Internet Protocols

View previous topic View next topic Go down

Internet Protocols

Post  adnanbahrian on Fri Feb 27, 2009 8:37 am

Internet Protocols


The Internet protocols are the world's most popular open-system
(nonproprietary) protocol suite because they can be used to communicate
across any set of interconnected networks and are equally well suited
for LAN and WAN communications. The Internet protocols consist of a
suite of communication protocols, of which the two best known are the
Transmission Control Protocol (TCP) and the Internet Protocol (IP). The
Internet protocol suite not only includes lower-layer protocols (such
as TCP and IP), but it also specifies common applications such as
electronic mail, terminal emulation, and file transfer. This chapter
provides a broad introduction to specifications that comprise the
Internet protocols. Discussions include IP addressing and key
upper-layer protocols used in the Internet. Specific routing protocols
are addressed individually later in this document.

protocols were first developed in the mid-1970s, when the Defense
Advanced Research Projects Agency (DARPA) became interested in
establishing a packet-switched network that would facilitate
communication between dissimilar computer systems at research
institutions. With the goal of heterogeneous connectivity in mind,
DARPA funded research by Stanford University and Bolt, Beranek, and
Newman (BBN). The result of this development effort was the Internet
protocol suite, completed in the late 1970s.

later was included with Berkeley Software Distribution (BSD) UNIX and
has since become the foundation on which the Internet and the World
Wide Web (WWW) are based.

of the Internet protocols (including new or revised protocols) and
policies are specified in technical reports called Request For Comments
(RFCs), which are published and then reviewed and analyzed by the
Internet community. Protocol refinements are published in the new RFCs.
To illustrate the scope of the Internet protocols,
maps many of the protocols of the Internet protocol suite and their
corresponding OSI layers. This chapter addresses the basic elements and
operations of these and other key Internet protocols.

Figure 30-1 Internet protocols span the complete range of OSI model layers.

Internet Protocol (IP)

Internet Protocol (IP) is a network-layer (Layer 3) protocol that
contains addressing information and some control information that
enables packets to be routed. IP is documented in RFC 791 and is the
primary network-layer protocol in the Internet protocol suite. Along
with the Transmission Control Protocol (TCP), IP represents the heart
of the Internet protocols. IP has two primary responsibilities:
providing connectionless, best-effort delivery of datagrams through an
internetwork; and providing fragmentation and reassembly of datagrams
to support data links with different maximum-transmission unit (MTU)

IP Packet Format

An IP packet contains several types of information, as illustrated in .

Figure 30-2 Fourteen fields comprise an IP packet.

The following discussion describes the IP packet fields illustrated in :

Version—Indicates the version of IP currently used.

IP Header Length (IHL)—Indicates the datagram header length in 32-bit words.

how an upper-layer protocol would like a current datagram to be
handled, and assigns datagrams various levels of importance.

Total Length—Specifies the length, in bytes, of the entire IP packet, including the data and header.

Identification—Contains an integer that identifies the current datagram. This field is used to help piece together datagram fragments.

of a 3-bit field of which the two low-order (least-significant) bits
control fragmentation. The low-order bit specifies whether the packet
can be fragmented. The middle bit specifies whether the packet is the
last fragment in a series of fragmented packets. The third or
high-order bit is not used.

Fragment Offset—Indicates
the position of the fragment's data relative to the beginning of the
data in the original datagram, which allows the destination IP process
to properly reconstruct the original datagram.

a counter that gradually decrements down to zero, at which point the
datagram is discarded. This keeps packets from looping endlessly.

Protocol—Indicates which upper-layer protocol receives incoming packets after IP processing is complete.

Header Checksum—Helps ensure IP header integrity.

Source Address—Specifiesthe sendingnode.

Destination Address—Specifies the receiving node.

Options—Allows IP to support various options, such as security.

Data—Contains upper-layer information.

IP Addressing

As with any other network-layer
protocol, the IP addressing scheme is integral to the process of
routing IP datagrams through an internetwork. Each IP address has
specific components and follows a basic format. These IP addresses can
be subdivided and used to create addresses for subnetworks, as
discussed in more detail later in this chapter.

