C H A P TER

30

Internet Protocols
Background
The Internet protocols are the worlds most popular open-system (nonproprietary) protocol suite because they can be used to communicate across any set of interconnected networks and are equally well suited for LAN and WAN communications. The Internet protocols consist of a suite of communication protocols, of which the two best known are the Transmission Control Protocol (TCP) and the Internet Protocol (IP). The Internet protocol suite not only includes lower-layer protocols (such as TCP and IP), but it also species common applications such as electronic mail, terminal emulation, and le transfer. This chapter provides a broad introduction to specications that comprise the Internet protocols. Discussions include IP addressing and key upper-layer protocols used in the Internet. Specic routing protocols are addressed individually in Part 6, Routing Protocols. Internet protocols were rst developed in the mid-1970s, when the Defense Advanced Research Projects Agency (DARPA) became interested in establishing a packet-switched network that would facilitate communication between dissimilar computer systems at research institutions. With the goal of heterogeneous connectivity in mind, DARPA funded research by Stanford University and Bolt, Beranek, and Newman (BBN). The result of this development effort was the Internet protocol suite, completed in the late 1970s. TCP/IP later was included with Berkeley Software Distribution (BSD) UNIX and has since become the foundation on which the Internet and the World Wide Web (WWW) are based. Documentation of the Internet protocols (including new or revised protocols) and policies are specied in technical reports called Request For Comments (RFCs), which are published and then reviewed and analyzed by the Internet community. Protocol renements are published in the new RFCs. To illustrate the scope of the Internet protocols, Figure 30-1 maps many of the protocols of the Internet protocol suite and their corresponding OSI layers. This chapter addresses the basic elements and operations of these and other key Internet protocols.

Internet Protocols 30-1

Internet Protocol (IP)

Figure 30-1

Internet protocols span the complete range of OSI model layers.

OSI Reference Model

Internet Protocol Suite

Application

NFS

Presentation

FTP, Telnet, SMTP, SNMP

XDR

Session

RPC

Transport

TCP, UDP

Network

Routing Protocols

IP ARP, RARP

ICMP

Link Not Specified

ith2801

Physical

Internet Protocol (IP)

The Internet Protocol (IP) is a network-layer (Layer 3) protocol that contains addressing information and some control information that enables packets to be routed. IP is documented in RFC 791 and is the primary network-layer protocol in the Internet protocol suite. Along with the Transmission Control Protocol (TCP), IP represents the heart of the Internet protocols. IP has two primary responsibilities: providing connectionless, best-effort delivery of datagrams through an internetwork; and providing fragmentation and reassembly of datagrams to support data links with different maximum-transmission unit (MTU) sizes.

IP Packet Format
An IP packet contains several types of information, as illustrated in Figure 30-2.

30-2

Internetworking Technology Overview, June 1999

IP Packet Format

Figure 30-2

Fourteen elds comprise an IP packet.

32 bits

Version

IHL

Type-of-service

Total length

Identification

Flags

Fragment offset

Time-to-live

Protocol

Header checksum

Source address

Destination address

Options (+ padding)

The following discussion describes the IP packet elds illustrated in Figure 30-2:

VersionIndicates the version of IP currently used. IP Header Length (IHL)Indicates the datagram header length in 32-bit words. Type-of-ServiceSpecies how an upper-layer protocol would like a current datagram to be handled, and assigns datagrams various levels of importance. Total LengthSpecies the length, in bytes, of the entire IP packet, including the data and header. IdenticationContains an integer that identies the current datagram. This eld is used to help piece together datagram fragments. FlagsConsists of a 3-bit eld of which the two low-order (least-signicant) bits control fragmentation. The low-order bit species whether the packet can be fragmented. The middle bit species whether the packet is the last fragment in a series of fragmented packets. The third or high-order bit is not used. Fragment OffsetIndicates the position of the fragments data relative to the beginning of the data in the original datagram, which allows the destination IP process to properly reconstruct the original datagram. Time-to-LiveMaintains a counter that gradually decrements down to zero, at which point the datagram is discarded. This keeps packets from looping endlessly. ProtocolIndicates which upper-layer protocol receives incoming packets after IP processing is complete. Header ChecksumHelps ensure IP header integrity. Source AddressSpecies the sending node. Destination AddressSpecies the receiving node.
Internet Protocols 30-3

S2539

Data (variable)

Internet Protocol (IP)

IP Addressing

OptionsAllows IP to support various options, such as security. DataContains upper-layer information.

