Internet Protocol Suite

loyalsockvillemobNetworking and Communications

Oct 27, 2013 (4 years and 8 months ago)


Internet Protocol Suite

Local Area Networks

(LANs) use FRAMES to deliver data to individual PC’s identified by their MEDIA
ACCESS CONTROL address, a 12 digit hexadecimal number burned into each Network Interface Card (NIC).
Network protocols that use t
hese frames are either routable (IP, IPX) or non
routable (NETBEUI, DLC, LLC).
To be ROUTABLE a protocol must specify a NETWORK ADDRESS for each device that exists on the
network. The network address usually consists of a network number and a host or work
station number.

Internet Protocol
(IP) addresses consist of 4 numbers valued 0
255 separated by periods; so called “dotted
quad” notation. In reality, the IP address is a 32 bit mask; dotted quad notation is for readability. This “dotted
quad” number
contains both the network and host number. Network numbers are specified by a “class”
designated by the value of the first number in the address. The network number encompasses one or more of
the octet values as indicated by the NETWORK MASK, host portio
n is indicated by the zero position. Below
table specifies IP network classes


First Octet Value

Network Mask

# of Networks

# of Hosts




16 million







2 Million




1 Million




1 Million


Only IP network classes A, B and C are of concern for host addressability. Class D and E are special purpose
network address classes.

Address Rules: Network addresses 0, 127 and

255 are reserved values; 0 and 255 are broadcast; 127 is for local
loopback. Host addresses 0 and 255 are not allowed as they are reserved for broadcast. IP network addresses,, and are reserved
for private Intranets; all other
class A
C addresses are available for use on the public Internet. So called “subnetting” allows the number of
networks to be expanded by “borrowing” bits from the host portion of the IP address; this is usually used in
ass A and Class B addresses where there are too many hosts and not enough networks. In this case, the
network mask is referred to as a “subnet mask” to indicate the network portion of the IP address.

IP Networks

at least 3 values are required for IP
network addressability

an IP address, a subnet mask and
a gateway address. The subnet mask indicates the network portion of the IP address; which is the network
number the host address is attached to. The gateway address indicates the network and host
address of the
device that knows the route(s) out of the local network to the outside world (a “router”). The host will
communicate directly with any device on it’s network; and go to the gateway device to get to any other
network(s). A “default” gateway

is the gateway used for getting to networks that don’t have specific paths.

Transmission Control Protocol


is the main protocol for applications and runs “on top” of IP. A
TCP/IP “session” consists of a pair of socket or port #’s; one on the
client (requestor), one on the server. Socket
or port #’s range from 1

65535. The socket # on the client is a random number; usually assigned sequentially
above the “reserved” socket numbers; normally 1

1024; or 1
4096 or 8192 depending on the TCP/IP

stack. The reserved socket #’s define the application on the server. Common application and port #’s are: FTP

21, Telnet

23, SMTP (E

25, HTTP (Web)

80. Session establishment is via “3
way handshake”
where the client contacts the
server with a “SYN”; server responds with a “SYN/ACK” and the client responds
with a “ACK”. The “SYN” in this case SYNchronizes the Send/Receive packet sequence numbers in both
directions on the session,. The ACK is an ACKnowledgement of the previous pa
cket(s). In this way the
TCP/IP “session” establishes a connection, keeps track of bytes sent and received and guarantees data delivery
in a TCP/IP application session.

Internet Protocol Suite

User Datagram Protocol

(UDP) is an application transport

protocol similar to TCP; with two differences:
there is no “3
way handshake” to establish a session; hence no session; thus data delivery is not guaranteed.
Words used to describe UDP are “connectionless”, non
guaranteed and “stateless” (i.e.

next pack
et doesn’t
depend on the state of prior packets). UDP uses the same port or socket #’s as TCP/IP and most UDP
applications have TCP/IP equivalents. Probably the most common UDP application is Trivial File Trnasfer
Protocol (TFTP) and Domain Name Services


TCP/IP Application Suite

most common applications are:

TELNET (Port 23)

Comand line into a server

File Transfer Protocol (FTP, Port 21)

data transfer from/to a client to/from a server.

Simple Mail Transport Protocol (SMTP or Internet E
il, Port 25)

server only

Hyper Test Transport Protocol (HTTP or Web Services, Port 80).

Domain Name Services (DNS, Port 53)

changes Internet “Names” into Internet Protocol Addresses

Post Office Protocol (POP, Port 110

Internet E
Mail client

All com
mon public Internet Protocol applications (indeed all IP based activity) is based on a Request for
Comment (RFC) documents; which a is a published document used to define a proposed IP standard. If
accepted, the RFC becomes an IP standard and anything tha
t conforms to the RFC standard is called “RFC


Public internet Domain Names consist of an organization type (.ORG, .EDU, .NET etc) in
combination with a Domain Name read left to right; organized right to left registered with the Inter
Committee for the Assignment of Names and Numbers (ICANN). Anything after the Domain Name is either s
“subdomain” or host. Hence in WWW.IBM.COM, WWW is the hostname. In
is the hostname, US i
s the subdomain name. Along with the Domain Name registration is a public DNS server
that translates all domain names for the domain to IP addresses.

TCP/IP Utilities

used to analyze and debug the TCP/IP suite are as follows:



used to determine

the ability to contact a specific IP address.



used to display gateway address(es) when passing thru multiple networks to get to a
specific IP address (PING)



used to determine which IP addresses map to whicm MAC address on the LAN (local

IP network



is used to display network statistics (
s), Ethernet Statistics (
e), TCP/UDP connections (
and routing information (



return an IP address for a domain name



obtain local/remore user information



local hostname



local IP configuration information



for displays, same as NETSTAT

r; otherwise updates local route table

Common Internet Files:


contains pre
defined network numbers


s pre
defined or “reserved” application port #’s local to the host


supported IP protocols


defined host name to IP address mappings