Each host on a TCP/IP network is
assigned a unique 32-bit logical address that is divided into two main
parts: the network number and the host number. The network number
identifies a network and must be assigned by the Internet Network
Information Center (InterNIC) if the network is to be part of the
Internet. An Internet Service Provider (ISP) can obtain blocks of
network addresses from the InterNIC and can itself assign address space
as necessary. The host number identifies a host on a network and is
assigned by the local network administrator.

IP Address Format

The 32-bit IP address is grouped eight bits at a time, separated by dots, and represented in decimal format (known as dotted decimal notation).
Each bit in the octet has a binary weight (128, 64, 32, 16, 8, 4, 2,
1). The minimum value for an octet is 0, and the maximum value for an
octet is 255. illustrates the basic format of an IP address.

Figure 30-3 An IP address consists of 32 bits, grouped into four octets.

IP Address Classes

IP addressing supports five different address classes: A, B,C, D, and
E. Only classes A, B, and C are available for commercial use. The
left-most (high-order) bits indicate the network class. provides reference information about the five IP address classes.

Table 30-1 Reference Information About the Five IP Address Classes

IP Address Class Format Purpose High-Order Bit(s) Address Range No. Bits Network/Host Max. Hosts



Few large organizations

0 to


167772142 (224 - 2)



Medium-size organizations

1, 0 to


65534 (216 - 2)



Relatively small organizations

1, 1, 0 to


254 (28 - 2)



Multicast groups (RFC 1112)

1, 1, 1, 0 to

N/A (not for commercial use)





1, 1, 1, 1 to



1 N = Network number, H = Host number.

2 One address is reserved for the broadcast address, and one address is reserved for the network.

illustrates the format of the commercial IP address classes. (Note the high-order bits in each class.)

Figure 30-4 IP address formats A, B, and C are available for commercial use.

The class of address can be determined easily by examining the first
octet of the address and mapping that value to a class range in the
following table. In an IP address of, for example, the first
octet is 172. Because 172 falls between 128 and 191, is a
Class B address. summarizes the range of possible values for the first octet of each address class.

Figure 30-5 A range of possible values exists for the first octet of each address class.


Posts : 262
Join date : 2009-02-24

View user profile

Back to top Go down

Internet Protocols- Part 2

Post  adnanbahrian on Fri Feb 27, 2009 8:38 am

IP Subnet Addressing

IP networks can be divided into smaller networks called subnetworks (or
subnets). Subnetting provides the network administrator with several
benefits, including extra flexibility, more efficient use of network
addresses, and the capability to contain broadcast traffic (a broadcast
will not cross a router).

Subnets are under local
administration. As such, the outside world sees an organization as a
single network and has no detailed knowledge of the organization's
internal structure.

A given network address can be
broken up into many subnetworks. For example,,,, and are all subnets within network
(All 0s in the host portion of an address specifies the entire

IP Subnet Mask

A subnet address is created by
"borrowing" bits from the host field and designating them as the subnet
field. The number of borrowed bits varies and is specified by the
subnet mask. shows how bits are borrowed from the host address field to create the subnet address field.

Figure 30-6 Bits are borrowed from the host address field to create the subnet address field.

Subnet masks use the same format and representation technique as IP
addresses. The subnet mask, however, has binary 1s in all bits
specifying the network and subnetwork fields, and binary 0s in all bits
specifying the host field. illustrates a sample subnet mask.

Figure 30-7 A sample subnet mask consists of all binary 1s and 0s.

Subnet mask bits should come from the high-order (left-most) bits of the host field, as
illustrates. Details of Class B and C subnet mask types follow. Class A
addresses are not discussed in this chapter because they generally are
subnetted on an 8-bit boundary.

Figure 30-8 Subnet mask bits come from the high-order bits of the host field.

