1 Netprog 2002 TCP/IP TCP/IP Transmission Control Protocol / Internet Protocol

1Netprog 2002 TCP/IP

TCP/IPTCP/IPTransmission Control Protocol / Internet Transmission Control Protocol / Internet ProtocolProtocol

2Netprog 2002 TCP/IP

TCP/IP & OSITCP/IP & OSI

• In OSI reference model terminology -the TCP/IP protocol suite covers the network and transport layers.

• TCP/IP can be used on many data-link layers (can support many network hardware implementations).

3Netprog 2002 TCP/IP

Ethernet - A Real Data-Link LayerEthernet - A Real Data-Link Layer

• It will be useful to discuss a real data-link layer.

• Ethernet (really IEEE 802.3) is widely used.

• Supported by a variety of physical layer implementations.

4Netprog 2002 TCP/IP

EthernetEthernet

• Multi-access (shared medium).

• Every Ethernet interface has a unique 48 bit address (a.k.a. hardware address).

• Example: C0:B3:44:17:21:17

• The broadcast address is all 1’s.

• Addresses are assigned to vendors by a central authority.

5Netprog 2002 TCP/IP

CSMA/CDCSMA/CD Carrier Sense Multiple Access

withCollision Detection

• Carrier Sense: can tell when another host is transmitting

• Multiple Access: many hosts on 1 wire

• Collision Detection: can tell when another host transmits at the same time.

6Netprog 2002 TCP/IP

An Ethernet FrameAn Ethernet Frame

• The preamble is a sequence of alternating 1s and 0s used for synchronization.

• CRC is Cyclic Redundency Check

8 bytes 6 6 2 0-1500 4

PreambleDestination

AddressSourceAddress

Len CRCDATA

7Netprog 2002 TCP/IP

Ethernet AddressingEthernet Addressing

• Each interface looks at every frame and inspects the destination address. If the address does not match the hardware address of the interface or the broadcast address, the frame is discarded.

• Some interfaces can also be programmed to recognize multicast addresses.

8Netprog 2002 TCP/IP

Internet ProtocolInternet ProtocolThe IP in TCP/IPThe IP in TCP/IP

• IP is the network layer

• packet delivery service (host-to-host).

• translation between different data-link protocols.

9Netprog 2002 TCP/IP

IP DatagramsIP Datagrams

• IP provides connectionless, unreliable delivery of IP datagrams.

• Connectionless: each datagram is independent of all others.

• Unreliable: there is no guarantee that datagrams are delivered correctly or at all.

10Netprog 2002 TCP/IP

IP AddressesIP Addresses

• IP addresses are not the same as the underlying data-link (MAC) addresses.

Why ?Why ?

Rensselaer

11Netprog 2002 TCP/IP

IP AddressesIP Addresses

• IP is a network layer - it must be capable of providing communication between hosts on different kinds of networks (different data-link implementations).

• The address must include information about what network the receiving host is on. This makes routing feasible.

12Netprog 2002 TCP/IP

IP AddressesIP Addresses

• IP addresses are logical addresses (not physical)

• 32 bits.

• Includes a network ID and a host ID.

• Every host must have a unique IP address.

• IP addresses are assigned by a central authority (American Registry for Internet Numbers)

13Netprog 2002 TCP/IP

The The fourfour forformats of IP Addressesmats of IP Addresses

00 NetIDNetID

1010

110110 NetIDNetID

1110 Multicast Address

HostIDHostID

NetIDNetID HostIDHostID

HostIDHostID

ClassClassAA

BB

CC

DD8 bits 8 bits 8 bits8 bits

14Netprog 2002 TCP/IP

Class AClass A

128 possible network IDs

over 4 million host IDs per network ID

Class AClass A

128 possible network IDs

over 4 million host IDs per network ID

Class BClass B 16K possible network IDs 64K host IDs per network ID

Class BClass B 16K possible network IDs 64K host IDs per network ID

Class CClass C over 2 million possible network IDs about 256 host IDs per network ID

Class CClass C over 2 million possible network IDs about 256 host IDs per network ID

15Netprog 2002 TCP/IP

Network and Host IDsNetwork and Host IDs

• A Network ID is assigned to an organization by a global authority.

