Upload
frank-fang-kuo-yu
View
292
Download
3
Embed Size (px)
DESCRIPTION
Course Material in 2004
Citation preview
Introduction to TCP/IPIntroduction to TCP/IP
Frank Fang Kuo YuFrank Fang Kuo Yu
2004/02/202004/02/20
AgendaAgenda
TCP/IP Network ArchitectureTCP/IP Network Architecture
Client-Server ModelClient-Server Model
Naming and AddressingNaming and Addressing
TCP/UDP/IP/Ethernet Packet FormatTCP/UDP/IP/Ethernet Packet Format
Application Programming InterfacesApplication Programming Interfaces
Protocol AnalysisProtocol Analysis
Meet the Protocol Family in the Meet the Protocol Family in the InternetInternet
TCPUDP
IP
SNMP
ping
tracert
IPsec
Mobile IP ARP
RARPPPP
DNS
telnetftp
IP QoS
HTTP
IP telephony
IP multicast
BSD socketWinsockJava socket
ICMPIPv4IPv6
SMTP
NTCIP
DHCP
POP3
Ethernet
WAP
GPRS
r-utility
ATM
MIB
WinPcapSLIP
SMS
Internet
internet
intranet
testerdeveloper
administrator
OSPF
BGP MPLSRTP
WWW
TCP/IP Network ArchitectureTCP/IP Network Architecture
Application LayerApplication Layer
Transport LayerTransport Layer
Network LayerNetwork Layer
Link LayerLink Layer
operating-system/computer-architecture independent
LAN/MAN/WAN applicable
physical-medium independent
host host
network network
media media
process process
client-server model
TCP/IP Protocol SuiteTCP/IP Protocol Suite
EthernetEthernet
ARPARP RARPRARP
IPv4IPv4 IPv6IPv6
TCPTCP UDPUDP
ICMPICMP
TelnetTelnetFTPFTPpingping SNMPSNMP TFTPTFTP
Serial lineSerial line
PPPPPP
SMTPSMTP POP3POP3
21 23 11025 69161 portnumber
IPaddress
Key Protocols in Transport/Network Key Protocols in Transport/Network LayersLayers
Transmission Control Protocol (TCP)Transmission Control Protocol (TCP)
a a connection-orientedconnection-oriented, , reliablereliable, , byte-streambyte-stream service service
User Datagram Protocol (UDP)User Datagram Protocol (UDP)
a a connectionlessconnectionless, , unreliableunreliable, , datagramdatagram delivery service delivery service application-aware via port number and UDP checksumapplication-aware via port number and UDP checksum
Internet Protocol (IP)Internet Protocol (IP)
a a connectionlessconnectionless, , unreliableunreliable, , datagramdatagram delivery service delivery service network-aware via routing, fragmentation and network-aware via routing, fragmentation and
reassemblyreassembly
Encapsulation in Protocol Encapsulation in Protocol ProcessingProcessing
ApplicationApplication
TCPTCP
IPIP
EthernetEthernet
fragmentationfragmentationreassemblyreassembly
paddingpadding
Request For Comments Document Request For Comments Document SeriesSeries
http://www.rfc-editor.org/http://www.rfc-editor.org/
http://www.networksorcery.com/enp/default0501.htmhttp://www.networksorcery.com/enp/default0501.htm
TCP and UDP Client-Server TCP and UDP Client-Server ModelModel
DNSDNSclientclient
DNSDNSserverserver
DNS query (www.yahoo.com)DNS query (www.yahoo.com)
DNS response ( 216.109.125.70 )DNS response ( 216.109.125.70 )
( ( UDPUDP 172.18.8.120172.18.8.120 10271027 172.16.2.2172.16.2.2 5353 )),, ,, ,, ,,
172.18.8.120172.18.8.120 172.16.2.2172.16.2.2
( protocol( protocollocallocal
addressaddresslocallocalportport
remoteremoteaddressaddress
remoteremoteportport )),, ,, ,, ,,
well-knownwell-knownDNS port numberDNS port number
ephemeral port numberephemeral port number
32-bit IPv4 address 32-bit IPv4 address
IP Address and TCP/UDP Port IP Address and TCP/UDP Port NumberNumber
