Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
With multiple transport layer and application layer protocols, what dictates
how a particular combination of protocols is chosen? As will be detailed below,
a field in the IP header designates which transport layer protocol will act on
the IP datagram. Likewise, a field in the transport layer header designates
which application layer program will act on the transport layer segment. An
application program, based on its need for reliability and throughput, selects
the appropriate transport layer protocol to use. Since the Internet only has one
network-layer protocol (IP), going down the stack from a transport layer
protocol does not involve a selection. The physical/link layer
selected by the IP layer is dictated by an interface table associated with the IP
address in the IP header.
BRBRAITT : Nov-2006 2
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Figure-2 illustrates all the major TCP/IP Internet protocols and associates a
layer of the architecture with each. Application-layer protocols are divided into
two groups, first, those that provide a utility function to the Internet (utility),
and, second, those that provide a service directly to the user. The major
applications protocols are categorized below by user service and utility.
Application Layer
BGP RIP
BRBRAITT : Nov-2006 3
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
• Trivial file transfer protocol (TFTP) – provides an unreliable, simple file
transfer capability.
• Network file system (NFS) – provides remote virtual storage capability.
• Simple message transfer protocol (SMTP) – provides electronic mail
capability.
Utility Applications
In theory, all application protocols could use either the UDP or the TCP. The
reliability requirements of the application dictates which transport layer
protocol is used. For example, some applications, such as the domain name
service (DNS), may either UDP or TCP.
Although there are many physical/link layer protocols, the most popular and
the primary focus herein is Ethernet.
The service call contains information that enables the FTP client to construct
an FTP descriptor of the type file and the destination host address. The
description and user file (message) are given to the transport layer
transmission control protocol (TCP). The TCP attaches a header to the FTP
message that contains the source port number (identification of the user) and
a destination port number (identification of the FTP server). TCP also
memorizes these parameters in a memory-resident table to allow continuing
operations between the FTP client and server by specifying only a name of
the established association (connection). The TCP passes its header and the
FTP message (the user file) to the IP for delivery to the destination host
(specified by the FTP client) via the Ethernet LAN.
The IP is central to the entire TCP/IP protocol suite, excepting some utilities
that interface the physical layer directly. Whether the communication is local
or network wide, the IP is used. The IP uses a memory-resident routing table
to determine which physical interface should be used for the particular FTP
message. The IP attaches its header (containing a specific, network wide IP
address) to the TCP header (already attached to the TCP data, which is the
FTP data) and passes it to the appropriate physical/link layer program
(Ethernet in this scenario) for delivery to the host at the destination specified
by the IP address in the IP header. The IP address (32 bits) is converted to an
Ethernet address (48 bits) by the address resolution protocol (ARP) before the
Ethernet driver constructs an Ethernet frame. The frame is broadcast on the
bus as a unicast packet targeted at a single Ethernet address. While all
device drivers on the Ethernet see the frame, only the device driver of the
addressed host processes the frame and the others discard it.
The process is reversed at the destination host. The Ethernet driver removes
the Ethernet header and passes the remainder (frame data containing IP
BRBRAITT : Nov-2006 5
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
header, TCP header, and FTP message) to the destination IP. The destination
IP removes the IP header and passes the IP data to the transport layer (TCP).
TCP removes the TCP header and passes the message to the application
layer program specified by the port number in the TCP header, which is FTP
in our example. The major
Build
Ethernet
header
FTP
message TCP IP Ethernet
(contains no header) segment datagram frame
application programs have a fixed, unique port number called the “well-
known” port number. The port number for FTP data is 20.
The Internet protocol (IP) receives data directly from the Ethernet and
functions on an architectural level equivalent to the network layer of the OSI
reference model. The protocols ARP and RARP receive data directly from the
Ethernet in the same manner as the IP.
BRBRAITT : Nov-2006 6
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
The datagram consists of a header and data. Figure-4 identifies each field of
the header, and is followed by a description of each field.
The value represents the number of octets in the header divided by four,
which makes it the number of 4-octet groups in the header. The header length
is used as a pointer to the beginning of data. The header length is usually
equal to 5, which defines the normal, 20-octet header without options. When
options are used, padding may be required to make the total size of the
header an even multiple of 4-octet groups. The range of value for the header
length is 5 to 15.
All other values are reserved or unassigned. Although the range of values is 0
to 15, the value used by IP is 4. By means of this field, different versions of
the IP could operate in the Internet.
