Content Page No.

Unit I
Lesson 1. Introduction to Digital Communication
1.0 Aims and Objectives 1
1.1 Introduction to Data Communication 1
1.2 Classification of Computer Networks 2
1.3 Topology 4
1.4 Protocol 4
1.5 Internetworking Technologies 4
1.6 Let Us Sum Up 5
1.7 Lesson-end Activity 6
1.8 Points for Discussion 6
1.9 Check your Progress 6
1.10 Reference 7

Lesson 2. WAN Technology

2.0 Aims and Objectives 8
2.1 Introduction 8
2.2 WAN Networking Devices 8
2.3 WAN Protocols 10
2.4 Let us Sum Up 11
2.5 Lesson end Activities 12
2.6 Points for Discussion 12
2.7 Reference 12

Lesson 3. History about TCP/IP

3.0 Aims and Objectives 13
3.1 Introduction 13
3.2 Internet Society 14
3.3 Request For Comments (RFC) 14
3.4 Let Us Sum Up 15
3.5 Lesson End Activities 15
3.6 Points for Discussion 15
3.7 Check your progress 16
3.8 Reference 16

Lesson 4. TCP/IP layer Architecture

4.0 Aims and Objectives 17
4.1 Introduction 17
4.2 Internet Architecture 17
4.3 TCP/IP layer Architecture 18
4.4 Let us Sum Up 22
4.5 Lesson end Activities 23
4.6 Points for Discussion 23
4.7 Check your progress 23
4.8 Reference 23

Lesson 5. Network Interface

5.0 Aims and Objectives 24
5.1 Introduction 24
5.2 Network Interface Card 24
5.3 Cable Type and Specification Type 26
5.4 Other Protocols 27
5.5 Let us Sum Up 28
5.6 Lesson end Activities 28
5.7 Points for Discussion 28
5.8 Check you Progress 28
5.9 Reference 29

Unit II
Lesson 6. IP Addressing Scheme
6.0 Aims and Objectives 30
6.1 Introduction 30
6.2 Classful Address 31
6.3 Special Address 33
6.4 Classless Inter-Domain Routing (CIDR) 34
6.5 Multihoming 35
6.6 Let us Sum Up 35
6.7 Lesson end Activities 36
6.8 Points for Discussion 36
6.9 Check your progress 36
6.10 Reference 36

Lesson 7. ARP & RARP

7.0 Aims and Objectives 37
7.1 Introduction 37
7.2 Address Resolution Protocol (ARP) 37
7.3 Reverse Address Resolution Protocol (RARP) 42
7.4 let us Sum Up 44
7.5 Lesson end Activities 45
7.6 Points for Discussion 45
7.7 Check your progress 45
7.8 Reference 45

Lesson 8. Subnet Address and Multicast Address

8.0 Aims and Objectives 46
8.1 Introduction 46
8.2 Subnet Mask 47
8.3 Multicast Addressing 48
8.4 Let us Sum up 50
8.5 Lesson end Activities 51
8.6 Points for Discussion 51
8.7 Check your progress 51
8.8 Reference 51

Lesson 9. Bootstrap and DHCP protocol

9.0 Aims and Objectives 52
9.1 Introduction 52
9.2 DHCP 52
9.3 Let Us Sum Up 54
9.4 Lesson and Activities 54
9.5 Points for Discussion 54
9.6 Check your progress 54
9.7 Reference 54

Lesson 10. Domain Name Service (DNS)

10.0 Aims and Objectives 55
10.1 Introduction 55
10.2 DNS protocol 57
10.3 Let us Sum Up 61
10.4 Lesson end Activities 61
10.5 Points for Discussion 61
10.6 Check Your Progress 61
10.7 Reference 61

Unit III
Lesson 11. Internet Protocol (IP)
11.0 Aims and Objectives 62
11.1 Introduction 62
11.2 Datagrams 62
11.3 Let us Sum Up 65
11.4 Lesson end Activities 65
11.5 Points for Discussion 65
11.6 Check your Progress 65
11.7 Reference 65

Lesson 12. The Internet Control Message Protocol (ICMP)

12.0 Aims and Objectives 66
12.1 Introduction 66
12.2. ICMP 66
12.3 ICMP Messages 68
12.4 Let us Sum Up 73
12.5 Lesson end Activities 73
12.6 Points for Discussion 73
12.7 Check your progress 73
12.8 Reference 73

Lesson 13. Fragmentation and Reassembly

13. 0 Aims and Objectives 74

13.1 Introduction 74
13.2 Fragmentation and Defragmentation 74
13.3 Let us Sum Up 76
13.4 Lesson end Activities 76
13.5 Points for Discussion 76
13.6 Check your Progress 76
13.7 Reference 77

Lesson 14. Routing

14.0 Aims and Objectives 78
14.1 Introduction 78
14.2 Routing 79
14.3 Routing Protocol Vs Routed Protocol 79
14.4 Types of routing table entries 80
14.5 Classification of routing table 80
14.6 Let us Sum Up 82
14.7 Lesson end Activities 83
14.8 Points for Discussion 83
14.9 Check your Progress 83
14.10 Reference 83

Lesson 15. Distance Vector Protocol and Link State Routing Protocols

15.0 Aims and Objectives 84

15.1 Introduction 84
15.2 Distance Vector Routing Protocols 84
15.3 Link State Routing Protocols 85
15.4 Routing Information Protocol (RIP) 85
15.5 Open Shortest Path First (OSPF) 86
15.6 Let us Sum Up 87
15.7 Lesson end Activities 87
15.8 Points for Discussion 87
15.9 Check your Progress 88
15.10 Reference 88
Unit IV
Lesson 16. TCP and UDP Data Structures
16.0 Aims and Objectives 89
16.1 Introduction 89
16.2 TCP Data Structures 89
16.3 UDP Data Structures 92
16.4 Let us Sum Up 93
16.5 Lesson end Activities 94
16.6 Points for Discussion 94
16.7 Check your Progress 94
16.8 Reference 95

Lesson 17. TCP Finite State Machine

17.0 Aims and Objectives 96
17.1 Introduction 96
17.2 Algorithm for TCP state machine 96
17.3 TCP finite state machine 97
17.4 Let us Sum Up 98
17.5 Lesson end Activities 98
17.6 Points for Discussion 98
17.7 Check your progress 98
17.8 Reference 98

Lesson 18. TCP Connection Management

18.0 Aim and Objectives 99
18.1 Introduction 99
18.2 Connection Extablishment 99
18.3 Connection Release 100
18.4 Let us Sum Up 102
18.5 Lesson end Activities 102
18.6 Points for Discussion 102
18.7 Reference 102

Lesson 19. TCP Output Processing

19.0 Aims and Objectives 104
19.1 Introduction 104
19.2 Timer Management 104
19.3 Packet Loss and Retransmission 105
19.4 Adaptive Retransmission 106
19.5 Flow Control 107
19.6 TCP Keep-Alive Messages 108
19.7 Slow Start Algorithm and Congestion Avoidance 109
19.8 Silly Window Syndrome (SWS) 109
19.9 Nagle Algorithm 109
19.10 TCP Selective Acknowledgment 109
19.11 Let us Sum Up 110
19.12 Lesson and Activities 111
19.13 Points for Discussion 111
19.14 Check your Progress 111
19.15 Reference 111

Lesson 20. Socket Programming

20.0 Aims and Objectives 112
20.1 Introduction 112
20.2 Domain 112
20.3 Internet address conversion 113
20.4 Connection less (UDP) Communication 116
20.5 Connection oriented (TCP) Communication 116
20.6 Let us Sum Up 122
20.7 Lesson end Activities 125
20.8 Points for Discussion 125
20.9 Check your progress 125
20.10 Reference 125

Lesson 21. Application Layer

21.0 Aims and Objectives 126
21.1 Introduction 126
21.2 Telnet 127
21.3 Rlogin 133
21.4 Let us Sum Up 133
21.5 Lesson end Activities 134
21.6 Points for Discussion 134
21.7 Check your Progress 134
21.8 Reference 135

Lesson 22. File Transfer Protocol

22.0 Aims and Objectives 136
22.1 Introduction 136
22.2 File transfer protocol (FTP) 136
22.3 Trivial File Transfer protocol (TFTP) 140
22.4 Let us Sum Up 142
22.5 Lesson end Activities 143
22.6 Point for Discussion 143
22.7 Check your Progress 143
22.8 Reference 143