Internet Assigned Number AuthorityInternet Assigned Number Authority www.iana.orgwww.iana.org
IP AddressIP Address IPv4IPv4 32-bit dotted-decimal notation32-bit dotted-decimal notation e.g., 192.0.32.67e.g., 192.0.32.67
– the IPv4 address space for private internetsthe IPv4 address space for private internets10.0.0.010.0.0.0 ~ 10.255.255.255~ 10.255.255.255172.16.0.0172.16.0.0 ~ 172.31.255.255~ 172.31.255.255192.168.0.0192.168.0.0 ~ 192.168.255.255 ~ 192.168.255.255
IPv6IPv6 128-bit hexadecimal string128-bit hexadecimal string e.g., e.g., 1080:0:0:0:8:800:200C:417A1080:0:0:0:8:800:200C:417A
TCP/UDP Port NumberTCP/UDP Port Number well known portswell known ports 0 ~ 10230 ~ 1023 registered portsregistered ports 1024 ~ 491511024 ~ 49151 dynamic and/or private portsdynamic and/or private ports 49152 ~ 6553649152 ~ 65536
Host Name, IP Address, Physical Host Name, IP Address, Physical AddressAddress
TCP Connections under TCP Connections under Windows Windows netstatnetstat
show host name and service name
show IP address and port number
TCP Connections under TCP Connections under Linux Linux netstatnetstat
show host name and service name
show IP address and port number
show process id and program name
Protocol Stack and netstatProtocol Stack and netstat
Naming, Addressing, and Packet Naming, Addressing, and Packet FormatFormat
TCP SegmentTCP Segment
UDP DatagramUDP Datagram
IPv4 DatagramIPv4 Datagram
Ethernet FrameEthernet Frame
TCP Segment FormatTCP Segment Format
20 bytes
http://www.iana.org/assignments/port-numbershttp://www.iana.org/assignments/port-numbersC:\WINDOWS\system32\drivers\etc\servicesC:\WINDOWS\system32\drivers\etc\services
UDP Datagram FormatUDP Datagram Format
8 bytes
http://www.iana.org/assignments/port-numbershttp://www.iana.org/assignments/port-numbersC:\WINDOWS\system32\drivers\etc\servicesC:\WINDOWS\system32\drivers\etc\services
IPv4 Datagram FormatIPv4 Datagram Format
20 bytes
http://www.iana.org/assignments/protocol-numbershttp://www.iana.org/assignments/protocol-numbersC:\WINDOWS\system32\drivers\etc\protocolC:\WINDOWS\system32\drivers\etc\protocol
http://www.iana.org/ipaddress/ip-addresses.htmhttp://www.iana.org/ipaddress/ip-addresses.htm
Ethernet Frame FormatEthernet Frame Format
http://www.iana.org/assignments/ethernet-numbershttp://www.iana.org/assignments/ethernet-numbers
Naming, Addressing, and Naming, Addressing, and MappingMapping Mapping from Mapping from Host NameHost Name to to IP addressIP address
DNS ~ Domain Name SystemDNS ~ Domain Name System
e.g., www.yahoo.com e.g., www.yahoo.com 216.109.125.70 216.109.125.70
Mapping from Mapping from IP AddressIP Address to to Ethernet Ethernet AddressAddress
ARP ~ Address Resolution ProtocolARP ~ Address Resolution Protocol
e.g., 172.18.8.254 e.g., 172.18.8.254 00-0a-8a-d9-47-40 00-0a-8a-d9-47-40
Application Programming InterfacesApplication Programming Interfaces
libpcap, WinPcaplibpcap, WinPcap
Raw SocketsRaw Sockets
Sockets, WinSock, Java.net, TLI/XTISockets, WinSock, Java.net, TLI/XTI
Application LayerApplication Layer
Transport Transport LayerLayer
Network Network LayerLayer
Link LayerLink Layer
Middleware (RPC, RMI, CORBA, web Middleware (RPC, RMI, CORBA, web service,…), service,…), HTTP/SMTP/POP3/Telephony API, …HTTP/SMTP/POP3/Telephony API, …
Sockets Functions for TCP Sockets Functions for TCP Client/ServerClient/Server
socket ( )socket ( )
bind ( )bind ( )
listen ( )listen ( )
accept ( )accept ( )
read ( )read ( )
write ( )write ( )
