tcp-ip

Network Design

and

Management





Willis F. Marti

Understanding TCP/IP -

Agenda



• Introduction to the Internet Suite

• Core Protocols

• Management Protocols

• Application Protocols

• Protocols in Operation

• Firewalls & Security

• Routing Protocols

• Issues/Futures

Introduction to the Internet

Suite



• Brief History

• Overview of the Architecture

• References

Brief History & Status of the

Internet



• US DoD

• Research Organizations

• Operational Separation

– MILNET

– ARPANET

• NSFNet

• Commercialization

• Anarchy ?

History



• What is an Internet?

• Other contemporary communications

architectures

• Defense Advanced Research Project Agency

(DARPA)

– 1969 network of four universities

– TCP/IP in mid-1970‟s

History, cont.



• Growth of military and research use

• “Operational” net in 1983

• Berkeley networking

• National Science Foundation (NSF) 1985/6

– Supercomputer centers

– Start of regional networks

• Transition to open access 1990 -- ?

(Partial) TCP/IP Stack



FTP





TELNET DNS



TCP UDP







IP ICMP

ARP

DIX Ethernet or ...

Example: OSI & the Internet



Application NFS



Presentation XDR





Session RPC



Transport UDP





Network IP





Data/Link DIX Ethernet



Physical IEEE 802.3

TCP/IP Architecture



• Theme: Communication over unreliable,

heterogenous infrastructure



• Universal Service



• Standards, not Implementations



• aka Internet Suite

Universal Service



• Virtual Network



• Arbitrary Connectivity



• IP -- One address end-to-end



• Meaning of Hosts

References TCP/IP

• Overall -- Douglas Comer

– Internetworking with TCP/IP, Vol I, 3d ed.

– Internetworking with TCP/IP, Vol II

– Internetworking with TCP/IP, Vol III (Sockets), 2d ed

– Internetworking with TCP/IP, Vol III (TLI)

• Unix Programming -- W. Richard Stevens

– Unix Network Programming

– Advanced Unix Network Programming

• Stevens & Wright

– TCP/IP Illustrated Vol I

– TCP/IP Illustrated Vol II

– TCP/IP Illustrated Vol III

• http://www.qnx.com/~mphunter/tcpip_resources.html

Core Protocols



• ARP -- Address Resolution Protocol

• IP -- Internet Protocol

• ICMP -- Internet Control Message Protocol

• UDP -- User Datagram Protocol

• TCP -- Transmission Control Protocol

• DNS -- Domain Name System

• FTP -- File Transfer Protocol

• TELNET -- Connectivty Application

ARP



• Address Resolution Protocol {translate network

layer address to physical address}





• Part of general resolution procedure:



name {e.g., neuron.cs.tamu.edu}

DNS



IP Address {e.g., 128.194.133.1}

ARP



Ethernet address {e.g., 08:00:20:08:58:78}

IP and ICMP



• IP is the “Duct Tape” for the Internet

– More details later





• ICMP is an Internal protocol to IP



• ICMP provides several services to network

managers

– ping

– traceroute

IP Functionality



• Presents single, virtual network to user

• Connectionless Delivery

• Packet Routing

• Interface to Lower Layers

IP Addresses

• “Dotted Decimal”

32 bit (4 byte) address, written by taking each

byte as an unsigned number

• Address Classes [first octet]

– A - 1-126

– B - 128-191

– C - 192-223

– D - special subset of C 224-239

multicast

– E - reserved 240-254

• Netmask

– a 32 bit value which, when ANDed with an address, selects

only the network part

Netmask Usage

“Do a bitwise AND then compare for equality of

results”



& netmask =?= & netmask





Same netmask

if comparison is equal, then both src & dst are

on same (sub)net.

Netmask Examples



S= 128.194.100.10 D= 128.194.200.10

M= 255.255.255.0 M= 255.255.255.0

result 128.194.100.0 result 128.194.200.0

Not Equal



S= 128.194.12.10 D= 128.194.12.110

M= 255.255.255.0 M= 255.255.255.0

result 128.194.12.0 result 128.194.12.0

?

