Course Contents. The TCP/IP protocol Stack

Similar documents
CIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1

CIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1

CIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1

CIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1

CIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1

CIS-331 Final Exam Spring 2016 Total of 120 Points. Version 1

Packet Header Formats

CIS-331 Final Exam Spring 2018 Total of 120 Points. Version 1

CS 356: Computer Network Architectures. Lecture 10: IP Fragmentation, ARP, and ICMP. Xiaowei Yang

CS 457 Lecture 11 More IP Networking. Fall 2011

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1

OSI Network Layer. Network Fundamentals Chapter 5. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1

IPv6 Protocols and Networks Hadassah College Spring 2018 Wireless Dr. Martin Land

Position of IP and other network-layer protocols in TCP/IP protocol suite

TSIN02 - Internetworking

Interconnecting Networks with TCP/IP

IPv6. IPv4 & IPv6 Header Comparison. Types of IPv6 Addresses. IPv6 Address Scope. IPv6 Header. IPv4 Header. Link-Local

ECE4110 Internetwork Programming. Introduction and Overview

ECE 4450:427/527 - Computer Networks Spring 2017

Interconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1

The Internetworking Problem. Internetworking. A Translation-based Solution

Internet Control Message Protocol (ICMP), RFC 792. Prof. Lin Weiguo Copyleft 2009~2017, School of Computing, CUC

ICS 451: Today's plan

(ICMP), RFC

EE 610 Part 2: Encapsulation and network utilities

Internet Control Message Protocol (ICMP)

Introduction to Internetworking

Introduction to Computer Networks. CS 166: Introduction to Computer Systems Security

IP : Internet Protocol

Internet Protocol. Outline Introduction to Internet Protocol Header and address formats ICMP Tools CS 640 1

Protocol Layers & Wireshark TDTS11:COMPUTER NETWORKS AND INTERNET PROTOCOLS

Layer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers

To make a difference between logical address (IP address), which is used at the network layer, and physical address (MAC address),which is used at

Your Name: Your student ID number:

The Internet Protocol. IP Addresses Address Resolution Protocol: IP datagram format and forwarding: IP fragmentation and reassembly

Module 7 Internet And Internet Protocol Suite

Network Layer. The Network Layer. Contents Connection-Oriented and Connectionless Service. Recall:

Network Layer. Recall: The network layer is responsible for the routing of packets The network layer is responsible for congestion control

! ' ,-. +) +))+, /+*, 2 01/)*,, 01/)*, + 01/+*, ) 054 +) +++++))+, ) 05,-. /,*+), 01/-*+) + 01/.*+)

The Internet. 9.1 Introduction. The Internet is a global network that supports a variety of interpersonal and interactive multimedia applications.

Lecture 3. The Network Layer (cont d) Network Layer 1-1

CSEP 561 Internetworking. David Wetherall

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

Lecture 18 Overview. Last Lecture. This Lecture. Next Lecture. Internet Protocol (1) Internet Protocol (2)

Introduction to TCP/IP networking

Chapter 5 OSI Network Layer

CSE/EE 461 The Network Layer. Application Presentation Session Transport Network Data Link Physical

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Lecture 17 Overview. Last Lecture. Wide Area Networking (2) This Lecture. Internet Protocol (1) Source: chapters 2.2, 2.3,18.4, 19.1, 9.

Review of Important Networking Concepts

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

ECE 461 Internetworking Fall Quiz 1

ICS 351: Networking Protocols

Problems of IP. Unreliable connectionless service. Cannot acquire status information from routers and other hosts

CS519: Computer Networks. Lecture 2: Feb 2, 2004 IP (Internet Protocol)

IP Protocols. ALTTC/Oct

CHAPTER-2 IP CONCEPTS

Lecture 8. Basic Internetworking (IP) Outline. Basic Internetworking (IP) Basic Internetworking (IP) Service Model

Recap. Recap. Internetworking. First mile problem. Internet. End Users. Last mile problem. Direct link networks Packet switching.

