TCP/IP

TCP 'rides' on top of Internet Protocol (IP) in the protocol stack. TCP segments are passed inside the payload section of the IP packets. IP handles IP addressing and routing and gets the packets from one place to another

TCP attaches a header to the application layer data; the header contains fields for the sequence numbers and other information necessary for these mechanisms, and fields for addresses called port numbers, which identify the source and destination applications of the data. The application data with its attached TCP header is then encapsulated within an IP packet for delivery

 

TCP/IP 3Way handshake

-SYN, SYN-ACK, ACK

-Process:

Host A sends a TCP SYN packet to Host B, Host B receives A's SYN

Host B sends a SYN-ACK, Host A receives B's SYN-ACK

Host A sends ACK, Host B receives ACK.

TCP socket connection is ESTABLISHED

Socket: A port number for an application, when coupled with the IP address of the host the application resides on, is called a socket. A socket uniquely identifies every application in a network.

IP packet header

IP packet header:

-most fields in this packet have some importance to routing

Version: set to 0100 (ipv4), set to 0110 (ipv6)

Header length: 4bits, Specifies the length of the IP packet header in 32 bit words. The minimum value for a valid header is 5.

ToS/Diffserv: 8bits, 6->DSCP 2->ECN

Total Length: 16-bit field specifying the total length of the packet, including the header, in octets. Maximum possible size of an IP packet is 65,535 octets (16bits ON converted to decimal)

Identifier: 16-bit field used in conjunction with the Flags and Fragment Offset fields for fragmentation of a packet. Packets must be fragmented into smaller packets if the original length exceeds the Maximum Transmission Unit (MTU) of a data link through which they pass.

The router marks each fragment with the same number in the Identifier field so that a receiving device can identify the fragments that go together.

Flags: 3-bits, 1^st ->unused, 2^nd ->DF bit (setting to 1 will not fragment the packet, use with extended ping to test MTU size), 3^rd ->MF bit (always 1 in fragmented packets except the last is 0)

Fragment Offset:  Allows the fragmented pieces to be reassembled in the correct order

Time to Live (TTL) is an eight-bit field that will be set with a certain number when the packet is first generated. As the packet is passed from router to router, each router will decrement this number. If the number reaches zero, the packet will be discarded and an error message will be sent to the source. This process prevents "lost" packets from wandering endlessly through a network

Protocol: eight-bit field that gives the "address," or protocol number, of the transport layer protocol for which the information in the packet is destined eg; 1-ICMP, 6-TCP, 17-UDP

Header Checksum is the error detection field for the IP header. If no errors have occurred during the packet's travels, the resulting checksum will be all ones

Source and Destination Addresses are the 32-bit IP addresses of the originator of the packet and the destination of the packet

Options: Is a variable-length field used primarily for testing. Used with extended ping: Loose, Strict, Record, Timestamp, Verbose

Padding: Ensures that the header ends on a 32-bit boundary by adding zeros after the option field until a multiple of 32 is reached

OSI model explanation

OSI and TCP/IP DOD Model

Physical Layer:

List of services:

-moving bits from source to destination

-providing a standardized interface to physical transmission media

Hardware equipment

-Cables, connectors, pin outs, Fiber Media Converter

Protocols and standards

- RS 232(serial port) -v.35 -Cat5 - RJ45, RJ11 connectors

Data link Layer:

List of services:

-Involved in converting bits into bytes and bytes into frames

-This is subdivided into two layers 1) LLC 2) MAC

LLC: Provides flow control, acknowledgment, and error notification on data link (the physical medium connecting two devices)

MAC: Determines who is allowed to access the media at any one time (CSMA/CD), provides physical addressing (mac), store and forward or cut through switching

Protocols:

-LAN side: 802.3 (Ethernet), ARP, STP

-WAN side: HDLC, PPP, FR, ATM, CDP

Network layer:

-The network layer is responsible for packet forwarding

-For outgoing packets, select the next-hop host and transmit the packet to this host by passing it to the appropriate link layer implementation; for incoming packets, capture packets and pass the packet payload up to the appropriate transport-layer protocol

Protocol: IP (ipv4, ipv6), icmp (error and diagnostics function)

Transport Layer:

-This layer defines how data is sent. Provides reliable and unreliable mode transport of segments. The application decides which mode to send data

-This layer also defines well know port numbers

-flow and error control on logical link (logical link traverses a series of data links - end2end)

Protocol: TCP (reliable), UDP (unreliable)

------------------------------------------------                                                                                               

Layers Application, Presentation, Session are handled by OS that is running on the host

------------------------------------------------

Application Layer:

Provides and interface that allows applications to interact across the network.

Protocols: Telnet, FTP, TFTP, HTTP

BGP is an application layer protocol as it uses TCP to transport its messages.

RIP is an application layer protocol as it uses UDP to transport its messages.

Presentation Layer:

As soon as application starts sending data it passes through presentation layer, where data is formatted in a format that is understandable by the server the application is communicating to.

Protocols: jpg, mpeg, avi

Session Layer:

The session layer provides the mechanism for opening, closing and managing a session between end-user application processes. Responsible for keeping sessions separate.

The session layer responds to service requests from the presentation layer and issues service requests to the transport layer.