S= 67.194.18.10 D= 67.194.10.10

M= 255.255.240.0 M= 255.255.240.0

result 67.194.16.0 result 67.194. 0.0



?

Special Address Conventions



• This host

all 0’s

• Host on this net

all 0’s host

• Limited broadcast

all 1’s • Directed broadcast

net all 1’s • Loopback

127 anything (usually 1)

Bridges or Routers





Address & Netmask

1: 131.122.24.12 255.255.255.0

1

2: 131.122.31.253 255.255.255.0

3: 131.121.18.12 255.255.240.0

3 4: 131.121.24.18 255.255.240.0

A 5: 131.121.31.254 255.255.240.0





B C

2 5







D

4

IP Header

0 4 8 16 19 24 31



VERS HLEN SERVICE TYPE TOTAL LENGTH



IDENTIFICATION FLAGS FRAGMENT OFFSET



TIME TO LIVE PROTOCOL HEADER CHECKSUM



SOURCE IP ADDRESS



DESTINATION IP ADDRESS



IP OPTIONS (IF ANY) PADDING



DATA



...

IP Packet Handling (rcv)



Sockets



Transport Layer (TCP or UDP)



Other

IP





Link {DIX Type or 802.3 DSAP}







Physical

receiving

IP Packet Handling (xmit)



sending Local or Non-Local ?





Search Routing

Table

ARP





Found! Missing!



Send locally...

ICMP Error

ICMP

• Reachability



• Redirection



• Information



• “Are you there?”

Ping



• ICMP Echo Request/Echo Reply



• Options for:

– Routing

– Timing

– Size

Traceroute



• Echo Request/Reply with a twist:

traceroute to falcon.ece.utexas.edu (128.83.196.10),

30 hops max, 40 byte packets

1 exit_133 (128.194.133.254) 2 ms 2 ms 2 ms

2 exit_128 (128.194.128.254) 2 ms 3 ms 2 ms

3 FDDI-T3.TAMU.EDU (128.194.1.13) 3 ms 3 ms 3 ms

4 FDDI-WAN.TAMU.EDU (165.91.128.17) 5 ms 4 ms 6 ms

5 sprint-gw-h1-0.the.net (129.117.16.161) 20 ms 5 ms 5 ms

6 ut8-h1-0.the.net (129.117.16.241) 8 ms 9 ms 21 ms

7 129.117.20.12 (129.117.20.12) 7 ms 11 ms 7 ms

8 ens.gw.utexas.edu (128.83.7.132) 16 ms 23 ms 21 ms

9 ece-e0.gw.utexas.edu (128.83.249.251) 12 ms 9 ms 9 ms

10 * * *

UDP

• Your basic datagram

• No acknowledgements, no reliability

• Why use it?

0 16 31



SOURCE PORT DESTINATION PORT



MESSAGE LENGTH CHECKSUM



DATA



...

Managing Connections



• Addressing

• Identifying duplicate TPDUs

• Three-way handshakes

• Flow control

• Crash recovery (largely ignored)

TCP



• Reliable, sequenced stream of bytes

• Virtual circuit

• Buffered transfer

• Unstructured

• Full Duplex

• Positive Acknowledgements w/

Retransmission

• Sliding Windows

TCP Features

• A protocol, not a package

• Ports (Well Known Ports)

• Out of Band, or URGENT, data

• Timeouts

– RTT Estimation (Karn‟s Algorithm)

• Congestion

– Slow-Start Methodolgy

• Limitations

TCP Header

0 4 10 16 24 31



SOURCE PORT DESTINATION PORT



SEQUENCE NUMBER



ACKNOWLEDGEMENT NUMBER



HLEN RESERVED CODE BITS WINDOW



CHECKSUM URGENT POINTER



OPTIONS (IF ANY) PADDING



DATA



...