Bits +5, +6, and +7 make up the precedence field, with a range of 0 to 7. Zero
is the normal precedence and 7 is reserved for network control. Most
gateways presently ignore this field.
The four bits (+1, +2, +3, and +4) define the priority field, which has the field
range of 0 to 15. The four priorities presently assigned (the remaining 12
values are reserved) are: value 0 (the default, normal service), value 1
(minimize monetary cost), value 2 (maximize reliability), value4 (maximize
throughput), and value 8 (bit+4 equal to one, defines minimize delay option).
BRBRAITT : Nov-2006 7
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
These values are used by routers to select paths that accommodate the users
request.
32 Bits
D M
Identification Fragment offset
F F
Source address
Destination address
Bit order of
transmission
msb Isb
7 6 5 4 3 2 1 0
Precedence Priority 0
27 26 25 24 23 22 21 20
The total length field is used to identify the number of octets in the entire
datagram. The field has 16 bits, and the range is between 0 and 65,535
octets. Since the datagram typically is contained in an Ethernet frame, the
size usually will be less than 1,500 octets. Larger datagrams may be handled
by some intermediate networks of the Internet but are segmented if a gateway
of a network is unable to handle the larger size. IP specifications sets a
minimum size of 576 octets that must be handled by routers without
fragmentation. Larger datagrams are subject to fragmentation.
BRBRAITT : Nov-2006 8
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Identification – 16 Bit field
Flags – 2 Bits
The flag field contains two flags. The low-order bit (MF) of the flags fields is
used to denote the last fragmented datagram when set to zero. That is,
intermediate (not-last) datagrams have the bit set equal to one to denote more
datagrams are to follow. The high-order bit (DF) of the flags field is set by an
originating host to prevent fragmentation of the datagram. When this bit is set
and the length of the datagram exceeds that of an intermediate network, the
datagram is discarded by the intermediate network and an error message
returned to the originating host via the ICMP.
It represents a count set by the originator, that the datagram can exist in the
Internet before being discarded. Hence, a datagram may loop around an
internet for a maximum of 28 – 1 or 255 before being discarded. The current
recommended default TTL for the IP is 64. Since each gateway handling a
datagram decrements the TTL by a minimum of one, the TTL can also
represent a hop count. However, if the gateway holds the datagram for more
than one second, then it decrements the TTL by the number of seconds held.
The originator of the datagram is sent an error message via the ICMP when
the datagram is discarded.
BRBRAITT : Nov-2006 9
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
The protocol field is used to identify the next higher layer protocol using the IP.
It will normally identify either the TCP (value equal to 6) or UDP (value equal
to 17) transport layer, but may identify up to 255 different transport layer
protocols. An upper layer protocol using the IP must have a unique protocol
number.
The checksum provides assurance that the header has not been corrupted
during transmission. The checksum includes all fields in the IP header,
starting with the version number and ending with the octet immediately
preceding the IP data field, which may be a pad field if the option field is
present. The checksum includes the checksum field itself, which is set to zero
for the calculation. The checksum represents the 16-bit, one’s complement of
the one’s complement sum of all 16-bit groups in the header.
Users of the IP must provide their own data integrity, since the IP checksum is
only for the header.
The source address field contains the network identifier and host identifier of
the originator.
The destination address field contains the network and identifier & Host
identifier of the destination.
The presence of the “options” field is determined from the value of the header
length field. If the header length is greater than five, at least one option is
present.
Although it is not required that a host set options, it must be able to accept
and process options received in a datagram. The options field is variable in
length. Each option declared begins with a single octet that defines that
format of the remainder of the option.
BRBRAITT : Nov-2006 10
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Timestamp Option
The timestamp option provides the user with a technique of recording the
precise route taken by a datagram and the time that each element (node or
gateway) handling the datagram processed it.
This provides a routing trace of the datagram. The strict source route option
permits the originator to can be useful to force all traffic over a particular path
for testing. The strict source routing option is coded with the precise
successive IP addresses, with a pointer set to the first hop. Each ode handling
the datagram increments the pointer to the next IP address. Loose source
routing is similar, except only the major IP addresses are entered in the list of
IP addresses. The Internet my take any desired intermediate path so long as
the datagram visits the IP nodes identified.
Although ICMP and IGMP gain control as transport layer functions, they
function as a utility to the network layer (IP). The TCP/IP designers used the
protocols number in the IP header to demultiplex to distinct services.