Lesson 23. Email

23.0 Aims and Objectives 144
23.1 Introduction 144
23.2 Electronic Mail Addresses Scheme 144
23.3 TCP/IP Standard for Electronic Mail Services 146
23.4 Simple Mail Transfer Protocol (SMTP) 146
23.5 Post Office Protocol (POP3) 149
23.6 Internet Message Access Protocol (IMAP) 149
23.7 Let us Sum Up 150
23.8 Lesson end Activities 152
23.9 Points for Discussion 152
23.10 Check your progress 152
23.11 Reference 152

Lesson 24. Network Management System

24.0 Aims and Objectives 153
24.1 Introduction 153
24.2 Simple Network Management Protocol 154
24.3 Let us Sum Up 157
24.4 Lesson and Activities 157
24.5 Point for Discussion 157
24.6 Check Your Progress 157
24.7 Reference 157

Lesson 25. X.25 Protocol

25.0 Aims and Objectives 158
25.1 Introduction 158
25.2 X.25 layers 158
25.3 Let us Sum Up 162
25.4 Lesson end Activities 162
25.5 Points for Discussion 162
25.6 Check Your Progress 162
25.7 Reference 163
 Unit I

Lesson 1. Introduction to Digital Communication

1.0 Aims and Objectives

1.2 Introduction to Data Communication
1.2 Classification of Computer Networks
1.3 Topology
1.4 Protocol
1.5 Internetworking Technologies
1.6 Let Us Sum Up
1.7 Lesson-end Activity
1.8 Points for Discussion
1.9 Check your Progress
1.10 References

1.0 Aims and Objectives

To learn the concepts which is essential for Computer Networks

1.1 Introduction to Data Communication

The term telecommunication means communication at a distance. The word data refers to
information presented in whatever form is agreed upon by the parties creating and using the data.
Data communications are the exchange of data between two devices via some form of
transmission medium such as a wire cable.

Computer Network

A network is a set of devices (often referred to as nodes) connected by communication

links. A node can be a computer, printer, or any other device capable of sending and/or receiving
data generated by other nodes on the network.

Software modules in one system are used to communicate with one or more software
modules in the distance System. Such interfaces across a distance are termed as “peer-to-peer”
interfaces; and the local interfaces are termed as “service” interfaces. The modules on each end
are organized as a sequence of functions called “layers”. The set of modules organized as layers
is also commonly called a “protocol stack”.
 Over the years, some layered models have been standardized. The ISO Open Systems
Interconnection (ISO/OSI) layered model has seven layers and was developed by a set of
committees under the auspices of International Standards Organization (ISO).

1.2 Classification of Computer Networks

Based on Transmission Mode

Transmission mode defines the direction of signal flow between two linked devices.
There are three types of transmission modes.

Simplex
In simplex mode, the communication is unidirectional. Among the stations only one can
transmit and the other can only receive.

Half-Duplex
In half-Duplex mode, the communication is bidirectional. In this both station can sent and
receive but not at the same time.

Full-Duplex
In Full-Duplex mode, both stations can transmit and receive simultaneously.

Based on Time in Transmission Type

Synchronous Transmission
In synchronous Transmission both the sender and the receiver use the same time cycle for
the transmission. We send bits one after another without start/stop bits or gaps. It is the
responsibility of the receiver to group the bits. Bit stream is delivered with a fixed delay
and given error rate. Each bit reaches the destination with the same time delay after
leaving the source.

Asynchronous Transmission
In Asynchronous Transmission we send one start bit at the beginning and one stop bit at
the end of each byte. There may be a gap between each byte. Bit stream is divided into
packets. Packets are received with varying delays, so packets can arrive out of order.
Some packets are not received correctly.

Based on Authentication

Peer to Peer Connection

In peer-to-peer networks, there are no dedicated servers. All the computers are
equal and, therefore, are termed as peers. Normally, each computer functions as both a
client and a server. No one can control the other computers.
 Server Based Connection

Most networks have a dedicated server. A dedicated server is a computer on a network

which functions as a server, and cannot be used as a client or a workstation. A dedicated
server is optimized to service requests from network clients. A server can control the
clients for its services.

Based on Geographical location

LAN (Local Area Network)

Networks which cover close geographical area. LAN used to link the devices in a single
office, building or campus. It provides high speeds over short distance. Systems are
connecting directly to Network. The LAN is owned by private people.

MAN (Metropolitan Area Network)

Metropolitan area network is an extension of local area network to spread over the city. It
may be a single network or a network in which more than one local area network can
share their resources.

WAN (Wide Area Network)

WAN spread over the world may be spread over more than one city country or continent.
Systems in this network are connected indirectly. Generally WAN network are slower
speed than LAN’s. The WAN network are owned or operated by network providers. If it
is owned by a single owner then it is called Enterprise network. Often these types have
combination of more than one topology.

Based on Reliability
Reliability is maintained by authentication.

Connection-oriented

This type of communication establishes a session connection before data can be sent.
This method is often called a "reliable" network service. It can guarantee that data will
arrive in the same order.

Connection less

This type of communication does not require a session connection between sender and
receiver for data transfer. The sender simply starts sending packets to the destination. A
connectionless network provides minimal services.
1.3 Topology
Topology refers to physical layout including computers, cables, and other resources; it
determines how components communicate with each other.

Today’s network designs are based on three topologies:

Bus consists of series of computers connected along a single cable segment
Star connects computers via central connection point or hub
Ring connects computers to form a loop

All computers, regardless of topology, communicate by addressing data to one or more

computers and transmitting it across cable as electronic signals. Data is broken into packets and
sent as electronic signals that travel on the cable. Only the computer to which the data is
addressed accepts it.

1.4 Protocol
Protocols mean set of rules. It is a formal description of message formats and the rules two or
more machines has follow to exchange messages. The key elements of a protocol are syntax,
semantics and timing.

Syntax
Syntax refers to the structure or format of the data, meaning the order in which they are
presented.

Semantics
Semantics refers to the meaning of each section of bits.

Timing
Timing refers to when data should be sent and how fast it can be sent.

1.5 Internetworking Technologies

Internetworking Technologies tell how the Internet accommodating multiple underlying

hardware technologies and how they are interconnected and formed the network, and set of
communication standard which the network used to interoperate.

The lowercase internet means multiple networks connected together, using a common
protocol suite. The uppercase Internet refers to the collection of hosts around the world that can
communicate with each other using TCP/IP. While the Internet is an internet, the reverse is not
true.
1.6 Let us Sum up

Data Communication

The term telecommunication means communication at a distance.

Computer Network

A network is a set of devices (often referred to as nodes) connected by communication

links.

Classification of Computer Networks

Based on Transmission Mode
Simplex
In simplex mode, the communication is unidirectional.
Half-Duplex
In half-Duplex mode, the communication is bidirectional.
Full-Duplex
In Full-Duplex mode, both stations can transmit and receive simultaneously.

Based on Transmission Mode

Synchronous Transmission
Each bit reaches the destination with the same time delay after leaving the source.
Asynchronous Transmission
Packets are received with varying delays, so packets can arrive out of order. Some
packets are not received correctly.

Based on Authentication
Peer to Peer Connection
In peer-to-peer networks, there are no dedicated servers. No one can control the other
computers.
Server Based Connection
A dedicated server is optimized to service requests from network clients. A server can
control the clients for its services.

Based on Geographical location

LAN (Local Area Network)
Networks which cover close geographical area
MAN (Metropolitan Area Network)
Metropolitan area network is an extension of local area network to spread over the city.
WAN (Wide Area Network)
WAN spread over the world may be spread over more than one city country or continent.
Based on Reliability
Connection-oriented
It can guarantee that data will arrive in the same order.

Connection less
This type of communication does not require a session connection between sender and
receiver for data transfer. The sender simply starts sending packets to the destination.

Topology
Topology refers to physical layout including computers, cables, and other resources
Bus consists of series of computers connected along a single cable segment
Star connects computers via central connection point or hub
Ring connects computers to form a loop

Protocol
Protocols mean set of rules
Syntax
Syntax refers to the structure or format of the data, meaning the order in which they are
presented.
Semantics
Semantics refers to the meaning of each section of bits.

Timing
Timing refers to when data should be sent and how fast it can be sent.

Internetworking Technologies

Network of Inter connected Networks.

1.7 Lesson-end Activities

1. What is telecommunication?
2. What is Computer Network?

1.8 Points for Discussion

1. What are the classifications of Computer Networks.?

1.9 Check you Progress

1. What is topology? Write short notes on different topology. What are the advantages and
disadvantages of this topology?
2. What is protocol? What are the elements of protocol?
1.10 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 2. WAN Technology

2.0 Aims and Objectives

2.1 Introduction
2.2 WAN Networking Devices
2.3 WAN Protocols
2.4 Let us Sum Up
2.5 Lesson end Activities
2.6 Points for Discussion
2.7 References

2.0 Aims and Objectives

To learn the devices which are used in WAN

To learn the Protocols which are used in WAN

2.1 Introduction

LAN (Local Area Network) network spread for close geographical area. It provides high
speeds over short distance. In this network all the systems must connect directly to network. In
WAN (Wide Area Network) the network can be far apart. In this network systems are connected
indirectly. This network generally slower speed than LAN’s.

