Guide To TCP/IP, Second Edition

uptightexampleNetworking and Communications

Oct 24, 2013 (4 years and 15 days ago)

69 views

Guide to TCP/IP, Second Edition

1

Guide To TCP/IP, Second Edition

Chapter 3


Data Link And Network Layer TCP/IP
Protocols


Guide to TCP/IP, Second Edition

2

Objectives


Understand the role that data link protocols, such
as SLIP and PPP, play for TCP/IP


Distinguish among various Ethernet and token
ring frame types


Understand how hardware addresses work in a
TCP/IP environment, and the services that ARP
and RARP provide for such networks


Appreciate the overwhelming importance of the
Internet Protocol (IP) and how IP packets behave
on TCP/IP networks

Guide to TCP/IP, Second Edition

3

Objectives (cont.)


Understand the lifetime of an IP datagram,
and the process of fragmentation and
reassembly


Appreciate service delivery options


Understand IP header fields and functions

Guide to TCP/IP, Second Edition

4

Data Link Protocols


Data Link layer performs several key jobs:


Media Access Control (MAC)


Logical Link Control (LLC)


Point
-
to
-
point data transfer


Wide area network (WAN) links and WAN
protocols

Guide to TCP/IP, Second Edition

5

Data Link Protocols (cont.)


Data encapsulation techniques


Special handling for X.25, frame relay, and
Asynchronous Transfer Mode (ATM) WAN links


WAN encapsulation of frames at the Data Link
layer involves


Addressing


Bit
-
level integrity check


Delimitation


Protocol identification (PID)

Guide to TCP/IP, Second Edition

6

Serial Line Internet Protocol (SLIP)


Original point
-
to
-
point protocol


Management through a dial
-
up serial port


Supports only TCP/IP


0xC0, 0xDB, 0xDC


compressed SLIP (C
-
SLIP)

Guide to TCP/IP, Second Edition

7

Point
-
to
-
Point Protocol (PPP)


WAN data link encapsulation


PPP encapsulation and framing techniques


Fields in the PPP header and trailer include the
following values:


Flag


Protocol Identifier


Frame Check Sequence (FCS)


Synchronous technologies use bit substitution


Support for a multi
-
link PPP implementation

Guide to TCP/IP, Second Edition

8

Special Handling for PPP Links


Additional control and addressing in PPP headers
to manage X.25, frame relay, or ATM


X.25: RFC 1356


Public packet
-
switched data network using noisy,
narrow
-
bandwidth, copper telephone lines


Frame Relay: RFC 2427


Logical point
-
to
-
point and multi
-
point connections
through a single physical interface


ATM: RFC 1577 and 1626


High
-
speed cell
-
switched networking technology

Guide to TCP/IP, Second Edition

9

Frame Types


Ethernet frames types


Ethernet II


Ethernet 802.2 Logical Link Control (LLC)


Ethernet 802.2 Sub
-
Network Access Protocol (SNAP)


The de facto standard is Ethernet II frame type


Ethernet II frame fields and structure


Preamble


Source/Destination Address


Type/Data


Frame Check Sequence

Guide to TCP/IP, Second Edition

10

Frame Types (cont.)


Guide to TCP/IP, Second Edition

11

Frame Types (cont.)


Ethernet 802.2 LLC frame structure


Preamble


Start Frame Delimiter (SFD)


Destination Address/Source Address


Length


Destination Service Access Point (DSAP)


Source Service Access Point (SSAP)


Control


Data


Frame Check Sequence (FCS)

Guide to TCP/IP, Second Edition

12

Frame Types (cont.)


Guide to TCP/IP, Second Edition

13

Frame Types (cont.)


Ethernet SNAP frame structure


Preamble/Start Frame Delimiter (SFD)


Destination Address/Source Address


Length


Destination Service Access Point (DSAP)


Source Service Access Point (SSAP)


Control


Organization Code


Ether Type


Data


Frame Check Sequence (FCS)

Guide to TCP/IP, Second Edition

14

Frame Types (cont.)