Ref: A. Leon Garcia and I. Widjaja, Communication Networks, 2 nd Ed. McGraw Hill, 2006 Latest update of this lecture was on

Lecture 8. Reminder: Homework 3, Programming Project 2 due on Thursday. Questions? Tuesday, September 20 CS 475 Networks - Lecture 8 1

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

CPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer

Ch.9 Internet Protocol: Error And Control Messages (ICMP)

Department of Computer and IT Engineering University of Kurdistan. Network Layer. By: Dr. Alireza Abdollahpouri

Computer Networks Security: intro. CS Computer Systems Security

Network Layer: Internet Protocol

Network Layer (4): ICMP

TCP /IP Fundamentals Mr. Cantu

Fundamentals of Networking. OSI & TCP/IP Model. Kuldeep Sonar 1

CS475 Networks Lecture 8 Chapter 3 Internetworking. Ethernet or Wi-Fi).

Introduction to routing in the Internet

Internet Protocols (chapter 18)

Vorlesung Kommunikationsnetze

Introduction to routing in the Internet

ET4254 Communications and Networking 1

IPv4 (Part III) รศ.ดร.อน นต ผลเพ ม. Asso. Prof. Anan Phonphoem, Ph.D. Feb 2018

TSIN02 - Internetworking

K2289: Using advanced tcpdump filters

EITF25 Internet Techniques and Applications L7: Internet. Stefan Höst

PART X. Internetworking Part 1. (Concept, IP Addressing, IP Routing, IP Datagrams, Address Resolution)

CE3005: Computer Networks Laboratory 3 SNIFFING AND ANALYSING NETWORK PACKETS

Lesson 5 TCP/IP suite, TCP and UDP Protocols. Chapter-4 L05: "Internet of Things ", Raj Kamal, Publs.: McGraw-Hill Education

Chapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet

Each ICMP message contains three fields that define its purpose and provide a checksum. They are TYPE, CODE, and CHECKSUM fields.

Workshop on Scientific Applications for the Internet of Things (IoT) March

INTERNET SYSTEM. Internet Protocol. Kent State University Dept. of Computer Science. CS 4/55231 Internet Engineering. Large Scale Networking

Last time. Network layer. Introduction. Virtual circuit vs. datagram details. IP: the Internet Protocol. forwarding vs. routing

NET2-2 Internet Protocol and Routing Network Science Certificate George Mason University

Transport Over IP. CSCI 690 Michael Hutt New York Institute of Technology

Internet Protocol (IP)

CCNA 1 Chapter 7 v5.0 Exam Answers 2013

The Interconnection Structure of. The Internet. EECC694 - Shaaban

Network layer: Overview. Network layer functions IP Routing and forwarding NAT ARP IPv6 Routing

Agenda L2 versus L3 Switching IP Protocol, IP Addressing IP Forwarding ARP and ICMP IP Routing First Hop Redundancy

Troubleshooting Tools

Network layer: Overview. Network Layer Functions

Lecture 8. Network Layer (cont d) Network Layer 1-1

Transcription:

Course Contents PART 1 Overview and Introduction PART 2 Communication Reference Models PART 3 Data Communication Fundamentals and Physical Layer PART 4 Datalink Layer and Emerging Network Technologies PART 5 The Network Layer and The Internet Protocol Suite Page 5a-1 The TCP/IP protocol Stack Page 5a-2

Ethernet and IEEE 802.x LANs & TCP/IP (1) TCP/IP, as an internetwork protocol suite, can operate over a large number of physical networks. The most common and widely used of these protocols is Ethernet. As discussed in the previous chapter, two frame formats can be used on the Ethernet networks: The Ethernet (or DIX Ethernet or Ethernet V2.). The international IEEE 802.3 standard. The difference between the two standards is in the use of one of the header fields, which contains a protocol-type number for Ethernet and the length of the data in the frame for IEEE 802.3. Page 5a-3 Ethernet and IEEE 802.x LANs & TCP/IP (2) In Ethernet frame a data field length is up to 1500 bytes, and Ether type is greater than 1500. In the 802.3 MAC frame, the length of the data field is indicated in the 802.3 header (>1500). The type of protocol it carries is then indicated in the 802.2 header. Page 5a-4