Another way to connect networks is with a bridge. These connect networks at the link
layer, while routers connect networks at the network layer. Bridges makes multiple LANs appear
to the upper layers as a single LAN.

2.2 WAN Networking Devices

Repeaters

A repeater is a device that regenerates signals so that the signal can travel on addition
cable segments. They do not translate or filter data. Repeater is used to connect two networks
that use the same technology. It receives every data packet on each network, and retransmits it
onto the other network. The net result is that the two networks have exactly the same set of
packets on them.

Its primary purpose is to get around limitations in cable length caused by signal loss or
timing dispersion. For a repeater to function, both segments which the repeater joins must have
the same media access scheme, protocol and transmission technique.

Repeaters can move packets from one medium to another. Some multiport repeaters can
connect different types of media. Repeaters improve performance by dividing the network into
segments, thus reducing the number of computers per segment.
Bridge
Bridge is a device that can join two LANs. However, bridge can also divide an
overloaded network into separate networks, reducing the traffic on each segment and making
each network more efficient.

A bridge can link unlike physical media such as twisted-pair and coaxial Ethernet. It can
also link unlike network segments such as Ethernet and Token Ring.

A bridge can be installed internally or if the destination address is not listed in the routing
table, the bridge forwards the packets to all segments. Multiple bridges can be used to combine
several externally. Bridges are faster than routers because routers perform complex functions on
each packet.

Switches
Switches allow different nodes of a network to communicate directly with each other in a
smooth and efficient manner. Switches are divided into two types Store and Forward and Cut
Through. Store and Forward switches stores the details and forwarded to the respective system.
In the Cut through switches it just forward the details to the respective systems.

Routers
A router is a device used to connect networks that use different architectures and
protocols. They can switch and transfer information packets across multiple networks. This
process is called routing. They can determine the best path for sending data and filters broadcast
traffic, to the local segment. Routers cannot link to remote computers. They can read only
addressed network packets. Routers can link segments that use different data packaging and
media schemes.

Gateways
Gateways make communication possible between systems that use different
communication protocols, data formatting structures, languages and architectures. Gateways
repackage data going from one system to another. Gateways are usually dedicated servers on a
network and are task-specific.
2.3 WAN Protocols

Frame Relay

Frame relay is used to connect large number of sites in the network because it is
relatively inexpensive to do so. The service provider gives you a frame relay circuit and is
charged for the amount of data and the bandwidth you use as oppose to T1 circuit that charges
with a flat monthly rate whether you use partial bandwidth or the full bandwidth regardless.
Frame relay is a high performance WAN protocol that operates at the Data Link layer and the
Physical layer of the OSI model.

Integrated Services Digital Network (ISDN)

Integrated Services Digital Network (ISDN) is designed to run over existing telephone
networks. It can deliver end to end digital service carrying voice and data. ISDN operates at OSI
model, physical layer, data link layer and network layer. It can carry multimedia and graphics
with all other voice, data services. ISDN supports all upper layer protocols and you can choose
PPP, HDLC or LAPD as your encapsulation protocol. It has two offerings, Primary rate which is
23B+D channels. 23, 64 kbps and one 64kbps mainly used for signaling. The other is the Basic
Rate which has 2B+D channels two 64kbps and one 16kbps.

At data link layer ISDN supports two protocols; LAPB and LAPD. LAPB is used to
mainly transfer data from upper layers and has three types of frames. I-Frames carry upper layer
information and carries out sequencing, flow control, error detection and recovery. S- Frames
carry control information for the I-frame. LAPD provides an additional multiplexing function to
the upper layers enabling number of network entities to operate over a single physical access.
Each individual link procedure acts independently of others. The multiplex procedure combines
and distributes the data link channels according to the address information of the frame. Each
link is associated with a specific Service Access Point (SAP), which is identified in the part of
the address field.

High Level Data Link Control (HDLC)

High Level Data Link Control (HDLC) is a bit oriented data link layer frame protocol
that has many versions similar to LAP, LAPB, and LAPD. CISCO routers default encapsulation
is HDLC, but it is proprietary to CISCO.
Point to Point Protocol (PPP)

Point to Point Protocol (PPP) is a Data Link Layer protocol that can be used over ether
asynchronous (dial up) or synchronous (ISDN) lines. It uses Link Control Protocol (LCP) to
build and maintain data link connections. Included in PPP is the authentication protocols, PAP
and CHAP, and data compression. It supports IP, IPX, AppleTalk, DECnet and OSI/CLNS.

2.4 Let us Sum Up

WAN Networking Devices

Repeaters
A repeater is a device that regenerates signals so that the signal can travel on addition
cable segments.

Bridge
Bridge is a device that can join two LANs.

Switches
Switches allow different nodes of a network to communicate directly with each other in a
smooth and efficient manner.

Routers
A router is a device used to connect networks that use different architectures and
protocols.

Gateways
Gateways make communication possible between systems that use different
communication protocols, data formatting structures, languages and architectures.

WAN Protocols

Frame Relay

Frame relay is used to connect large number of sites in the network because it is
relatively inexpensive to do so. The service provider gives you a frame relay circuit and is
charged for the amount of data and the bandwidth you use as oppose to T1 circuit that charges
with a flat monthly rate whether you use partial bandwidth or the full bandwidth regardless.
Integrated Services Digital Network (ISDN)

Integrated Services Digital Network (ISDN) is designed to run over existing telephone
networks.

High Level Data Link Control (HDLC)

High Level Data Link Control (HDLC) is a bit oriented data link layer frame protocol
that has many versions similar to LAP, LAPB, and LAPD.

Point to Point Protocol (PPP)

Point to Point Protocol (PPP) is a Data Link Layer protocol that can be used over ether
asynchronous (dial up) or synchronous (ISDN) lines.

2.5 Lesson End Activities

1. When we need Repeater and when we need Bridge?

2. How the Gateway is different from the Router?

2.6 Points for Discussion

1. What is the difference between Switch and Hub?

2.7 Check Your Progress

Write short notes on

o Repeater
o Bridge
o Switch
o Router
o Gateways
o ISDN and HDLC

2.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 3. History about TCP/IP

3.0 Aims and Objectives

3.1 Introduction
3.2 Internet Society
3.3 Request For Comments (RFC)
3.4 Let Us Sum Up
3.5 Lesson End Activities
3.6 Points for Discussion
3.7 Check your progress
3.8 References

3.0 Aims and Objective

To learn the history about TCP/IP

3.1 Introduction

TCP/IP is a set of protocols developed to allow cooperating computers to share resources

across a network.

In 1969 the Defense Advanced research projects Agency (DARPA) funded a research
and development project to create an experimental packet switching network. This network is
called ARPANET. In 1975 the ARPANET was converted from an experimental network to an
operational network, and the responsibility for administering the network was given to the
Defense Communication Agency (DCA).

The TCP/IP protocols were adopted as Military Standards (MIL STD) in 1983, and all
hosts connected to the network were required to convert to the new protocols. DARPA funded to
implement TCP/IP in Berkely Unix.

In 1983, the old ARPANET was divided into MILNET and smaller ARPANET. The
Internet was used to refer to the entire network; MILNET and ARPANET.

Advantages of TCP/IP

Open protocol standards, freely available and developed independently from any specific
computer hardware or operating system. A common addressing scheme which is enable to
connect the most widely used networks. It may use any protocols. It connects dissimilar systems.
It provides client/server framework. It provides access to the Internet
Differences of the OSI and TCP/IP models

TCP/IP combines the presentation and session layer into its application layer. TCP/IP
combines the OSI data link and physical layers into one layer. TCP/IP appears simpler because it
has fewer layers. TCP/IP transport layer using UDP does not always guarantee reliable delivery
of packets as the transport layer in the OSI model does.

3.2 Internet Society

The Internet Society (ISOC) is a professional society to facilitate, support, and promote
the evolution and growth of the Internet as a global research communications infrastructure.

3.3 Request For Comments (RFC)

Documentation about TCP/IP protocols, standards, and policies are available in the on-
line repositories without any charge. The RFC series is numbered sequentially in the
chronological order RFCs are written.

Even though Internet is a common public one for organizing administrative activities they
have different committees. They are :

Internet Architecture Board (IAB)

The Internet Architecture Board (IAB) is the technical oversight and coordination body.
It is composed of about 15 international volunteers from various disciplines and serves as the
final editorial and technical review board for the quality of Internet standards. The IAB falls
under the ISOC.

