EE5412 TCP/IP

[note/notew/TCPIP/Inpernet0.doc]

[Computer Network and Internets; Dougles E Comer] [Ch14,15,18,19]

The Internet Protocol ( IP )

The IP provides for the transmission of datagrams between systems over a collection of networks. It allows for fragmentation and reassembly of the data-grams at the gateways. Different networks may require different packet sizes.

IP Header - Format of internet datagram header

Header length - Header length depends on the length of option field. This field indicates where the data starts.

ID/flag/offset - These fields enable a gateway to split up the datagram into smaller segments. The ID field ensures that the receiver can piece together the fragments from the correct datagram. Fragments from datagrams may arrive in any order. The offset tells how far down the datagram this fragment is. The flags can be used to mark the datagram as non-fragment.

Time to Live - Counter limiting the lifetime of a data-gram. Each time it passes through a gateway, the count is decremented by one. If it reach zero, the gateway does not forward it. This prevents permanently circulating data-grams.

Protocol - indicates which protocol it carries

Checksum - for the header only

Address - Each IP address is structured into a Network Number and a local address.

Options - Last part of the header containing variable number of optional fields which is used for security and network management.

Padding - used to align the header.

There is no facility for error reporting in IP. An extra protocol ICMP ( Internet control message protocol) is used to report errors without trying to recover from error. It is used to help gateways.
eg. ICMP messages - Time exceeded - datagram lifetime expire
Destination Unreachable - gateway or network failure

IP Addressing
Each host assigns a unique address - a unique 32-bit binary number

IP address hierarchy-
A prefix to identify a physical network
A suffix to identify individual connection to the network

Authority for addresses

Internet Service Provider (ISP) coordinate with a central organization, the Internet Assigned Number Authority to ensure that each network prefix is unique throughout the entire Internet.

Classes of IP Address –
Five classes of IP addressing –
Class A – large network 0 + 7 bits network ID
Class B – medium network 10 + 13 bits network ID
Class C – small network 110 + 21 bits network ID



Address Space
Class A address can range from 0 to 127,
Class B address range is from 128 to 191,
Class C address range from 192 to 223.


Dotted Decimal Notation
32 bits ; four octets Each octet is converted to its decimal equivalent.

10000100.0110000.00000011.00000111  132.96.3.7

Special IP Address – reserved address


1. Network Address
IP reserves host address zero and uses it to denote a network.
Thus address 128.211.0.0 denotes the network that has been assigned the class B prefix 128.211.

2. Direct Broadcast Address – IP reserve the host address that contains all 1 as broadcast address.

3. This Computer Address – When a computer start up, it does not know its IP and cannot use the correct IP to communicate. The start up protocol use a reserved IP [all zero] to communicate.

4. Loopback Address – network testing applications
Data travels down the protocol stack to the IP software, which forwards it back up through the protocol stack. IP reserves the class A network 127 for use with loopback. The host address is irrelevant. Programmer use host number 1, making 127.0.0.1 the popular loop back address.

Router and the IP
Connection to multiple physical networks.
Each IP prefix  a physical network.
One IP for each connection.

IP Datagram Forwarding
Performed by routers
Table driven; entry specified next hop
Next hop is router or destination

……………………………………..……………………… ……. …………………………………..

Routing table size
Number of entries in a routing table is proportional to the number of networks in an internet.
Default route corresponds to all destinations not explicitly listed => keeps routing table sizes small.

Note:
The destination address in a datagram header always refers to the ultimate destination. When a router forwards the datagram to another router, the address of the next hop does not appear in the datagram header.

Once the next hop address has been found, IP software transfers the packet across one physical network to the selected host or router.

This is done by encapsulating the datagram in a physical frame and sends the resulting frame directly to the destination.

IP address cannot be used when transmitting frames across physical network because the interface hardware does not understand IP address. Hardware only recognizes physical hardware address.


ARP – Address Resolution –
Mapping IP address to physical address [MAC address] before message can be send across a physical network.
ARP maintains a table of MAC addresses and their corresponding IP address.

Address Resolution Techniques
Table lookup;
Closed-form computation
Message exchange – network with server dedicated for address resolution function

ARP Look-up

Look for IP address in ARP table.
If not found, broadcast “ARP REQUEST” message.
Receive reply with hardware address.
Add entry to table






Address Resolution Protocol

ARP defines two basic message types – “request” and “response”
Request message contains an IP address and requests the corresponding hardware address.

