port number range: 0 to 65535• Three types based on IANA
– Well Known Ports• Range: 0 to 1023• Operating system or administrator use
– Registered Ports• Range: 1024 to 49151• Network users, processes with no special
administrative privileges• Defaults assignment of these ports must be registered
with IANA– Dynamic and/or Private Ports
• Range: 49152 through 65535• No restrictions and open use
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Sockets and Ports (cont’d.)• Assigned by the operating system or software
programs• An editable text-based file of port numbers and
associative services is maintained by server
• Using non standard ports :– A server could be configured to use an unusual port,
such as a Web server on port 8080• Not good idea: standards violation and processes
programmed to use the standard port will not be able to communicate
• Sometimes done for security or testing
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Sockets and Ports (cont’d.)
Table 4-3 Commonly used TCP/IP port numbers
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Host Names and DNS (Domain Name System)
Host Names and DNS (Domain Name System)
• TCP/IP addressing consists of long, complicated numbers– Good for computers but people remember words
better (ex: civil id or name) Internet authorities established Internet node naming system
• Host– Internet device
• Host name– Name describing device
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Domain Names• Domain
– Group of computers belonging to same organization and share common part of their IP addresses4
• Domain name– Identifies domain (loc.gov)– Associated with company, university, government
organization– Represented by a series of character strings called
labels separated by dots
• Fully qualified host name (jasmine.loc.gov)– Local host name + domain name
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Domain Names (cont’d.)• Label (character string)
– Separated by dots– Represents level in domain naming hierarchy
• Example: www.google.com– Top-level domain (TLD): com– Second-level domain: google, may contain multiple
third-level domains– Third-level domain: www
• ICANN established domain naming conventions certain TLD apply to every type of organization that uses the Internet
• Domain names must be registered with Internet naming authority that works on behalf of ICANN
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Table 4-4 Top-level domains
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Domain Names (cont’d.)
• ICANN approved over 240 country codes
• Host and domain names restrictions– Any alphanumeric combination up to 63 characters– Include hyphens, underscores, periods in name– No other special characters
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Hosts Files• ARPAnet used HOSTS.TXT file
– Associated host names with IP addresses (< 1000 hosts)
– ASCII host file– Host matched by one line
• Identifies host’s name, IP address
• Alias provides nickname for the host (third field)
– Disadvantages: central Internet failure, difficult to maintain large files (bandwidth capacity strained by searching single file from different nations)
• UNIX-/Linux-based computer– Host file called hosts, located in the /etc directory
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Windows Hosts File• Windows 9x, NT, 2000, XP, Vista computer
– Host file called hosts– Located in %systemroot%\system32\drivers\etc folder
• Rarely used, but still present
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DNS (Domain Name System)
• Hierarchical Distributed Database– Associates domain names with IP addresses in
hierarchal way.• DNS refers to:
– Application layer service accomplishing association– Organized system of computers; databases making
association possible• DNS redundancy
– Many computers across globe related in hierarchical manner
– Root servers• 13 computers (ultimate authorities)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Figure 4-14 Domain name resolution
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Name servers (DNS servers)
• Components for DNS service– Resolvers– Name servers– Name space
• Resolvers: Any host on the Internet that look up domain name information
• Name or DNS servers: Servers that contain databases of associated names, IP addresses
• Provide information on request– To convert names like www.ccsf.edu into IP addresses
like 147.144.1.212• This process is called name resolution
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DNS (cont’d.)
• Resource record– Describes one piece of DNS database information– Many different types
• Dependent on function– Contents
• Name field: domain name of host• Type field: type of resource record involved• Class field : IN or Internet• Time to Live field : how long the record saved in
temporary memory• Data length field: data size• Actual data
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DNS (cont’d.)
• Resource records can be manually maintained by network administrators or dynamically maintained by clients.
– Clients can be configured to trigger DNS update when• Receive new IP address through DHCP
• Change host name
• Connect to network
– User can force DNS record update by command • Ipconfig /registerdns
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Demo: CCSF’s Name Servers
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Configuring DNS
• Large organizations– Often maintain two name servers
• Primary and secondary
– Ensures Internet connectivity
• Each device must know how to find server– Automatically by DHCP– Manually configure workstation TCP/IP properties
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Configuring DNS (cont’d.)
Figure 4-15 Windows XP Internet Protocol (TCP/IP) Properties dialog box
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
DDNS (Dynamic DNS)• Additional service to DNS that allows a user to host
a Web site on a computer with a dynamic IP address
• DNS is suitable for static IP• Process
– Service provider runs program on user’s computer• Notifies service provider when IP address changes
– Service provider’s server launches routine to automatically update DNS record
• Effective throughout Internet in minutes
• Not as good as a real static IP address• Larger organizations pay for statically assigned IP
addressNetwork+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Application Layer Protocols
Application Layer Protocols
• Work over TCP or UDP plus IP– Translate user requests
• Into format readable by network
• HTTP– Application layer protocol central to using Web
• BOOTP and DHCP– Automatic address assignment
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
Telnet
• Terminal emulation protocol– Log on to remote hosts
• Using TCP/IP protocol suite
– TCP connection established• Keystrokes on user’s machine act like keystrokes on
remotely connected machine
• Often connects two dissimilar systems
• Can control remote host
• Drawback– Notoriously insecure
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
FTP (File Transfer Protocol)
• Send and receive files via TCP/IP• Host running FTP server portion
– Accepts commands from host running FTP client• FTP commands
– Operating system’s command prompt• No special client software required
• FTP hosts allow anonymous logons• After connected to host
– Additional commands available– Type help
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
FTP (cont’d.)
• Graphical FTP clients– MacFTP, WS_FTP, CuteFTP, SmartFTP
• Rendered command-line method less common
• FTP file transfers directly from modern Web browser– Point browser to FTP host– Move through directories, exchange files
• SFTP – More secure
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
TFTP (Trivial File Transfer Protocol)
• Enables file transfers between computers– Simpler (more trivial) than FTP
• TFTP relies on Transport layer UDP– Connectionless– Does not guarantee reliable data delivery
• No ID and password required– Security risk
• No directory browsing allowed• Useful to load data, programs on diskless
workstation• Used to put software on IP phones and routersNetwork+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
NTP (Network Time Protocol)
• Synchronizes network computer clocks
• Depends on UDP Transport layer services– Benefits from UDP’s quick, connectionless nature
• Time sensitive
• Cannot wait for error checking
• Time synchronization importance– Routing– Time-stamped security methods– Maintaining accuracy, consistency between multiple
storage systems
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
NNTP (Network News Transfer Protocol)
• Facilitates newsgroup messages exchange– Between multiple servers, users
• Similar to e-mail– Provides means of conveying messages
• Differs from e-mail– Distributes messages to wide group of users at once
• User subscribes to newsgroup server host
• News servers– Central collection, distribution point for newsgroup
messages
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
PING (Packet Internet Groper)
• Provides verification– TCP/IP installed, bound to NIC, configured correctly,
communicating with network– Host responding
• Uses ICMP services– Send echo request and echo reply messages
• Determine IP address validity
• Ping IP address or host name
• Ping loopback address: 127.0.0.1– Determine if workstation’s TCP/IP services running
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan
• Operating system determines Ping command options, switches, syntax
Figure 4-17 Output from successful and unsuccessful PING tests
PING (cont’d.)
Network+ Guide to Networks, 5th Edition modified by Dr. Feda ALShahwan