Internet Engineering Task Force (IETF)

The Internet Engineering Task Force (IETF) is the near-term, standards-oriented group,
divided into nine areas (applications, routing and addressing, security, etc.). The IETF develops
the specifications that become Internet standards. An additional Internet Engineering Steering
Group (IESG) was formed to help the IETF chair.

Internet Research Task Force (IRTF)

The Internet Research Task Force (IRTF) pursues long-term research projects.
3.4 Let us Sum Up

In 1969 the Defense Advanced research projects Agency (DARPA) funded a research
and development project to create an experimental packet switching network. This network is
called ARPANET.

In 1983, the old ARPANET was divided into MILNET and smaller ARPANET. The
Internet was used to refer to the entire network; MILNET and ARPANET.

Request For Comments (RFC)

Documentation about TCP/IP protocols, standards, and policies are available in the on-
line repositories without any charge. The RFC series is numbered sequentially in the
chronological order RFCs are written.

Advantages of TCP/IP
A common addressing
It may use any protocols.
It connects dissimilar systems.
It provides client/server framework.
It provides access to the Internet

Internet Architecture Board (IAB)

The Internet Architecture Board (IAB) is the technical oversight and coordination body..

Internet Engineering Task Force (IETF)

The Internet Engineering Task Force (IETF) is the near-term, standards-oriented group,
divided into nine areas (applications, routing and addressing, security, etc.).

Internet Research Task Force (IRTF)

The Internet Research Task Force (IRTF) pursues long-term research projects.

3.5 Lesson end Activities

1. When the TCP/IP project started and by whom?

3.6 Points for Discussion

 1. What are the governing bodies involved in Internet Organisations?

3.7 Check your progress

1. What is the purpose of RFC?

2. Write the difference between OSI and TCP/IP layer.

3. How Internet is organized?

3.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 4. TCP/IP layer Architecture
4.0 Aims and Objectives
4.1 Introduction
4.2 Internet Architecture
4.3 TCP/IP layer Architecture
4.4 Let us Sum Up
4.5 Points for Discussion
4.6 Check your progress

4.0 Aims and Objectives

To learn the architecture and layer and their functions of TCP/IP

4.1 Introduction

Each layer contains logical groupings of functions that provide specific services for
facilitating a communication. A function, or a group of functions, making up a functional unit is
a logical entity that accepts one or more inputs (arguments) and produces a single output (value)
determined by the nature of the function. Functions can be grouped in a collective unit, which is
then defined as (N) layer having (N+1) layer an upper layer boundary and (N-1) layer as a lower
boundary. The N layer receives services from N-1 layer and provides services to N+1 layer.

4.2 Internet Architecture

A few stand-alone systems were collected together into a network. People are combining
multiple networks together into an internetwork, or an internet. An internet is a collection of
networks that all use the same protocol suite.

The easiest way to build an internet is to connect two or more networks with a router.
This is often a special-purpose hardware box for connecting networks. The following diagram
shows that two networks connected and form an Internet.

Figure 4.1 : Simple Internet

 Two computers, anywhere in the world, following certain hardware, software, protocol
specifications, can communicate, reliably even when not directly connected. LANs are no longer
scalable beyond a certain number of stations or geographic separation.

4.3 TCP/IP layer Architecture

There is no standard for layers in TCP/IP. Some refers as 5 layers including physical
layer and some may refer four layers. The four layered structure of TCP/IP is seen in the way
data is handled as it passes down the protocol stack from the Application Layer to the underlying
physical network. Each layer in the stack adds control information to ensure proper delivery.
This control information is called a header because it is placed in front of the data to be
transmitted. Each layer treats all of the information it received from the layer above as data and
places its own header in front of that information. The addition of delivery information at every
layer is called encapsulation. When data is received each layer strips off its header before passing
the data on to the layer above.

Each layer has its own data structures and terminology to describe that structure. In
application layer the TCP data is called stream where as in the UDP it is called message. In the
transport layer the data is called segment where as in the UDP it is called packet. In the Internet
layer both TCP and UDP data are called as datagrams. In the network access layer both TCP and
UDP data are called frame.

Application

Transport

Internet

Network A ccess

Figure 4.2 TCP/IP layers

Network Access layer

The TCP/IP Network Access layer can encompass the functions of all three lower layers
of the OSI References Model (Network, Data Link and Physical). As new hardware technologies
appear new Network Access protocols must be developed so that TCP/IP networks can use the
new hardware.

Functions

Addressing scheme

For this it provide a protocol called Address Resolution Protocol (ARP) defined
in the RFC 826..

Transmission of IP datagram over Ethernet network

This specifies how IP datagrams are encapsulated for transmission over Ethernet
networks.

Header Encapsulation

Figure 4.3 TCP/IP Encapsulation

 When an application sends data using TCP, the data is sent down the protocol stack,
through each layer, until it is sent as a stream of bits across the network. Each layer adds
information to the data by prepending headers (and sometimes adding trailer information) to the
data that it receives. Figure 1.4.3 shows this process. The unit of data that TCP sends to IP is
called a TCP segment. The unit of data that IP sends to the network interface is called an IP
datagram. The stream of bits that flows across the Ethernet is called a frame.

Internet layer

All TCP/IP communication data are flow through IP regardless of its final destination. It
provides basic packet delivery service. The important protocol in this layer is Internet Protocol
defined in RFC 791.

Function of Internet Protocol

Defining the datagram, this is the basic unit of transmission in the Internet.
Defining the Internet addressing scheme.
Routing datagrams to remote hosts
Performing fragmentation and reassembly of datagrams

IP is a connectionless protocol. IP does not exchange control information to establish an

end-to-end connection before transmitting data. It also called unreliable protocol because it
contains no error detection and recovery code.

Routing Datagrams

Gateways are devices that switch packets between the different physical networks.
Deciding which gateway to use is called routing. IP makes the routing decision for each
individual packet.

Internet gateways are commonly referred to IP routers because they use Internet Protocol
to route packets between networks.
 Host 1 Host 2

Application Application
Gateway 1 Gateway 2
Transport Transport

Internet Internet Internet Internet

Network Network Network Network

Network A Network B Network C

Figure 4.4 Routing Through Gateways

The uses of gateways are to forward packets. The hosts process packets through all four
protocol layers, while the gateways process the packets only up to the Internet layer where the
routing decisions are made.

Fragmenting datagrams

Datagrams may routed through different networks. Each type of network has a Maximum
Transmission Unit (MTU), which is the largest packet that it can transfer. If the datagram
received from one network may be too large to be transmitted in a single packet on a different
network. In this case, IP module in a gateway is to divide the datagram into smaller pieces.
This process is called fragmentation.

Transport layer

Transport Layer has two important protocols for connection oriented and connection less
services. They are TCP and UDP. TCP (Transmission Control Protocol) provides a connection-
oriented, reliable, byte stream service (RFC793). TCP is an independent, general purpose
protocol that can be adapted for use with delivery systems other than IP. A stream of 8-bit bytes
is exchanged across a TCP connection. UDP (User Datagram Protocol) is a simple, unreliable,
datagram-oriented, transport layer protocol (RFC768).
Application Layer

Top of the TCP/IP architecture layer is Application Layer. It contains collection of

services. Each service can be identified by their number called port number. Each service is
defined by separate protocol and has their separate RFC. Eg. FTP. Telnet

4.4 Let us Sum Up

TCP/IP layer Architecture

Network Access layer - Functions

Addressing scheme
Transmission of IP datagram over Ethernet network

Internet layer
Function of Internet Protocol
Defining the datagram, this is the basic unit of transmission in the Internet.
Defining the Internet addressing scheme.
Routing datagrams to remote hosts
Performing fragmentation and reassembly of datagrams
IP is a connectionless protocol

Routing Datagrams
Gateways are devices that switch packets between the different physical networks.
Deciding which gateway to use is called routing.

Fragmenting datagrams

Datagrams. Each type of network has a Maximum Transmission Unit (MTU), which is
the largest packet that it can transfer. If the datagram received from one network may be too
large to be transmitted in a single packet on a different network. In this case, IP module in a
gateway to divide the datagram into smaller pieces. This process is called fragmentation.

Transport layer

TCP (Transmission Control Protocol) provides a connection-oriented, reliable, byte

stream service. UDP (User Datagram Protocol) is a simple, unreliable, datagram-oriented,
transport layer protocol (RFC768).

