The Internet and TCP/IP Phones OFF Please Brian Bramer Home:


The Internet and TCP/IP Phones OFF Please Brian Bramer Home:
Phones OFF Please
The Internet and TCP/IP
Brian Bramer
Email: [email protected]
The Evolution of TCP/IP
TCP/IP Protocol Architecture
The Internet Protocol Layer
3.1 IP Addresses
3.1.1 The Subnet Mask
3.2 DHCP
3.3 IP Domains and DNS
3.4 Problems with IP addressing
TCP and UDP Protocols
4.1 Client and Server Ports
TCP/IP Applications
Appendix A- The IP Datagram Packet
Appendix B- Routing IP Datagram
1. The Evolution of TCP/IP (and the Internet)
• Problem:
• organisations had serious problems transferring information between computers.
• i.e. incompatible operating systems, hardware, character codes, number systems,
• and resource sharing.
• In summary:
• In 1960’s U.S. DoD funded an experiment to interconnect research sites.
• December 1968 ARPA awarded a contract to design and deploy a
packet switching network.
• September 1969, the first node at UCLA.
• End of 1969 - four nodes installed.
• 1971 - ARPANET spanned continental U.S.
• 1973 - had connections to Europe.
• ARPANET developed X.25.
• 1974 TCP/IP proposed & implemented.
• 1983, the US DoD mandated that all of their computer systems
would use the TCP/IP.
• 1983, ARPANET split into two components:
• ARPANET - interconnects research! development and academic
• MILNET - carries military traffic and became part of the Defence
Data Network.
•1983 - University of California’s 4.2BSD UNIX included TCP/IP.
• 1986 - the NSF built a backbone network to interconnect four NSF-funded
regional supercomputer centres and the National Centre for Atmospheric
Research (NeAR).
• NSFNET was originally intended as a backbone for other networks and
limited traffic to non-commercial use.
• Thus
• ARPANET started with four nodes in 1969.
• 600 nodes before it was split in 1983.
• 160000 in 1989.
• 19500000 in 1997.
• today is unknown but is in 100’s of millions.
2. The TCP/IP Protocol Architecture
• Communication over Internet is mostly TCP/IP (Transmission Control
Protocol/Internet protocol).
• TCP/IP "stack" is software which allows applications to communicate
over network.
• TCP/IP support is either built into OS (e.g. UNIX) or available as an add-on.
• Application is what the users see, e.g. programs such as ftp,
email, web browser, telnet, etc.
•TCP (transmission control protocol)
• takes messages from the application
• breaks them up into packets
• sends them to the remote system
• where the message is put back together and passed to the application
• TCP corrects for errors in transmission (e.g. due to noise) and looks
after flow control (a slow system talking to a fast one).
• IP (Internet protocol) looks after addressing of machines and routing
the packets over the underlying network.
• Low level stuff is the Network Interface Layer connecting to
the underlying network(s).
• TCP/IP was developed by the USA Dept of Defence to operate over
multiple unreliable local or wide area networks connecting many different
types of computer systems.
3 The Internet Protocol Layer
• IP provides services that are roughly equivalent to the OSI Network Layer.
• provides a datagram (connectionless) transport service across the network.
• sometimes referred to as unreliable because does not guarantee delivery nor
notify the end host system about packets lost, i.e. TCP/IP was assumed to
run over unreliable networks.
• IP datagrams contain a message, or one fragment of a message, that may be
up to 65,535 bytes (octets) in length.
• IP does not provide a mechanism for flow control (the TCP layer can
provide this if necessary).
• Working:
• two host computers communicating using TCP/IP via two nodes, e.g. routers.
• e.g. a user on a home network communicating with it’s ISP server.
• Host 1 is communicates via Subnet 1 (home network) to Gateway 1
• Gateway 1 communicates via subnet 2 (telephone lines) with ISP’s
modem Gateway2.
