DATA COMMUNICATIONS
© Copyright Brian Brown, 1995-2000. All rights reserved.

Part 17: TCP/IP and Inter-Networking

Inter-networking | Features | History | Relationship to OSI | Addressing | Address Resolution | IP | ICMP | UDP
TCP | Domain Names | SNMP | Bootp | Network Services | Sockets | Network Commands | Network Files | Summary

Introduction
This section briefly discusses TCP/IP, a common protocol method used to interconnect computers together, and also serves as the default protocol for accessing information over the Internet.

Objectives
At the end of this section you should be able to

• list three main features of TCP/IP
• identify on a given diagram the relationship between the OSI model and the various layers of TCP/IP
• explain the difference between a physical and logical address
• discuss reasons why TCP/IP hosts must have unique configurations
• given a set of TCP/IP addresses, determine which class the address belongs to
• given a specific type of application, select either UDP or TCP as the correct datagram to use
• describe the function of a Domain Name Service
• define the term "socket"
• given a list of standard network commands, describe their use and give an example

Inter Networking
UNIX systems are usually interconnected using TCP/IP (transmission control protocol, Internet protocol). This is a protocol mechanism that is widely used by large networks world wide to interconnect computers of different types.

A protocol is a set of rules that govern how computers talk to each other. TCP/IP is a widely used and very popular protocol. With TCP/IP, different computer systems can reliably exchange data on an interconnected network. It also provides a consistent set of application programming interfaces (API's) to support application development. This means that software programs can use TCP/IP to exchange data. An example of this is web servers and web browsers, software applications which use TCP/IP to exchange data.

Features of TCP/IP
Below are a few of the common features of TCP/IP.

• File Transfer
  The file transfer protocol (FTP and remote copy (RCP) applications let users transfer files between their computer systems.
  
  
• Terminal Emulation
  Telnet and rlogin provide a method for establishing an interactive connection between computer systems.
  
  
• Transparent distributed file access and sharing
  The Network File System (NFS) uses the IP protocol to extend the file system to support access to directories and disk on other computer systems.
  
  
• Remote command execution
  Using the remote shell (rsh) and remote execution (rexec) programs, users can run programs on remote computers and see the results on their own computer. This lets users of slow computers take advantage of faster computers by running their programs on the faster remote computer.
  
  
• Remote Printing
  The UNIX command lpr provides remote printing services.
  
  

TCP/IP History
The concept of connecting dissimilar computers into a common network arose from research conducted by the Defense Advanced Research Projects Agency (DARPA). DARPA developed the TCP/IP suite of protocols, and implemented an internetwork called ARPANET, which has evolved into the INTERNET.

TCP/IP and OSI
The protocols used closely resemble the OSI model. The Open Systems Inter-connect model is a model of 7 layers, which deal with the exchange of data from one computer to another.

Applications developed for TCP/IP generally use several of the protocols. The sum of the layers used is known as the protocol stack.

User Application programs communicate with the top layer in the protocol stack. This layer passes information to the next subsequent lower layer of the stack, and son on till the information is passed to the lowest layer, the physical layer, which transfers the information to the destination network. The lower layer levels of the destination computer passes the received information to its higher levels, which in turn passes the data to the destination application. Each protocol layer performs various functions which are independent of the other layers. Each layer communicates with equivalent layers on another computer, e.g., the session layer of two different computers interact.

An application program, transferring files using TCP/IP, performs the following,

• the application layer passes the data to the transport layer of the source computer
• the transport layer
  divides the data into TCP segments
  adds a header with a sequence number to each TCP segment
  passes the TCP segments to the IP layer
• the IP layer
  creates a packet with a data portion containing the TCP segment
  adds a packet header containing the source and destination IP addresses
  determines the physical address of the destination computer
  passes the packet and destination physical address to the datalink layer
• the datalink layer transmits the IP packet in the data portion of a frame
• the destination computers datalink layer
  discards the datalink header and passes the IP packet to the IP layer
• the destinations IP layer
  checks the IP packet header and checksum
  if okay, it discards the IP header and passes the TCP segment to the TCP layer
• the destinations TCP layer
  computes a checksum for the TCP segment data and header
  if okay, sends acknowledge to the source computer
  discards the TCP header and passes the data to the application

Physical Addresses and Internet Addresses
Each networked computer is assigned a physical address, which takes different forms on different networks. For ETHERNET networks, the physical address is a 6 byte numeric (or 12 digit hexadecimal) value (e.g. 080BF0AFDC09). Each computers Ethernet address is unique, and corresponds to the address of the physical network card installed in the computer.

Internet addresses are logical addresses, and are independent of any particular hardware or network component.