As with any other network-layer protocol, the IP addressing scheme is integral to the process of routing IP datagrams through an internetwork. Each IP address has specic components and follows a basic format. These IP addresses can be subdivided and used to create addresses for subnetworks, as discussed in more detail later in this chapter. Each host on a TCP/IP network is assigned a unique 32-bit logical address that is divided into two main parts: the network number and the host number. The network number identies a network and must be assigned by the Internet Network Information Center (InterNIC) if the network is to be part of the Internet. An Internet Service Provider (ISP) can obtain blocks of network addresses from the InterNIC and can itself assign address space as necessary. The host number identies a host on a network and is assigned by the local network administrator.

IP Address Format
The 32-bit IP address is grouped eight bits at a time, separated by dots, and represented in decimal format (known as dotted decimal notation). Each bit in the octet has a binary weight (128, 64, 32, 16, 8, 4, 2, 1). The minimum value for an octet is 0, and the maximum value for an octet is 255. Figure 30-3 illustrates the basic format of an IP address.
Figure 30-3 An IP address consists of 32 bits, grouped into four octets.
32 Bits

Network

Host

8 Bits Dotted Decimal Notation 172

8 Bits

8 Bits

8 Bits

16

122

204

IP Address Classes
IP addressing supports ve different address classes: A, B,C, D, and E. Only classes A, B, and C are available for commercial use. The left-most (high-order) bits indicate the network class. Table 30-1 provides reference information about the ve IP address classes.

30-4

Internetworking Technology Overview, June 1999

IP Address Classes

Table 30-1

Reference Information About the Five IP Address Classes

IP Addre ss Class A B C D E
1 2

Format N.H.H.H1 N.N.H.H N.N.N.H N/A N/A

Purpose Few large organizations Medium-size organizations Relatively small organizations Multicast groups (RFC 1112) Experimental

High-Or der Bit(s) 0 1, 0 1, 1, 0 1, 1, 1, 0 1, 1, 1, 1

Address Range 1.0.0.0 to 126.0.0.0 128.1.0.0 to 191.254.0.0 192.0.1.0 to 223.255.254.0 224.0.0.0 to 239.255.255.255 240.0.0.0 to 254.255.255.255

No. Bits Network/Host 7/24 14/16 22/8 N/A (not for commercial use) N/A

Max. Hosts 16,777, 2142 (224 2) 65, 543 (216 2) 245 (28 2) N/A N/A

N = Network number, H = Host number. One address is reserved for the broadcast address, and one address is reserved for the network.

Figure 30-4 illustrates the format of the commercial IP address classes. (Note the high-order bits in each class.)
Figure 30-4 No. Bits 7 IP address formats A, B, and C are available for commercial use. 24

Class A

Network

Host

Host

Host

128 64 32 16 8 4 2 1 14 Class B 1 0 Network Network Host 16 Host

21

1 1 0

Network

The class of address can be determined easily by examining the rst octet of the address and mapping that value to a class range in the following table. In an IP address of 172.31.1.2, for example, the rst octet is 172. Because 172 falls between 128 and 191, 172.31.1.2 is a Class B address. Figure 30-5 summarizes the range of possible values for the rst octet of each address class.

Internet Protocols 30-5

24143

Class C

Network

Network

Host

Internet Protocol (IP)

Figure 30-5

A range of possible values exists for the rst octet of each address class.