• Gateway 2 communicates with Host 2 via the ISP’s internal network Subnet 3.
• IP interfaces with each subnet in turn using it to transmit datagrams (DG) to the
next node (using whatever physical, datalink and network layer that subnet has)
until they reach the destination.
• The TCP layer can create a virtual circuit (correcting for errors, flow control, etc.)
between the hosts for the applications which exchange messages.
3.1 IP Addresses
• Every machine requires a unique address so it can be identified and
packets routed to it.
• IP addresses are 32 bits in length typically written as a sequence of four
8-bit numbers (range 0 to 255) e.g.
• IP addresses are hierarchical for routing purposes and are subdivided into
two subfields:
• Network Identifier (NET ID) subfield identifies the TCP/IP sub-network
and is used for high-level routing between networks
• as the country code, city code, or area code is used in the telephone network.
• The Host Identifier (HOST_ID) subfield indicates the specific host
within a sub-network.
• To accommodate different size networks, IP defines several address
classes, A, B, C D and E.
• Class A intended for very large networks and can address up to
16,777,216 (224) hosts/network.
• The first digit of a Class A addresses will be a number
between 1 and 126.
• Relatively few Class A addresses have been assigned;
e.g. (IBM)
• Class B intended for moderate sized networks -can address up
to 65,536 (216) hosts/network.
• The first digit of a Class B address will be a number
between 128 and 191, e.g. DMU
• Class C intended for small networks and can address only up to 256
hosts per network.
• The first digit of a Class C address will be a number between 192 and 223.
• Most addresses assigned to networks today are Class C
• The remaining two address classes are used for special functions only and are
not commonly assigned to individual hosts.
3.1.1 The subnet mask
• An additional addressing tool is the subnet mask which is used to indicate to
applications the portion of the address that identifies the network from the
portion that identifies the individual hosts.
• The subnet mask is written in dotted decimal and the number of is indicates
the significant NET_ID bits.
• A Class B address would have a subnet mask of since the
first l6 bits are NET_ID.
3.2 DHCP (Dynamic Host Configuration Protocol)
• A machine can have a static IP address which is the same each time it
connects or a dynamic address which is assigned when it connects to the
Internet (and can be different each time).
• DHCP is the protocol for assigning dynamic IP addresses – the ISP has a
range of IP addresses available which are assigned when devices connect and
become free on disconnection.
• Machines permanently (e.g. DMU labs) attached to TCP/IP network are
permanently allocated an IP address by the network manager.
• When you dial-in from home to access the Internet via ISP Dial-in service the
IP address is assigned by the ISP’s DHCP server:
• the server has a number of addresses available for dial-in clients
and assigns the next free one at disconnection the IP address is then
available for another client
• Some ISPs offer static IP address to broadband users, e.g. if you runs
servers on your home PC.
3.3 IP Domains and Host Names
• Most IP hosts have both a numeric IP address and a name.
• Internet hosts use a hierarchical naming structure comprising a top-level
domain (TLD), domain and subdomain (optional), and host name
• e.g. =
• The domain name structure is best read from right-to-left, Internet host names
end with a top- level domain name.
3.3.1 Domain Name Servers (DNS)
• Domain names are convenient for people, however, the name must be translated
back to a numeric address for routing purposes:
• names and numbers are stored by a "domain name server" (DNS)
• Client programs may query the DNS to find a number before making a
connection, e.g. UNIX nslookup command
• e.g. =
3.4 Problems with IP addressing and IPv6
• Problems with the current IP addressing (called IPv4) based on a 32-bit number:
• Exhaustion of address space – the Internet is running out of IP addresses.
• Poor routing ability IPv4 - addresses bear no relation to physical location,
making routing difficult and creating large routing tables
• Limited support for multicast – Ipv4 has class D which is very limited for
commercial applications
• Inefficient/inflexible header – all IP packets carry the same header
overhead no matter what their requirements are.
