This document provides an overview of the TCP/IP model created by the Department of Defense (DoD) and compares it to the OSI reference model. The DoD model consists of four layers - Process/Application, Host-to-Host, Internet, and Network Access - which correspond to a condensed version of the seven-layer OSI model. The document describes the functions of each layer and some of the key protocols that operate at each layer, such as TCP, IP, ARP, and Ethernet. It also covers topics like IP addressing, private vs public addresses, broadcast vs unicast traffic, and network access technologies.
2. 2
Overview
The Transmission Control Protocol/Internet Protocol
(TCP/IP) suite was created by the Department of
Defense (DoD) to ensure and preserve data
integrity, as well as maintain communications in the
event of catastrophic war.
So it follows that if designed and implemented
correctly, a TCP/IP network can be a truly
dependable and resilient one.
We’ll begin by taking a look at the DoD’s version of
TCP/IP and then compare this version and its
protocols with the OSI reference model.
3. 3
The DoD model is basically a condensed
version of the OSI model—it’s composed of
four, instead of seven, layers:
4. 4
Layers Function
The Process/Application layer defines protocols for node-to-node
application communication and also controls user-interface
specifications.
The Host-to-Host layer parallels the functions of the OSI’s
Transport layer, defining protocols for setting up the level of
transmission service for applications.
The Internet layer corresponds to the OSI’s Network layer,
designating the protocols relating to the logical transmission of
packets over the entire network.
The equivalent of the Data Link and Physical layers of the OSI
model, the Network Access layer oversees hardware addressing
and defines protocols for the physical transmission of data.
6. 6
What is a protocol?
A set of rules or standards that control data
transmission and other interactions between
networks, computers, peripheral devices, and
operating systems.
The same protocol must be used on the
sending and receiving devices. It is possible
for two devices that use different protocols to
communicate with each other, but a gateway
is needed in between.
7. 7
The Process/Application Layer
Protocols
Telnet - allows a user on a remote client machine, called the Telnet client, to
access the resources of another machine, the Telnet server. Telnet makes client
machine appear as though it were a terminal directly attached to the server.
File Transfer Protocol (FTP) - is the protocol that actually lets us transfer files,
and it can accomplish this between any two machines using it.
Usually users are subjected to authentication
Network File System (NFS) - a protocol specializing in file sharing allowing two
different types of file systems to interoperate.
Simple Mail Transfer Protocol (SMTP) - uses a spooled, or queued, method of
mail delivery.
POP3 is used to receive mail.
Simple Network Management Protocol (SNMP) - collects and manipulates
valuable network information. This protocol stands as a watchdog over the
network, quickly notifying managers of any sudden turn of events.
Domain Name Service (DNS) - resolves hostnames—specifically, Internet
names, such as www.aau.edu.et to the IP address 10.6.10.3
Dynamic Host Configuration Protocol (DHCP) - gives IP addresses to hosts. It
allows easier administration and works well in small-to-even-very-large network
environments.
8. 8
The Host-to-Host Layer Protocols
Transmission Control Protocol (TCP) - takes large blocks of
information from an application and breaks them into segments.
It numbers and sequences each segment so that the
destination’s TCP protocol can put the segments back into the
order the application intended.
Uses three way handshaking
User Datagram Protocol (UDP) - does not sequence the
segments and does not care in which order the segments arrive
at the destination. But after that, UDP sends the segments off
and forgets about them. It doesn’t follow through, check up on
them, or even allow for an acknowledgment of safe arrival—
complete abandonment.
TCP for reliability and UDP for faster transfers.
9. 9
Port Numbers
TCP and UDP must use port numbers to communicate with the
upper layers, because they’re what keeps track of different
conversations crossing the network simultaneously.
These port numbers identify the source and destination
application or process in the TCP segment.
There are 2^16 = 65536 ports available.
Well-known ports - The port numbers range from 0 to 1023.
Registered ports - The port numbers range from 1024 to 49151.
Registered ports are used by applications or services that need to
have consistent port assignments.
Dynamic or private ports - The port numbers range from 49152 to
65535. These ports are not assigned to any protocol or service in
particular and can be used for any service or application.