Address Class

First Octet in Decimal

High-Order Bits

Class A Class B Class C Class D Class E

1 126 128 191 192 223 224 239 240 254

0 10 110 1110 1111

24144

IP Subnet Addressing
IP networks can be divided into smaller networks called subnetworks (or subnets). Subnetting provides the network administrator with several benets, including extra exibility, more efcient use of network addresses, and the capability to contain broadcast trafc (a broadcast will not cross a router). Subnets are under local administration. As such, the outside world sees an organization as a single network and has no detailed knowledge of the organizations internal structure. A given network address can be broken up into many subnetworks. For example, 172.16.1.0, 172.16.2.0, 172.16.3.0, and 172.16.4.0 are all subnets within network 171.16.0.0. (All 0s in the host portion of an address species the entire network.)

IP Subnet Mask
A subnet address is created by borrowing bits from the host eld and designating them as the subnet eld. The number of borrowed bits varies and is specied by the subnet mask. Figure 30-6 shows how bits are borrowed from the host address eld to create the subnet address eld.

30-6

Internetworking Technology Overview, June 1999

IP Address Classes

Figure 30-6

Bits are borrowed from the host address eld to create the subnet address eld.
Class B Address: Before Subnetting

Network

Network

Host

Host

Network

Network

Subnet

Host

Class B Address: After Subnetting

Subnet masks use the same format and representation technique as IP addresses. The subnet mask, however, has binary 1s in all bits specifying the network and subnetwork elds, and binary 0s in all bits specifying the host eld. Figure 30-7 illustrates a sample subnet mask.
Figure 30-7 A sample subnet mask consists of all binary 1s and 0s.

Network Binary representation

Network

Subnet

Host

11111111

11111111

11111111

00000000

Dotted decimal representation

255

255

255

Subnet mask bits should come from the high-order (left-most) bits of the host eld, as Figure 30-8 illustrates. Details of Class B and C subnet mask types follow. Class A addresses are not discussed in this chapter because they generally are subnetted on an 8-bit boundary.

Internet Protocols 30-7

24145

Internet Protocol (IP)

Figure 30-8 128 64

Subnet mask bits come from the high-order bits of the host eld. 32 16 8 4 2 1

1 1 1 1 1 1 1 1

0 1 1 1 1 1 1 1

0 0 1 1 1 1 1 1

0 0 0 1 1 1 1 1

0 0 0 0 1 1 1 1

0 0 0 0 0 1 1 1

0 0 0 0 0 0 1 1

0 0 0 0 0 0 0 1

= = = = = = = =

128 192 224 240 248 252 254 255

24146

Various types of subnet masks exist for Class B and C subnets. The default subnet mask for a Class B address that has no subnetting is 255.255.0.0, while the subnet mask for a Class B address 171.16.0.0 that species eight bits of subnetting is 255.255.255.0. The reason for this is that eight bits of subnetting or 28 2 (1 for the network address and 1 for the broadcast address) = 254 subnets possible, with 28 2 = 254 hosts per subnet. The subnet mask for a Class C address 192.168.2.0 that specifies five bits of subnetting is 255.255.255.248.With five bits available for subnetting, 25 2 = 30 subnets possible, with 23 2 = 6 hosts per subnet. The reference charts shown in table 302 and table 303 can be used when planning Class B and C networks to determine the required number of subnets and hosts, and the appropriate subnet mask.
Table 30-2 Class B Subnetting Reference Chart

Number of Bits 2 3 4 5 6 7 8 9 10 11 12 30-8

Subnet Mask 255.255.192.0 255.255.224.0 255.255.240.0 255.255.248.0 255.255.252.0 255.255.254.0 255.255.255.0 255.255.255.128 255.255.255.192 255.255.255.224 255.255.255.240

Number of Subnets 2 6 14 30 62 126 254 510 1022 2046 4094

Number of Hosts 16382 8190 4094 2046 1022 510 254 126 62 30 14

Internetworking Technology Overview, June 1999

IP Address Classes

Number of Bits 13 14 Table 30-3

Subnet Mask 255.255.255.248 255.255.255.252

Number of Subnets 8190 16382

Number of Hosts 6 2

Class C Subnetting Reference Chart

Number of Bits 2 3 4 5 6

Subnet Mask 255.255.255.192 255.255.255.224 255.255.255.240 255.255.255.248 255.255.255.252