Application Layer

Top of the TCP/IP architecture layer is Application Layer. It contains collection of

services.
4.5 Lesson end Activities

1. What is the purpose of Internet Architecture Board?

4.6 Points for Discussion

1. What is Header Encapsulation and Decapsulation?

4.7 Check your Progress

1. What are layers available in TCP/IP?

2. What is the function of Network layer?
3. What is the function of IP layer?
4. What is the function of Transport layer?

4.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 5. Network Interface

5.0 Aims and Objectives

5.1 Introduction
5.2 Network Interface Card
5.3 Cable type and Specification Type
5.4 Other Protocols
5.5 Let us Sum Up
5.6 Lesson end Activities
5.7 Points for Discussion
5.8 Check you Progress
5.9 References

5.0 Aims and Objectives

To learn about Network interface Device and their function

5.1 Introduction

The purpose of the network interface layer is it handles the details of the communication
media (Ethernet, token ring, etc.)

5.2 Network Interface Card

A network interface card is used to connect a computer to an Ethernet network. The card
(shown in the figure below) provides an interface to the media. This may be either using an
external transceiver (as shown) or through an internal integrated transceiver mounted on the
network interface card PCB. The card usually also contains the protocol control firmware and
Ethernet Controller needed to support the Medium Access Control (MAC) data link protocol.

Figure 5.1 Network Interface Card (NIC)

The Ethernet

Most of our networks these days use Ethernet also called Network Interface Card(NIC).
Ethernet has its own Addressing scheme. No two machines have the same Ethernet address. This
is a unique number issued by IEEE to the manufacturer. So each Ethernet controller comes with
an address built in from the factory. The address consists of 48 bits. First 24 bits represents the
vendor and next 24 bits represents the serial number of the NIC card. This hardware address is
used by the Media Access Control (MAC) layer of the Data Link layer to identify uniquely, the
LAN device, to the network layer.

Ethernet equipment manufacturers have to register with a central authority, to make sure
that the numbers they assign don't overlap any other manufacturer. Ethernet is a "broadcast
medium". When you send a packet out on the Ethernet, every machine on the network sees the
packet. So something is needed to make sure that the right machine gets it. Every Ethernet
packet has a 14-octet header that includes the source and destination Ethernet address, and a type
code.

Figure 5.2 Ethernet Data format

Each machine is supposed to pay attention only to packets with its own Ethernet address
in the destination field. Each machine has to have a table of what Ethernet address corresponds
to what Internet address. In addition to the addresses, the header contains a type code. The type
code is to allow for several different protocol families to be used on the same network. So you
can use TCP/IP, DECnet, Xerox NS, etc., at the same time. Each of them will put a different
value in the type field. Finally, there is a checksum. The Ethernet controller computes a
checksum of the entire packet. When the other end receives the packet, it recomputes the
checksum, and throws the packet away if the answer disagrees with the original. The checksum
is put on the end of the packet, not in the header.

The original Ethernet was developed as an experimental coaxial cable network in the 1970s
by Xerox Corporation to operate with a data rate of 3 Mbps using a carrier sense multiple access
collision detect (CSMA/CD) protocol for LANs with sporadic but occasionally heavy traffic
requirements.

IEEE Specification for Ethernet

– 802.3 Ethernet LAN specification
– 802.3u Fast Ethernet
– 802.3z Gigabit Ethernet

Ethernet card is an add on card which needed for the computers which connected to the
network. Computers which used as a stand alone system need not have Ethernet card. The
following figure shows the sample Ethernet card.

Figure 5.3 Ethernet Card

5.3 Cable type and Specification Type

Ethernet support different types of cables, each have their own specification and
transmission distance. These are given in the following table.
 S p e cific a tion C ab le T y p e M a x im u m len g th

1 0 B a se T U n sh ield ed T w isted P air 1 0 0 m eters

1 0 B a se 2 T h in C o ax ia l 1 8 5 m eters

1 0 B a se 5 T h ick C o ax ial 5 0 0 m eters

1 0 B a se F F ib er O p tic 2 0 0 0 m eters

1 0 0 B a se T U n sh ield ed T w isted P air 1 0 0 m eters

1 0 0 B a se T X U n sh ield ed T w isted P air 2 2 0 m eters

5.4 Other Protocols

Serial Line IP (SLIP)

SLIP stands for Serial Line IP. It is a simple form of encapsulation for IP datagrams on
serial lines, and is specified in RFC 1055. SLIP has become popular for connecting home
systems to the Internet, through the ubiquitous RS-232 serial port found on almost every
computer and high-speed modems.

Point-to-Point Protocol (PPP)

PPP, the Point-to-Point Protocol, corrects all the deficiencies in SLIP. PPP consists of
three components.

A way to encapsulate IP datagrams on a serial link. PPP supports either an asynchronous

link with 8 bits of data and no parity (i.e., the ubiquitous serial interface found on most
computers) or bit-oriented synchronous links.

A link control protocol (LCP) to establish, configure, and test the data-link connection.
This allows each end to negotiate various options.

A family of network control protocols (NCPs) specific to different network layer

protocols. RFCs currently exist for IP, the OSI network layer, DECnet, and AppleTalk. The IP
NCP, for example, allows each end to specify if it can perform header compression, similar to
CSLIP.

RFC 1548 [specifies the encapsulation method and the link control protocol. RFC 1332
specifies the network control protocol for IP.
Loopback Interface

Most implementations support a loopback interface that allows a client and server on the
same host to communicate with each other using TCP/IP. The class A network ID 127 is
reserved for the loopback interface. By convention, most systems assign the IP address of
127.0.0.1 to this interface and assign it the name localhost. An IP datagram sent to the
loopback interface must not appear on any network.

5.5 Let Us Sum Up

Network Interface Card

A network interface card is used to connect a computer to an Ethernet network. The card
(shown in the figure below) provides an interface to the media.

IEEE Specification for Ethernet

– 802.3 Ethernet LAN specification
– 802.3u Fast Ethernet
– 802.3z Gigabit Ethernet

Serial Line IP (SLIP)

SLIP stands for Serial Line IP. It is a simple form of encapsulation for IP datagrams on
serial lines

Loopback Interface

Most implementations support a loopback interface that allows a client and server on the
same host to communicate with each other using TCP/IP.

5.6 Lesson end Activities

Discuss different type of Cable types.

5.7 Points to Discussion

How Ethernet card is connected to the PC?

5.8 Check your progress

1. What is the purpose of Network Interface card?

2. How Ethernet is working?
 (or) Explain the functionality of Ethernet with a neat figure.
3. Write Short Notes on: a) SLIP, b) PPP

5.9 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Unit II

Lesson 6. IP Addressing Scheme

6.0 Aims and Objectives

6.1 Introduction
6.2 Classful Address
6.3 Special Address
6.4 Classless Inter-Domain Routing (CIDR)
6.5 Multihoming
6.6 Let us Sum Up
6.7 Lesson end Activities
6.8 Points for Discussion
6.9 Check your progress
6.10 References

6.0 Aims and Objectives

To learn the TCP/IP addressing schemes

6.1 Introduction

There are three types of IP addresses: unicast (destined for a single host), broadcast
(destined for all hosts on a given network), and multicast (destined for a set of hosts that belong
to a multicast group).

IP Addressing Scheme

 Universal Service - all computers on all physically different networks can communicate.
 Physical addresses - allow communication between computers on one network.
 The IP address - provides virtual addressing. The address is software controlled, whereas
the address for the network card is hardware based.

The IP addressing scheme is quite complex, and there have been many revisions to the IP
scheme. The IANA, InterNIC, and ARIN work together to subdivide and issue addresses for
Internet clients. You can subdivide addresses assigned by InterNIC. Routing tables can be
created manually and dynamically. IP addressing schemes allows for seamless integration
amongst heterogeneous networks. To send a packet, the destination IP address of the computer is
used not the hardware address. This allows for communication across networks.
 The IP address is 32 bits in length (IPv4) and contains sequence of 1s and 0s. The IP
addresses are divided into a prefix and suffix. The suffix is the host address. The prefix is the
network number. The address space of IPv4 is 232 or 4,294,967,296.

6.2 Classful Address

In classful addressing, the address space is divided into five classes: A, B, C, D, and E to
define large, medium, and small networks. The Class D address class was created to enable
multicasting. IETF reserves Class E addresses for its own research. To make the IP address
easier to use, the address is usually written as four decimal numbers separated by periods. This
way of writing the address is called the dotted decimal format.

Eg.