BRBRAITT : Nov-2006 11
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
specific application process (queue) located at the IP address. The UDP
header also contains a source port number that allows the receiving process
to know how to respond to the user datagram. It effectively loads up one
round with the entire, fixed-length message, aims it at the intended receiver
(IP address and destination port number), fires one shot into the network, and
ends. There is no acknowledgement, flow control, message continuation, or
other sophisticated attributes offered by the TCP.
The UDP operates at the transport layer and has a unique protocol number in
the IP header (number 17). This enables the network layer IP software to pass
the data portion of the IP datagram to the UDP software. The UDP uses the
destination port number to direct the from the IP datagram (user datagram) to
the appropriate process queue. The format of the UDP datagram is illustrated
in Figure-6. Since there is no sequence number or flow control mechanism,
the user of UDP must either not need reliability or self service. The reliability
of UDP is characterized by phrases such as send and pray, used to describe
its operation.
The source and destination port numbers in conjunction with the IP addresses
define the end points of the single-shot communication. The source port
number may be equal to zero if not used. The destination port number is only
meaningful within the context of a particular UDP datagram and IP address.
7 65 4 3 21 0 7 65 4 3 21 0 7 6 5 4 3 21 0 7 65 4 3 21 0
UDP data
BRBRAITT : Nov-2006 12
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
The source port number is a 16-bit field. The destination port number is also a
16-bit field.
There are some fixed, preassigned port number used for services on the
Internet – for example, number 7 is used for the UDP echo server and number
69 is used for trivial file transfer (TFTP). These fixed, preassigned port
numbers are referred to as well-known ports and controlled by the IANA.
The UDP message-length field is a 16-bit field that contains a count of the
total number of octets in the user datagram, including the header. Hence, the
minimum-size length field is 8.
Usage of the UDP checksum is optional, however the field must be set to zero
when not used. Since the IP layer does not include the data portion of the IP
datagram in its checksum (protocols the IP header only), UDP has its own
checksum to provide data integrity. The UDP checksum is the 16-bit one’s
complement of the one’s complement sum of the UDP header, UDP data, and
some fields from the IP header,
TCP rides the unreliable, connectionless IP in the same manner as the UDP.
That is, it has a unique protocol number (# 6) in the IP datagram that signals
the IP to pass that data from the datagram (TCP header and data) to the TCP
processing layer. TCP provides a transport layer service in terms of the OSI
reference model – it functions as layer 4 (see Figure 7). The transmission unit
for IP is called datagram, for UDP it is called user datagram, and for TCP it is
called segment or (sometimes) packet.
BRBRAITT : Nov-2006 13
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
TCP Connection
There are two categories of interface between TCP and all other programs.
The first is down the stack to the network layer programs. Since there is only
one network layer program, the IP, the interface is decided by the IP. The
second is the interface to the user programs (the n + 1 layer). This interface
will vary in different operating systems, but the general characteristics are
described here. The interface involve the user program calling a system
routing that makes entries in a data structure called a transmission control
block (TCB). The entries initially may be made into a hardware stack and
transferred to the TCB by the system routine, which is implementation
specific. The entries in the TCB enable TCP to associate a user with a
particular connection in order to accept continuing commands from one user
and send them to the user at the other end of the connection. TCP uses
unique identifiers from each end of the connection to remember the
association between two users. The user is provided with a connection name
to use in making future entries in the TCB for the connection. The unique
identifiers for each end of the connection are called sockets. The local socket
is constructed by concatenating the source IP address with the source port
number. The remote socket is constructed by concatenating the destination IP
address with the destination port number. A socket for a well-known service
such as TELNET or FTP may have many connections. However, the pair of
sockets for one connection forms a unique number within the Internet. Note
that UDP has the same set of sockets as TCP but they are not remembered
by UDP, which is the difference between being connection oriented and
connectionless.
Application
Application 1 Application 2 Application N
Layer
Presentation
Presentation 1 Presentation 2 Presentation N
Layer
Session
Session1 Session 2 Session N
Layer
Transport
Transport 1 TCP Transport N
Layer
Network
Internet (IP)
Layer
TCP remembers the state of each connection from information stored in the
TCB. When a connection is opened, an entry in the TCB unique to the
BRBRAITT : Nov-2006 14
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
connection is made. A connection name is supplied to the user to enable
directing commands to the connection. As conditions change for a connection,
the status and other variables are changed in the entry for the connection in
the TCB. When the connection is closed, the entry for the connection is
deleted from the TCB.