• Host IDs are assigned locally by a system administrator.

• Both the Network ID and the Host ID are used for routing.

16Netprog 2002 TCP/IP

IP AddressesIP Addresses

• IP Addresses are usually shown in dotted decimal notation:

1.2.3.4 00000001 00000010 00000011 00000100

• cs.rpi.edu is 128.213.1.110000000 11010101 00000001 00000001

CS has a class B networkCS has a class B network

17Netprog 2002 TCP/IP

Host and Network Host and Network AddressesAddresses• A single network interface is

assigned a single IP address called the host address.

• A host may have multiple interfaces, and therefore multiple host addresses.

• Hosts that share a network all have the same IP network address (the network ID).

18Netprog 2002 TCP/IP

IP Broadcast and Network IP Broadcast and Network AddressesAddresses• An IP broadcast addresses has a

host ID of all 1s.

• IP broadcasting is not necessarily a true broadcast, it relies on the underlying hardware technology.

• An IP address that has a host ID of all 0s is called a network address and refers to an entire network.

19Netprog 2002 TCP/IP

Subnet AddressesSubnet Addresses

• An organization can subdivide it’s host address space into groups called subnets.

• The subnet ID is generally used to group hosts based on the physical network topology.

1010 NetIDNetID SubnetIDSubnetID HostIDHostID

20Netprog 2002 TCP/IP

SubnettingSubnettingrouter

Subnet 1128.213.1.x

Subnet 2128.213.2.x

Subnet 3128.213.3.x

21Netprog 2002 TCP/IP

SubnettingSubnetting

• Subnets can simplify routing.

• IP subnet broadcasts have a hostID of all 1s.

• It is possible to have a single wire network with multiple subnets.

22Netprog 2002 TCP/IP

Mapping IP Addresses to Mapping IP Addresses to Hardware AddressesHardware Addresses• IP Addresses are not recognized

by hardware.

• If we know the IP address of a host, how do we find out the hardware address ?

• The process of finding the hardware address of a host given the IP address is called

Address ResolutionAddress Resolution

23Netprog 2002 TCP/IP

Reverse Address ResolutionReverse Address Resolution

• The process of finding out the IP address of a host given a hardware address is called

Reverse Address ResolutionReverse Address Resolution

• Reverse address resolution is needed by diskless workstations when booting.

24Netprog 2002 TCP/IP

ARPARP

• The Address Resolution Protocol is used by a sending host when it knows the IP address of the destination but needs the Ethernet address.

• ARP is a broadcast protocol - every host on the network receives the request.

• Each host checks the request against it’s IP address - the right one responds.

Arp Arp!

25Netprog 2002 TCP/IP

ARP (cont.)ARP (cont.)

• ARP does not need to be done every time an IP datagram is sent - hosts remember the hardware addresses of each other.

• Part of the ARP protocol specifies that the receiving host should also remember the IP and hardware addresses of the sending host.

26Netprog 2002 TCP/IP

ARP conversationARP conversation

HEY - Everyone please listen! Will 128.213.1.5 please send me his/her Ethernet address?

not me

Hi Green! I’m 128.213.1.5, and my Ethernet address is 87:A2:15:35:02:C3

27Netprog 2002 TCP/IP

RARP conversationRARP conversation

HEY - Everyone please listen! My Ethernet address is 22:BC:66:17:01:75.Does anyone know my IP address ?

not me

Hi Green! Your IP address is 128.213.1.17.

28Netprog 2002 TCP/IP

Services provided by IPServices provided by IP

• Connectionless Delivery (each datagram is treated individually).

• Unreliable (delivery is not guaranteed).

• Fragmentation / Reassembly (based on hardware MTU).

• Routing.

• Error detection.

29Netprog 2002 TCP/IP

IP DatagramIP Datagram

VERS HL

Fragment Offset

Fragment LengthService

Datagram ID FLAG

TTL Protocol Header Checksum

Source Address

Destination Address

Options (if any)

Data

1 byte1 byte 1 byte 1 byte

30Netprog 2002 TCP/IP

IP Datagram FragmentationIP Datagram Fragmentation

• Each fragment (packet) has the same structure as the IP datagram.