Numbers 0.0.0.0 through 255.255.255.255

It is much better than reading

10000001 00110100 00000110 00000000

Dotted-decimal notation and binary notation for an IPv4 address shown in the following
diagram:

Figure 6.1 Dotted decimal notation and binary notation

 Figure 6.2 Classes in binary and dotted-decimal notation

Dotted Decimal with Classes

 Class A:
 1 prefix octet (128 networks)
 3 suffix octets (16777216 hosts)
 Class B:
 2 prefix octets (16384 networks)
 2 suffix octets (65536 hosts)

 Class C:
 3 prefix octets (2097152 networks)
 1 suffix octet (256 hosts)

Number of blocks and block size in classful IPv4 addressing shown bellow:

Figure 6.3 Classful address block size

No two machines that connect to a public network can have the same IP address because
public IP addresses are global and standardized. A central authority exists for IP address
delegation. In the US, it’s ARIN – American Registry for Internet Numbers. People just can’t
arbitrarily use any IP network if their network is publicly accessible. That would lead to routing
conflicts.

Classful addressing, which is almost obsolete, is replaced with classless addressing. The
first address in a block is normally not assigned to any device; it is used as the network address
that represents the organization to the rest of the world.

The first address in the block can be found by setting the rightmost 32 − n bits to 0s. The
last address in the block can be found by setting the rightmost 32 − n bits to 1s. The number of
addresses in the block can be found by using the formula 232−n.

Private IP addresses

Private IP addresses are a solution to the problem of the exhaustion of public IP

addresses. Addresses that fall within these ranges are not routed on the Internet backbone. It is
described in RFC 1597.

 10.0.0.0 – 10.255.255.255 (Full Class A)

 172.16.0.0 – 172.31.255.255 (16 Class B’s)
 192.168.0.0 – 192.168.255.255 (Full Class B)

Figure 6.4 Private classful address and their ranges

6.3 Special Address

Network addresses 0 and 127 are reserved for special uses. Network 0 designates the
default route. The default route is used to simplify the routing information that IP must handle.
Network address 127 is loop back address. The loop back address simplifies network
applications by allowing the local host to be addressed in the same manner as remote host. An IP
address with all bits set to one is a broadcast address. A broadcast address is used to
simultaneously address every host on a network.
 0 is reserved for machines that don't know their address. In certain circumstances it is
possible for a machine not to know the number of the network it is on, or even its own host
address. For example, 0.0.0.23 would be a machine that knew it was host number 23, but didn't
know on what network.

255 is used for "broadcast". A broadcast is a message that you want every system on
the network to see. Broadcasts are used in some situations where you don't know who to talk
to. For example, suppose you need to look up a host name and get its Internet address.
Sometimes you don't know the address of the nearest name server. In that case, you might
send the request as a broadcast. There are also cases where a number of systems are interested
in formation. It is then less expensive to send a single broadcast than to send datagrams
individually to each host that is interested in the information.

In order to send a broadcast, you use an address that is made by using your network
address, with all ones in the part of the address where the host number goes. For example, if you
are on network 128.6.4, you would use 128.6.4.255 for broadcasts. How this is actually
implemented depends upon the medium. It is not possible to send broadcasts on the
Arpanet, or on point to point lines. However it is possible on an Ethernet. If you use an Ethernet
address with all its bits on (all ones), every machine on the Ethernet is supposed to look at that
datagram.

6.4 Classless Inter-Domain Routing (CIDR)

CIDR, described in RFCs 1518 and 1519, removes the concept of class from the IP
address assignment and management process. In place of predefined, well-known boundaries,
CIDR allocates addresses defined by a starting address and a range, which makes more efficient
use of available space. The range defines the network part of the address.

Notation method that specifies the number of masked bits in an IP address/subnet mask
combination. In this method bitmask is used to group of multiple classful networks as a single
network address. This will do the same process with route aggregation. supernetting is most
often applied when the aggregated networks are under common administrative control. In class C
network addresses, supernetting can be used so that the addresses appear as a single large
network, or supernet.

For example an assignment from an ISP to a corporate client might be expressed as

10.57.1.128 /25. This would result in a 128-address block for local use, with the upper 25 bits
being the network identifier part of the address. A legacy, class-full allocation would be
expressed as <net>.0.0.0 /8, <net>.<net>.0.0 /16, or <net>.<net>.<net>.0 /24. As these are
reclaimed, they will be reallocated using classless CIDR techniques.

6.5 Multihoming
 When a computer is configured with more than one IP address, it is referred to as a
multihomed system

6.6 Let us Sum Up

Classful Address

In classful addressing, the address space is divided into five classes: A, B, C, D, and E to
define large, medium, and small networks.

Figure 6.3a Classful address block size

Private IP addresses

Private IP addresses are a solution to the problem of the exhaustion of public IP

addresses.

Figure 6.4a Private classful address and their ranges

Special Address
 Network addresses 0 and 127 are reserved for special uses.Network 0 designates the
default route.

0 is reserved for machines that don't know their address

255 is used for "broadcast".

Classless Inter-Domain Routing (CIDR)

CIDR allocates addresses defined by a starting address and a range, which makes more
efficient use of available space.

For example an assignment from an ISP to a corporate client might be expressed

as 10.57.1.128 /25. This would result in a 128-address block for local use, with the upper 25 bits
being the network identifier part of the address

Multihoming

When a computer is configured with more than one IP address, it is referred to as a

multihomed system

6.7 Lesson end Activities

What are the different classification of classful address and their address range?

6.8 Points for Discussion

What is the purpose of having private IP address?

6.9 Check your progress

1. What is Speical address?

2. What is Classless Inter-Domain Routing?

6.10 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”, Douglas
E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

Lesson 7. ARP & RARP

 7.0 Aims and Objectives
7.1 Introduction
7.2 Address Resolution Protocol (ARP)
7.3 Reverse Address Resolution Protocol (RARP)
7.4 Let us Sum Up
7.5 Lesson end Activities
7.6 Points for Discussion
7.7 Check your progress
7.8 References

7.0 Aims and Objectives

To learn Address and Reserve Address Resolution Protocol

7.1 Introduction

A data link such as Ethernet or a token ring has its own addressing scheme. When an
Ethernet frame is sent from one host to another, it is the 48-bit Ethernet address that determines
the destination. The first 28-bits are the organization that made the Ethernet card, the second 28-
bits are randomly assigned by the manufacturer. The device driver software never looks at the
destination IP address in the IP datagram. Address resolution provides a mapping between two
different forms of addresses ie., 32-bit IP addresses and whatever the data link uses.

When an Ethernet frame is sent from one host on a LAN to another, it is the 48-bit
Ethernet address that determines for which interface the frame is destined. The device driver
software never looks at the destination IP address in the IP datagram.

7.2 Address Resolution Protocol (ARP)

A Network layer protocol used to associate a logical address (IP) to a physical (hardware)
address (MAC). Obtains the hardware address (Ethernet) of another computer on the same
network (subnet). This information is stored in a ARP table for future reference.

Figure 7.1 ARP table in the system

 ARP (address resolution protocol) is a protocol used to do address resolution in the TCP/IP
protocol suite (RFC826). ARP provides a dynamic mapping from an IP address to the
corresponding hardware address. ARP is required on multi-access channels and relies on the
ability to broadcast. The protocol broadcast a packet containing the IP address of the destination
machine. The machine with that address, or possibly a server, sends a reply containing the
hardware address.

This process is used by all network devices - computers, routers, printers. Address resolution
provides a mapping between the two different forms of address ie., 32-bit Internet address and
48-bit Ethernet address. ARP provides a dynamic mapping from an IP address to the
corresponding hardware address. We use the term dynamic since it happens automatically and is
normally not a concern of either the application user or the system administrator.

Figure 7.2 Sending a packet

 Figure 7.3 ARP table lookup

What happens if the device is unable to locate the destination MAC address in its ARP
table? In other words, the source knows the destination IP address, but is unable to locate a
MAC address for it in its own ARP table.

Figure 7.4 Unknown destination (Not in the table)

 The device sends an ARP request packet to all devices on the subnet asking for the MAC
address corresponding to the IP address. The MAC address in this request is in the form of a
broadcast: FF-FF-FF-FF-FF-FF. All devices will see the broadcast. The device with the
destination IP address will send a reply back to the requesting device. Once the sending device
has both of the destination’s IP and Mac address in its ARP table, it can send data at any time. If
network devices did not keep an ARP table in memory (cache), they would have to send an ARP
request every time data needs to be transmitted. Obviously, very inefficient.

The ARP request message contain the following details :

MAC header of
 Destination: FF-FF-FF-FF-FF-FF
 Source : 02-60-8C-01-02-03
IP Header of
 Destination: 197.15.22.126
 Source : 197.15.22.33
ARP Request Message
 “What is your MAC address?”