The TCP/IP protocol implements a logical network numbering, stored in configuration files, which a machine identifies itself as. This logical numbering is important in sending information to other users at other networks, or accessing machines remotely. Internet addresses are logical addresses, and are independent of any particular hardware or network component. It consists of a 4 byte (32-bit) numeric value which identifies the network number and the device number on the network. The 4 byte IP address is represented in dotted decimal notation, where each byte represents a value between 0 and 255, e.g., 127.46.6.11

When a computer wants to exchange data with another computer using TCP/IP, it first translates the destination IP address into a physical address in order to send packets to other computers on the network (this is called address resolution).

In addition, computers in a TCP/IP network each have unique logical names like ICE.CIT.AC.NZ. These logical names are connected to their IP address, in this example, the IP address of ice.cit.ac.nz is 156.59.20.50. The logical name is also referred to as the domain name.

When a client computer wishes to communicate with the host computer ICE, it must translate its logical name into its IP address. It does this via a domain name lookup query, which asks a domain name server the IP address of the destination host. The domain name server has a set of static tables that it uses to find the IP address. Notably, the domain name server is a mission critical piece of hardware, and if it fails, all lookup requests cannot be answered and thus you will not be able to connect to any computer using its domain name. Once the IP address is known, an address resolution is performed to return the physical address of the computer.

The IP logical numbering is comprised of a network number and a local number. For sites connected to the Internet (a global computer network of universities, databases, companies and US defence sites), the network portion is assigned by applying to a company responsible for maintaining the Internet Domain Names.

The construction of an IP address is divided into three classes. Which class is used by an organization depends upon the maximum number of work stations that is required by that organization. Each node or computer using TCP/IP within the organization MUST HAVE a unique host part of the IP address.

Class A Addressing

• first byte specifies the network portion
• remaining bytes specify the host portion
• the highest order bit of the network byte is always 0
• network values of 0 and 127 are reserved
• there are 126 class A networks
• there are more than 16 million host values for each class A network

Class B Addressing

• the first two bytes specify the network portion
• the last two bytes specify the host portion
• the highest order bits 6 and 7 of the network portion are 10
• there are more than 16 thousand class B networks
• there are 65 thousand nodes in each class B network

Class C Addressing

• the first three bytes specify the network portion
• the last byte specifies the host portion
• the highest order bits 5, 6 and 7 of the network portion are 110
• there are more than 2 million class C networks
• there are 254 nodes in each class C network

Reserved IP Addresses
The following IP addresses are reserved for special purposes, and must NOT be assigned to any host.

• Network Addresses : The host portion is set to all zero's (129.47.0.0)
• Broadcast Address : The host portion is set to all one's (129.47.255.255)
• Loopback Addresses : 127.0.0.0 and 127.0.0.1

Internet to Physical Address Translation
When an IP packet is sent, it is encapsulated (enclosed) within the physical frame used by the network. The IP address is mapped onto the physical address using the Address Resolution Protocol (arp) for networks such as Ethernet, token-ring, and Arcnet.

When a node wants to send an IP packet, it determines the physical address of the destination node by first broadcasting an ARP packet which contains the destination IP address. The destination node responds by sending its physical address back to the requesting node.

The Internet Protocol (IP)
This defines the format of the packets and how to handle them when sending or receiving. The form of the packets is called an IP datagram.

The Internet Control Message Protocol (ICMP)
ICMP packets contain information about failures on the network, such as inoperative nodes and gateways, packet congestion etc. The IP software interprets ICMP messages. ICMP messages often travel across many networks to reach their destination, so they are encapsulated in the data portion of an IP datagram.

The User Datagram Protocol (UDP)
This permits users to exchange individual packets over a network. It defines a set of destinations known as protocol ports. Ports are numbered, and TCP/IP reserves 1 to 255 for certain applications. The UDP datagram is encapsulated into one or more IP datagrams.

The Transmission Control Protocol (TCP)
TCP is a reliable stream delivery protocol. It establishes a virtual circuit between the two applications, and sends a stream of bytes to the destination in exactly the same order as they left the source.

Before transmission begins, the applications at both ends obtain a TCP port, similar to that used by UDP.

TCP segments are encapsulated into an IP datagram. TCP buffers the stream by waiting for enough data to fill a large datagram before sending it.

TCP is full duplex, and assigns each segment a sequence number, which the receiving end uses to ensure all segments are received in the correct order. Upon arrival of the next segment, the receiving end sends an acknowledgement to the sending node.

If the sending node does not receive an acknowledgement within a certain time, it retransmits the segment.