TCP Connection Management



• Three Way Handshake

– SYN, SYN/ACK, ACK

• May be viewed as two Simplex connections

• Window management

– Advertising Zero Window Size

– Nagle‟s algorithm

– Silly Window Syndrome

Domain Name System



• A heirarchial, distributed database

• A service primarily aimed at mapping names

to IP addresses

• Partitioned for ease of administration

DNS Structure (partial)

.



gov

edu com









utexas tamu ibm









cs austin





mac1 solar mac1

DNS -- How it Works



• DNS Servers in a logical tree

• DNS clients on every host

• Iterative Queries

• Recursive Queries

TCP or UDP?



• Application developers have to pick a

Transport protocol



• TCP

– Simplicity

– Reliability

• UDP

– Network „Awareness‟

– Low Overhead





• FTP vs FSP

Management Protocols



• Information Gathering



• System Start up



• Address Management

Decent Books





• Network Management Standards 2d ed

– Uyless Black

• The Simple Book, 2d ed

– Marshall T. Rose

• Communication Networks Management, 2d ed

– Kornel Terplan

• Internetworking with TCP/IP, Vol I, 3d ed

– Douglas E. Comer

Network Management

Definition



"...deploying and coordinating resources in

order to plan, operate, administer, analyze, evaluate,

design and expand communication networks to

meet service-level objectives at all times, at a

reasonable cost, and with optimum capacity."

Network Management

Functional Areas



• Fault Management

detect -- diagnose -- repair

•Configuration/Name Mgmt

a database problem...

•Performance Mgmt

measure and predict

•Accounting Mgmt

look at individual usage

•Security Mgmt

access control and encryption

Management Information

Protocols



• SNMP - Simple Network Management

Protocol

– Internet

• CMIP - Common Management Information

Protocol

– ISO

• TMN - Telecommunications Management

Network

– ITU-T

Management Protocols

Philosophy



• SNMP - Simple Network Management

Protocol

– keep it simple! (cf the Internet toaster)

• CMIP - Common Management Information

Protocol

– the bazaar: whatever you want

• TMN - Telecommunications Management

Network

– actually a separate network specification

SNMP vs CMIP {round 1}



SNMP CMIP









Requirements from

various vendors and

user communities

ISO Management Overview

Fault Configuration Performance Security Accounting

Management Management Management Management Management







System Management Functions

Object Mgmt Alarm Mgmt Event Report Mgmt Workload Monitoring

State Mgmt Log Control Security Alarm Security Reporting

Measurement Summarization Bill Verification Billing

Resource Utilization Test Mgmt Relation Mgmt









CMISE Services

Initialize Event Report Terminate Action Create Abort

Set Get Delete Cancel Confirmed Event Report Confirmed Get

SNMP Architecture



• Keep the agent as simple as possible

• Support remote management operations to

the fullest extent possible

• Plan for future additions & expansion

• Be independent of specific hosts or devices

• Operate at the Application level

Internet Management Model





Managed

Agent

Entities



Network

Management



Proxy Managed

Agent Entities

SNMP



• Intersection of vendor/user requirements

• Few „verbs‟:

– get / get-next

– get-bulk {SNMPv2}

– set

– trap

• Polled, Master-Slave, Request-Response

SNMP Format



• []

• ASN.1 subset to describe value format

• MIB-II{Management Information Base} to

identify variables

• UDP as a Transport layer

• Now out! SNMPv2

The MIB



• Standard set of data for managing network

devices

• Variable names are part of the ISO/CCITT

object identifier namespace

• Provides globally unique identifiers

• Variables governed by Structure of

Management Information (SMI) specification

Accessing MIB Data



• SNMP Communities

• SNMP Views

• SNMP Authentication

Abstract Syntax Notation 1

(ASN.1)

