bellevue university cis 351 osi and tcp/ip. topics comparison of osi and tcp/ip models local area...

Bellevue University

CIS 351

OSI and TCP/IP

Topics

• Comparison of OSI and TCP/IP Models

• Local Area Networking using Ethernet and TCP/IP

• Ethernet

• The TCP/IP Protocol Stack

The OSI Reference Model

Application

Presentation

Session

Transport

Network

Data Link

Physical

TCP/IP

• Development was funded by US Government’s Advanced Research Projects Agency (ARPA) in 1960s and 1970s.

• Widely used protocol suite – Protocol of choice for the Internet and most operating systems

• Implementation parallels the OSI Model

The TCP/IP Model

Application

Transport

Internet

Network Interface

TCP/IP Protocol Suite• Transmission Control Protocol (TCP)• User Datagram Protocol (UDP)• Internet Protocol (IP)• Internet Control Message Protocol (ICMP)• Internet Group Management Protocol (IGMP)• Address Resolution Protocol (ARP)• TCP/IP Utilities

TCP/IP Layers

Application LayerApplication Layer

Transport LayerTransport LayerTransport LayerTransport Layer

Internet LayerInternet LayerInternet LayerInternet Layer

Network Interface LayerNetwork Interface LayerNetwork Interface LayerNetwork Interface Layer

Internet LayerIPIP ICMPICMP IGMPIGMP ARPARP

Network Interface Layer

EthernetEthernetATMATM

Transport LayerUDPUDPTCPTCP

Application Layer

FTPFTPHTTPHTTP

Ethernet

• Covers both Physical and Data link standards in ISO model

• Covers

• Uses CSMA/CD

• Handles communication at the link level

• Sends and receives frames

Ethernet (cont)

IEEE 802.3: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Access Method and Physical Layer Specifications– Physical layer specification– Frame Format– CSMA/CD Media Access Control (MAC)

mechanism

Physical Layer

• Star or bus topology

• RG8 or RG58 Coax, UTP, STP, or fiber optic cable

• Coax limited to 10 MBps

• UTP, STP, and fiber optic limited to 1GBps (currently)

100BaseT

• Most popular physical layer for Ethernet LANs

• Category 5 Unshielded Twisted Pair cable

• RJ-45 Connectors

• Star Topology - requires a hub or switch

Cat 5 UTP

Cable Connections

Pin# Color NIC Hub or Switch

1 Striped Orange Tx Rx

2 Solid Orange Tx Return Rx Return

3 Striped Green Rx Tx

4 Solid Blue Not Used Not Used

5 Striped Blue Not Used Not Used

6 Solid Green Rx Return Tx Return

7 Striped Brown Not Used Not Used

8 Solid Brown Not Used Not Used

The 5-4-3 Rule

• You may have five cable segments

• Connected by four repeaters

• No more than three segments can be of mixed types

Packet Terminology

Segment

Message

Datagram

Frame

TCP/IP Traffic From top to bottom

Internet layer dataEthernet header Ethernet footer

frame

Transport layer dataIP header

datagram

Application layer dataTCP header

message

Application layer data

segment

Ethernet Frame

Preamble

Start of Frame Delimiter

Destination Address

Source Address

Ethertype/Length

Data and Pad

Frame Check Sequence

Preamble

7 bytes of alternating ones and zeros used to synchronize clock signals with the incoming frame

Start of Frame Delimiter

A one byte field consisting of 6 ones and zeros followed by two consecutive ones. The ones signal that the bits to follow contain the start of the actual frame

Destination Address

A six byte field containing the hardware address of the destination end of the link

Source Address

A six byte field containing the address of the network interface adapter that generated the packet.

Addressing

• Six byte hardware address

• Unique to each Network Interface Card

• Consists of a three byte Organizationally Unique Identifier and three byte serial number

Organizationally Unique Identifier (OUI)

• First three bytes of the hardware address

• Identifies the company that manufactured the Network Interface

• Complete list can be found at:

http://standards.ieee.org/regauth/oui/oui.txt

Example

00-10-5A (hex) 3COM CORPORATION 00105A (base 16) 3COM CORPORATION 5400 BAYFRONT PLAZA MAILSTOP: 4220 SANTA CLARA CA 95052 UNITED STATES

Ethertype/Length

Contains the protocol type and length of the data field excluding any pad

Common Ethertype Values

0800 Internet Protocol

0805 X.25

0806 ARP

8035 RARP

809B AppleTalk on Ethernet

8137 Netware IPX

Data and Pad

• Contains the data passed down from the network layer protocol on the transmitting system

• Padding is used if the length of the data sent from the network layer is less than 46 bytes.

• The maximum length for the data field is 1500 bytes

Frame Check Sequence

• Four bytes of footer that contain a checksum of the entire packet.

• The transmitting computer calculates the checksum and stores it in the footer.

• The receiving computer recalculates the checksum and compares it to the stored checksum.