read ( )read ( )
close ( )close ( )
socket ( )socket ( )
connect ( )connect ( )
write ( )write ( )
read ( )read ( )
close ( )close ( )
TCP ServerTCP Server
TCP ClientTCP Client
Connection EstablishmentConnection Establishment
Connection TerminationConnection Termination
requestrequest
replyreply
Sockets Functions for UDP Sockets Functions for UDP Client/ServerClient/Server
socket ( )socket ( )
bind ( )bind ( )
recvfrom ( )recvfrom ( )
sendto ( )sendto ( )
socket ( )socket ( )
sendto ( )sendto ( )
recvfrom ( )recvfrom ( )
close ( )close ( )
UDP ServerUDP Server
UDP ClientUDP Client
requestrequest
replyreply
Protocol AnalysisProtocol Analysis
Hardware/Software Protocol Hardware/Software Protocol AnalyzerAnalyzer
Hardware Protocol Analyzer Hardware Protocol Analyzer ~ Agilent, Racal, Rohde & Schwarz ~ Agilent, Racal, Rohde & Schwarz Software Protocol Analyzer Software Protocol Analyzer ~ WinPcap and Ethereal~ WinPcap and Ethereal
WinPcap Protocol AnalyzerWinPcap Protocol Analyzer
http://winpcap.polito.it/http://winpcap.polito.it/ Pcap Pcap ~ packet capture library from Lawrence Berkeley Laboratory~ packet capture library from Lawrence Berkeley Laboratory WinPcap WinPcap ~ packet capture and network analysis for Win32 from ~ packet capture and network analysis for Win32 from
ItalyItaly
Ethereal Protocol AnalyzerEthereal Protocol Analyzer
http://www.ethereal.comhttp://www.ethereal.com
WinPcap/Ethereal Protocol Analyzer WinPcap/Ethereal Protocol Analyzer SetupSetup
Host A
Host B
WinPcap/Ethereal
Ethernet
internet
Host C
WinPcap/Ethereal
(promiscuous mode)
WinPcap Protocol AnalyzerWinPcap Protocol AnalyzerScreen LayoutScreen Layout
Ethereal Protocol AnalyzerEthereal Protocol AnalyzerScreen LayoutScreen Layout
What is “Ping”?What is “Ping”?
a program used to test whether another host is a program used to test whether another host is reachablereachable
““PingPing”” sends sends an ICMP echo request messagean ICMP echo request message to a host and expects to a host and expects an ICMP echo reply an ICMP echo reply messagemessage to be returned. to be returned.
““PingPing”” supports a set of options which can be supports a set of options which can be used by anyone who wants to maintain, used by anyone who wants to maintain, investigate, and hack TCP/IP networks. investigate, and hack TCP/IP networks.
Using “Ping” to Observe Network Using “Ping” to Observe Network TrafficTraffic
ICMP Echo Request and Echo ReplyICMP Echo Request and Echo Reply
ARP Request/Reply and ARP CacheARP Request/Reply and ARP Cache
DNS Query and ResponseDNS Query and Response
IP Fragmentation and the “Don’t IP Fragmentation and the “Don’t Fragment” flagFragment” flag
Ethernet PaddingEthernet Padding
SummarySummary
TCP/IP Network ArchitectureTCP/IP Network Architecture
Client-Server ModelClient-Server Model
Naming and AddressingNaming and Addressing
TCP/UDP/IP/Ethernet Packet FormatTCP/UDP/IP/Ethernet Packet Format
Application Programming InterfacesApplication Programming Interfaces
Protocol AnalysisProtocol Analysis
TCPUDP
IP
SNMP
ping
tracert
IPsec
Mobile IP ARP
RARPPPP
DNS
telnetftp
IP QoS
HTTP
IP telephony
IP multicast
BSD socketWinsockJava socket
ICMPIPv4IPv6
SMTP
NTCIP
DHCP
POP3
Ethernet
WAP
GPRS
r-utility
ATM
MIB
WinPcapSLIP
SMS
Internet
internet
intranet
tester
administrator
OSPF
BGP MPLSRTP
WWW
Everything over IPEverything over IP
IP over EverythingIP over Everything
developer
ThanksThanksYouYou
Q & AQ & A