Ethernet and IEEE 802.x LANs & TCP/IP (3) For all practical purposes, the Ethernet physical layer and the IEEE 802.3 physical layer are compatible. However, the Ethernet data link layer and the IEEE 802.3/802.2 data link layer are incompatible. The 802.2 Logical Link Control (LLC) layer above IEEE 802.3 uses a concept known as link service access point (LSAP), which uses a 3-byte header, where DSAP and SSAP stand for destination and source service Access Point respectively. Numbers for these fields are assigned by an IEEE committee. In the evolution of TCP/IP, three standards were established that describe the encapsulation of IP, ARP and RARP frames on these networks. Page 5a-5 Ethernet and IEEE 802.x LANs & TCP/IP (4) Standard for the Transmission of IP datagrams over Ethernet Networks specifies only the use of Ethernet type of networks. The values assigned to the type field are: a. 2048 (hex 0800), for IP datagrams b. 2054 (hex 0806), for ARP datagrams c. 32821 (hex 8035), for RARP datagrams Page 5a-6

Ethernet Packet Decoding (1) Decoding means understanding the fields of the headers of a packet to determine the information needed to process the packet in correct way. For example from the packet segment shown we need to determine: 1. the Destination and Source Hardware (MAC) addresses, 2. the type of packet frame (Ethernet or IEEE 802.3), 3. the length of data or the type of protocol encapsulated. Page 5a-7 Ethernet Packet Decoding (1) Sol: DA (6 bytes)= 00:11:09:C1:10:08 SA (6 bytes)= 00:10:7B:47:BB:D3 Type or Length? (2 bytes)= 0x0800 (2048 > 1500) Protcol Type Packet Type Ethernet So, Protocol Type Encapsulated =2048 IP Page 5a-8

Internet Layer Protocols Protocols associated with the IP network layer are: The Internet Protocol The Internet Control Message Protocol (ICMP) and The Address Resolution Protocol (ARP)/RARP. The (IP) protocol operates at the network layer and provides a best effort network layer service for connecting computers to form a computer network. The (ARP) isusedtomapipnetworkaddressestothe hardware addresses used by a data link protocol such as IPto-MAC mapping in Ethernet networks. The (ICMP) protocol is used to report problems with delivery of IP datagrams within an IP network. Page 5a-9 IP Packet Header Decoding (1) The IP datagram header consists of 20 bytes of data. An option exists within the header, which allows further optional bytes to be added. Page 5a-10

IP Packet Header Decoding (2) Flags (a sequence of three flags): used to control whether a packet is allowed to fragment or not and to indicate the last part of a packet to the receiver. Fragmentation Offset: This is used to aid the reassembly of the full datagram. The value in this field contains the number of 64-bit segments (header bytes are not counted) contained in earlier fragments. If this is the first (or only) fragment, this field contains a value of zero. TTL: Time To Live: (Number of hops/links which the packet may be routed over. Protocol: It indicates the type of the higher-level protocol to which IP being carried by this datagram. Here we include some examples of protocol types. Examples: - 0: Reserved, 1: Internet Control Message Protocol (ICMP), 4: IP (IP encapsulation), 6: Transmission Control Protocol (TCP), 17: User Datagram Protocol (UDP), 89: Open Shortest Path First Page 5a-11 IP Packet Header Decoding (3) Page 5a-12

IP Packet Header Decoding (4) Example: We need to get the header information according the definitions above. Page 5a-13 IP Packet Header Decoding (5) Sol.: Ethernet Header: DA (6 bytes)= 00:11:09:C1:10:08 SA (6 bytes)= 00:10:7B:47:BB:D3 Type or Length? (2 bytes)= 0x0800 (2048 > 1500) Protcol Type Packet Type Ethernet So, Protocol Type Encapsulated =2048 IP Not passed to D.L Page 5a-14

IP Packet Header Decoding (6) Sol. continued: IP header Info.: * IP Ver. (4-bits): 4 IPver.4 * IP Header Length (IHL) = 5 x 4 bytes =20 bytes. (no padding) * The type of service field is the next byte, which is 0x00 * Thetotal length field, the next 2 bytes=0x0028=40 bytes Data length = total length - header length = 40 20 = 20 bytes Page 5a-15 IP Packet Header Decoding (8) Sol. continued: Next, The IP Identification number (2bytes), 0x0025 It is used in conjunction with the next two bytes (flags and offset) to control fragmentation The flags field, the next 3-bits =0x4000 (010000000..0) means No fragmentation, The fragmentation offset (13-bits) = 0 (means the first packet in the data) Page 5a-16