• Transmission is successful if both checksum values match

Internet Protocol (IP)

RouterRouterUDPTCP

IPIP ICMP IGMP ARP

Datagram (IP)

Source IP Address

Destination IP Address

Time To Live

Version IHL Total Length

Identification Flags

Protocol Header Checksum

Data

Options

IP Header

Type of Service

Fragment Offset

Some Common Protocol Numbers (RFC 791)

1 ICMP

2 IGMP

6 TCP

17 UDP

IP Addressing

• Uses a 32 bit binary address

• Address is expressed as group of four decimal numbers in the range of 0-255, separated by periods (also known as dots)

Classful IP Addressing

• IP Addresses

• IP Address Classes

IP Address Classes

ww xx yy zz

Class A Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID

Class B Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID

Class C Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID

Limitations of the Original IP Addressing Scheme

Wastes IP Addresses

Network of 2000 ComputersAssigned 65,534 IP Addresses

63,534Wasted

2000Allocated

Class B

ww xx yy zz

Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID

255255 0 0255255

Adds Multiple Entries to Routing Tables

Class C

ww xx yy zz

Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID0255255 255255 255255

192.168.1.0192.168.1.0

192.168.2.0192.168.2.0

192.168.3.0192.168.3.0

192.168.4.0192.168.4.0

192.168.5.0192.168.5.0

192.168.6.0192.168.6.0

192.168.7.0192.168.7.0

192.168.8.0192.168.8.0

Portion of Internet Routing Tables192.168.1.0 255.255.255.0 192.168.1.1192.168.2.0 255.255.255.0 192.168.2.1192.168.3.0 255.255.255.0 192.168.3.1192.168.4.0 255.255.255.0 192.168.4.1192.168.5.0 255.255.255.0 192.168.5.1192.168.6.0 255.255.255.0 192.168.6.1192.168.7.0 255.255.255.0 192.168.7.1192.168.8.0 255.255.255.0 192.168.8.1

Company Network IDsInternet

Solution: Classless Inter-Domain Routing (CIDR)

ww xx yy zz10.217.123.710.217.123.7

00001010 11011001 01111011 0000011100001010 11011001 01111011 00000111

IP Address in Dotted Decimal Notation

Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID

32 Values

4 Values

IP Address in Binary Notation

The Key to CIDR is the Subnet Mask

• Subnet Mask Bits

• CIDR Notation

• Calculating the Network ID

• Determining Local and Remote Hosts

Subnet Masks

• Determine which part of the IP address is the Network part and which is the host part

Example:

255.0.0.0

Network Host

Subnet Mask Bits

Network IDNetwork IDNetwork IDNetwork ID Host IDHost ID

111111 11 111111 11 111111 11 111111 11 111111 11 111111 11 000 0 000 0

ww xx yy zz 10 . 217 . 123 . 7 10 . 217 . 123 . 7

255 . 255 . 255 . 0 255 . 255 . 255 . 0

Binary RepresentationBinary RepresentationBinary RepresentationBinary Representation Decimal RepresentationDecimal RepresentationDecimal RepresentationDecimal Representation

1111111111111111 255255

1111111011111110 254254

1111110011111100 252252

1111100011111000 248248

1111000011110000 240240

1110000011100000 224224

1100000011000000 192192

1000000010000000 128128

0000000000000000 00

Using CIDR Notation to indicate the configuration of the subnet mask

IPAddress

Subnet Mask

Number of Subnet Mask Bits (ones)

IP Address in CIDR Notation

255 . 255 . 240 . 0255 . 255 . 240 . 0 255 . 255 . 240 . 0255 . 255 . 240 . 011111111 11111111 11110000 0000000011111111 11111111 11110000 00000000

10 . 217 . 123 . 710 . 217 . 123 . 7 10 . 217 . 123 . 710 . 217 . 123 . 700001010 11011001 01111011 0000011100001010 11011001 01111011 00000111

8 + 8 + 4 + 0 = 208 + 8 + 4 + 0 = 20

10.217.123.7/2010.217.123.7/2010.217.123.7/2010.217.123.7/20

Calculating the Network ID

IPAddress

Subnet Mask

NetworkID

Network ID in CIDR Notation 10.217.112.0/2010.217.112.0/2010.217.112.0/2010.217.112.0/20

255 . 255 . 240 . 0255 . 255 . 240 . 0 255 . 255 . 240 . 0255 . 255 . 240 . 011111111 11111111 11110000 0000000011111111 11111111 11110000 00000000

10 . 217 . 123 . 710 . 217 . 123 . 7 10 . 217 . 123 . 710 . 217 . 123 . 700001010 11011001 01111011 0000011100001010 11011001 01111011 00000111

00001010 11011001 01110000 0000000000001010 11011001 01110000 00000000

IP Address in CIDR Notation: 10.217.123.7/20

IP Address Classes

• Class A 0x.x.x.x

• Class B 10x.x.x.x

• Class C 110x.x.x.x

• Class D 1110x.x.x.x

Private Addresses(Non-routable over the Internet)

– 10.x.x.x Class A private IPs– 172.(16-31).x.x Class B private IPs– 192.168.x.x Class C private IPs– 169.254.x.x Automatic Private IP

(Microsoft)

Internet Control Message Protocol (ICMP)

