TCP/IP illustraed V1

Posted on

IP : unreliable, connectionless datagram delivery service

  • unreliable : when something wrong ,throw away the datagram and try to send ICMP to the source
  • connectionless : each datagram transfered indepently which may get delivered out of order, not maintain any state information about sucessive datagrams
  • network traverse orderisbig endian

  • IP rout search : IP address network ID defaultrouting table
    A complete matching host address is searched for before a matching network ID.

    1
    2
    3
    4
    32-bit IP  ---->  48-bit MAC
       |       ARP       |
       |       RARP  	|
       |<----------------|

  • ARP Cache :maintains the recent mapping from IP to hardware address(MAC)

  • Proxy ARP :a router answer ARP requests on one of its networks for a host on another of its networks
  • Gratuitous ARP:a host sends an ARP request looking for its own IP address

RARP : use the physical address to get the the IP address

  1. RARP request(broadcast), RARP reply (unicast)
  2. RARP request are sen as hardware-level broadcast, not forward by routers.
  3. multiply RARP server are normally provided on a single nework
    all the server replys, but the rquest systerm use the first RARP reply that ir receives.

ICMP

  • ICMP message are transmitted within IP datagrams.
  • chesum cover the entire message
  • ICMP donot response to:
  1. An ICMP error message
  2. A datagram destined to an IP broadcast address.
  3. Datagram sent as a link-layer broadcast.
  4. A fragment other than the first
  5. A datagram whose source address dose not define a single host.

IP route

  • netstat -rn
    U: the route is up;
    G: the route is to differentiate between an indirect route(G) and a direct route
    H : specifies the destination address is a complete host address.
    • indirect route: IP address specify the destination and the link layer address specifies the gateway.
    • direct route : both the IP address and the link-layer address specifies the destinations.

match host -> match subnet -> default gateway

  • The ICMP “host unreachable” error message is sent by a router when it receives an IP datagram that it cannot deliver or forward
  • The ICMP redirect error is sent by a router to the sender of an IP datagram when the datagram should have been sent to a different router

Dynamic route

  • RIP messages are carried in UDP datagrams,port number for RIP is UDP port 520
    RIP in UDP
  1. A stub AS has only a single connection to one other AS. A stub AS carries only local traffic.
  2. A multihomed AS has connections to more than one other AS, but refuses to carry transit traffic.
  3. A transit AS has connections to more than one other AS and is designed, under certain policy restrictions, to carry both local and transit traffic.

BGP uses TCP as its transport protocol, distance vector protocol, but ennumberate the route to each destination

UDP

  • The UDP/TCP checksumcovers the header and the data,but not IP
  • both UDP and TCP include a 12-byte pseudo-header with the UDP datagram (or TCP segment) just for the checksum computation
  • fragmentation : if one fragment is lost the entire datagram must be retransmitted.
  • An IP datagramis the unit of end to end transmission at IP layer ,but a packet is the unit of data passed between the IP layer and the link layer.

Broadcasting and multicasting only apply to UDP

Mapping of a class D IP address into Ethernet multicast address

IGMP

  1. A host sends an IGMP report when the first process joins a group. If multiple processes on a given host join the same group, only one report is sent, the first time a process joins that group. This report is sent out the same interface on which the process joined the group.
  2. A host does not send a report when processes leave a group, even when the last process leaves a group. The host knows that there are no members in a given group, so when it receives the next query (next step), it won’t report the group.
  3. A multicast router sends an IGMP query at regular intervals to see if any hosts still have processes belonging to any groups. The router must send one query out each interface. The group address in the query is 0 since the router expects one response from a host for every group that contains one or more members on that host.
  4. A host responds to an IGMP query by sending one IGMP report for each group that still contains at least one process.
  • an application must convert a hostname to an IP address before it can ask TCP to open a connection or send a datagram using UDP. The TCP/IP protocols within the kernel know nothing about the DNS.
  • TFTP use in UDP
    • each exchange start with the clinet asking the server read a file for the clinet or write a file for the client
    • be used only during the bootstrap process of diskless systems. It uses only a few message formats and a stop-and-wait protocol.
    • he TFTP server provides concurrency by creating a new UDP port for each client.

connection-oriented, reliable, byte stream service

TCP Interactive Data Flow

each interactive keystroke normally generates a datapacket in Rlogin

four segments:

(1) the interactive keystroke from the client,
(2) anacknowledgment of the keystroke from the server,
(3) the echo of the keystroke from the server,
(4)an acknowledgment of the echo from the client.

Nagle algorithm

  • a TCP connection can have only one outstanding small segment that has not yet been acknowledged. No additional small segments can be sent until the acknowledgment is received. Instead, small amounts of data are collected by TCP and sent in a single segment when the acknowledgment arrives.
  • Delayed acknowledgments are used by the receiver of these small segments to see if the acknowledgment can be piggybacked along with data going back to the sender. This often reduces the number of segments, especially for an Rlogin session, where the server is echoing the characters typed at the client.
  • On slower WANs the Nagle algorithm is often used to reduce the number of these small segments. This algorithm limits the sender to a single small packet of unacknowledged data at any time. But there are times when the Nagle algorithm needs to be disabled, and we showed an example of this.
  • flow control is done by the Rlogin client.

SNMP

SNMP uses UDP,a request from the manager may not arrive at the agent, The manager probably wants to implement a timeout and retransmission.
The manager sends its three requests to UDP port 161. The agent sends traps to UDP port 162.

SNMP