Number of Subnets 2 6 14 30 62

Number of Hosts 62 30 14 6 2

How Subnet Masks are Used to Determine the Network Number

The router performs a set process to determine the network (or more specically, the subnetwork) address. First, the router extracts the IP destination address from the incoming packet and retrieves the internal subnet mask. It then performs a logical AND operation to obtain the network number. This causes the host portion of the IP destination address to be removed, while the destination network number remains. The router then looks up the destination network number and matches it with an outgoing interface. Finally, it forwards the frame to the destination IP address. Specics regarding the logical AND operation are discussed in the following section.

Logical AND Operation

Three basic rules govern logically ANDing two binary numbers. First, 1 ANDed with 1 yields 1. Second, 1 ANDed with 0 yields 0. Finally, 0 ANDed with 0 yields 0. The truth table provided in table 304 illustrates the rules for logical AND operations.
Table 30-4 Rules for Logical AND Operations

Input 1 1 0 0

Input 1 0 1 0

Output 1 0 0 0

Two simple guidelines exist for remembering logical AND operations: Logically ANDing a 1 with a 1 yields the original value, and logically ANDing a 0 with any number yields 0. Figure 30-9 illustrates that when a logical AND of the destination IP address and the subnet mask is performed, the subnetwork number remains, which the router uses to forward the packet.

Internet Protocols 30-9

Internet Routing

Figure 30-9

Applying a logical AND the destination IP address and the subnet mask produces the subnetwork number. Network Subnet Host

Destination IP Address

171.16.1.2

10101011

00010000

00000001

00000010

Subnet Mask

255.255.255.0

11111111 10101011 171

11111111 00010000 16

11111111 00000001 1

00000000 00000000
24147

Address Resolution Protocol (ARP) Overview

For two machines on a given network to communicate, they must know the other machines physical (or MAC) addresses. By broadcasting Address Resolution Protocols (ARPs), a host can dynamically discover the MAC-layer address corresponding to a particular IP network-layer address. After receiving a MAC-layer address, IP devices create an ARP cache to store the recently acquired IP-to-MAC address mapping, thus avoiding having to broadcast ARPS when they want to recontact a device. If the device does not respond within a specied time frame, the cache entry is ushed. In addition to the Reverse Address Resolution Protocol (RARP) is used to map MAC-layer addresses to IP addresses. RARP, which is the logical inverse of ARP, might be used by diskless workstations that do not know their IP addresses when they boot. RARP relies on the presence of a RARP server with table entries of MAC-layer-to-IP address mappings.

Internet Routing
Internet routing devices traditionally have been called gateways. In todays terminology, however, the term gateway refers specically to a device that performs application-layer protocol translation between devices. Interior gateways refer to devices that perform these protocol functions between machines or networks under the same administrative control or authority, such as a corporations internal network. These are known as autonomous systems. Exterior gateways perform protocol functions between independent networks. Routers within the Internet are organized hierarchically. Routers used for information exchange within autonomous systems are called interior routers, which use a variety of Interior Gateway Protocols (IGPs) to accomplish this purpose. The Routing Information Protocol (RIP) is an example of an IGP. Routers that move information between autonomous systems are called exterior routers. These routers use an exterior gateway protocol to exchange information between autonomous systems. The Border Gateway Protocol (BGP) is an example of an exterior gateway protocol.
Note Specic routing protocols, including BGP and RIP, are addressed in individual chapters

presented in Part 6 later in this book.