Various types of subnet masks exist for Class B and C subnets.

default subnet mask for a Class B address that has no subnetting is, while the subnet mask for a Class B address
that specifies eight bits of subnetting is The reason
for this is that eight bits of subnetting or 28 - 2 (1 for the network address and 1 for the broadcast address) = 254 subnets possible, with 28 - 2 = 254 hosts per subnet.

The subnet mask for a Class C address that specifies five
bits of subnetting is five bits available for
subnetting, 25 - 2 = 30 subnets possible, with
23 - 2 = 6 hosts per subnet.

The reference charts shown in table 30-2 and table 30-3 can be used
when planning Class B and C networks to determine the required number
of subnets and hosts, and the appropriate subnet mask.

Table 30-2 Class B Subnetting Reference Chart

Number of Bits Subnet Mask Number of Subnets Number of Hosts








































Table 30-3 Class C Subnetting Reference Chart

Number of Bits

Subnet Mask

Number of Subnets

Number of Hosts
















Posts : 262
Join date : 2009-02-24

View user profile

Back to top Go down

Internet Protocols - Part 3

Post  adnanbahrian on Fri Feb 27, 2009 8:40 am

How Subnet Masks are Used to Determine the Network Number

The router performs a set process to determine the network (or more
specifically, the subnetwork) address. First, the router extracts the
IP destination address from the incoming packet and retrieves the
internal subnet mask. It then performs a logical AND
operation to obtain the network number. This causes the host portion of
the IP destination address to be removed, while the destination network
number remains. The router then looks up the destination network number
and matches it with an outgoing interface. Finally, it forwards the
frame to the destination IP address. Specifics regarding the logical
AND operation are discussed in the following section.

Logical AND Operation

Three basic rules govern logically "ANDing" two binary numbers. First,
1 "ANDed" with 1 yields 1. Second, 1 "ANDed" with 0 yields 0. Finally,
0 "ANDed" with 0 yields 0. The truth table provided in table 30-4
illustrates the rules for logical AND operations.

Table 30-4 Rules for Logical AND Operations

Input Input Output













Two simple guidelines exist for
remembering logical AND operations: Logically "ANDing" a 1 with a 1
yields the original value, and logically "ANDing" a 0 with any number
yields 0.

illustrates that when a logical AND of the destination IP address and
the subnet mask is performed, the subnetwork number remains, which the
router uses to forward the packet.

Figure 30-9 Applying a logical AND the destination IP address and the subnet mask produces the subnetwork number.

Address Resolution Protocol (ARP) Overview

two machines on a given network to communicate, they must know the
other machine's physical (or MAC) addresses. By broadcasting Address
Resolution Protocols (ARPs), a host can dynamically discover the
MAC-layer address corresponding to a particular IP network-layer

After receiving a MAC-layer address, IP devices create an ARP cache to
store the recently acquired IP-to-MAC address mapping, thus avoiding
having to broadcast ARPS when they want to recontact a device. If the
device does not respond within a specified time frame, the cache entry
is flushed.

addition to the Reverse Address Resolution Protocol (RARP) is used to
map MAC-layer addresses to IP addresses. RARP, which is the logical
inverse of ARP, might be used by diskless workstations that do not know
their IP addresses when they boot. RARP relies on the presence of a
RARP server with table entries of MAC-layer-to-IP address mappings.

Internet Routing

routing devices traditionally have been called gateways. In today's
terminology, however, the term gateway refers specifically to a device
that performs application-layer protocol translation between devices.
Interior gateways refer to devices that perform these protocol
functions between machines or networks under the same administrative
control or authority, such as a corporation's internal network. These
are known as autonomous systems. Exterior gateways perform protocol
functions between independent networks.

Routers within the Internet are
organized hierarchically. Routers used for information exchange within
autonomous systems are called interior routers, which use a variety of
Interior Gateway Protocols (IGPs) to accomplish this purpose. The
Routing Information Protocol (RIP) is an example of an IGP.

that move information between autonomous systems are called exterior
routers. These routers use an exterior gateway protocol to exchange
information between autonomous systems. The Border Gateway Protocol
(BGP) is an example of an exterior gateway protocol.