• Data Structures

• Abstract Syntax

• Transfer Syntax

• International Standard 8825

• Notation used to encode, transfer and decode

data structures across a wide range of

applications

• Both connection-oriented and connectionless

primitives

Example SNMP PDU using

ASN.1

SEQUENCE len=41 INTEGER len=1 vers=0

30 29 02 01 00

string len=6 p u b l i c

04 06 70 75 62 6C 69 63

getreq. len=28 INTEGER len=4 -------request ID----------------

A0 1c 02 04 05 AE 56 02

INTEGER len=1 status INTEGER len=1 error index

02 01 00 02 01 00

SEQ. len=14 SEQ len=12 objectid len=8

30 0E 30 0C 06 08

1.3 6 1 2 1 1 1 0

2B 06 01 02 01 01 01 00

null len=0

05 00

SNMP vs SNMPv2



• History in Brief

• More features (more complex)

• BIG increase in security

– authentication and integrity

– access controls

– security and privacy

• Better access controls in Views

• Trap confirmations

• Knowledge of multiple managers

Enterprise Architecture



• SNMP is designed for simple, manager-to-

agent communications

• CMIP is complex and bulky, but complete

• Most Enterprise networks can‟t be managed

directly from a single place

Enterprise Management



CMIP

Separate

Managers

Organization









SNMP

Managers



Local

Networks

Start Up {traditional}



• RARP -- Finding basic identity

• BOOTP -- Locating a boot image

• TFTP -- Transferring files



• Problems

– Security

– Coordination

Address Management



• Every node has unique a configuration of

common software

• Administrator must set these values

(somehow)

• Every node needs an IP address (sometimes!)

• Duplicates are bad. 

• Dynamic Host Configuration Protocol ...

DHCP



• DHCP is a superset of BOOTP

– extended options

– address “leasing”: automatic, dynamic, manual

• Can simplify management PC environment

• See RFC 2131, 2132 (supersede older

versions)

• BOOTP vs DHCP

Management Tools



• Packet Analyzer

• Media Analyzers (TDR, OTDR, BER Tester)

• RMON devices

• Hosts (?)

Software Tools



• Hosted on PCs



• Hosted on Unix Workstations



• Commercial Packages

Decent Books





• Network Management Standards 2d ed

– Uyless Black

• The Simple Book, 2d ed

– Marshall T. Rose

• Communication Networks Management, 2d ed

– Kornel Terplan

• Internetworking with TCP/IP, Vol I, 3d ed

– Douglas E. Comer

Internet Applications



• Connectivity

– Web

– Mail

– Virtual Terminal

• Resource Sharing

– File Transfer

– File Sharing

» NFS

» SMB

– Printer Sharing

» lpd/lpr

» Novell, Microsoft

Application Protocols



• TELNET, etc.

• SMTP -- Email

• FTP -- File Transfer

• HTTP -- the Web

• SNMP -- Management

• NFS -- Network File Service

• SMB -- Server Message Block

• NNTP {News} and others

Virtual Terminals - TELNET



• Designed for scroll mode terminals



• Hit a key , 8-bit bytes are sent



• 95 ASCII and 7 control characters legal



• Many other programs put “on top” for

different options

Electronic Mail



• Pioneered by ARPANET



• RFC 822 (widely used)



• Simple Mail Transfer Protocol (SMTP)



• Supports only ASCII text



• name@domain addressing

File Transfer Protocol



• FTP recognizes four file types:

• 1. Image

– bit by bit transfer

• 2. ASCII

• 3. EBCDIC

• 4. Logical Byte files

– binary files which use byte size other than 8 bits

USENET--How to Avoid Life



• Internet compatible (now)



• Variety of newsgroups



• Moderated newsgroups



• NNTP, Network News Transfer Protocol,

allows selective downloading of messages

to multiple sites

The Web



• “the” killer application for the Internet

• Two components for popularity

– http combines multiple access (gopher, ftp, etc) methods

– hypertext interface supports point-and-click interface

• Who will organize the information?

– No one...

– Database experts

– Librarians (!)