Guide to TCP/IP, Second Edition

15

Frame Types (cont.)


Token Ring frame


IEEE 802.5


Physical star design


Logical ring transmission path


Token ring workstation acts as a repeater


Two variations of token ring frames


Token Ring 802.2 LLC frames


Token Ring SNAP frames

Guide to TCP/IP, Second Edition

16

Frame Types (cont.)


Guide to TCP/IP, Second Edition

17

Frame Types (cont.)


Token Ring 802.2 LLC frame format


Start Delimiter


Access Control/Frame Control


Destination Address/Source Address


Destination Service Access Point (DSAP) (LLC 802.2)


Source Service Access Point (SSAP) (LLC 802.2)


Control (LLC 802.2)


Data


Frame Check Sequence


End Delimiter/Frame Status

Guide to TCP/IP, Second Edition

18

Frame Types (cont.)


Guide to TCP/IP, Second Edition

19

Frame Types (cont.)


Token Ring SNAP frame format


Start Delimiter


Access Control/Frame Control


Destination Address/Source Address


Destination Service Access Point (DSAP) (LLC 802.2)


Source Service Access Point (SSAP) (LLC 802.2)


Control (LLC 802.2)/Organization Code


Ether Type/Data


Frame Check Sequence


End Delimiter/Frame Status

Guide to TCP/IP, Second Edition

20

Frame Types (cont.)


Guide to TCP/IP, Second Edition

21

Hardware Addresses In The IP Environment


ARP


ARP Cache


Test for a duplicate IP address


Routing tables


Route resolution process

Guide to TCP/IP, Second Edition

22

Hardware Addresses In The IP
Environment (cont.)


Guide to TCP/IP, Second Edition

23

Hardware Addresses In The IP Environment (cont.)


Guide to TCP/IP, Second Edition

24

ARP Packet Fields and Functions


Field types


Hardware Type Field


Protocol Type Field


Length of Hardware Address Field


Length of Protocol Address Field


Opcode Field


Sender’s Hardware Address Field


Sender’s Protocol Address Field


Target Hardware Address Field


Target Protocol Address Field

Guide to TCP/IP, Second Edition

25

ARP Packet Fields and Functions (cont.)


Guide to TCP/IP, Second Edition

26

ARP Packet Fields and Functions (cont.)


Guide to TCP/IP, Second Edition

27

ARP Cache


Kept in memory


Windows 2000 and Windows XP systems, 120 seconds


Other kinds of networking equipment, 300 seconds


ARP cache entries


Automatic


Manual adding or deletion


WINIPCFG


IPCONFIG

Guide to TCP/IP, Second Edition

28

ARP Cache (cont.)


Guide to TCP/IP, Second Edition

29

Proxy ARP and Reverse ARP


Proxy ARP


Enables a router to “ARP” in response to an IP
host’s ARP broadcasts


Reverse ARP (RARP)


Obtain an IP address for an associated data link
address


Diskless Workstations


RARP Server

Guide to TCP/IP, Second Edition

30

About Internet Protocol


A Network Layer protocol


Datagrams or Packets


End
-
to
-
end communications


IPv4/IPv6

Guide to TCP/IP, Second Edition

31

Sending IP Datagrams


Connectionless service


Certain requirements to send a datagram


IP addresses of the source and destination


Hardware address of the source and next
-
hop
router


Manually entered destination IP address


DNS to obtain a destination’s IP address

Guide to TCP/IP, Second Edition

32

Sending IP Datagrams (cont.)


Guide to TCP/IP, Second Edition

33

Route Resolution Process


Local or remote destination?


If Remote, which router?