30-10

Internetworking Technology Overview, June 1999

IP Routing

IP Routing
IP routing protocols are dynamic. Dynamic routing calls for routes to be calculated automatically at regular intervals by software in routing devices. This contrasts with static routing, where routers are established by the network administrator and do not change until the network administrator changes them. An IP routing table, which consists of destination address/next hop pairs, is used to enable dynamic routing. An entry in this table, for example, would be interpreted as follows: to get to network 172.31.0.0, send the packet out Ethernet interface 0 (E0). IP routing species that IP datagrams travel through internetworks one hop at a time. The entire route is not known at the onset of the journey, however. Instead, at each stop, the next destination is calculated by matching the destination address within the datagram with an entry in the current nodes routing table. Each nodes involvement in the routing process is limited to forwarding packets based on internal information. The nodes do not monitor whether the packets get to their nal destination, nor does IP provide for error reporting back to the source when routing anomalies occur. This task is left to another Internet protocol, the Internet Control-Message Protocol (ICMP), which is discussed in the following section.

Internet Control Message Protocol (ICMP)

The Internet Control Message Protocol (ICMP) is a network-layer Internet protocol that provides message packets to report errors and other information regarding IP packet processing back to the source. ICMP is documented in RFC 792.

ICMP Messages
ICMPs generate several kinds of useful messages, including Destination Unreachable, Echo Request and Reply, Redirect, Time Exceeded, and Router Advertisement and Router Solicitation. If an ICMP message cannot be delivered, no second one is generated. This is to avoid an endless ood of ICMP messages. When an ICMP destination-unreachable message is sent by a router, it means that the router is unable to send the package to its nal destination. The router then discards the original packet. Two reasons exist for why a destination might be unreachable. Most commonly, the source host has specied a nonexistent address. Less frequently, the router does not have a route to the destination. Destination-unreachable messages include four basic types: network unreachable, host unreachable, protocol unreachable, and port unreachable. Network-unreachable messages usually mean that a failure has occurred in the routing or addressing of a packet. Host-unreachable messages usually indicates delivery failure, such as a wrong subnet mask. Protocol-unreachable messages generally mean that the destination does not support the upper-layer protocol specied in the packet. Port-unreachable messages imply that the TCP socket or port is not available. An ICMP echo-request message, which is generated by the ping command, is sent by any host to test node reachability across an internetwork. The ICMP echo-reply message indicates that the node can be successfully reached. An ICMP Redirect message is sent by the router to the source host to stimulate more efcient routing. The router still forwards the original packet to the destination. ICMP redirects allow host routing tables to remain small because it is necessary to know the address of only one router, even if that router does not provide the best path. Even after receiving an ICMP Redirect message, some devices might continue using the less-efcient route.
Internet Protocols 30-11

Transmission Control Protocol (TCP)

An ICMP Time-exceeded message is sent by the router if an IP packets Time-to-Live eld (expressed in hops or seconds) reaches zero. The Time-to-Live eld prevents packets from continuously circulating the internetwork if the internetwork contains a routing loop. The router then discards the original packet.

ICMP Router-Discovery Protocol (IDRP)

IDRP uses Router-Advertisement and Router-Solicitation messages to discover the addresses of routers on directly attached subnets. Each router periodically multicasts Router-Advertisement messages from each of its interfaces. Hosts then discover addresses of routers on directly attached subnets by listening for these messages. Hosts can use Router-Solicitation messages to request immediate advertisements rather than waiting for unsolicited messages. IRDP offers several advantages over other methods of discovering addresses of neighboring routers. Primarily, it does not require hosts to recognize routing protocols, nor does it require manual conguration by an administrator. Router-Advertisement messages enable hosts to discover the existence of neighboring routers, but not which router is best to reach a particular destination. If a host uses a poor rst-hop router to reach a particular destination, it receives a Redirect message identifying a better choice.