If a port is closed/blocked, you cannot communicate with the
computer by the protocol using that port.
Eg. If port 25 is blocked you cannot send mail.
Firewalls by default block all ports.
You should know the port numbers of different protocols!!
10. 10
Port numbers for TCP and UDP
TCP Ports UDP Ports
Telnet 23 SNMP 161
SMTP 25 TFTP 69
HTTP 80 DNS 53
FTP 21 POP3 110
DNS 53
HTTPS 443
SSH 22
11. 11
The Internet Layer Protocols
Internet Protocol (IP) essentially is the Internet layer. The other protocols
found here merely exist to support it.
It can do this because all the machines on the network have a software, or logical,
address called an IP address.
Internet Control Message Protocol (ICMP) works at the Network layer and is
used by IP for many different services. ICMP is a management protocol and
messaging service provider for IP.
The following are some common events and messages that ICMP relates to:
Destination Unreachable If a router can’t send an IP datagram any further, it
uses ICMP to send a message back to the sender, advising it of the situation.
Buffer Full If a router’s memory buffer for receiving incoming datagrams is full, it
will use ICMP to send out this message until the congestion abates.
Hops Each IP datagram is allotted a certain number of routers, called hops, to
pass through. If it reaches its limit of hops before arriving at its destination, the last
router to receive that datagram deletes it. The executioner router then uses ICMP
to send an obituary message, informing the sending machine of the demise of its
datagram.
Ping (Packet Internet Groper) uses ICMP echo messages to check the physical
and logical connectivity of machines on a network.
Traceroute Using ICMP timeouts, Traceroute is used to discover the path a
packet takes as it traverses an internetwork.
12. 12
Address Resolution Protocol (ARP) finds the
hardware address of a host from a known IP
address.
ARP interrogates the local network by sending out a
broadcast asking the machine with the specified IP address
to reply with its hardware address.
Reverse Address Resolution Protocol (RARP)
discovers the identity of the IP address for diskless
machines by sending out a packet that includes its
MAC address and a request for the IP address
assigned to that MAC address.
A designated machine, called a RARP server, responds
with the answer, and the identity crisis is over.
14. 14
IP Addressing
One of the most important topics in any
discussion of TCP/IP is IP addressing.
An IP address is a numeric identifier
assigned to each machine on an IP network.
An IP address is a software address, not a
hardware address
IP addressing was designed to allow a host
on one network to communicate with a host
on a different network, regardless of the type
of LANs the hosts are participating in.
15. 15
IP Terminology
Bit A bit is one digit, either a 1 or a 0.
Byte A byte is 8 bits,
Octet An octet, made up of 8 bits, is just an ordinary 8-bit binary
number.
Network address This is the designation used in routing to send
packets to a remote network— for example, 10.0.0.0, 172.16.0.0,
and 192.168.10.0.
Broadcast address The address used by applications and hosts
to send information to all nodes on a network is called the
broadcast address. Examples include 255.255.255.255, which is
all networks, all nodes; 172.16.255.255, which is all subnets and
hosts on network 172.16.0.0; and 10.255.255.255, which
broadcasts to all subnets and hosts on network 10.0.0.0.
16. 16
The Hierarchical IP Addressing
Scheme
An IP address consists of 32 bits of information.
These bits are divided into four sections, referred to
as octets or bytes, each containing 1 byte (8 bits).
You can depict an IP address using one of three
methods:
Dotted-decimal, as in 172.16.30.56
Binary, as in 10101100.00010000.00011110.00111000
Hexadecimal, as in AC.10.1E.38
All these examples represent the same IP address.
17. 17
The advantage of this scheme is that it can handle a
large number of addresses, namely 4.3 billion (a 32-
bit address space with two possible values for each
position—either 0 or 1—gives you 232, or
4,294,967,296).
The disadvantage of the flat addressing scheme,
and the reason it’s not used for IP addressing,
relates to routing. If every address were unique, all
routers on the Internet would need to store the
address of each and every machine.
This two- or three-level scheme is comparable to a
telephone number. The first section, the area code,
designates a very large area. The second section,
the prefix, narrows the scope to a local calling area.