Note Specific routing protocols, including BGP and RIP, are addressed in individual chapters presented in Part 6 later in this book.

IP Routing

routing protocols are dynamic. Dynamic routing calls for routes to be
calculated automatically at regular intervals by software in routing
devices. This contrasts with static routing, where routers are
established by the network administrator and do not change until the
network administrator changes them.

An IP routing table, which consists of destination address/next hop
pairs, is used to enable dynamic routing. An entry in this table, for
example, would be interpreted as follows: to get to network,
send the packet out Ethernet interface 0 (E0).

IP routing specifies that IP
datagrams travel through internetworks one hop at a time. The entire
route is not known at the onset of the journey, however. Instead, at
each stop, the next destination is calculated by matching the
destination address within the datagram with an entry in the current
node's routing table.

node's involvement in the routing process is limited to forwarding
packets based on internal information. The nodes do not monitor whether
the packets get to their final destination, nor does IP provide for
error reporting back to the source when routing anomalies occur. This
task is left to another Internet protocol, the Internet Control-Message
Protocol (ICMP), which is discussed in the following section.

Internet Control Message Protocol (ICMP)

The Internet Control Message Protocol (ICMP)
is a network-layer Internet protocol that provides message packets to
report errors and other information regarding IP packet processing back
to the source. ICMP is documented in RFC 792.

ICMP Messages

generate several kinds of useful messages, including Destination
Unreachable, Echo Request and Reply, Redirect, Time Exceeded, and
Router Advertisement and Router Solicitation. If an ICMP message cannot
be delivered, no second one is generated. This is to avoid an endless
flood of ICMP messages.

When an
ICMP destination-unreachable message is sent by a router, it means that
the router is unable to send the package to its final destination. The
router then discards the original packet. Two reasons exist for why a
destination might be unreachable. Most commonly, the source host has
specified a nonexistent address. Less frequently, the router does not
have a route to the destination.

messages include four basic types: network unreachable, host
unreachable, protocol unreachable, and port unreachable. Network-unreachable messages usually mean that a failure has occurred in the routing or addressing of a packet. Host-unreachable messages usually indicates delivery failure, such as a wrong subnet mask. Protocol-unreachable messages generally mean that the destination does not support the upper-layer protocol specified in the packet. Port-unreachable messages imply that the TCP socket or port is not available.

An ICMP echo-request message, which is generated by the ping command,
is sent by any host to test node reachability across an internetwork.
The ICMP echo-reply message indicates that the node can be successfully

ICMP Redirect message is sent by the router to the source host to
stimulate more efficient routing. The router still forwards the
original packet to the destination. ICMP redirects allow host routing
tables to remain small because it is necessary to know the address of
only one router, even if that router does not provide the best path.
Even after receiving an ICMP Redirect message, some devices might
continue using the less-efficient route.

ICMP Time-exceeded message is sent by the router if an IP packet's
Time-to-Live field (expressed in hops or seconds) reaches zero. The
Time-to-Live field prevents packets from continuously circulating the
internetwork if the internetwork contains a routing loop. The router
then discards the original packet.

ICMP Router-Discovery Protocol (IDRP)

uses Router-Advertisement and Router-Solicitation messages to discover
the addresses of routers on directly attached subnets. Each router
periodically multicasts Router-Advertisement messages from each of its
interfaces. Hosts then discover addresses of routers on directly
attached subnets by listening for these messages. Hosts can use
Router-Solicitation messages to request immediate advertisements rather
than waiting for unsolicited messages.

IRDP offers several advantages
over other methods of discovering addresses of neighboring routers.
Primarily, it does not require hosts to recognize routing protocols,
nor does it require manual configuration by an administrator.

enable hosts to discover the existence of neighboring routers, but not
which router is best to reach a particular destination. If a host uses
a poor first-hop router to reach a particular destination, it receives
a Redirect message identifying a better choice.