Two types of route table entries


Host route entry


Network route entry


Default Gateway


Gateway does one of the following:


Forwards the packet


Sends an ICMP reply
-

an ICMP redirect


Sends an ICMP reply
-

destination is unreachable

Guide to TCP/IP, Second Edition

34

Lifetime of an IP Datagram


Time to Live (TTL)


Cannot indefinitely circle a looped internetwork


Routing protocols prevent loops


TTL Value


Defined as number of seconds or hop counts


Recommended TTL of 64


Windows 2000/XP is 128


Switches and hubs do not decrement the TTL value

Guide to TCP/IP, Second Edition

35

Fragment and Reassembly


Large packet fragmented by a router into
smaller packets


Reassembled at the Transport layer at the
destination


Same TTL value


Fragment retransmission process causes
more traffic


Takes processing time

Guide to TCP/IP, Second Edition

36

Service Delivery Options


Packet priority and route priority


Precedence


Eight levels from 0
-
7


Type of Service (TOS)


Six possible types of service


Differentiated Services (Diffserv)


Early Congestion Notification (ECN)

Guide to TCP/IP, Second Edition

37

IP Header Fields And Functions


IP Header fields


Version Field


Type of Service Field


New TOS Field Function: Differentiated Services and
Congestion Control


Total Length Field/Flags Field


Fragment Offset Field/Time to Live (TTL) Field


Protocol Field/Header Checksum Field


Source/Destination Address field


Options Field

Guide to TCP/IP, Second Edition

38

IP Header Fields And Functions (cont.)


Guide to TCP/IP, Second Edition

39

Chapter Summary


Because they manage access to the networking
medium, data link protocols also manage the
transfer of datagrams across the network
Normally, this means negotiating a connection
between two communications partners and
transferring data between them


Such transfers are called point
-
to
-
point because
they move from one interface to another on the
same network segment or connection

Guide to TCP/IP, Second Edition

40

Chapter Summary (cont.)


When WAN protocols, such as SLIP or PPP, come into
play, it’s possible to use analog phone lines; digital
technologies that include ISDN, DSL, or T
-
carrier
connections; or switched technologies, such as X.25, frame
relay, or ATM, to establish links that can carry IP and
other datagrams from a sender to a receiver


At the Data Link layer, this means that protocols must
deliver services, such as delimitation, bit
-
level integrity
checks, addressing (for packet
-
switched connections), and
protocol identification (for links that carry multiple types
of protocols over a single connection)

Guide to TCP/IP, Second Edition

41

Chapter Summary (cont.)


Ethernet II frames are the most common frame
type on LANs, but a variety of other frame types
exist that carry TCP/IP over Ethernet or token ring
networks


Other Ethernet frame types that can carry TCP/IP
include Ethernet 802.2 LLC frames and Ethernet
802.2 SNAP frames; token ring frame types
include Token Ring 802.2 LLC frames and Token
Ring SNAP frames

Guide to TCP/IP, Second Edition

42

Chapter Summary (cont.)


Understanding frame layouts is crucial for proper handling
of their contents, regardless of the type of frame in use


Such frame types typically include start markers or
delimiters (sometimes called preambles), destination and
source MAC layer addresses, a Type field that identifies
the protocol in the frame’s payload, and the payload itself,
which contains the actual data inside the frame


Most TCP/IP frames end with a trailer that stores a Frame
Check Sequence field used to provide a bit
-
level integrity
check for the frame’s contents

Guide to TCP/IP, Second Edition

43

Chapter Summary (cont.)


By recalculating a special value called a Cyclical
Redundancy Check (CRC), and comparing it to
the value stored in the FCS field, the NIC can
accept the frame for further processing, or silently
discard it when a discrepancy occurs


At the lowest level of detail, it’s important to
understand the differences in field layouts and
meanings when comparing various frame types for
any particular network medium

Guide to TCP/IP, Second Edition

44

Chapter Summary (cont.)


You should understand the differences between Ethernet II
frames, Ethernet 802.2 LLC frames, and Ethernet SNAP
frames, and the differences between Token Ring 802.2
LLC frames and Token Ring SNAP frames


Because hardware/MAC layer addresses are so important
when identifying individual hosts on any TCP/IP network
segment, it’s imperative to understand how TCP/IP
manages the translation between MAC layer addresses and
numeric IP addresses


For TCP/IP, the Address Resolution Protocol (ARP)
provides this all
-
important role and helps create and
manage the ARP cache

Guide to TCP/IP, Second Edition

45

Chapter Summary (cont.)