The ARP reply contain the following :

MAC header
 Destination: 02-60-8C-01-02-03
 Source : 08-00-02-89-90-80

IP header
 Destination: 197.15.22.33
 Source : 197.15.22.126
ARP request message
 “Here’s my MAC address”

ARP Packet format

Format of ARP request or reply packet when used on an Ethernet. Proxy ARP lets a
router answer ARP requests on one of its networks. This fools the sender of the ARP request
into thinking that the router is the destination host, when in fact the destination host is "on the
other side" of the router. The router is acting as a proxy agent for the destination host,
relaying packets to it from other hosts.
 Figure 7.5 ARP packet format

Figure 7.6. Encapsulation of ARP packet

Proxy ARP

Upon receipt the hardware address is used to send the original packet. Essential to the
efficient operation of ARP is the maintenance of a cache on each host. The cache maintains the
recent IP to physical address mappings. Each entry is aged (usually the lifetime is 20 minutes)
forcing periodic updates of the cache. ARP replies are often broadcast so that all hosts can
update their caches. Proxy ARP lets a router answer ARP requests on one of its networks for a
host on another of its networks. This fools the sender of the ARP request into thinking that the
router is the destination. The router is acting as a proxy agent for the destination, relaying
packets to it from other hosts. Proxy ARP is also known as promiscuous ARP or the ARP hack.
The names come from the other use of proxy ARP: to hide two physical networks from each
other, with a router between the two. This has been used to separate hosts running two different
versions of TCP/IP. When a system boots, it typically gets its IP address from a file. Since each
system has a unique hardware address, which hardware address can be used to lookup the
corresponding IP address.

ARP Cache

Essential to the efficient operation of ARP is the maintenance of an ARP cache on each host.
This cache maintains the recent mappings from Internet addresses to hardware addresses. The
normal expiration time of an entry in the cache is 20 minutes from the time the entry was
created.

Gratuitous ARP

Another feature of ARP that we can watch is called gratuitous ARP. It occurs when a
host sends an ARP request looking for its own IP address. This is usually done when the
interface is configured at bootstrap time.

7.3 Reverse Address Resolution Protocol (RARP)

RARP does basically the opposite of ARP. A network device knows its MAC address but
not its IP address. Used in diskless workstations or dumb terminals ARP tables are kept in RAM,
and therefore lost after the power is turned off. Devices using RARP require that a RARP server
be present on the network to answer RARP requet Routers build tables that describe all devices
and networks connected to them. In other words, ARP tables kept by routers can contain IP
addresses and MAC addresses of devices located on more than one network.

It used to require the Ethernet address of the IP address. The principle of RARP is for the
diskless system to read its unique hardware address from the interface card and send an RARP
request asking for someone to reply with the diskless system’s IP address.

RARP table

Address MAC Address Interface

197.15.22.33 02-60-8c-01-02-03 ethernet 0
197.15.22.44 00-00-A2-05-09-89 ethernet 0
197.15.22.4 08-00-02-90-90-90 ethernet 0
197.15.22.1 08-00-02-89-90-80 ethernet 0
201.100.101.37 00-80-29-e3-95-92 ethernet 1
201.100.101.1 00-00-05-01-13-7d ethernet 1
201.100.101.141 00-40-33-2b-35-77 ethernet 1
201.100.101.163 00-40-33-29-43-eb ethernet 1

The source device sends an RARP request packet to all devices on the subnet asking for an
IP address. The IP address in this request is in the form of a broadcast: 197.15.22.255. All
devices will see the broadcast, but the only RARP server will act upon it. The RARP server will
send a reply packet containing the assigned IP address. That IP address is used for the session
duration. RARP is used by systems without a disk drive but requires manual configuration by the
system administrator.

The RARP request contain the following :

 MAC header
 Destination: Anyone who will listen - RARP server
 Source : 08-00-20-67-92-89
 IP header
 Destination: 197.15.22.255
 Source : ?.?.?.?
 RARP request message
 “What is my IP address”

The RARP reply contain the following :

 MAC header
 Destination: 08-00-02-67-92-89
 Source : 08-00-02-89-90-80
 IP header
 Destination: 197.15.22.123
 Source : 197.15.22.126
 RARP request message
 “Here’s your IP address”

RARP Data format

It is almost identical to an ARP packet. The only differences are that the frame type is
0x8035 for an RARP request or reply, and the op field has a value of 3 for an RARP request and
4 for an RARP reply.

RARP Servers as User Processes

The complication with an RARP server is that the server normally provides the mapping
from a hardware address to an IP address for many hosts. RARP requests are transmitted as
Ethernet frames with a specific Ethernet frame type field.

Multiple RARP Servers per Network

RARP requests are sent as hardware-level broadcasts. As the number of servers increases,
the network traffic increase, since every server sends an RARP reply for every RARP request.
The diskless system that sent the RARP request normally uses the first RARP reply that it
receives.
 Figure 7.7 RARP request by the client to the server

RARP (RFC903) does exactly that same as ARP except some of the numbers change. The
RARP request is broadcast and the reply is sent to the requester. Unlike ARP, designated RARP
server(s) that handles RARP requests

RARP is used by systems without a disk drive (normally diskless workstations or X

terminals) but requires manual configuration by the system administrator

7.4 Let us Sum Up

Address Resolution Protocol (ARP)

A Network layer protocol used to associate a logical address (IP) to a physical (hardware)
address (MAC).

Gratuitous ARP

Another feature of ARP that we can watch is called gratuitous ARP.

Reverse Address Resolution Protocol (RARP)

RARP does basically the opposite of ARP. A network device knows its MAC address but
not its IP address.
7.5 Lesson end Activities

1. What is ARP?

7.6 Points for Discussion

1. What is the content of ARP packet?

2. What is Proxy ARP?

7.7 Check Your Progress

1. What is Gratuitous ARP?

2. What is the purpose of having Reverse Address Resolution Protocol (RARP)?

7.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 8. Subnet Address and Multicast Address

8.0 Aims and Objectives

8.1 Introduction
8.2 Subnet Mask
8.3 Multicast Addressing
8.4 Let us Sum up
8.5 Lesson end Activities
8.6 Points for Discussion
8.7 Check your progress
8.8 References

8.0 Aims and Objectives

To learn Subnet Addressing

To learn Multicast Addressing

8.1 Introduction
A single network may be split into a multiple networks for internal use but appear as a
single network to outsider. This is needed because some network may split into different places
or security reasons they want to split the network.

Subnet

A single network may be split into a multiple networks for internal use but appear as a
single network to outsider. Subnetting is a Technique used to allow a single IP network address
to span multiple physical networks. IP hosts should support subnetting. Subnetting is done by
using some of the bits of the host-id part of the IP address as a physical network identifier.

There are several reasons why you might want to subnet a network. You may want to
incorporate different types of physical networks into your IP network. Implementing subnets
helps to control network traffic. On an ethernet network every machine on the same physical
network sees all the packets of data sent out on the network. In heavy traffic situations this can
result in collisions making the network performance painfully slow. In both these situations
routers or gateways are used to separate networks. The router breaks the network into multiple
subnets.

The following examples show that two networks each with two hosts. All the subnets are
connected to a gateway. The subnetwork addresses are 128.10.1.0 and 128.10.2.0.
 Figure 8.1 Subnet example

Many Class A and B networks do not contain as many hosts as they could. This situation
causes a lot of address space waste. Subnetting better utilizes the address space by dividing these
big networks to smaller ones.

8.2 Subnet Mask

The subnet mask is used to determine the bits of the network identifier. All hosts on the
same network should have the same subnet mask.

An address such that when added to network address (in bitwise-and) splits the address
into network + subnet + host address. Indicates how much of the IP address represents the
network or subnetwork. Determines which part of an IP address is the network field and which
part is the host field.

Standard (default) subnet masks are as follows:

Class A subnet mask is 255.0.0.0

Class B subnet mask is 255.255.0.0

Class C subnet mask is 255.255.255.0

If the network uses the default subnet mask means there is no subnet. If it is other than
the default subnet mask then there is a subnet.
 The network designers has to modify the default subnet mask and create a new subnet
mask. To determine the number of bits to be used, the network designer needs to calculate how
many hosts the largest subnetwork requires and the number of subnetworks needed.

 Follow these steps to determine the subnet mask

1. Express the subnetwork IP address in binary form.
2. Replace the network and subnet portion of the address with all 1s.
3. Replace the host portion of the address with all 0s.
4. Convert the binary expression back to dotted-decimal notation.

e.g. IP address: 12.11.10.9 subnet mask 255.254.0.0

Since the leading bit begins with 0, it’s a Class A network with address 12.0.0.0

00001100 00001011 00001010 00001001 IP

+ 11111111 11111110 00000000 00000000 Subnet

___________________________________________

00001100 00001010 | 00000000 00000000

Network is extended by 7 more bits. Therefore, this is subnet 10. The remaining host part
is 0.1.10.9 is the host address.