Transmission Control Protocol (TCP)

provides reliable transmission of data in an IP environment. TCP
corresponds to the transport layer (Layer 4) of the OSI reference
model. Among the services TCP provides are stream data transfer,
reliability, efficient flow control, full-duplex operation, and

With stream data transfer,
TCP delivers an unstructured stream of bytes identified by sequence
numbers. This service benefits applications because they do not have to
chop data into blocks before handing it off to TCP. Instead, TCP groups
bytes into segments and passes them to IP for delivery.

TCP offers reliability by providing connection-oriented, end-to-end
reliable packet delivery through an internetwork. It does this by
sequencing bytes with a forwarding acknowledgment number that indicates
to the destination the next byte the source expects to receive. Bytes
not acknowledged within a specified time period are retransmitted. The
reliability mechanism of TCP allows devices to deal with lost, delayed,
duplicate, or misread packets. A time-out mechanism allows devices to
detect lost packets and request retransmission.

TCP offers efficient flow
control, which means that, when sending acknowledgments back to the
source, the receiving TCP process indicates the highest sequence number
it can receive without overflowing its internal buffers.

Full-duplex operation means that TCP processes can both send and receive at the same time.

Finally, TCP's multiplexing means
that numerous simultaneous upper-layer conversations can be multiplexed
over a single connection.

TCP Connection Establishment

To use
reliable transport services, TCP hosts must establish a
connection-oriented session with one another. Connection establishment
is performed by using a "three-way handshake" mechanism.

A three-way handshake synchronizes both ends of a connection by
allowing both sides to agree upon initial sequence numbers. This
mechanism also guarantees that both sides are ready to transmit data
and know that the other side is ready to transmit as well. This is
necessary so that packets are not transmitted or retransmitted during
session establishment or after session termination.

Each host randomly chooses a
sequence number used to track bytes within the stream it is sending and
receiving. Then, the three-way handshake proceeds in the following

The first
host (Host A) initiates a connection by sending a packet with the
initial sequence number (X) and SYN bit set to indicate a connection
request. The second host (Host B) receives the SYN, records the
sequence number X, and replies by acknowledging the SYN (with an ACK =
X + 1). Host B includes its own initial sequence number (SEQ = Y). An
ACK = 20 means the host has received bytes 0 through 19 and expects
byte 20 next. This technique is called forward acknowledgment.
Host A then acknowledges all bytes Host B sent with a forward
acknowledgment indicating the next byte Host A expects to receive (ACK
= Y + 1). Data transfer then can begin.

Positive Acknowledgment and Retransmission (PAR)

A simple
transport protocol might implement a reliability-and-flow-control
technique where the source sends one packet, starts a timer, and waits
for an acknowledgment before sending a new packet. If the
acknowledgment is not received before the timer expires, the source
retransmits the packet. Such a technique is called positive acknowledgment and retransmission (PAR).

By assigning each packet a sequence number, PAR enables hosts to track
lost or duplicate packets caused by network delays that result in
premature retransmission. The sequence numbers are sent back in the
acknowledgments so that the acknowledgments can be tracked.

PAR is an
inefficient use of bandwidth, however, because a host must wait for an
acknowledgment before sending a new packet, and only one packet can be
sent at a time.

Posts : 262
Join date : 2009-02-24

View user profile

Back to top Go down

Internet Protocols - Part 4

Post  adnanbahrian on Fri Feb 27, 2009 8:40 am

TCP Sliding Window

A TCP sliding window
provides more efficient use of network bandwidth than PAR because it
enables hosts to send multiple bytes or packets before waiting for an

In TCP, the receiver specifies the current window size in every packet.
Because TCP provides a byte-stream connection, window sizes are
expressed in bytes. This means that a window is the number of data
bytes that the sender is allowed to send before waiting for an
acknowledgment. Initial window sizes are indicated at connection setup,
but might vary throughout the data transfer to provide flow control. A
window size of zero, for instance, means "Send no data."