• IP specifies that datagram reassembly is done only at the destination (not on a hop-by-hop basis).

• If any of the fragments are lost - the entire datagram is discarded (and an ICMP message is sent to the sender).

31Netprog 2002 TCP/IP

IP Flow Control & Error IP Flow Control & Error DetectionDetection• If packets arrive too fast - the

receiver discards excessive packets and sends an ICMP message to the sender (SOURCE QUENCH).

• If an error is found (header checksum problem) the packet is discarded and an ICMP message is sent to the sender.

32Netprog 2002 TCP/IP

ICMPICMPInternet Control Message ProtocolInternet Control Message Protocol

• ICMP is a protocol used for exchanging control messages.

• ICMP uses IP to deliver messages.

• ICMP messages are usually generated and processed by the IP software, not the user process.

33Netprog 2002 TCP/IP

ICMP Message TypesICMP Message Types

• Echo Request

• Echo Response

• Destination Unreachable

• Redirect

• Time Exceeded

• Redirect (route change)

• there are more ...

34Netprog 2002 TCP/IP

Transport Layer & TCP/IPTransport Layer & TCP/IP

Q: We know that IP is the network layer - so TCP must be the transport layer, right ?

A: No… well, almost.

TCP is only part of the TCP/IP transport layer - the other part is UDP (User Datagram Protocol).

35Netprog 2002 TCP/IP

TCPTCP UDPUDP

IPIP

802.3802.3

Process Layer

Transport Layer

Network Layer

Data-Link Layer

ProcessProcess ProcessProcess

ICMP, ARP &

RARP

36Netprog 2002 TCP/IP

UDP User Datagram ProtocolUDP User Datagram Protocol

• UDP is a transport protocol

• communication between processes

• UDP uses IP to deliver datagrams to the right host.

• UDP uses ports to provide communication services to individual processes.

37Netprog 2002 TCP/IP

PortsPorts

• TCP/IP uses an abstract destination point called a protocol port.

• Ports are identified by a positive integer.

• Operating systems provide some mechanism that processes use to specify a port.

38Netprog 2002 TCP/IP

UDPUDP

• Datagram Delivery

• Connectionless

• Unreliable

• MinimalSource Port Destination Port

Length Checksum

Data

UDP Datagram FormatUDP Datagram Format

39Netprog 2002 TCP/IP

TCPTCPTransmission Control ProtocolTransmission Control Protocol

• TCP is an alternative transport layer protocol supported by TCP/IP.

• TCP provides:

•Connection-oriented

•Reliable

•Full-duplex

•Byte-Stream

40Netprog 2002 TCP/IP

Connection-OrientedConnection-Oriented

• Connection oriented means that a virtual connection is established before any user data is transferred.

• If the connection cannot be established - the user program is notified.

• If the connection is ever interrupted - the user program(s) is notified.

41Netprog 2002 TCP/IP

ReliableReliable

• Reliable means that every transmission of data is acknowledged by the receiver.

• If the sender does not receive acknowledgement within a specified amount of time, the sender retransmits the data.

42Netprog 2002 TCP/IP

Byte StreamByte Stream

• Stream means that the connection is treated as a stream of bytes.

• The user application does not need to package data in individual datagrams (as with UDP).

43Netprog 2002 TCP/IP

BufferingBuffering

• TCP is responsible for buffering data and determining when it is time to send a datagram.

• It is possible for an application to tell TCP to send the data it has buffered without waiting for a buffer to fill up.

44Netprog 2002 TCP/IP

Full DuplexFull Duplex

• TCP provides transfer in both directions.

• Piggybacking

45Netprog 2002 TCP/IP

TCP PortsTCP Ports

• Interprocess communication via TCP is achieved with the use of ports (just like UDP).

• UDP ports have no relation to TCP ports (different name spaces).

46Netprog 2002 TCP/IP

TCP SegmentsTCP Segments

• The chunk of data that TCP asks IP to deliver is called a TCP segment.