IP Packet Header Decoding (9) Sol. continued: Looking for the next byte to get the TTL (1-byte) which gives TTL= 0x27 = 32+7=39 (This means the packet travel for (64-39=25 hops). * Theprotocol field is the next byte, which is 0x06, means that the encapsulated higher level protocol is the TCP. *Theheader checksum field, the next 2 bytes=0xfdd3 Page 5a-17 IP Packet Header Decoding (9) Sol. continued: Looking for the next 4-bytes to get the IP source address: which gives IP source = C1.71.A0.0D = 193.113.160.13 Looking for the next 4-bytes to get the IP source address: which gives IP destination = C1.E3.32.75 = 193.227.50.117 There is no options or padding, so the next header of TCP will start. 00 19 F3 01 42 40 CC C2 90 9F EE 8C Page 5a-18

TCP Segment Format (1) Page 5b-19 TCP Segment Decoding (1) For the following Ethernet packet find: i) The IP addresses of sender and receiver, ii) Type of the transport protocol, iii) The used ports and application layer protocol type, iv) Is it request or replay packet?, and v) The available window size. Sol. * Type of transport protocol = 0x06 TCP IP addresses Source = C1.71.A0.0D = 193.113.160.13 Destination = C1.E3.32.75 = 193.227.50.117 Source port = 0x19 = 25 Destination port = 0xF301= Header length = 4*4=16 byte * Flags = 010000 ACK = 1 Replay packet. * Windows size = 0xFD5C = 64860 Page 5b-20

UDP datagram Decoding (1) Each UDP datagram is sent within a single IP datagram. Although, the IP datagram may be fragmented during transmission, the receiving IP implementation will reassemble it before presenting it to the UDP layer. The UDP datagram has a 16-byte header: Source Port: Indicates the port of the sending process. Destination Port: the port of the destination process on the dest. host Length: The length (in bytes) of this user datagram, including the header. Checksum: check sum for the UDP header, and the UDP data. Bit 1 0 Bit 15 Bit 16 Bit 31 Source port (16) Destination port (16) Length (16) Checksum (16) 8 Bytes Data (if any) Page 5b-21 UDP datagram Decoding (2) For the following Ethernet packet segment find: i) The IP addresses of sender and receiver, ii) Type of the transport protocol, iii) The used ports and application layer protocol type, FF FF FF FF FF FF 00 0C DB 56 7C 00 08 00 45 00 01 19 74 6C 00 00 7E 11 BD 67 0A 11 0F F5 EF FF FF FA 07 6C 07 6C 01 05 14 E8 4E 4F 54 49 46 59 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A 48 4F 53 Sol.: DA (6 bytes)= FF:FF:FF:FF:FF:FF SA (6 bytes)= 00:0C:DB:56:7C:00 Protocol Type Encapsulated =2048 IP IP Ver. (4-bits): 4 IPver.4 IP Header Length (IHL) = 5 x 4 bytes =20 bytes. (no padding) The type of service field is the next byte, which is 0x00 The total length field, the next 2 bytes=0x0119=281 bytes Data length = total length-header length= 281 20 = 261 bytes The IP Identification number (2bytes), 0x746C The flags field, the next 3-bits =0x0000 (000000000..0) No fragment., Page 5b-22

UDP datagram Decoding (3) FF FF FF FF FF FF 00 0C DB 56 7C 00 08 00 45 00 01 19 74 6C 00 00 7E 11 BD 67 0A 11 0F F5 EF FF FF FA 07 6C 07 6C 01 05 14 E8 4E 4F 54 49 46 59 20 2A 20 48 54 54 50 2F 31 2E 31 0D 0A 48 4F 53 Sol.: TTL=0x7E=126, Protocol code =0x11=17 UDP The header checksum field, the next 2 bytes=0xbd67 S. IP (4 bytes)= 0A.11.0F.F5 = 10.17.15.245 D.IP (4 bytes) = EF.FF.FF.FA = 239.255.255.250 There is no options or padding, so the next header of UDP will start. Source Port = 0x076C = 1900 Dest. Port = 0x076C = 1900 P. Length = 0x0105 = 261 Checksum = 0x14E8 Data 4E 4f 54 49 46 59.... Bit 1 0 Bit 15 Bit 16 Bit 31 Source port (16) Destination port (16) Length (16) Checksum (16) 8 Bytes Data (if any) Page 5b-23 Ports and Sockets (2) Ex.2.For the following Ethernet packet, find the local and foreign half associations as well as the full association of the connection. 00 16 EC 00 03 A8 00 0C DB 56 7C 00 08 00 45 00 00 93 39 AC 00 00 69 11 76 E8 52 F0 59 7E C1 E3 32 74 FF FA 12 45 00 7F 02 0F E4 28 CB 77 EA 04 Sol. (UDP,82.240.89.126,65530) (UDP,193.227.50.116,4677) (UDP, 82.240.89.126,65530, 193.227.50.116,4677) Page 5b-24