In a TCP sliding-window operation, for example, the sender might have a
sequence of bytes to send (numbered 1 to 10) to a receiver who has a
window size of five. The sender then would place a window around the
first five bytes and transmit them together. It would then wait for an

The receiver would respond with
an ACK = 6, indicating that it has received bytes 1 to 5 and is
expecting byte 6 next. In the same packet, the receiver would indicate
that its window size is 5. The sender then would move the sliding
window five bytes to the right and transmit bytes 6 to 10. The receiver
would respond with an ACK = 11, indicating that it is expecting
sequenced byte 11 next. In this packet, the receiver might indicate
that its window size is 0 (because, for example, its internal buffers
are full). At this point, the sender cannot send any more bytes until
the receiver sends another packet with a window size greater than 0.

TCP Packet Format

illustrates the fields and overall format of a TCP packet.

Figure 30-10 Twelve fields comprise a TCP packet.

TCP Packet Field Descriptions

The following descriptions summarize the TCP packet fields illustrated in :

Source Port and Destination Port—Identifies points at which upper-layer source and destination processes receive TCP services.

Sequence Number—Usually
specifies the number assigned to the first byte of data in the current
message. In the connection-establishment phase, this field also can be
used to identify an initial sequence number to be used in an upcoming

Acknowledgment Number—Contains the sequence number of the next byte of data the sender of the packet expects to receive.

Data Offset—Indicates the number of 32-bit words in the TCP header.

Reserved—Remains reserved for future use.

a variety of control information, including the SYN and ACK bits used
for connection establishment, and the FIN bit used for connection

Window—Specifies the size of the sender's receive window (that is, the buffer space available for incoming data).

Checksum—Indicates whether the header was damaged in transit.

Urgent Pointer—Points to the first urgent data byte in the packet.

Options—Specifies various TCP options.

Data—Contains upper-layer information.

User Datagram Protocol (UDP)

The User
Datagram Protocol (UDP) is a connectionless transport-layer protocol
(Layer 4) that belongs to the Internet protocol family. UDP is
basically an interface between IP and upper-layer processes. UDP
protocol ports distinguish multiple applications running on a single
device from one another.

Unlike the TCP, UDP adds no reliability, flow-control, or
error-recovery functions to IP. Because of UDP's simplicity, UDP
headers contain fewer bytes and consume less network overhead than TCP.

UDP is useful in situations where
the reliability mechanisms of TCP are not necessary, such as in cases
where a higher-layer protocol might provide error and flow control.

UDP is the transport protocol for
several well-known application-layer protocols, including Network File
System (NFS), Simple Network Management Protocol (SNMP), Domain Name
System (DNS), and Trivial File Transfer Protocol (TFTP).

The UDP packet format contains four fields, as shown in . These include source and destination ports, length, and checksum fields.

Figure 30-11 A UDP packet consists of four fields.

and destination ports contain the 16-bit UDP protocol port numbers used
to demultiplex datagrams for receiving application-layer processes. A
length field specifies the length of the UDP header and data. Checksum provides an (optional) integrity check on the UDP header and data.

Internet Protocols Application-Layer Protocols

The Internet protocol suite includes many application-layer protocols
that represent a wide variety of applications, including the following:

File Transfer Protocol (FTP)—Moves files between devices

Simple Network-Management Protocol (SNMP)—Primarily reports anomalous network conditions and sets network threshold values

Telnet—Serves as a terminal emulation protocol

X Windows—Serves as a distributed windowing and graphics system used for communication between X terminals and UNIX workstations

Network File System (NFS), External Data Representation (XDR), and Remote Procedure Call (RPC)—Work together to enable transparent access to remote network resources

Simple Mail Transfer Protocol (SMTP)—Provides electronic mail services

Domain Name System (DNS)—Translates the names of network nodes into network addresses

lists these higher-layer protocols and the applications that they support.

Table 30-5 Higher-Layer Protocols and Their Applications

Application Protocols

File transfer


Terminal emulation


Electronic mail


Network management


Distributed file services

NFS, XDR, RPC, X Windows


Posts : 262
Join date : 2009-02-24

View user profile

Back to top Go down

Re: Internet Protocols

Post  Sponsored content

Sponsored content

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

Permissions in this forum:
You cannot reply to topics in this forum