Transmission Control Protocol (TCP)

The TCP provides reliable transmission of data in an IP environment. TCP corresponds to the transport layer (Layer 4) of the OSI reference model. Among the services TCP provides are stream data transfer, reliability, efcient ow control, full-duplex operation, and multiplexing. With stream data transfer, TCP delivers an unstructured stream of bytes identied by sequence numbers. This service benets applications because they do not have to chop data into blocks before handing it off to TCP. Instead, TCP groups bytes into segments and passes them to IP for delivery. TCP offers reliability by providing connection-oriented, end-to-end reliable packet delivery through an internetwork. It does this by sequencing bytes with a forwarding acknowledgment number that indicates to the destination the next byte the source expects to receive. Bytes not acknowledged within a specied time period are retransmitted. The reliability mechanism of TCP allows devices to deal with lost, delayed, duplicate, or misread packets. A time-out mechanism allows devices to detect lost packets and request retransmission. TCP offers efcient ow control, which means that, when sending acknowledgments back to the source, the receiving TCP process indicates the highest sequence number it can receive without overowing its internal buffers. Full-duplex operation means that TCP processes can both send and receive at the same time. Finally, TCPs multiplexing means that numerous simultaneous upper-layer conversations can be multiplexed over a single connection.

TCP Connection Establishment

To use reliable transport services, TCP hosts must establish a connection-oriented session with one another. Connection establishment is performed by using a three-way handshake mechanism. A three-way handshake synchronizes both ends of a connection by allowing both sides to agree upon initial sequence numbers. This mechanism also guarantees that both sides are ready to transmit data and know that the other side is ready to transmit as well. This is necessary so that packets are not transmitted or retransmitted during session establishment or after session termination.
30-12 Internetworking Technology Overview, June 1999

Positive Acknowledgment and Retransmission (PAR)

Each host randomly chooses a sequence number used to track bytes within the stream it is sending and receiving. Then, the three-way handshake proceeds in the following manner: The rst host (Host A) initiates a connection by sending a packet with the initial sequence number (X) and SYN bit set to indicate a connection request. The second host (Host B) receives the SYN, records the sequence number X, and replies by acknowledging the SYN (with an ACK = X + 1). Host B includes its own initial sequence number (SEQ = Y). An ACK = 20 means the host has received bytes 0 through 19 and expects byte 20 next. This technique is called forward acknowledgment. Host A then acknowledges all bytes Host B sent with a forward acknowledgment indicating the next byte Host A expects to receive (ACK = Y + 1). Data transfer then can begin.

Positive Acknowledgment and Retransmission (PAR)

A simple transport protocol might implement a reliability-and-ow-control technique where the source sends one packet, starts a timer, and waits for an acknowledgment before sending a new packet. If the acknowledgment is not received before the timer expires, the source retransmits the packet. Such a technique is called positive acknowledgment and retransmission (PAR). By assigning each packet a sequence number, PAR enables hosts to track lost or duplicate packets caused by network delays that result in premature retransmission. The sequence numbers are sent back in the acknowledgments so that the acknowledgments can be tracked. PAR is an inefcient use of bandwidth, however, because a host must wait for an acknowledgment before sending a new packet, and only one packet can be sent at a time.

TCP Sliding Window

A TCP sliding window provides more efcient use of network bandwidth than PAR because it enables hosts to send multiple bytes or packets before waiting for an acknowledgment. In TCP, the receiver species the current window size in every packet. Because TCP provides a byte-stream connection, window sizes are expressed in bytes. This means that a window is the number of data bytes that the sender is allowed to send before waiting for an acknowledgment. Initial window sizes are indicated at connection setup, but might vary throughout the data transfer to provide ow control. A window size of zero, for instance, means Send no data. In a TCP sliding-window operation, for example, the sender might have a sequence of bytes to send (numbered 1 to 10) to a receiver who has a window size of ve. The sender then would place a window around the rst ve bytes and transmit them together. It would then wait for an acknowledgment. The receiver would respond with an ACK = 6, indicating that it has received bytes 1 to 5 and is expecting byte 6 next. In the same packet, the receiver would indicate that its window size is 5. The sender then would move the sliding window ve bytes to the right and transmit bytes 6 to 10. The receiver would respond with an ACK = 11, indicating that it is expecting sequenced byte 11 next. In this packet, the receiver might indicate that its window size is 0 (because, for example, its internal buffers are full). At this point, the sender cannot send any more bytes until the receiver sends another packet with a window size greater than 0.