TCP Connection
With all the added capability over UDP, one would expect the overhead for
TCP to be greater than UDP, and it is much greater. Not only is the header
larger, but connections must be established and terminated. To get a feeling
for the general contents of the TCP header, see Figure 10.
The source and destination port numbers in TCP header identify the
application programs at each end of the TCP connection. As defined above, a
pair of sockets, one from each end of a connection, uniquely identifies that
connection. Another way of thinking of it – to illustrate the multiplexing
capability of TCP – is that the pair of sockets identifies a unique connection
thread through the Internet. The IP address in the IP datagram is used to
deliver the TCP segment to the correct machine. The protocol number in the
IP datagram directs the segment to TCP. The source and destination port
numbers in the TCP header are used to direct the segment data to the
appropriate application layer entity (software program). Since the port number
in the TCP header is a 16-bit field, there could be, theoretically, up to 65536
connections between two peer TCP layers using the same set of IP
addresses.
BRBRAITT : Nov-2006 15
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Internet
Sender Receiver
0
1
SYN, seq=x
2 (SYN, seq=x)
3
(SYN, seq =y, ack = x+1
4
ACK, seq =x+1, ack =y +1
Legend:
0 CLOSED 2 SYN-SENT
1 3 SYN-RECEIVED 4 ESTABLISHED
LISTEN
sequence number. The value x is typically associated with the time to assure
that sequence numbers from a previous incarnation are not picked up after a
restart. The receiver responds by returning synchronization, acknowledging
the sequence number x, and stating that it chooses to use sequence number
y for initiation. The handshake is completed when the initiator acknowledges
the sequence number y with an ACK. For reference, the TCP state for each
event is illustrated with a number inside of a circle.
BRBRAITT : Nov-2006 16
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Closing a TCP Connection
When it is necessary to abort a connection, the RST bit is set in the code field
of a segment. The receiver of a segment with the RST bit set immediately
aborts the connection, and advises the application program after the fact. This
means that both sides of the FDX connection are aborted and any buffers
associated with the connection are released.
BRBRAITT : Nov-2006 17
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Internet
Sender Receiver
(CLOSE ) 4 4
5
(FIN, seq=x, ack=y)
7
Legend:
9 LAST – ACK
5 FIN – WAIT – 1
TCP can control the amount of data that may be sent to it by setting the
window field in the TCP header equal to the maximum number of octets that it
has the capacity to receive. The receiver of the window field uses this value to
determine if the intended receiver has the capacity to continue receiving data,
or if it must hold off until the intended receiver recovers buffer space. The
window field tells the receiver of the segment containing it that this is the
maximum number of octets that may be sent before receiving further
permission.
BRBRAITT : Nov-2006 18
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
The TCP segment consists of a TCP header and data. The header portion of
the TCP segment is relatively fixed in size. The only optional field is the
options field, which may necessitate a pad field to assure that the overall
header length is a multiple of four-octet groups. The format of the TCP
segment is illustrated in Figure-10. The following is a description of each of
the fields in the TCP segment, and general characteristics of TCP associated
with each field description.
32 Bits
Source port Destination port
Sequence number
Acknowledgement number
TCP TCP U A P R S F
header header R C S S Y I Window size
length length G K H T N N
Checksum Urgent pointer
Data (optional)
There are two sequence numbers in the TCP header. The first is the send
sequence number (SSN). The SSN is a 32 – bit unsigned integer. The entire
data to be sent from one program to another is called a stream. If a stream is
too large for a single TCP path segment (typical), it is broken up into smaller
segments. The SSN of the first TCP segment identifies the first octet of the
entire stream. Assume this value is n, which was established when the TCP
connection was made. Then, the value of the SSN of the second TCP
segment equals n + m, where m is the octet displacement within the total
stream to the beginning of the second TCP segment. In general, the SSN is
an octet pointer within the total stream to the first octet of the particular TCP
segment. The value of the field cycles between 0 and (232 – 1). It provides
each octet of a stream with a sequence number.
From the scenario above with the SSN of n for the first segment and n + m for
the second segment, the receiver of the first segment would send an ACK
with the RSN equal to n + m, which acknowledges the receipt of octets n
through n + m – 1 by advising that the next expected SSN is equal to n + m.