Ports and Sockets (1) Ex.1. For the following Ethernet packet, find the local and foreign half associations as well as the full association of the connection. 00 11 09 C1 10 08 00 10 7B 47 BB D3 08 00 45 00 00 28 00 25 40 00 27 06 FD D3 C1 71 A0 0D C1 E3 32 75 00 19 F3 01 42 40 CC C2 90 9F EE 8C 50 10 FD 5C DB 55 00 00 00 00 00 00 00 00 Sol. (TCP,193.113.160.13,25) & (TCP,193.227.50.117, 62209) (TCP,193.113.160.13,25,193.227.50.117, 62209) Page 5b-25 Address Resolution Protocol (ARP) Header Decoding (1) There are four types of ARP messages that may be sent by the ARP protocol. These are identified by four values in the "operation" field of an ARP message. The types of message are: 1. ARP request 2. ARP reply 3. RARP request 4. RARP reply Page 5a-26

Address Resolution Protocol (ARP) Header Decoding (2) Hardware Type: indicates the physical address type (for Ethernet is 1). Protocol Type: contains the protocol address type (for IP is 0x800). Hardware Address Length: the physical address length (for Ethernet is 6). Protocol Address Length: the protocol address length (for IPv4 is 4). Operation: is the command; in our case we'll see ARP Request and ARP Replay Sender HA, IP: the H/W and IP address of the sender Target HA, IP: the H/W and IP address of the target Page 5a-27 Address Resolution Protocol (ARP) Header Decoding (3) Determine the header information of the following packet. FF FF FF FF FF FF 00 0C DB 56 7C 00 08 06 00 01 08 00 06 04 00 01 00 0C DB 56 7C 00 C1 E3 33 C1 00 00 00 00 00 00 C1 E3 33 D1 00 Sol. -DA=FF:FF:FF:FF:FF:FF -SA= 00:0C:DB:56:7C:00 -Protocol: 0x806 ARP -Hardware Type: 0x0001 -Protocol Type: 0x800 (IP protocol) -HLEN=0x06=6 bytes -PLEN=0x04=4 -Operation=0x01 ARP Query H/W SA= 00:0C:DB:56:7C:00 IP SA=C1.E3.33.C1=193.227.51.193 H/W DA= 00:00:00:00:00:00 IP DA = C1 E3 33 D1 = 193.227.51.206 Page 5a-28

ICMP Header Decoding (1) It is the responsibility of the network layer (IP) protocol to ensure that the ICMP message is sent to the correct destination by: Setting the destination address of the IP packet Setting the source address of the computer generating the ICMP ECHO request The IP protocol type is set to "ICMP" (01) The format of an ICMP message is shown Page 5b-29 ICMP Header Decoding (2) ICMP Message Types Echo Request (8) Echo Replay (0) Destination Unreachable (3) Time Exceeded (11) Redirect (route change) (5) Traceroute (30) there are more... http://www.iana.org/assignments/icmp-parameters Many of these ICMP types have a "code" field that indicates the reason of the error message. The "ping and Traceroute programs contain client interface to ICMP. Page 5b-30

ICMP Header Decoding (3) 00 0C DB 56 7C 00 00 30 4F 11 72 98 08 00 45 00 00 3C 70 07 00 00 80 01 E1 21 C1 E3 33 CE C1 E3 32 03 08 00 4A 14 01 00 02 48 61 62 63 64 65 66 67 68 69 6A 6B 6C 6D 6E 6F 70 71 72 73 74 75 76 77 61 62 63 64 65 66 67 68 69 Sol.: IP header (0x800) - Protocol type = 01 ICMP - source IP = C1.E3.33.CE = 193.227.51.206 - Dest. IP = C1.E3.32.03 = 193.227.50.3 ICMP header - Type= 0x08 Echo Request - Operation Code = 0x00 = Page 5b-31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback