Introduction to TCP/IP
Download as ppt, pdf1 like2,221 views
This document provides an introduction to TCP/IP networking. It discusses the TCP/IP network architecture including the client-server model and layers. It also covers naming and addressing schemes, common protocols like TCP, UDP, IP, and Ethernet. Packet formats and programming interfaces are described. Finally, it discusses protocol analysis tools like Wireshark that can be used to observe network traffic.
Introduction to TCP/IP
- 1. Introduction to TCP/IPIntroduction to TCP/IP Frank Fang Kuo YuFrank Fang Kuo Yu 2004/02/202004/02/20
- 2. AgendaAgenda TCP/IP Network ArchitectureTCP/IP Network Architecture Client-Server ModelClient-Server Model Naming and AddressingNaming and Addressing TCP/UDP/IP/Ethernet Packet FormatTCP/UDP/IP/Ethernet Packet Format Application Programming InterfacesApplication Programming Interfaces Protocol AnalysisProtocol Analysis
- 3. Meet the Protocol Family in the InternetMeet the Protocol Family in the Internet TCP UDP IP SNMP ping tracert IPsec Mobile IP ARP RARP PPP DNS telnet ftp IP QoS HTTP IP telephony IP multicast BSD socketWinsockJava socket ICMP IPv4 IPv6 SMTP NTCIP DHCP POP3 Ethernet WAP GPRS r-utility ATM MIB WinPcap SLIP SMS Internet internet intranet tester developer administrator OSPF BGP MPLSRTP WWW
- 4. TCP/IP Network ArchitectureTCP/IP Network Architecture Application LayerApplication Layer Transport LayerTransport Layer Network LayerNetwork Layer Link LayerLink Layer operating-system/computer-architecture independent LAN/MAN/WAN applicable physical-medium independent host host network network media media process process client-server model
- 5. TCP/IP Protocol SuiteTCP/IP Protocol Suite EthernetEthernet ARPARP RARPRARP IPv4IPv4 IPv6IPv6 TCPTCP UDPUDP ICMPICMP TelnetTelnetFTPFTPpingping SNMPSNMP TFTPTFTP Serial lineSerial line PPPPPP SMTPSMTP POP3POP3 21 23 11025 69161 port number IP address
- 6. Key Protocols in Transport/Network LayersKey Protocols in Transport/Network Layers Transmission Control Protocol (TCP)Transmission Control Protocol (TCP) aa connection-orientedconnection-oriented,, reliablereliable,, byte-streambyte-stream serviceservice User Datagram Protocol (UDP)User Datagram Protocol (UDP) aa connectionlessconnectionless,, unreliableunreliable,, datagramdatagram delivery servicedelivery service application-aware via port number and UDP checksumapplication-aware via port number and UDP checksum Internet Protocol (IP)Internet Protocol (IP) aa connectionlessconnectionless,, unreliableunreliable,, datagramdatagram delivery servicedelivery service network-aware via routing, fragmentation and reassemblynetwork-aware via routing, fragmentation and reassembly
- 7. Encapsulation in Protocol ProcessingEncapsulation in Protocol Processing ApplicationApplication TCPTCP IPIP EthernetEthernet fragmentationfragmentation reassemblyreassembly paddingpadding
- 8. Request For Comments Document SeriesRequest For Comments Document Series http://www.rfc-editor.org/http://www.rfc-editor.org/ ↑↑ http://www.networksorcery.com/enp/default0501.htmhttp://www.networksorcery.com/enp/default0501.htm ↑↑
- 9. TCP and UDP Client-Server ModelTCP and UDP Client-Server Model DNSDNS clientclient DNSDNS serverserver DNS query (www.yahoo.com)DNS query (www.yahoo.com) DNS response ( 216.109.125.70 )DNS response ( 216.109.125.70 ) (( UDPUDP 172.18.8.120172.18.8.120 10271027 172.16.2.2172.16.2.2 5353 )),, ,, ,, ,, 172.18.8.120172.18.8.120 172.16.2.2172.16.2.2 ( protocol( protocol locallocal addressaddress locallocal portport remoteremote addressaddress remoteremote portport )),, ,, ,, ,, well-knownwell-known DNS port numberDNS port number ephemeral port numberephemeral port number 32-bit IPv4 address32-bit IPv4 address
- 10. IP Address and TCP/UDP Port NumberIP Address and TCP/UDP Port Number Internet Assigned Number AuthorityInternet Assigned Number Authority www.iana.orgwww.iana.org IP AddressIP Address IPv4IPv4 32-bit dotted-decimal notation32-bit dotted-decimal notation e.g., 192.0.32.67e.g., 192.0.32.67 – the IPv4 address space for private internetsthe IPv4 address space for private internets 10.0.0.010.0.0.0 ~ 10.255.255.255~ 10.255.255.255 172.16.0.0172.16.0.0 ~ 172.31.255.255~ 172.31.255.255 192.168.0.0192.168.0.0 ~ 192.168.255.255~ 192.168.255.255 IPv6IPv6 128-bit hexadecimal string128-bit hexadecimal string e.g., 1080:0:0:0:8:800:200C:417Ae.g., 1080:0:0:0:8:800:200C:417A TCP/UDP Port NumberTCP/UDP Port Number well known portswell known ports 0 ~ 10230 ~ 1023 registered portsregistered ports 1024 ~ 491511024 ~ 49151 dynamic and/or private portsdynamic and/or private ports 49152 ~ 6553649152 ~ 65536
- 11. Host Name, IP Address, Physical AddressHost Name, IP Address, Physical Address
- 12. TCP Connections underTCP Connections under Windows netstatWindows netstat show host name and service name show IP address and port number
- 13. TCP Connections underTCP Connections under Linux netstatLinux netstat show host name and service name show IP address and port number show process id and program name
- 14. Protocol Stack and netstatProtocol Stack and netstat
- 15. Naming, Addressing, and Packet FormatNaming, Addressing, and Packet Format TCP SegmentTCP Segment UDP DatagramUDP Datagram IPv4 DatagramIPv4 Datagram Ethernet FrameEthernet Frame
- 16. TCP Segment FormatTCP Segment Format 20 bytes http://www.iana.org/assignments/port-numbershttp://www.iana.org/assignments/port-numbers C:WINDOWSsystem32driversetcservicesC:WINDOWSsystem32driversetcservices
- 17. UDP Datagram FormatUDP Datagram Format 8 bytes http://www.iana.org/assignments/port-numbershttp://www.iana.org/assignments/port-numbers C:WINDOWSsystem32driversetcservicesC:WINDOWSsystem32driversetcservices
- 18. IPv4 Datagram FormatIPv4 Datagram Format 20 bytes http://www.iana.org/assignments/protocol-numbershttp://www.iana.org/assignments/protocol-numbers C:WINDOWSsystem32driversetcprotocolC:WINDOWSsystem32driversetcprotocol http://www.iana.org/ipaddress/ip-addresses.htmhttp://www.iana.org/ipaddress/ip-addresses.htm
- 19. Ethernet Frame FormatEthernet Frame Format http://www.iana.org/assignments/ethernet-numbershttp://www.iana.org/assignments/ethernet-numbers
- 20. Naming, Addressing, and MappingNaming, Addressing, and Mapping Mapping fromMapping from Host NameHost Name toto IP addressIP address DNS ~ Domain Name SystemDNS ~ Domain Name System e.g., www.yahoo.come.g., www.yahoo.com →→ 216.109.125.70216.109.125.70 Mapping fromMapping from IP AddressIP Address toto Ethernet AddressEthernet Address ARP ~ Address Resolution ProtocolARP ~ Address Resolution Protocol e.g., 172.18.8.254e.g., 172.18.8.254 →→ 00-0a-8a-d9-47-4000-0a-8a-d9-47-40
- 21. Application Programming InterfacesApplication Programming Interfaces libpcap, WinPcaplibpcap, WinPcap Raw SocketsRaw Sockets Sockets, WinSock, Java.net, TLI/XTISockets, WinSock, Java.net, TLI/XTI Application LayerApplication Layer Transport LayerTransport Layer Network LayerNetwork Layer Link LayerLink Layer Middleware (RPC, RMI, CORBA, webMiddleware (RPC, RMI, CORBA, web service,…), HTTP/SMTP/POP3/Telephonyservice,…), HTTP/SMTP/POP3/Telephony API, …API, …
- 22. Sockets Functions for TCP Client/ServerSockets Functions for TCP Client/Server socket ( )socket ( ) bind ( )bind ( ) listen ( )listen ( ) accept ( )accept ( ) read ( )read ( ) write ( )write ( ) read ( )read ( ) close ( )close ( ) socket ( )socket ( ) connect ( )connect ( ) write ( )write ( ) read ( )read ( ) close ( )close ( ) TCP ServerTCP Server TCP ClientTCP Client Connection EstablishmentConnection Establishment Connection TerminationConnection Termination requestrequest replyreply
- 23. Sockets Functions for UDP Client/ServerSockets Functions for UDP Client/Server socket ( )socket ( ) bind ( )bind ( ) recvfrom ( )recvfrom ( ) sendto ( )sendto ( ) socket ( )socket ( ) sendto ( )sendto ( ) recvfrom ( )recvfrom ( ) close ( )close ( ) UDP ServerUDP Server UDP ClientUDP Client requestrequest replyreply
- 24. Protocol AnalysisProtocol Analysis Hardware/Software Protocol AnalyzerHardware/Software Protocol Analyzer Hardware Protocol AnalyzerHardware Protocol Analyzer ~ Agilent, Racal, Rohde & Schwarz~ Agilent, Racal, Rohde & Schwarz Software Protocol AnalyzerSoftware Protocol Analyzer ~ WinPcap and Ethereal~ WinPcap and Ethereal WinPcap Protocol AnalyzerWinPcap Protocol Analyzer http://winpcap.polito.it/http://winpcap.polito.it/ PcapPcap ~ packet capture library from Lawrence Berkeley Laboratory~ packet capture library from Lawrence Berkeley Laboratory WinPcapWinPcap ~ packet capture and network analysis for Win32 from~ packet capture and network analysis for Win32 from ItalyItaly Ethereal Protocol AnalyzerEthereal Protocol Analyzer http://www.ethereal.comhttp://www.ethereal.com
- 25. WinPcap/Ethereal Protocol Analyzer SetupWinPcap/Ethereal Protocol Analyzer Setup Host A Host B WinPcap/Ethereal Ethernet internet Host C WinPcap/Ethereal (promiscuous mode)
- 26. WinPcap Protocol AnalyzerWinPcap Protocol Analyzer Screen LayoutScreen Layout
- 27. Ethereal Protocol AnalyzerEthereal Protocol Analyzer Screen LayoutScreen Layout
- 28. What is “Ping”?What is “Ping”? a program used to test whether another host isa program used to test whether another host is reachablereachable ““PingPing”” sendssends an ICMP echo request messagean ICMP echo request message to ato a host and expectshost and expects an ICMP echo reply messagean ICMP echo reply message toto be returned.be returned. ““PingPing”” supports a set of options which can be usedsupports a set of options which can be used by anyone who wants to maintain, investigate, andby anyone who wants to maintain, investigate, and hack TCP/IP networks.hack TCP/IP networks.
- 29. Using “Ping” to Observe Network TrafficUsing “Ping” to Observe Network Traffic ICMP Echo Request and Echo ReplyICMP Echo Request and Echo Reply ARP Request/Reply and ARP CacheARP Request/Reply and ARP Cache DNS Query and ResponseDNS Query and Response IP Fragmentation and the “Don’t Fragment” flagIP Fragmentation and the “Don’t Fragment” flag Ethernet PaddingEthernet Padding
- 30. SummarySummary TCP/IP Network ArchitectureTCP/IP Network Architecture Client-Server ModelClient-Server Model Naming and AddressingNaming and Addressing TCP/UDP/IP/Ethernet Packet FormatTCP/UDP/IP/Ethernet Packet Format Application Programming InterfacesApplication Programming Interfaces Protocol AnalysisProtocol Analysis
- 31. TCP UDP IP SNMP ping tracert IPsec Mobile IP ARP RARP PPP DNS telnet ftp IP QoS HTTP IP telephony IP multicast BSD socketWinsockJava socket ICMP IPv4 IPv6 SMTP NTCIP DHCP POP3 Ethernet WAP GPRS r-utility ATM MIB WinPcap SLIP SMS Internet internet intranet tester administrator OSPF BGP MPLSRTP WWW Everything over IPEverything over IP IP over EverythingIP over Everything developer ThanksThanks YouYou Q & AQ & A