Web Terminology

• Web Browsers

– Netscape

– Mosaic

• Web Servers

– http daemon

» httd.conf - main server config file

» srm.con - server resource config file

» access.conf - global access control file

• Home Page

– Eg., www.cs.tamu.edu

• HTML

– HyperText Markup Language

Protocols in Operation



• Learning by Doing

• Job Assistance:

– Debugging

– Programming

• Basis for Learning New Protocols

Layered Architectures

-Principles-





 Separation of Functions

 Clearly Defined Interfaces

 Peer to Peer Protocols

 Provide Services Up,

 Request Services Down

Layering

Message

Message



TRANSPORT







Pkts

Packets

Pkts

Packets



NETWORK



10010111001

10010111001

{Bits}

{Bits} LINK





PHYSICAL







{Signal}

Packet Formats

Application “Header” Data



Presentation “Header” Data



Stream Session Header (?) Data



Packets Transport Header Data



Network Header Data



Link Header Data



Framing Data

Protocols and Services

-a better model





n+1 n+1







n n







n-1 n-1

Packet Tracing --

Putting it all together



• Packet tracing: the actions of observing

packets as they appear on the media and

deriving the activities occuring on hosts; or,

knowing the top-level commands issued and

predicting the packets that will appear on the

media.

Motivations for Packet Tracing



• Understanding network protocols

• Debugging your network

• Debugging applications that work over the

network

Layer Protocols

DNS

Query DNS

Reply





SYN



SYN/ACK

Caller Callee

ACK

{TCP Establishment}



ARP

Request ARP

Reply

Examples - 1

• Assumptions:

Host A, IP Address 128.194.1.2

Host B, IP Address 128.194.1.3

netmask 255.255.255.0

ARP caches and bridge tables are empty

All hosts know DNS Server is 128.194.1.3



Trace command “DNS Query” initiated on Host A





A B



1

Answer - 1



Seg DAE SAE “type” SAIP DAIP



1 FF EA ARP Req 1.2 1.3

1 EA EB ARP Reply 1.3 1.2

1 EB EA DNS Q 1.2 1.3

1 EA EB DNS R 1.3 1.2

Examples - 2

• Assumptions:

Host A, IP Address 128.194.1.2

Host B, IP Address 128.194.1.3

Host C, IP Address 128.194.1.4

netmask 255.255.255.0

ARP caches and bridge tables are empty

All hosts know DNS Server is 128.194.1.3



Trace command “DNS Query” initiated on Host A

B

C A



2 1

Answer - 2



Seg DAE SAE “type” SAIP DAIP



1 FF EA ARP Req 1.2 1.3

2 FF EA ARP Req 1.2 1.3

1 EA EB ARP Reply 1.3 1.2

1 EB EA DNS Q 1.2 1.3

1 EA EB DNS R 1.3 1.2

Examples - 3

• Assumptions:

Host A, IP Address 128.194.1.2

Host B, IP Address 128.194.1.3

netmask 255.255.255.0

ARP caches and bridge tables are empty

All hosts know DNS Server is 128.194.1.3



Trace command “telnet 128.194.1.3” initiated on Host A





A B



1

Answer - 3



Seg DAE SAE “type” SAIP DAIP



1 FF EA ARP Req 1.2 1.3

1 EA EB ARP Reply 1.3 1.2

1 EB EA TCP SYN 1.2 1.3

1 EA EB SYN/ACK 1.3 1.2

1 EB EA TCP ACK 1.2 1.3

Examples - 4

• Assumptions:

Host A, IP Address 128.194.1.2

Host B, IP Address 128.194.1.3

netmask 255.255.255.0

ARP caches and bridge tables are empty

All hosts know DNS Server is 128.194.1.3



Trace command “telnet B” initiated on Host A





A B



1

Answer - 4



Seg DAE SAE “type” SAIP DAIP



1 FF EA ARP Req 1.2 1.3

1 EA EB ARP Reply 1.3 1.2

1 EB EA DNS Q 1.2 1.3

1 EA EB DNS R 1.3 1.2

1 EB EA TCP SYN 1.2 1.3

1 EA EB SYN/ACK 1.3 1.2

1 EB EA TCP ACK 1.2 1.3

Examples - 5

• Assumptions:

Host A, IP Address 128.194.1.1

3

Host B, IP Address 128.194.2.2

Host X, IP Address 128.194.1.254 on segment 1 2 2

Host X, IP Address 128.194.2.254 on segment 2 1 1

netmask 255.255.255.0

ARP caches and bridge tables are empty

All hosts know DNS Server is 128.194.1.3



Trace command “telnet 128.194.2.2” initiated on Host A



X

A B



1 2

Examples - 5 cont.



Routing table on A:

Net Mask Router

0.0.0.0 0.0.0.0 128.194.1.254

Routing table on B:

Net Mask Router

0.0.0.0 0.0.0.0 128.194.2.254





Routing table on X:

Net Mask Router

Answer - 5

Seg DAE SAE “type” SAIP DAIP



1 FF EA ARP Req 1.1 1.254

1 EA EX1 ARP Reply 1.254 1.1

1 EX1 EA TCP SYN 1.1 2.2

2 FF EX2 ARP Req 2.254 2.2

2 EX2 EB ARP Reply 2.2 2.254

2 EB EX2 TCP SYN 1.1 2.2

2 EX2 EB SYN/ACK 2.2 1.1

1 EA EX1 SYN/ACK 2.2 1.1

1 EX1 EA TCP ACK 1.1 2.2

2 EB EX2 TCP ACK 1.1 2.2

Problem A -1

Use the data and diagram to show the packets resulting from the command "telnet B" being

executed on host C. Assumptions: The diagram consists of 8 numbered ethernet segments,

5 bridges (unlabeled rectangles), two routers (X, Y) and hosts A, B, C. ARP caches are

empty. Tables on bridges are empty. Routing entries are as shown below. Host A is the

DNS nameserver and its IP address is known to all machines.

Netmask for 128.194 is 255.255.255.0.



A- 128.194.15.1, ethernet e1

B- 128.194.99.2, ethernet e2

C- 128.194.12.3, ethernet e3







X- seg 7:128.194.15.100, ethernet e5

seg 3:128.194.12.100, ethernet e6

Y- seg 8:128.194.99.101, ethernet e7

seg 4:128.194.12.101, ethernet e8

Problem A - 2

Problem A - 3



Host Network Netmask Router

A: 0.0.0.0 0.0.0.0 128.194.15.100



B: 128.194.12.0 255.255.255.0 128.194.99.101



128.194.15.0 255.255.255.0 128.194.99.101

C: 128.194.15.0 255.255.255.0 128.194.12.100



0.0.0.0 0.0.0.0 128.194.12.101

X: 128.194.99.0 255.255.255.0 128.194.12.101



0.0.0.0 0.0.0.0 128.194.12.101

Y: 128.194.15.0 255.255.255.0 128.194.12.100



0.0.0.0 0.0.0.0 128.194.12.100

Decode Example - 1



33 cfl02 -> h-207-200-71-52.netscape.com TCP D=80 S=1977 Syn Seq=1011631 Len=0 Win=0





0: 0000 ef03 efb0 00a0 2435 5343 0800 4500 ........$5SC..E.



16: 002c 6f03 0000 3c06 f2c2 80c2 8547 cfc8 .,o... cfl02 TCP D=1977 S=80 Syn Ack=1011632

Seq=1144453529 Len=0 Win=49152



0: 00a0 2435 5343 0000 ef03 efb0 0800 4500 ..$5SC........E.



16: 002c 914c 4000 3206 9a79 cfc8 4734 80c2 .,.L@.2..y..G4..



32: 8547 0050 07b9 4436 f999 000f 6fb0 6012 .G.P..D6ù...o.`.