Internet Protocols 30-13

Transmission Control Protocol (TCP)

TCP Packet Format

Figure 30-10 illustrates the elds and overall format of a TCP packet.
Figure 30-10 Twelve elds comprise a TCP packet.

Source port

Destination port

Sequence number

Acknowledgment number

Data offset

Reserved

Flags

Window

Checksum

Urgent pointer

Options (+ padding)

TCP Packet Field Descriptions

The following descriptions summarize the TCP packet elds illustrated in Figure 30-10:

30-14

Source Port and Destination PortIdenties points at which upper-layer source and destination processes receive TCP services. Sequence NumberUsually species the number assigned to the rst byte of data in the current message. In the connection-establishment phase, this eld also can be used to identify an initial sequence number to be used in an upcoming transmission. Acknowledgment NumberContains the sequence number of the next byte of data the sender of the packet expects to receive. Data OffsetIndicates the number of 32-bit words in the TCP header. ReservedRemains reserved for future use. FlagsCarries a variety of control information, including the SYN and ACK bits used for connection establishment, and the FIN bit used for connection termination. WindowSpecies the size of the senders receive window (that is, the buffer space available for incoming data). ChecksumIndicates whether the header was damaged in transit. Urgent PointerPoints to the rst urgent data byte in the packet. OptionsSpecies various TCP options. DataContains upper-layer information.

Internetworking Technology Overview, June 1999

S1344a

Data (variable)

User Datagram Protocol (UDP)

User Datagram Protocol (UDP)

The User Datagram Protocol (UDP) is a connectionless transport-layer protocol (Layer 4) that belongs to the Internet protocol family. UDP is basically an interface between IP and upper-layer processes. UDP protocol ports distinguish multiple applications running on a single device from one another. Unlike the TCP, UDP adds no reliability, ow-control, or error-recovery functions to IP. Because of UDPs simplicity, UDP headers contain fewer bytes and consume less network overhead than TCP. UDP is useful in situations where the reliability mechanisms of TCP are not necessary, such as in cases where a higher-layer protocol might provide error and ow control. UDP is the transport protocol for several well-known application-layer protocols, including Network File System (NFS), Simple Network Management Protocol (SNMP), Domain Name System (DNS), and Trivial File Transfer Protocol (TFTP). The UDP packet format contains four elds, as shown in Figure 30-11. These include source and destination ports, length, and checksum elds.
Figure 30-11 A UDP packet consists of four elds. 32 Bits

Source Port

Destination Port

Source and destination ports contain the 16-bit UDP protocol port numbers used to demultiplex datagrams for receiving application-layer processes. A length eld species the length of the UDP header and data. Checksum provides an (optional) integrity check on the UDP header and data.

Internet Protocols Application-Layer Protocols

The Internet protocol suite includes many application-layer protocols that represent a wide variety of applications, including the following:

File Transfer Protocol (FTP)Moves les between devices Simple Network-Management Protocol (SNMP)Primarily reports anomalous network conditions and sets network threshold values TelnetServes as a terminal emulation protocol X WindowsServes as a distributed windowing and graphics system used for communication between X terminals and UNIX workstations Network File System (NFS), External Data Representation (XDR), and Remote Procedure Call (RPC)Work together to enable transparent access to remote network resources Simple Mail Transfer Protocol (SMTP)Provides electronic mail services Domain Name System (DNS)Translates the names of network nodes into network addresses

Table 30-5 lists these higher-layer protocols and the applications that they support.
Internet Protocols 30-15

24148

Length

Checksum

Internet Protocols Application-Layer Protocols

Table 30-5

Higher-Layer Protocols and Their Applications

Application File transfer Terminal emulation Electronic mail Network management Distributed le services

Protocols FTP Telnet SMTP SNMP NFS, XDR, RPC, X Windows

30-16

Internetworking Technology Overview, June 1999