Because ARP can check the validity of the address
assigned to any machine by performing an ARP
request for a machine’s own address, ARP can
also detect IP address duplication when it occurs
on a single network segment


Understanding ARP packet fields greatly helps to
illuminate the address resolution process,
particularly the use of the “all
-
zeroes” address in
the Target Hardware Address field to indicate that
a value is needed

Guide to TCP/IP, Second Edition

46

Chapter Summary (cont.)


ARP also includes information about hardware
type, protocol type, length of hardware address
(varies with the type of hardware), length of
protocol address, and an Opcode field that
identifies what kind of ARP or RARP packet is
under scrutiny


A more advanced mechanism called proxy ARP
permits a router to interconnect multiple network
segments and make them behave like a single
network segment

Guide to TCP/IP, Second Edition

47

Chapter Summary (cont.)


Because this means that hardware addresses are required
from all segments that act like a single network segment,
proxy ARP’s job is to forward ARP requests from one
actual network segment to another, when required; enable
hardware address resolution; and then to deliver
corresponding replies to their original senders


Also, when a router configured for proxy ARP receives an
ARP broadcast, it responds with its own address


When it receives the subsequent data packet, it forwards
this along, according to its routing tables

Guide to TCP/IP, Second Edition

48

Chapter Summary (cont.)


Network layer protocols make their way into the Data Link
layer through a process known as data encapsulation


Building IP datagrams, therefore, depends on
understanding how to map the contents of an IP packet into
a datagram that carries an IP packet as its payload


This process requires obtaining a numeric IP address for
the destination (and may involve initial access to name
resolution services such as DNS), and then using ARP (or
the ARP cache) to map the destination address to a
hardware address

Guide to TCP/IP, Second Edition

49

Chapter Summary (cont.)


It is possible to use the hardware address of a known router
or a default gateway instead, which can then begin the
routing process from the sending network to the receiving
network


When a frame must travel from one network segment to
another, a process to resolve its route must occur


Local destinations can be reached with a single transfer at
the Data Link layer, but remote destinations require
forwarding and multiple hops to get from sender to
receiver

Guide to TCP/IP, Second Edition

50

Chapter Summary (cont.)


Thus, it’s important to understand the role of local
routing tables that describe all known local routes
on a network, and the role of the default gateway
that handles outbound traffic when exact routes
are not known


Here, ICMP comes into play to help manage best
routing behaviors and report when destinations
may be unreachable

Guide to TCP/IP, Second Edition

51

Chapter Summary (cont.)


Other important characteristics of IP datagrams include:
Time to Live (TTL) values, which prevent stale frames
from persisting indefinitely on a network; fragmentation of
incoming frames when the next link on a route uses a
smaller MTU than the incoming link (reassembly of
fragments always occurs when frames ultimately arrive at
the destination host); and service delivery options to
control packet and route priorities (seldom used, but worth
understanding)


IP traffic can be prioritized using Differentiated Services
or Type of Service designations

Guide to TCP/IP, Second Edition

52

Chapter Summary (cont.)


Although Type of Service was defined in the original
specification, current network prioritization
implementations are based on Differentiated Services
functions that place a DSCP value in the IP header


This DSCP value is examined by routers along a path, and
the traffic is forwarded according to the router
configuration for that DSCP traffic type


In addition, Explicit Congestion Notification enables
routers to notify each other of congested links before they
must drop packets

Guide to TCP/IP, Second Edition

53

Chapter Summary (cont.)


These services streamline IP traffic to ensure minimal
delay for high
-
priority traffic and a minimum of packet
loss


The chapter concludes with an overview of all fields in an
entire IP header


It brings together all the topics discussed in earlier
sections, and permits inspection of entire IP datagram
headers to map out their contents


Ultimately, this provides the map by which it is possible to
examine and decode the addressing and handling
instructions associated with any IP datagram