• IPv6 has a 128 bit address space which is usually written as eight
16-bit numbers
• e.g., FEDC:BA98:7654:3210:FEDC:BA98:7654:3210.
• four times the number of bits (128 vs. 32) i.e.340,282,366,920,938,463,
• In addition to extended addressing IPv6 offers
• improved security: encrypting along with authentication and security headers.
• Improved multicasting
• sender and a receiver to establish a high-quality, high-bandwidth secure paths.
4 The Transport Layer – TCP and UDP
• The TCP/IP protocol suite comprises two protocols that correspond roughly to
the OSI Transport and Session Layers;
• TCP (Transmission Control Protocol) provides a virtual circuit
(connection-oriented) service.
• TCP includes rules for formatting messages, establishing and terminating virtual
circuits, sequencing, flow control, and error correction.
• Most of the applications in the TCP/IP suite use the TCP reliable transport.
• UDP provides an end-to-end datagram (connectionless) service.
• Some applications, such as those that involve a simple query and response,
are better suited to the datagram service of UDP because there is no time lost to
virtual circuit establishment and termination.
4.1 Clients and servers and TCP and UDP ports
• Consider a server program running on a machine in a TCP/IP network and
providing a service (mail, WWW, etc) to remote clients.
• To send a message to the server (e.g. to collect email) the client has to send a
packet to:
• a particular program, e.g. the email server
• running on a particular machine, e.g. DMU’s email server
• Requirement b) is satisfied by knowing the machine’s Domain Name or IP address,
e.g. DMU’s email server is on IP address
• However, a particular machine may be running several services so how is a packet
delivered to the correct program?
• This achieved by ‘ports’ via which programs communicate.
• When TCP/IP is running on a particular machine TCP and UDP each have 65536
ports numbered 0 to 65535 many of which are reserved for standard services.
• For example, consider a student accessing the DMU web page on
• When a server is started it attaches to a TCP or UDP port, e.g. a
HTTP (WWW) server listens on TCP port 80.
• The student would run a web client program.
• The student would enter the URL
• The web client would contact a DNS server to obtain the webs server’s
IP address; DMU’s web server was running on with
IP address
• Web client would send a packet to IP address port 80
requesting a web page.
• Packet would specify the clients IP address (e.g. and a spare
port on the client machine (e.g. 5023) for the reply to be sent to – the client
now ‘listens’ on this port
• the web server receives the packet, gets the web page off disk, constructs a
packet and sends it to the client’s IP address and specified port,
e.g. port 5023
• A server program is usually capable of processing requests from many
simultaneous clients.
• Port numbers below 1024 are reserved for ‘standard’ services and many not be
used by users, e.g.
• E-mail - SMPT (you send the email to ) port 25 and POP3 (you get the
email from) port 110
• Remote login (telnet) - port 23
• finger - port 79
• File transfer (FTP) - 20 (FTP data transfer), 21 (FTP control)
In Summary
• Applications and utilities reside in host, or end-communicating, systems.
• TCP provides a reliable, virtual circuit connection between the two hosts.
• UDP provides an end-to-end datagram connection at this layer.
• IP provides a datagram (DG) transport service over any intervening sub-networks,
including local and wide area networks.
• The underlying sub-network may employ nearly any common local or wide area
network technology.
5 TCP/IP Applications
• The Application Layer protocols include:
• Telnet: Short for Telecommunication Network, a virtual terminal protocol
allowing a user logged on to one TCP/IP host to access other hosts on
the network.
• FTP: The File Transfer Protocol allows a user to transfer files between local
and remote host computer.
• SMTP: The Simple Mail Transfer Protocol is the standard protocol for the
exchange of electronic mail.
• HTTP: The Hypertext Transfer Protocol is the basis for exchange of
information over the Internet (WWW).
• Finger: Used to determine the status of other hosts and/or users.
• POP: The Post Office Protocol defines a simple interface between a user’s
mail reader software and an electronic mail server; the current version is POP3.