The final segment, the customer number, zooms in
on the specific connection.
18. 18
IPv4 vs IPv6
An IPv4 address (which we just call an IP address
from now on) is comprised of four sets of 8 bits, or
octets.
sooner or later we will be moved to IPv6 as IPv4 is
nearly depleted
IPv6 offers more addresses than could possibly be
used in the foreseeable future.
IPv6 uses a 128-bit address (2128 possible
addresses!!!)
IPv6 address is composed of eight octet pairs in
hexadecimal, separated by colons.
42DE:7E55:63F2:21AA:CBD4:D773:CC21:554F
19. 19
Network Addressing
The network address (which can also be called the network
number) uniquely identifies each network.
Every machine on the same network shares that network
address as part of its IP address. In the IP address 172.16.30.56,
for example, 172.16 is the network address.
The node address is assigned to, and uniquely identifies, each
machine on a network. This part of the address must be unique
because it identifies a particular machine.
This number can also be referred to as a host address. In the
sample IP address 172.16.30.56, the 30.56 is the node address.
The designers of the Internet decided to create classes of
networks based on network size. For the small number of
networks possessing a very large number of nodes, they created
the rank Class A network. At the other extreme is the Class C
network, which is reserved for the numerous networks with a
small number of nodes. The class distinction for networks
between very large and very small is predictably called the Class
B network.
21. 21
Network Address Range: Class A
The first bit of the first byte in a Class A
network address must always be off, or 0.
This means a Class A address must be
between 0 and 127, inclusive.
00000000 = 0
01111111 = 127
22. 22
Network Address Range: Class B
In a Class B network, the first bit of the first
byte must always be turned on, but the
second bit must always be turned off.
If you turn the other 6 bits all off and then all
on, you will find the range for a Class B
network:
10000000 = 128
10111111 = 191
23. 23
Network Address Range: Class C
For Class C networks, the first 2 bits of the first octet
as always turned on, but the third bit can never be
on. Following the same process as the previous
classes, convert from binary to decimal to find the
range.
Here’s the range for a Class C network:
11000000 = 192
11011111 = 223
The addresses between 224 and 255 are reserved
for Class D and E networks. Class D (224–239) is
used for multicast addresses and Class E (240–255)
for scientific purposes.
25. 25
Private IP Addresses
These addresses can be used on a private network,
but they’re not routable through the Internet.
This is designed for the purpose of creating a
measure of well-needed security, but it also
conveniently saves valuable IP address space.
If every host on every network had to have real
routable IP addresses, we would have run out of IP
addresses to hand out years ago. But by using
private IP addresses, ISPs, corporations, and home
users only need a relatively tiny group of bona fide
IP addresses to connect their networks to the
Internet.
26. 26
Reserved IP Addresses
So, what private IP address should I use?
•When you’re setting up a corporate network—regardless of how small it is—
you should use a Class A network address because it gives you the most
flexibility and growth options.
•But if you’re setting up a home network, you’d opt for a Class C address
because it is the easiest for people to understand and configure.
28. 28
Broadcast Addresses
Layer 2 broadcasts These are sent to all nodes on
a LAN.
they usually don’t go past the LAN boundary (router)
also known as hardware broadcasts
Broadcasts (layer 3) These are sent to all nodes
on the network.
reach all hosts on a broadcast domain.
have all host bits on
can also be “all networks and all hosts,” as indicated by
255.255.255.255
good example of a broadcast message is an Address
Resolution Protocol (ARP) request.
29. 29
Unicast - These are sent to a single
destination host.
a DHCP client request is a good example of a
unicast
Multicast - These are packets sent from a
single source, and transmitted to many
devices on different networks.
allow point-to-multipoint communication
enables multiple recipients to receive messages
without flooding the messages to all hosts on a
broadcast domain
Routers forward copies of the packet broadcast
out every interface that has hosts subscribed to
that group address.
30. 30
The Network Access Protocols
Ethernet
Uses CSMA/CD and CSMA/CA
Token Ring
Uses Token passing
FDDI
Uses double ring logical topology
Review Lecture 4 - Networking Technologies.