• Each segment contains:

• data bytes from the byte stream

• control information that identifies the data bytes

47Netprog 2002 TCP/IP

TCP Segment Format TCP Segment Format

Destination Port

Options (if any)

Data

1 byte 1 byte

Source Port

Sequence Number

Request Number

1 byte 1 byte

offset Reser. Control Window

Checksum Urgent Pointer

48Netprog 2002 TCP/IP

If the SYN flag is set, this is the initial sequence number. The sequence number of the actual first data byte will

then be this sequence number plus 1.

If the SYN flag is NOT set, this is the sequence number of the first data byte

49Netprog 2002 TCP/IP

if the ACK flag is set then the value of this field is the next expected sequence number that the receiver is

expecting.

50Netprog 2002 TCP/IP

The size of the TCP header in 32-bit words. The minimum size header is 5 words and the maximum is 15

words thus giving the minimum size of 20 bytes and maximum of 60 bytes. This field gets its name from the

fact that it is also the offset from the start of the TCP segment to the actual data.

51Netprog 2002 TCP/IP

For future use and should be set to 0s.

52Netprog 2002 TCP/IP

Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a TCP segment with the ECE flag set and had responded in congestion

control mechanism.

53Netprog 2002 TCP/IP

indicates (1) that the TCP peer is ECN capable during 3-way handshake, and (2) that a packet with

Congestion Experienced flag in IP header set is received during normal transmission.

54Netprog 2002 TCP/IP

indicates that the URGent pointer field is significant.

55Netprog 2002 TCP/IP

indicates that the ACKnowledgment field is significant.

56Netprog 2002 TCP/IP

Push function. The set ensures that data will be delivered immediately to the application layer by the

receiving transport layer

57Netprog 2002 TCP/IP

Reset the connection. Tells receiver to tear down connection immediately

58Netprog 2002 TCP/IP

Synchronize sequence numbers.

59Netprog 2002 TCP/IP

No more data from sender.

60Netprog 2002 TCP/IP

the size of the receive window, which specifies the number of bytes (beyond the sequence number in the

acknowledgment field) that the receiver is currently willing to receive .

61Netprog 2002 TCP/IP

The 16-bit checksum field is used for error-checking of the header and data.

62Netprog 2002 TCP/IP

if the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent

data byte.The Urgent Pointer is used when some information has

to reach the server ASAP. When the TCP/IP stack at the other end sees a packet using the Urgent Pointer,

it is duty bound to stop all it's doing and immediately send this packet to the relevant server

63Netprog 2002 TCP/IP

ExampleExample

• Lets assume we've got this data to send across to the guy at the other end.

ABCDEFGHIJ

Now for some reason or another, we're going to send the bytes across only four bytes at a time.

The First Packet: ABCD

The Second Packet: EFGH

The Third Packet: IJ

64Netprog 2002 TCP/IP

ExampleExample

• In the very first packet we send across we set the four byte sequence number to 1 i.e. the number of the first byte in the packet and the acknowledgement number as 0.

ABCD 1 2 3 4

The computer across the wire will respond with an ACK packet (an acknowledgement packet with the ACK flag on in the TCP header) holding an

acknowledgement number of ?.

65Netprog 2002 TCP/IP

ExampleExample

• The next packet we send will have a sequence number of 5 i.e. the number of the first byte in the packet relative to the start of the data stream. The acknowledgment number will be the other guys sequence number + 1.

EFGH 5 6 7 8

66Netprog 2002 TCP/IP

ExampleExample

• We will then receive an ACK with the acknowledgement number set to 9; the byte we have to start our next packet with.

We then shot off the last two bytes and wait for the ACK and when that comes, we know that all the bytes we've sent across has reached the computer at the other end.

IJ 9 10

67Netprog 2002 TCP/IP

Three-way HandshakeThree-way Handshake

• Before a client attempts to connect with a server, the server must first bind to a port to open it up for connections: this is called a passive open. Once the passive open is established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs:

The active open is performed by the client sending a SYN to the server. It sets the segment's sequence number to a random value.

68Netprog 2002 TCP/IP

Three-way HandshakeThree-way Handshake

In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received sequence number, and the sequence number is random.

Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value, and the acknowledgement number is set to one more than the received sequence number.

69Netprog 2002 TCP/IP

Three-way HandshakeThree-way Handshake

At this point, both the client and server have received an acknowledgment of the connection.

70Netprog 2002 TCP/IP

Connection TerminationConnection Termination

• A four-way handshake, with each side of the connection terminating independently

• When an endpoint wishes to stop its half of the connection, it transmits a FIN packet, which the other end acknowledges with an ACK.

• A typical tear-down requires a pair of FIN and ACK segments from each TCP endpoint.

71Netprog 2002 TCP/IP

TCP : ConnectionTCP : Connection

HostClient

Send SYN seq=x

Receive SYN+ACK segment

Send ACK y+1

Receive SYN segmentSend SYN seq=y, ACK x+1

Receive ACK segment

HostClient

Send FIN seq=x

Receive FIN + ACK segmentSend ACK y+1

Receive FIN segmentSend ACK x+1

Receive ACK segment

Establishing a TCP Connection Closing a TCP Connection

Receive ACK segment

Send FIN seq=y, ACK x+1

72Netprog 2002 TCP/IP

TCP : Data transferTCP : Data transfer

HostClient

Send Packet 1Start Timer

Retransmit Packet1Start Timer

Packet should arrive ACK should be sent

ACK would normallyArrive at this time

Receive Packet 1Send ACK 1

Time Expires

Receive ACK 1Cancel Timer

Packet LostTimer

Timer

73Netprog 2002 TCP/IP

TCP vs. UDPTCP vs. UDPQ: Which protocol is better ?Q: Which protocol is better ?

A: It depends on the application.A: It depends on the application.

TCP provides a connection-oriented, reliable TCP provides a connection-oriented, reliable byte stream service (lots of overhead).byte stream service (lots of overhead).

UDP offers minimal datagram delivery service UDP offers minimal datagram delivery service (as little overhead as possible).(as little overhead as possible).

74Netprog 2002 TCP/IP

TCP/IP SummaryTCP/IP Summary

• IP: network layer protocol• unreliable datagram delivery between

hosts.

• UDP: transport layer protocol• unreliable datagram delivery between

processes.

• TCP: transport layer protocol• reliable, byte-stream delivery

between processes.

75Netprog 2002 TCP/IP

Hmmmmm. TCP or UDP ?Hmmmmm. TCP or UDP ?

• Internet commerce ?

• Video server?

• File transfer?

• Email ?

• Chat groups?

• Robotic surgery controlled remotely over a network?

76Netprog 2002 TCP/IP

Example 1: Server Sends IP datagram to PCExample 1: Server Sends IP datagram to PC

• How to routing, i e., why server knows to send the IP packet to the router first ? • Look up routing table, in detail,

• by complete destination IP address, if not found

• by network ID of destination IP address, if not found

• the default router is selected. (In this example, we assume the router r is the default router).

• The IP address of a home computer connected to the Internet through modem is dynamically assigned (DHCP) .

77Netprog 2002 TCP/IP

G

G

G

G

G

net 1

net 2

net 3

net 4

net 5

G

Figure 2.8

s

R

1. Find R’s IP address by DNS.2. Check its routing table for R, if find (next hop), send to it.3. Otherwise, send to default router4. Needs to find the physical address of the next hop router.5. The router checks its routing table for the next hop and send to it.

6. continue until the packet reaches the router in the same LAN with R.7. The router finds R’s physical address and sends to it.

S sends a packet to R:

78Netprog 2002 TCP/IP

Big picture: web document browsingBig picture: web document browsing

• Suppose a user on PC clicks a link of a document contained in the server, and HTTP client passes a request to TCP layer asking for setting up a TCP connection, and the TCP connection between the PC and the server has been established .

• The http client then passes http request message (such as GET /….) to TCP layer.