• DNS: The Domain Name System defines the structure of Internet names and
their association with IP addresses, as well as the association of mail, name,
and other servers with domains.
• SNMP: The Simple Network Management Protocol defines procedures and
management information databases for managing TCP/IP-based network devices.
• Ping: A utility that allows a user at one system to determine the status of other
hosts and the latency in getting a message to that host. Uses ICMP Echo
• Whois/NICNAME: Utilities that search databases for information about Internet
domain and domain contact information.
• Traceroute: A tool that displays the route that packets will take when travelling
to a remote host.
Common TCP/IP servers attached to their TCP and UDP ports.
7 NAT (Network Address Translation Protocol)
• An organisation may be assigned one IP address (or a small number) yet have many
machines, e.g. an domestic ADSL line is assigned one IP address yet a house may
have four or five PCs.
• NAT is an Internet standard that enables a LAN to use one set of IP addresses for
internal traffic and a second set of addresses for external traffic.
• A NAT box located where the LAN meets the Internet makes all necessary IP
address translations.
• For example, IP addresses in the range to (65536
addresses) are assigned for internal network use and may not appear on the
internet itself.
• When an outgoing packet arrives at the NAT:
• the source IP address (say is replaced by the
organisations true IP address
• the source port (say 5000) is replaced by an index (say 1025) into a table in
the router and the source IP address and port are stored into the table
• The packet is then sent to the Internet.
• When an incoming packet is received by the NAT:
• the destination port (1025) is extracted and used as an index into the table
• the local IP address ( and port (5000) are extracted and put
into the packet
• the packet is sent to the correct process on the correct local machine.
• Because internal IP addresses are hidden NAT also provides a type of firewall in
that unsolicited packets arriving at the NAT are rejected (in a secure environment
additional firewalls should be implemented).
• The exception to this is when machines on the internal network run servers which
must be accessed from outside.
• Port Redirection is used which will pass packets for a particular destination port to
a specified machine on the network, e.g. if is running a HTTP server
(WWW) packets arriving at the NAT for port 80 will be sent to port 80
• In addition NAT helps with the problem of IPv4’s exhaustion of address space by
allowing a number of machines to use one (or a smaller number) of IP addresses.
Appendix A The IP datagram packet
Header lgth
Service Type
IP version number used
Expressed in 32 bit units What quality of service
is required?
Total Length
Of the entire
Flags e.g.
Fragment Offset
From which datagram does this
fragment come?
'don't cut me up!',
Position of this fragments
data within the data for the
overall datagram
Time to live
'There are more fragments on the
Header Checksum
The maximum time, in secs, this Which Transport Layer protocol
datagram is allowed to survive in is involved?
the internet
Source IP address
Destination IP address
IP options (if any)
To enable new ideas to be tested temporarily e.g.
security features, time-stamping etc.
To protect the header bits.
Data bits are protected by the
Transport Layer error control
Appendix B Routing IP Datagrams
B1. IP address classes
• An IP address allows you to define
• A network id,
• A host id on that network
• The unique address of a host is of the form
• (netid, hostid) or (netid, {sub-netid, hostid})
• An IP address for a host at DMU might be: 146 . 227 . LANx . hosty
• A sender indicates a destination using a (netid, hostid) IP address written into an IP
datagram. The datagram is sent to a router.
• Repeat……
the datagram arrives at a router. The router examines the netid part of the address:
• if
• the netid matches a network currently attached to the router:
• the router encapsulates the packet in the correct frame and adds the
correct hardware address of the destination device. If it doesn't know the
hardware address, it broadcasts an ARP request to find it out;
• the packet is sent over the network to the destination device;
• the destination unwraps the packet and passes it up to TCP running in
the Transport Layer
• else
• the router uses its routing table to determine the next hop;
• the packet is passed to the next router;
the packet arrives at a router at which the netid matches an attached network