Header length
The header length is a 4-bit field. It contains an integer equal to the total
number of octets in the TCP header, divided by four. That is, it represents the
number of 4-octet groups in the header. The value of the header length field is
typically equal to five unless the there are options. Since there may be options
in the TCP header, the pad field is used to force the number of octets in the
header equal to a multiple of four. There may be up to three octets in the pad
field, each containing the value zero.
Code Bits
The purpose and content of the TCP segment is determined by the settings to
the bits in the code bit field.
• URG bit – The URG code bit and the urgent pointer provide the
sending program with the ability to bypass the normal stream with
urgent data. When the URG bit is set to one, the urgent pointer is used
as an octet displacement from the sequence number of the segment to
the last octet of urgent data. That is, the data following the urgent
BRBRAITT : Nov-2006 20
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
pointer is the routine or nonurgent data. When the URG bit is not equal
to one, the urgent pointer is not used.
• ACK bit – When the ACK bit is equal to one, the acknowledgement
number is valid. This should always be the case after the connection is
established.
Code Bit Field Definitions
Mnemonic Bit
Name Number Meaning If Bit Equal to One
• PSH bit – Although a transmit buffer may not be full, the sender may
force it to be delivered. This procedure is often used with a TELNET
hot-key entry to create single-octet segments, which is required by
some applications.
• RST bit – Setting the RST bit in a segment causes the connection to be
aborted. All buffers associated with the connection are released and
the entry in the TCB is deleted.
• SYN bit – The SYN bit is set during connection establishment only to
synchronize the sequence numbers.
• FIN bit – The FIN bit is set during connection closing only.
Window
The window field is a 16-bit unsigned integer. The window field is used to
advertise the available buffer size (in octets) of the sender to receive data.
Options
BRBRAITT : Nov-2006 21
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Padding
The padding field, when present, consists of one to three octets, each equal
to zero, to force the length of the TCP header to be in multiples of four octets.
If options are nor used, padding is not required. If options are used, padding
may or may not be required.
Checksum
Since the IP layer does not include the data portion of the datagram in its
checksum (protects the IP header only), TCP has its own checksum to
provide data integrity. The checksum field of the TCP header is set to zero
before the checksum calculations. The TCP checksum is the 16-bit one’s
complement of the one’s complement sum of the TCP header, TCP data.
Including fields from the IP datagram header in the checksum protects against
misrouted TCP segments. If the computed checksum is zero, it is transmitted
as all ones (the one’s complement of zero).
BRBRAITT : Nov-2006 22
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
The echo request and reply messages described in the next paragraph use
an identifier field and sequence number field that is not used by the other
ICMP messages. It further has a variable amount of data (supplied by the
user ) that is returned. The remainder of the ICMP messages are nearly
identical in format, and the format illustrated in Figure-13.
Type
Field ICMP Message Type
0 Echo reply
3 Destination unreachable
4 Source quench
5 Redirect (change route)
8 Echo request
11 Time exceeded for a datagram
12 Parameter problem on a datagram
13 Timestamp request
14 Timestamp response
17 Address mask request
18 Address mask response
The type field in the request message is equal to 8, and equal to zero in the
response message. The code field is always zero. The checksum is
calculated in the same manner as for the IP datagram, and the value during
the calculation is zero. The identifier and sequence number are used by the
sender to match replies with requests. The optional data field is variable in
length.
7 65 4 3 21 0 7 65 4 3 21 0 7 6 5 4 3 21 0 7 65 4 3 21 0
Optional data
Originally, the ICMP quench message was not sent until it was necessary to
discard a message. By this time the system was overloaded and could ill
afford to handle a retransmission. The algorithm was changed to send the
ICMP quench message when the receiver used 50% of its buffer capacity.
7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0 7 6 5 4 3 2 1 0
Unreachable Codes
Code
Value Description
0 Network unreachable
1 Host unreachable
2 Protocol unreachable
3 Port unreachable
4 Fragmentation needed with DF set
5 Source route failed
6 Destination network unknown
7 Destination host unknown
8 Source host failed
9 Network administratively prohibited
10 Host administratively prohibited
11 Network type service not reachable
12 Host type service not reachable
BRBRAITT : Nov-2006 25
“DATA NETWORKS” FOR JTOs PH-II – TCP/IP
Time-To-Live Exceeded
Subnet Mask
When a host wants to know the subnet mask for a physical LAN, it may send
an ICMP subnet mask request. The type value is 17 for the subnet mask
request and 18 for the response. The code value is zero, and the
identifier/sequence number is used to identify the reply.
BRBRAITT : Nov-2006 26