Domain Name Servers
This is a hierarchical naming system for identifying hosts. Each host name is comprised of domain labels separated by periods. If your machine is connected to the Internet, you assign local domain names to host computers only, and your higher level domain name is assigned to you by the organization that controls the domain names. Domain names must be registered, so they don't conflict with an existing one.

For example, the domain name assigned to CIT is,

	cit.ac.nz

An example of the host computers at CIT are called cit1, cit2, and mail. Their host names in the domain are

	cit1.cit.ac.nz
	cit2.cit.ac.nz
	mail.cit.ac.nz

Users are also assigned names. Consider the user joe, who has an account on the host machine mail. The domain name for this user is,

	joe@mail.cit.ac.nz

Hosts in your domain can be referred to by host name only. One host acts as a name resolver (host domain name server), which resolves machine names. For example, if you want to ftp into the local host ftp.cit.ac.nz, it will send a request to the name domain server, which will send back it's IP address.

The name domain server uses a special file called hosts to resolve host names and their IP addresses. This file is a static file that must be periodically updated every time changes are made.

Simple Network Management Protocol (snmp)
This provides a means for managing a network environment. Each host, router or gateway running SNMP can be interrogated for information related to the network.

Examples of information are

• host names
• packets transmitted and received
• errors
• routing information

Boot Protocol (bootp)
This service allows a local machine to get its Internet address from a designated boot server. The bootp server has a list of Ethernet addresses and IP addresses stored in a file (bootptab). When it receives a request from a machine, it looks at this file for a match and responds with the assigned IP address. The bootp server uses static tables to maintain a link between the Ethernet addresses and IP addresses for computers on the network. Obviously, this requires continual updating as network cards are changed and computers moved within the organization.

Network Services
All of the above network services like snmp and ftp are enabled on the host machine by running the system daemon process to support the service.

If the daemon process is not started, the service is not available at that host. In other words, you cannot ftp into a host which is not running the ftp daemon service.

When a UNIX host starts up, it usually runs an inetd service, which reads the file inetd.lst which contains a list of the networking services for the host to start.

Sockets
Sockets are an end to end numbered connection between two UNIX machines communicating via TCP/IP. Standard packages are assigned special socket numbers (telnet is port 23). The socket numbers for various protocols and services are found in /etc/services.

A programming socket interface provides calls for opening, reading, writing and closing a socket to another host machine. In this way, the programmer need not be concerned with the underlying protocol associated with the socket interface.

Networking Commands
Below is a discussion of some of the more common networking commands.

arp (address resolution protocol)
This command displays and modifies the internet to physical hardware address translation tables.

Examples
	arp  -a		; show all ARP entries on host kai
	arp  -d 156.59.20.50	; delete an ARP entry for the host ice
	arp  -f		; delete all ARP entries

netstat (network status)
This command displays the network status of the local host. It provides information about the TCP connections, packet statistics, memory buffers and socket information.

Examples
	netstat  -s		; show socket information
	netstat  -r		; show routing tables
	netstat  -a		; show addresses of network interfaces
	netstat  -?		; show help

ping
This command sends an echo request to a host. It is a diagnostic tool for testing whether a host can be found. When the request reaches the host, it is sent back to the originator.

Examples
	ping  ice.cit.ac.nz	; send an echo request to host ice.cit.ac.nz
	ping  156.45.208.1	; ping host at IP address 156.45.208.1

route
This command manually manipulates the network routing tables which are used to connect to other hosts.

Examples
	route  add  net  129.34.10.0   129.34.20.1  1
	; add a new network 129.34.10.0 accessible via the gateway 129.34.20.1 and
	; there is one metric hop to this destination

tracert
This command lists all the connections (links) between the current computer and the destination computer.

Networking Files
The following files are associated with networking and are generally found in the /etc subdirectory on UNIX systems.

/etc/gateways
Used by routed  and identifies the accessible gateway machines.

/etc/hosts
Used by clients and servers to resolve host names if a name server is unavailable.

/etc/netrc
Used by ftp and rexec as an alternative source for a username and password.

/etc/resolv
Used by clients and servers to provide a domain name and name server address.

/etc/trusers
Used by ftpd  to verify users and their passwords.

Summary
TCP/IP is the protocol used by computers on the Internet. Each computer has an IP address, which is a set of four digits joined using dots, and a logical name, which identifies it.

Many applications can be built on top of TCP/IP, such as file transfer (FTP) and Web services (WWW). In an organization which is connected to the Internet using TCP/IP, a domain name server resolves logical names of host computers to IP addresses.

Test 8 [JavaScript]
Now it is time to review this section and discover how much you have absorbed. Click on the hyperlink above to begin the test.

© Copyright B Brown. 1995-2000. All rights reserved.