[Cisco Networking Academy] Del Mar College
ITNW 1392-Beginning Router Configuration
 Instructor:Michael P. Harris
Sem2Les11

Semester 2, Lesson 11 Notes:

Fundamentals of TCP/IP

TCP/IP - "Transmission Control Protocol/Internet Protocol". Common name for the suite of protocols developed by the U.S. DOD in the 1970s to support the construction of worldwide internetworks. TCP and IP are the two best-known protocols in the suite.

TCP - "Transmission Control Protocol". Connection-oriented 'transport layer' protocol that provides reliable full-duplex data transmission. TCP is part of the TCP/IP protocol stack.

IP - "Internet Protocol". 'Network layer' protocol in the TCP/IP stack offering a connectionless internetwork service. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security. Documented in RFC 791.

The TCP/IP protocol stack has the following components:

  • Protocols to support file transfer, e-mail, remote login, and other 'application protocols'. Network management is also supported at the Application layer. (layer 7)
  • Reliable and "unreliable" transports (layer 4)
  • Connectionless datagram delivery at the Network layer (layer 3)
  • ICMP provides control and message functions at the Network layer (layer 3).

1. How do the TCP/IP 'Conceptual layers' relate to the 'OSI layers'?

  1. TCP/IP groups the OSI 7-Application, 6-Presentation, and 5-Session layers into an "Application Layer".
  2. The OSI 4-Transport layer maps exactly to the TCP/IP "Transport Layer".
  3. TCP/IP renames the OSI 3-Network layer as an "Internet Layer".
  4. TCP/IP calls the OSI 2-Data link and 1-Physical layers the "Network Interface Layer".

2. Compare and contrast TCP and UDP Transport Layer).

  1. TCP (Transmission Control Protocol) is a connection-oriented, 'reliable protocol'. It is responsible for breaking messages into 'segments', reassembling them at the destination station, resending anything that is not received, and reassembling messages from the segments. TCP supplies a 'virtual circuit' between end-user applications.
  2. UDP (User Datagram Protocol) is a connection-less, "unreliable" protocol. Although UDP is responsible for transmitting messages, no software checking for segment delivery is provided at this layer; hence the description 'unreliable'.

The "Transport layer" performs two functions:

  1. Flow control provided by sliding windows
  2. Reliability provided by sequence numbers and acknowledgmenmts

3. Briefly describe everything you know about the fields in a TCP 'segment'.
TCP field segments include:
  1. Source and destination ports (what services are being requested)
  2. Sequence numbers, Acknowledgment numbers, and Header length (keeping track of segments)
  3. Code bits (setup and termination of sessions)
  4. Window (number of octets that the sender is willing to accept)
  5. Checksum (number of header and data fields, for error correction)
  6. Data (upper-layer protocol data)

Both TCP and UDP us eport (or socket) numbers to pass information to the upper layers. Port numbers are used to keep track of different conversations crossing the network at the same time. Application software developers agree to use well-known port numbers that are defined in RFC1700.

Some ports are reserved in both TCP and UDP, but applications might not be written to support them. Port numbers have the following assigned ranges:

  • Numbers below 255 are for public applications.
  • Numbers from 255 to 1023 are assigned to companies for sealable applications.
  • Numbers above 1023 are unregulated.

End systems use port numbers to select the proper application. Originating source port numbers are dynamically assigned by the source host, usually some number greater than 1023.

TCP "Three-Way Handshake" (Open Connection)
Both ends of the connection are synchronized with a three-way handshake /open connection sequence. Exchanging beginning sequence numbers during the connection sequence ensures that lost data can be recovered if problems occur later. 

   Host-A				Host-B
   ------				------
1. Send SYN (seq=x)			
					Receive SYN (seq=x)


					Send SYN (seq=y, ack=x+1)
2. Receive SYN (seq=y, ach=x+1)



3. Send ACK (ack=y+1)
					Receive ACK (ack=y+1)

"Window size" - Refers to the number of messages that can be transmitted while awaiting an acknowledgment. TCP uses 'expectational acknowledgments', meaning that the acknowledgment number refers to the octet expected next.

"Par" (Positive Acknowledgment and Retransmission) - TCP provides "sequencing" of segments with a "forward reference acknowledgment". Each datagram is numbered before transmission. At the receiving station, TCP reassembles the segments into a complete message. If a sequence number is missing in the series, that segment is retransmitted. Segments that are not acknowledged within a given time period result in retransmission.

"UDP (User Datagram Protocol) uses no windowing or acknowledgments. Application-layer protocols can provide for reliability. UDP is designed for applications that do not need to put sequencses of segments together. Protocols that use UDP include TFTP, SNMP, Network File System (NFS), and Domain Name System (DNS).

4. Briefly describe everything you know about the fields in an IP 'datagram'.

IP datagram fields include:

  1. Version number and header length
  2. Type of service and total length of datagram
  3. Time-To-Live
  4. Which upper-layer Protocol has sent the Datagram (TCP or UDP)
  5. Header checksum
  6. Source and Destination IP addresses
  7. IP options (testing, debugging, security)
  8. Data
5. Briefly distinguish between IP, ICMP, ARP, and RARP (Internet layer).
Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI 3-Network layer:
"IP" (Internet protocol) provides 'connectionless', 'best-effort routing' of datagrams [packets]. It is not concerned with their content; it is looking for ways to move the datagrams to their destination. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security.

"ICMP" (Internet Control Message Protocol) provides control and messaging capabilities. Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing.

If a router receives a packet that it is unable to deliver to its destination, the router sends an ICMP :destination unreachable" message to the source and the router discards the message. The message might be undeliverable because of an invalid IP address or there is no known route to the destination. Undeliverable ICMP messages are discarded to prevent flooding of the network.

An "echo reply" is a successful reply to a "ping" command; however, the results could include other ICMP mesages, such as unreachables and timeouts.

ICMP uses the following types of defined messages. Others exist that are not included on this list:

  • Destiantion (Host) Unreachable
  • Echo Request (Ping)
  • Echo Reply (Ping Reply)
  • Time Exceeded
  • Parameter Problem
  • Source Quench
  • Redirect
  • Timestamp
  • Timestamp Reply
  • Information Request
  • Information Reply
  • Address Request
  • Address Reply

"ARP" (Address Resolution Protocol) determines the 2-Data link layer address for a known IP address. Internet protocol is used to map an IP address (network address) to a MAC sublayer address. To determine a destination address for a 'datagram' the "ARP cache" table is checked. If the address is not in the table, ARP sends a 'broadcast' looking for the destination station. Every station on the network receives the broadcast.

The term "local ARP" is used to describe resolving an address when both the requesting host and the destination host share the same media or wire. Prior to issuing the ARP, the "subnet mask" was consulted. The mask determined that the nodes are on the same subnet.

"RARP" (Reverse Address Resolution Protocol) determines network addresses (IP addresses) when data link layer addresses are known. Protocol in the TCP/IP stack that provides a method for finding IP addresses based on MAC addresses.

RARP relies on the presence of a RARP server with a table entry or other means to respond to these requests. On the local segment, RARP can be used to initiate a remote operating system load sequence.

[Previous]Lesson 10         [Index]Index         [Next]Next
[Top of Page]     This page is maintained by:   Michael P. Harris
[Viking Home Page] viking.delmar.edu
Last updated April 2		 [E-mail] mpharris@surf.delmar.edu
Copyright © 1999