79Netprog 2002 TCP/IP

HTTP Request

TCP Header

Header contains source and destination port numbers

Header contains source and destination IP addresses; transport protocol type

IP Header

Header contains source and destination physical addresses; network protocol type

Frame Check Sequence

ppp Header

Big picture: HTTP request is passed down

c, 80

TCP

80Netprog 2002 TCP/IP

Big picture: web document browsingBig picture: web document browsing

• The ppp driver (data link entity) in PC forms a PPP frame and sends the frame to the other end of the PPP link, i.e., router

• The router extracts IP packet (from the PPP frame), makes routing decision according on destination IP address, forms an Ethernet frame (encapsulating the IP packet) and broadcasts it onto Ethernet

• The server NIC captures the frame, extracts the IP packet and passes it to IP entity, then to TCP entity and then to HTTP server

• Finally the server retrieves the document and puts it in HTTP response packet and sends back to PC.

81Netprog 2002 TCP/IP

Sever processes multiple requestsSever processes multiple requests

• Q: there is one http server, there may be several http clients which sends http requests to the http server simultaneously,so there are several connections at the same with the same destination IP address, same port number: 80, and the same protocol type: TCP. How does the server distinguish these connections and process them separately?

http server

http clienthttp client

http clienthttp client

82Netprog 2002 TCP/IP

Sever processes multiple requestsSever processes multiple requests

• Answer: the way to specify the end-to-end process-to-process connection.

• Socket address: port number + IP address + protocol type

• Sender socket address: sender port number + sender IP address +

protocol type

• Receiver socket address: receiver port number + receiver IP address + protocol type.

• Connection = sender socket address + receiver socket address

http server

http clienthttp client

http clienthttp client

m1

m3

m2

c1,m1; s, 80, TCP

cc,m3; s, 80,TCP

c2,m1; s, 80, TCP

83Netprog 2002 TCP/IP

Application protocols and TCP/IP utilitiesApplication protocols and TCP/IP utilities

• telnet: remote login. Also a tool to test other protocols.

• FTP: File Transfer Protocols.

• Ping: determine whether a host is reachable

• Traceroute: determine the route that a packet will take to another host

• Netstate: provide information about the network status of a local host

• TCPdump: capture and observe packet exchange in a link.

84Netprog 2002 TCP/IP

• A user on host argon.tcpip-lab.edu (“Argon”) makes a web access to URL

http://neon.tcpip-lab.edu/index.html.

• What actually happens in the network?

argon.tcpip-lab.edu("Argon")

neon.tcpip-lab.edu("Neon")

Web request

Web page

Web client Web server

A simple TCP/IP ExampleA simple TCP/IP Example

85Netprog 2002 TCP/IP

HTTP Request and HTTP responseHTTP Request and HTTP response

• Web browser runs an HTTP client program

• Web server runs an HTTP server program

• HTTP client sends an HTTP request to HTTP server

• HTTP server responds with HTTP response

HTTP client

Argon

HTTP server

Neon

HTTP request

HTTP response

86Netprog 2002 TCP/IP

From HTTP to TCPFrom HTTP to TCP

• To send request, HTTP client program establishes an TCP connection to the HTTP server Neon.

• The HTTP server at Neon has a TCP server running

HTTP client

TCP client

Argon

HTTP server

TCP server

Neon

HTTP request / HTTP response

TCP connection

87Netprog 2002 TCP/IP

Resolving hostnames and port Resolving hostnames and port numbers numbers

• Since TCP does not work with hostnames and also would not know how to find the HTTP server program at Neon, two things must happen:

1. The name “neon.tcpip-lab.edu” must be translated into a 32-bit IP address.

2. The HTTP server at Neon must be identified by a 16-bit port number.

88Netprog 2002 TCP/IP

Translating a hostname into an IP Translating a hostname into an IP addressaddress• The translation of the hostname neon.tcpip-lab.edu into an IP address is

done via a database lookup

• The distributed database used is called the Domain Name System (DNS)

• All machines on the Internet have an IP address:argon.tcpip-lab.edu 128.143.137.144neon.tcpip-lab.edu 128.143.71.21

HTTP client DNS Server

argon.tcpip-lab.edu 128.143.136.15

neon.tcpip-lab.edu

128.143.71.21

89Netprog 2002 TCP/IP

Finding the port numberFinding the port number

• Note: Most services on the Internet are reachable via well-known ports. E.g. All HTTP servers on the Internet can be reached at port number “80”.