48: c000 0577 0000 0204 05b4 15f8 ...w.......ø

Decode Example - 3



37 cfl02 -> h-207-200-71-52.netscape.com TCP D=80 S=1977 Ack=1144453530 Seq=1011632

Len=0 Win=2880



0: 0000 ef03 efb0 00a0 2435 5343 0800 4500 ........$5SC..E.



16: 0028 6f04 0000 3c06 f2c5 80c2 8547 cfc8 .(o... h-207-200-71-52.netscape.com TCP D=80 S=1977 Ack=1144453530 Seq=1011632 Len=374 Win=2880



0: 0000 ef03 efb0 00a0 2435 5343 0800 4500 ........$5SC..E.

16: 019e 6f08 0000 3c06 f14b 80c2 8547 cfc8 ..o... cfl02 TCP D=1977 S=80 Ack=1012006 Seq=1144453530 Len=280 Win=49152





0: 00a0 2435 5343 0000 ef03 efb0 0800 4500 ..$5SC........E.

16: 0140 92eb 4000 3206 97c6 cfc8 4734 80c2 .@..@.2.....G4..

32: 8547 0050 07b9 4436 f99a 000f 7126 5018 .G.P..D6ù...q&P.

48: c000 3e23 0000 4854 5450 2f31 2e31 2032 ..>#..HTTP/1.1 2

64: 3030 204f 4b0d 0a53 6572 7665 723a 204e 00 OK..Server: N

80: 6574 7363 6170 652d 456e 7465 7270 7269 etscape-Enterpri

96: 7365 2f33 2e30 0d0a 4461 7465 3a20 5375 se/3.0..Date: Su

112: 6e2c 2032 3420 4175 6720 3139 3937 2030 n, 24 Aug 1997 0

128: 383a 3135 3a33 3820 474d 540d 0a43 6f6e 8:15:38 GMT..Con

144: 7465 6e74 2d74 7970 653a 2069 6d61 6765 tent-type: image

160: 2f67 6966 0d0a 4c61 7374 2d6d 6f64 6966 /gif..Last-modif

176: 6965 643a 2054 7565 2c20 3135 2041 7072 ied: Tue, 15 Apr

192: 2031 3939 3720 3233 3a34 303a 3136 2047 1997 23:40:16 G

208: 4d54 0d0a 436f 6e74 656e 742d 6c65 6e67 MT..Content-leng

224: 7468 3a20 3534 0d0a 4163 6365 7074 2d72 th: 54..Accept-r

240: 616e 6765 733a 2062 7974 6573 0d0a 436f anges: bytes..Co

256: 6e6e 6563 7469 6f6e 3a20 6b65 6570 2d61 nnection: keep-a

272: 6c69 7665 0d0a 0d0a 4749 4638 3961 0b00 live....GIF89a..

288: 1400 9100 00ff ffff 6699 9900 0000 0000 ........f.......

304: 002c 0000 0000 0b00 1400 0002 0f8c 8f01 .,..............

320: cbed 0fa3 9cb4 da8b b3de 9c17 003b .............;

Decode Example - 6



59 cfl02 -> h-207-200-71-52.netscape.com TCP D=80 S=1977 Ack=1144453810 Seq=1012006

Len=0 Win=2880



0: 0000 ef03 efb0 00a0 2435 5343 0800 4500 ........$5SC..E.



16: 0028 6f09 0000 3c06 f2c0 80c2 8547 cfc8 .(o... cfl02 TCP D=1977 S=80 Fin Ack=1012006

Seq=1144453810 Len=0 Win=49152



0: 00a0 2435 5343 0000 ef03 efb0 0800 4500 ..$5SC........E.



16: 0028 92ec 4000 3206 98dd cfc8 4734 80c2 .(..@.2.....G4..



32: 8547 0050 07b9 4436 fab2 000f 7126 5011 .G.P..D6ú...q&P.



48: c000 1aa5 0000 6915 9192 0000 ......i.....