UDPTCP

IP ICMPICMP IGMP ARP

RouterRouter

ICMP

• Network layer TCP/IP Protocol

• Described in RFC 792

• Carries informational queries and error messages

• Used by the ping command

Internet Group Management Protocol (IGMP)

UDPTCP

IP ICMP IGMPIGMP ARP

IGMP

• Network layer TCP/IP Protocol

• Described in RFC 2236

• Provides a way for an Internet computer to report its multicast group membership to adjacent routers

Address Resolution Protocol (ARP)

UDPTCP

IP ICMP IGMP ARPARP

BB

CC

AA

ARPCache

2

1

4

6

5

1. ARP cache is checked2. ARP request is sent3. ARP entry is added4. ARP reply is sent5. ARP entry is added6. IP packet is sent

ARPCache

3

Transmission Control Protocol (TCP)

IP ICMP IGMP ARP

UDPTCPTCP

TCP

• Connection oriented

• Transport layer protocol

• Uses port numbers

• Handles segments

Message (TCP)

Source IP Address

Sequence Number

Acknowledgement Number

Data Offset Reserved

Destination IP Address

Unused Protocol Length

Source Port Destination Port

Control Bits Window

Checksum Urgent Pointer

Data

Options

Pseudo- Header

TCP Header

Port numbers

• A unique number that relates to a service or protocol

• Assigned by the Internet Assigned Numbers Authority (IANA) and published in RFC 1700

• Contained in a file called SERVICES

Source Port

• 2 Bytes in length

• Identifies the process on the transmitting system that generated the information in the Data field

Destination Port

• 2 Bytes in length

• Identifies the process on the receiving system for which the information in the Data field is intended

Sequence Number

• 4 bytes

• Unique number that identifies the location of the data in this segment in relation to the entire sequence.

Acknowledgment

• Used for acknowledgment messages

• Specifies the sequence number of the next segment expected by the receiving system

Data Offset

• 4 Bits in length

• Specifies the number of 4 byte words in the TCO header

Reserved

• 6 Bits in length

• This field is not used

Control Bits

• 6 bits in length– URG set if segment contains urgent data– ACK set if acknowledgment message– PSH set to forward immediately– RST set to reset TCP configuration and discard

all segments– SYN set to synchronize sequence numbers– FIN set to terminate a TCP connection

Window

• 2 Bytes in length.

• Specifies how many bytes the computer is capable of accepting from the connected system.

Checksum

• 2 Bytes in length

• Contains the result of a cyclical redundancy check (CRC) performed by the transmitting system

• The CRC is recalculated at the receiving end and compared with the number in the checksum field

Urgent Pointer

• 2 Bytes in length

• When the urgent (URG) control bit is present, this field indicates which part of the data in the segment is urgent

Options

• Variable length field

• Contains information related to optional TCP connection configuration features.

Socket

• Composed of an IP address and TCP port number

Example: 216.115.102.79:80

User Datagram Protocol (UDP)

UDPUDPTCP

IP ICMP IGMP ARP

Identifying Applications

UDPUDPTCPTCP

FTPFTPHTTPHTTP

192.168.2.150192.168.2.150

FTP Server

HTTP Server

TCP Port 20, 21TCP Port 20, 21

TCP Port 80TCP Port 80

IP Address + TCP Port or UDP Port= Socket

TCP/IP Utilities

Server-basedSoftware

Diagnostic Utilities

Connectivity Utilities

FtpFtp

TelnetTelnet

TftpTftp

ArpArp

HostnameHostname

IpconfigIpconfig

NbstatNbstat

NetstatNetstat

PingPing

TracertTracert

TCP/IP Printing Service

TCP/IP Printing Service

Internet InformationServices

Internet InformationServices

Data Flow

UDPUDPTCPTCP

FTPFTPHTTPHTTP

IPIP ICMPICMP IGMPIGMP ARPARP

EthernetEthernetATMATM

UDPUDPTCPTCP

FTPFTPHTTPHTTP

IPIP ICMPICMP IGMPIGMP ARPARP

EthernetEthernetATMATM

Data

ApplicationApplication

DataFTPFTPHTTPHTTP

TransportTransport

Data

UDPUDPTCPTCP

FTPFTPHTTPHTTP

InternetInternet

Data

UDPUDPTCPTCP

IPIP ICMPICMP IGMPIGMP ARPARP

PreamblePreamble

Data

CRCCRC

IPIP ICMPICMP IGMPIGMP ARPARP

EthernetEthernetATMATM

Data

EthernetEthernetATMATM

Data

EthernetEthernetATMATM

Data

IPIP ICMPICMP IGMPIGMP ARPARP

EthernetEthernetATMATM

Data

UDPUDPTCPTCP

IPIP ICMPICMP IGMPIGMP ARPARP

Data

UDPUDPTCPTCP

FTPFTPHTTPHTTP

PreamblePreamble

Internet

Transport

Application

Data

CRCCRC

FTPFTPHTTPHTTP

The TCP/IP Model

Network Access

Internet

Application

Transport

Internet

Network Access

Application

Transport

Internet

Network Access

Sender Receiver

Router

Data link

TCP

IP

MAC

IP

MAC

Data link