• So: Argon simply knows the port number of the HTTP server at a remote machine.

• The well-known port numbers of some of the most popular services are:

ftp 21 finger 79telnet 23 http 80smtp 25 nntp 119

90Netprog 2002 TCP/IP

Requesting a TCP ConnectionRequesting a TCP Connection

• The HTTP client at argon.tcpip-lab.edu requests the TCP client to establish a connection to port 80 of the machine with address 128.141.71.21

HTTP client

TCP client

argon.tcpip-lab.edu

Establish a TCP connectionto port 80 of 128.143.71.21

91Netprog 2002 TCP/IP

Invoking the IP Protocol Invoking the IP Protocol

• The TCP client at Argon sends a request to establish a connection to port 80 at Neon

• This is done by asking its local IP module to send an IP datagram to 128.143.71.21

TCP client

argon.tcpip-lab.edu

IP

Send an IP datagram to128.143.71.21

92Netprog 2002 TCP/IP

Sending the IP datagram to an IP Sending the IP datagram to an IP routerrouter• Argon (128.143.137.144) can deliver the IP datagram directly to

Neon (128.143.71.21), only if it is on the same local network (“subnet”)

• But Argon and Neon are not on the same local network (Q: How does Argon know this?)

• So, Argon sends the IP datagram to its default gateway

• The default gateway is an IP router

• The default gateway for Argon is Router137.tcpip-lab.edu (128.143.137.1).

93Netprog 2002 TCP/IP

The route from The route from ArgonArgon to to NeonNeon

• Note that the gateway has a different name for each of its interfaces.

neon.tcpip-lab.edu"Neon"

128.143.71.21

argon.tcpip-lab.edu"Argon"128.143.137.144

router137.tcpip-lab.edu"Router137"

128.143.137.1

router71.tcpip-lab.edu"Router71"128.143.71.1

Ethernet NetworkEthernet Network

Router

94Netprog 2002 TCP/IP

Finding the MAC address of the gatewayFinding the MAC address of the gateway

• To send an IP datagram to Router137, Argon puts the IP datagram in an Ethernet frame, and transmits the frame.

• However, Ethernet uses different addresses, so-called Media Access Control (MAC) addresses (also called: physical address, hardware address).

• Therefore, Argon must first translate the IP address 128.143.137.1 into a MAC address.

• The translation of addressed is performed via the Address Resolution Protocol (ARP).

95Netprog 2002 TCP/IP

Address resolution with ARPAddress resolution with ARP

argon.tcpip-lab.edu128.143.137.14400:a0:24:71:e4:44

ARP message: What is the MACaddress of 128.143.137.1?

ARP message: IP address 128.143.137.1belongs to MAC address 00:e0:f9:23:a8:20

router137.tcpip-lab.edu128.143.137.100:e0:f9:23:a8:20

96Netprog 2002 TCP/IP

Invoking the device driverInvoking the device driver

• The IP module at Argon, tells its Ethernet device driver to send an Ethernet frame to address 00:e0:f9:23:a8:20

argon.tcpip-lab.edu

IP module

Ethernet

Send an Ethernet frameto 00:e0:f9:23:a8:20

97Netprog 2002 TCP/IP

Sending an Ethernet frameSending an Ethernet frame

• The Ethernet device driver of Argon sends the Ethernet frame to the Ethernet network interface card (NIC)

• The NIC sends the frame onto the wire

argon.tcpip-lab.edu128.143.137.14400:a0:24:71:e4:44

IP Datagram for Neon

router137.tcpip-lab.edu128.143.137.100:e0:f9:23:a8:20

98Netprog 2002 TCP/IP

Forwarding the IP datagramForwarding the IP datagram• The IP router receives the Ethernet frame at interface

128.143.137.1, recovers the IP datagram and determines that the IP datagram should be forwarded to the interface with name 128.143.71.1

• The IP router determines that it can deliver the IP datagram directly

neon.tcpip-lab.edu"Neon"

128.143.71.21

argon.tcpip-lab.edu"Argon"128.143.137.144

router137.tcpip-lab.edu"Router137"

128.143.137.1

router71.tcpip-lab.edu"Router71"128.143.71.1

Ethernet NetworkEthernet Network

Router

99Netprog 2002 TCP/IP

Another lookup of a MAC addressAnother lookup of a MAC address

• The router needs to find the MAC address of Neon.