Decode Example - 8



61 cfl02 -> h-207-200-71-52.netscape.com TCP D=80 S=1977 Ack=1144453811 Seq=1012006

Len=0 Win=2880



0: 0000 ef03 efb0 00a0 2435 5343 0800 4500 ........$5SC..E.



16: 0028 6f0a 0000 3c06 f2bf 80c2 8547 cfc8 .(o... BGP -> BGP4

» TREE --> MESH

Routers - Non-Directly Attached

Networks

• If the destination network is not directly attached to the router, the router will forward

the packet to another router in the forwarding path of the destination network.

• Router-to-router communication is directly MAC addressed.



• Will all routers in the path perform the same decisions as the previous router?



• The last router in the path to the destination will forward the packet directly to the

destination.



• Important to note that the data link MAC headers will constantly change while the

packet is being forwarded.

– Very little information in the network header will change.

» The network layer header in the packet will contain the originator‟s full address

and final destination address of the packet.

» The full address of a network station is the combination of the network ID and

its MAC address.

• This uniquely identifies any station on the internet.

Multiprotocol Routers

• LANs currently operate with many different types of protocols.

– Apple Computers can use AppleTalk.

– UNIX workstations use TCP/IP.

– Client/Server applications could use Novell NetWare.



• To require one router for each protocol on the LAN is not efficient.



• Multiprotocol routers were invented to handle this.

– Arrived around 1986.

– Routes not only based on the network IDs but are able to pass the

packet to the correct protocol processor by examining the Type of

packet.

Multiprotocol Routers - A Block

Diagram

Bridge Router

Forward on

MAC address Route on

network IDs









Combine both

into one

box

Can packet be routed

Incoming packet based on protocol type? Bridged or routed packet





Bridge packet if not

Routing Diagram



Network 4

G

Router X

H

F



E Network 3

Router Y



D







Network 2



C

MAC addresses Router Z



B





Network 1

A

Routing Information Protocol

(RIP)

• Known as a routing table update protocol



• Developed by Xerox and gained widespread acceptance by the proliferation

of TCP/IP‟s implementation of it in UNIX.



• Other protocols (AppleTalk, NetWare) adopted RIP as their standard routing

update protocol.



• Known as a distance vector protocol.

– Vector is an adjacent router and the distance is how far away (hops) the

network is.

– One hop is considered one router traversed.



• Devised for relatively stable, small-to-medium size networks (less than 16

routers in diameter) .

Calculating the Cost

Network 4

Internal routing

table Network Hops

3 1

Router C

4 1

2 2

1 3



Network 3



Router B Transmitted Network Hops

routing 2 1

table

3 1

1 2





Network 2

Transmitted

routing

Network Hops table

1 1

2 1 Router A



3 2









Network 1

Border Gateway Protocol (BGP)



• Autonomous Systems

– stub, multi-homed, transit

• Path Advertisement instead of Reachability

• Route Aggregation!!!

Upcoming Issues



• IPv6



• Quality of Service



• Internet 2 / vBNS / NGI

IP v 6



• Solution for:

– running out of addresses (128 vs 32 bits)

– security support

– mobile systems

• Transition Planning

– Incremental -- No “flag” day

– Experiments under way

– Dual stacks; smart routers

Quality of Service



• QoS: A delivery contract

• Kinds of traffic desciptors

• Why bother?

• How is it done?

– Using ATM vs using IP

RSVP

• Resource Reservation Protocol

• Provides QoS (Quality of Service) guarantees

• Operates in simplex

 each direction has separate reservation

 maps well to ATM (two individual VCCs)

• Built on IP, but no data transport built-in

• Only if resources available and does not conflict with policy

• Flowspec (bandwidth and delay) and filterspec (type of

packets) transmitted downstream

 hop by hop

The “Next” Internet



• www.internet2.edu

• Exploiting higher speeds

• Application centric

Other Issues



• Standards -- IENs, RFCs



• The “Information Superhighway” ?



• TCP/IP and International Standards



• Telephone Companies