Reply message contains an IP address and the hardware address.
ARP request message should be placed in hardware frame and broadcast out. The requested computer should response. Other computer discards the request. The response is placed in frame and sent directly back. ..




ARP Message Format

Although the ARP message is sufficiently general to allow arbitrary protocol and hardware addresses, ARP is almost always used to bind a 32-bit IP address to a 48-bit ethernet address.

Sending an ARP Message [fig 15.7]
The ARP message is encapsulated in a hardware frame
Identifying ARP Frames – type field in an Ethernet frame = 0x806

Caching ARP Responses –

Although message exchange can be used to bind addresses, sending a request for each binding is inefficient. When computer W has a packet to deliver to computer Y, W first broadcasts an ARP request to find out Y’s hardware address. After Y sends a reply, W can deliver the original packet to Y. W is likely to repeat the process many times.

To reduce the network traffic, ARP maintains a small table of bindings in memory. Whenever ARP performs address binding, it searches the cache before using the network.

Because ARP software is part of the network interface software, all higher layer protocols and applications can use IP addresses exclusively and completely unaware of hardware address.

Datagram Fragmentation

Different network with different packet size limitation
Large packet from one network may have to be segmented into smaller packets before sending to the next network.
Packets reassembled in destination.



ICMP – Internet Control Message Protocol
IP is assisted by ICPM and ARP. IP is connectionless and has no way to send error and status message back to the sender. It relies upon ICMP to do these tasks. ICMP sends error and status message back to the sending host and also handles routing and flow control.

Eg. A request through ICMP for information about another IP address is called a PING (Packet Internet Groper). The response with the requested information is called a PONG. UDP command FINGER asks the remote host what users are logged on

Five error messages and four informational messages

Error Message
1. Source Quench – When a router gets too busy, it sends a source quench message to the host that created the message. The host is required to reduce the rate of transmitting.
2. Time Exceeded – Whenever a router reduces the “time to live” to zero, it discard the datagram and send a time exceeded message. [eg. time to reassemble a message; time stay in network]
3. Destination Unreachable
4. Redirect – router receive a datagram that should be send to different router;
The router use the redirect message to cause the host to change its route.
5. Fragmentation Required – packet with bit set for fragmentation not allowed. However, the datagram size is larger than that allowed in the subsequent network.

Informational messages:
1. Echo Request/Reply
2. Address Mask Request/Reply – computer boot up and request address mask. Router response with the mask.


Using ICMP Messages to test Reachability

Ping use ICMP echo messages. Ping sends a datagram that contains an ICMP echo request message to the destination which sends an ICMP echo reply message. After sending the request, ping waits a shot time for the reply. If no reply arrives, ping retransmits the request twice. If no reply arrives for the retransmission, ping declares that the remote machine is not reachable.


Using ICMP to trace a route

TIME TO LIVE field in a datagram header is used to recover from routing error. If a counter reaches zero, the router discards the datagram and sends an ICMP time exceeded error back to the source.

A tool named TRACEROUTE use ICMP time exceeded messages to find a list of all routers along a path to a given destination. TRACEROUTE sends a series of datagrams and waits for a response to each.

TRACEROUTE send the TIME TO LIVE value in the first datagram to 1 before sending the datagram. The first router that receives the datagram decrements the time to live, discards the datagram, and sends back an ICMP time exceeded message.

Because the ICMP message travels in an IP datagram, TRACEROUTE can extract the IP source address and announce the address of the first router along the path to the destination.

After it discovers the address of the first router, TRACEROUTE repeats the process with TIME TO LIVE sets to 2. The first router decrement the counter to 1 and forward the datagram. The second counter will decrement the counter to zero, discard the packet and sends band an error message.

Transport Layer Protocols [TCP and UDP]

TCP
At the sending host TCP segments the data into smaller datagrams and adds consecutive sequence numbers. At the receiving host TCP reassembles the datagrams into their proper order. On receiving datagrams, IP passes the datagram to next layer TCP or UDP.

TCP is a connection oriented protocol, meaning that TCP will set up, maintain and tear down a connection. TCP keeps track of the status and state of data passing through it. TCP ensures reliable end to end data transmission. TCP can also multiplex data from different applications and is full duplex.

UDP
UDP is connectionless transport level protocol for applications in layer above. UDP does not do any end to end error checking but uses a checksum in the UDP header.
UDP is used for small data transfers where an error is not a serious problem. It is faster and cheaper.
Eg. RIP, Routing Information Protocol and DNS, Domain Name Service use UDP.