• Again, ARP is invoked, to translate the IP address of Neon (128.143.71.21) into the MAC address of neon (00:20:af:03:98:28).

ARP message: What is the MACaddress of 128.143.71.21?

ARP message: IP address 128.143.71.21belongs to MAC address 00:20:af:03:98:28

neon.tcpip-lab.edu128.143.71.21

00:20:af:03:98:28

router71.tcpip-lab.edu128.143.71.1

100Netprog 2002 TCP/IP

Invoking the device driver at the routerInvoking the device driver at the router

• The IP protocol at Router71, tells its Ethernet device driver to send an Ethernet frame to address 00:20:af:03:98:28

router71.tcpip-lab.edu

IP module

Ethernet

Send a frame to00:20:af:03:98:28

101Netprog 2002 TCP/IP

Sending another Ethernet frameSending another Ethernet frame

• The Ethernet device driver of Router71 sends the Ethernet frame to the Ethernet NIC, which transmits the frame onto the wire.

IP Datagram for Neon

neon.tcpip-lab.edu128.143.71.21

00:20:af:03:98:28

router71.tcpip-lab.edu128.143.71.1

102Netprog 2002 TCP/IP

Data has arrived at NeonData has arrived at Neon

• Neon receives the Ethernet frame

• The payload of the Ethernet frame is an IP datagram which is passed to the IP protocol.

• The payload of the IP datagram is a TCP segment, which is passed to the TCP server

• Note: Since the TCP segment is a connection request (SYN), the TCP protocol does not pass data to the HTTP program for this packet. Instead, the TCP protocol at neon will respond with a SYN segment to Argon.

HTTP server

Neon.cerf.edu

TCP server

IP module

Ethernet

103Netprog 2002 TCP/IP

Wrapping-up the exampleWrapping-up the example

• So far, Neon has only obtained a single packet

• Much more work is required to establish an actual TCP connection and the transfer of the HTTP Request

• The example was simplified in several ways:

• No transmission errors

• The route between Argon and Neon is short (only one IP router)

• Argon knew how to contact the DNS server (without routing or address resolution)

• ….

104Netprog 2002 TCP/IP

How many packets were really sent?How many packets were really sent?

tcpdump: listening on fxp016:54:51.340712 128.143.137.144.1555 > 128.143.137.11.53: 1+ A? neon.cs. (25)

16:54:51.341749 128.143.137.11.53 > 128.143.137.144.1555: 1 NXDomain* 0/1/0 (98) (DF)

16:54:51.342539 128.143.137.144.1556 > 128.143.137.11.53: 2+ (41)

16:54:51.343436 128.143.137.11.53 > 128.143.137.144.1556: 2 NXDomain* 0/1/0 (109) (DF)

16:54:51.344147 128.143.137.144.1557 > 128.143.137.11.53: 3+ (38)

16:54:51.345220 128.143.137.11.53 > 128.143.137.144.1557: 3* 1/1/2 (122) (DF)

16:54:51.350996 arp who-has 128.143.137.1 tell 128.143.137.144

16:54:51.351614 arp reply 128.143.137.1 is-at 0:e0:f9:23:a8:20

16:54:51.351712 128.143.137.144.1558 > 128.143.71.21.21: S 607568:607568(0) win 8192

<mss 1460> (DF)

16:54:51.352895 128.143.71.21.80 > 128.143.137.144.1558: S 3964010655:3964010655(0)

ack 607569 win 17520 <mss 1460> (DF)

16:54:51.353007 128.143.137.144.1558 > 128.143.71.21.80: . ack 1 win 8760 (DF)

16:54:51.365603 128.143.71.21.80 > 128.143.137.144.1558: P 1:60(59)

ack 1 win 17520 (DF) [tos 0x10]

16:54:51.507399 128.143.137.144.1558 > 128.143.71.21.80: . ack 60 win 8701 (DF)