TCP – Transmission Control Protocol

TCP provides a completely reliable, connection-oriented, full-duplex stream transport service.

Services –
1. Connection Orientation
2. Point-TO-Point Communication
3. Complete reliability
4. Full duplex
5. Stream interface – does not guarantee that data will be delivered in the same size piece.
6. Reliable connection Startup – duplicated packet from previous connection will not appear.
7. Graceful Connection Shutdown – guarantees to deliver all data reliably before closing the connection.


End to End Service
TCP is called an end-to-end protocol providing connection directly from application on one computer to another application on a remote computer.

TCP provide virtual connections and rely on IP to carry messages. Each TCP message is encapsulated in an IP datagram and sent across the internet.

Packet loss and retransmission
TCP use timer, Ack and retransmission for reliable data transfer.

Adaptive Retransmission
To avoid excessive retransmission delay
To support various networks with different delay requirements
TCP monitors current delay on each connection and estimate round-trip delay for each active connection by measuring the time needed to receive a response.

TCP generates a sequence of round-trip estimates and uses a statistical function to produce a weighted average.

In addition to a weighted average, TCP keeps an estimated of the variance, and use a linear combination of the estimated mean and variance as a value for retransmission.

TCP adaptive retransmission works well.
Variance helps TCP react quickly when delay increases following a burst of packets.

Weighted average helps TCP reset the retransmission timer if the delay returns to a lower value after a temporary burst.

When delay remains constant, TCP adjusts the retransmission timeout to a value that is slightly longer than the mean round-trip delay.

When delays start to vary, TCP adjusts the retransmission timeout to a value greater than the mean to accommodate peaks.

The goal is to wait long enough to determine that a packet was lost without waiting longer than necessary.

////////

Three Way Handshake


Delayed packets from previous connection arrive and appear to be valid packets on new connection.

To guarantee that connections are established or terminated reliably,
TCP use Synchronization segment (SYN segment) to create a connection and Finish segment (FIN) to close a connection.

Ack sent in each direction are used to guarantee that all data has arrived before the connection is terminated.
TCP retransmits lost SYN or FIN segments. TCP will not open or close a connection until both ends have interacted.

//////

Congestion Control

Congestion => packet-lost => retransmission. Retransmission => increase in input => more congestion
=> more loss.
To avoid the problem TCP use packet loss as a measure of congestion and responds by reducing the rate it transmit.

Whenever a message is lost, TCP begin congestion control. Instead of re-transmitting enough data to fill the window, TCP begins by sending a single packet. If the Ack arrives without additional loss, TCP doubles the amount of data being sent and sends two additional packets.

If Ack arrives for these two, then TCP sends four more and so on. The increase continues until TCP is sending half of the receiver’s advertised window, at which TCP slow down the rate of increase.

By backing off quickly, TCP is able to alleviate congestion and help to avoid congestion collapse.

TCP Segment Format

TCP uses single format for all messages including data, Ack and message to create or terminate a connection.


Troubleshooting [relating Logical topology and the physical network]

Packet management and troubleshooting worked at the lower levels of the protocol stack, Physical, Data Link and Network levels.

An IP network may have many Physical networks using many different types of packet switches interconnected by IP gateways.

The IP gateways are what network managers must control. The IP network management must run at the Application level because of the many possible protocols and types of systems within an IP network.

The management and troubleshooting software must be written without regard to the hardware in the IP network. The same protocol must be able to be used for all gateways. However if the problems are at levels beneath the management and troubleshooting software’s level, the problem cannot be fixed by the IP administrator.

For instance the IP troubleshooter cannot fix a failing operating system or a corrupted routing tale or a system needing to be re-booted. The network people must fix these types of problems.

The most popular tool for TCP/IP management is Simple Network Management Protocol (SNMP).

Each gateway maintains statistics on its operation in a database called Management Information Base (MIB). Typical gateway data includes:
The gateway operating system
Network interface
ARP mappings [address resolution]
IP software
ICMP software [internet control message]
TCP software
UDP software

Some MIB statistic might include
Time since last re-boot
Number of datagrams received
Number of datagrams forwarded
Number of routing failures
Number of datagrams reassembled
Number of datagrams fragmented
The IP routing table
Number of messages received and type of message

Fetch, Store and Trap
SNMP uses only a variation of fetch and store commands. Eg. fetch value from a specific item in MIB or stores a value into MIB.
A trap is recording a particular event, such as too many routing failures and sent a message to network manager.