IP and subnet masks are often presented together in this format. e.g. Network address =
154.4.32.0 , subnet mask = 255.255.224.0. In this case, the network address can be written as
154.4.32.0/19 indicating subnet has 19 bits for the network portion of address, and has
remaining 13 bits for host part.

Therefore, total number of subnets = 23 -2 = 6

Total number of hosts per subnet = 213 - 2 = 8190

8.3 Multicast Addressing

The multicasting capability of the TCP/IP protocol suite and the protocol that is involved
in multicasting is IGMP (Internet Group Management Protocol). IGMP is a group management
protocol. IGMP is used by hosts and routers that support multicasting. It lets all the systems on a
physical network know which hosts currently belong to which multicast groups. It helps a
multicast router create and update a list of loyal members related to each router interface. In any
network, there are one or more multicast routers that distribute multicast packets to hosts or other
routers. This information is required by the multicast routers, so they know which multicast
datagrams to forward onto which interfaces. IGMP is defined in RFC 1112.

The IGMP Protocol gives the multicast routers information about the membership status
of hosts (routers) connected to the network. Position of IGMP in the network layer shown below:

Figure 8.2 IGMP position in Network layer

IGMPv2 Message Types shown in the following diagram:

Figure 8.3 IGMP message type

IGMP format

Figure 8.4 Message format

A multicast router connected to a network has a list of multicast addresses of the groups for
which there is at least one loyal member. To Joining a Group ,a host maintains a list of processes
with membership in a group. When a process wants to join a new group, it sends its request to
the host. The host will add the name of the process and the name of the requested group to its
list. Host only sends an IGMP report to the multicast router if this is the first request for
membership in that group. To leaving a Group, When a host sees that no process is interested in
a specific group, it sends a leave report. When a router sees that none of the networks connected
to its interface is interested in a specific group, it sends a leave report about that group.

To Monitoring Group Membership, Multicast router is responsible for monitoring all of the
hosts in a LAN to see if they want to continue their membership in a group.The router
periodically (by default, every 125s) sends a query message. In this message, the group address
field is set to 0.0.0.0 (to all systems on a LAN). The general query message does not define a
particular group.

IGMP messages are used by multicast routers to keep track of group membership on each of
the router's physically attached networks. The following rules apply.

1. A host sends an IGMP report when the first process joins a group. If multiple
processes on a given host join the same group, only one report is sent, the first time a
process joins that group. This report is sent out the same interface on which the
process joined the group.
2. A host does not send a report when processes leave a group, even when the last
process leaves a group. The host knows that there are no members in a given group,
so when it receives the next query (next step), it won't report the group.
3. A multicast router sends an IGMP query at regular intervals to see if any hosts still
have processes belonging to any groups. The router must send one query out each
interface. The group address in the query is 0 since the router expects one response
from a host for every group that contains one or more members on that host.
4. A host responds to an IGMP query by sending one IGMP report for each group that
still contains at least one process.

8.4 Let us Sum Up

Subnet

A single network may be split into a multiple networks for internal use but appear as a
single network to outsider.

Subnet Mask

The subnet mask is used to determine the bits of the network identifier. All hosts on the
same network should have the same subnet mask.
If the network uses the default subnet mask means there is no subnet. If it is other than the
default subnet mask then there is a subnet.

 Follow these steps to determine the subnet mask

 1. Express the subnetwork IP address in binary form.
 2. Replace the network and subnet portion of the address with all 1s.
 3. Replace the host portion of the address with all 0s.
 4. Convert the binary expression back to dotted-decimal notation.

Multicast Addressing

The multicasting capability of the TCP/IP protocol suite and the protocol that is involved
in multicasting is IGMP (Internet Group Management Protocol). IGMP is a group management
protocol.

8.5 Lesson end Activities

1. Why we need subnet mask?

8.6 Points for Discussion

2. How a subnet is created?

8.7 Check your Progress

1. What is the purpose of Subnet?

2. What is the default subnet mask address?
3. What is the purpose of having IGMP?

8.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 9. Bootstrap and DHCP protocol

11.0 Aims and Objectives

11.1 Introduction
9.2 DHCP
9.3 Let Us Sum Up
9.4 Lesson and Activities
9.5 Points for Discussion
9.6 Check your progress
9.7 References

9.0 Aims and Objectives

To learn bootstrap protocol

To learn DHCP protocol

9.1 Introduction

A method for a diskless system to bootstrap itself, called the Bootstrap Protocol, or
BOOTP.

BOOTP uses UDP and normally works in conjunction with TFTP. RFC 951 is the
official specification for BOOTP with clarifications given in RFC 1542.

The Bootstrap Protocol (BOOTP) operates in a client/server environment and only

requires a single packet exchange to obtain IP information. BOOTP packets can include the IP
address, as well as the address of a router, the address of a server, and vendor-specific
information.

System with a local disk can get their IP address from the configuration file of its own
disk. If the system doesn’t have hard disk then it needs some techniques to obtain the IP address.

9.2 DHCP

RFCs 2131 and 2132 define DHCP as open and standards-based. A DHCP server stores
all available IP addresses in a central database along with associated configuration information,
including the subnet mask, gateways, and the addresses of DNS servers. This database enables
automatic IP address configuration for hosts as they start up.

DHCP saves network administrative time—and the larger the network, the greater the
savings. Without dynamic address assignment, network administrators must manage IP addresses
to avoid duplicate use and apply configuration changes to workstations manually. The resulting
lack of centralized configuration information makes it difficult for the administrator to ensure
consistent client configurations.

DHCP is derived from the Internet standard BOOTP (RFCs 951 and 1084), which allows
dynamic assignment of IP addresses as well as remote booting of diskless workstations. In
addition to supporting the dynamic assignment of IP addresses, DHCP supplies all configuration
data required by TCP/IP, plus additional data required for specific services.

As noted, this functionality simplifies tasks for the network administrator, who can now
manually configure just one computer—the DHCP server. Whenever a new computer starts on a
network segment that is served by the DHCP server (or an existing computer is restarted), the
computer asks for a unique IP address and the DHCP server assigns one from the pool of
available addresses.

As Figure 2.4.1 shows, this process requires only four steps:

1. The DHCP client asks for an IP address (a DHCP Discover message).

2. The DHCP Server offers an address (a DHCP Offer message).
3. The DHCP client accepts the offer and requests the address (a DHCP Request message).
4. TheDHCP Server officially assigns the address to the client (a DHCP Acknowledge
message).

Figure 9.1 DHCP Automates the Assignment of IP Addresses

DHCP server places an administrator-defined time limit, called a lease, on the address
assignment. Halfway through the lease period, the DHCP client requests a lease renewal, and the
DHCP server extends the lease. As a result, when a computer stops using its assigned IP address
(for example, upon relocation to another network segment), the lease expires and the address
returns to the pool for reassignment.
9.3 Let us Sum Up

An alternative method for a diskless system to bootstrap itself, called the Bootstrap
Protocol, or BOOTP.

BOOTP uses UDP and normally works in conjunction with TFTP. RFC 951 is the
official specification for BOOTP with clarifications given in RFC 1542.

The Bootstrap Protocol (BOOTP) operates in a client/server environment and only

requires a single packet exchange to obtain IP information

DHCP saves network administrative time—and the larger the network, the greater the
savings. Without dynamic address assignment, network administrators must manage IP addresses
to avoid duplicate use and apply configuration changes to workstations manually.

9.4 Lesson end Activities

1. What is bootstrap?

9.5 Points for Discussion

1. How BOOTP is working?

9.6 Check Your Progress

1. Explain the advantages of DHCP?

9.7 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 10. Domain Name Service (DNS)

12.0 Aims and Objectives

10.1 Introduction
10.2 DNS protocol
10.3 Let us Sum Up
10.4 Lesson end Activities
10.5 Points for Discussion
10.6 Check Your Progress
10.7 References

10.0 Aims and Objectives

To learn DNS organizing structure

10.1 Introduction

Average brain can easily remember 7 digits. It is difficult to remember the IP addresses.
Instead of using IP address we are using alphanumeric names to refer to hosts. Add a distributed,
hierarchical protocol (called DNS) to map between alphanumeric host names and IP addresses.
We call this Name Resolution.

There is no central database but the information is distributed among thousands of name
servers and organized into a hierarchy. Root domain is the top of the domain hierarchy. Top level
domains are existed under the root domain. There are two basic types of top-level domains –
geographic and organizational.

The domain name hierarchy is divided into zones. A Zone is a separate portion of the
DNS hierarchy. No two zones should overlap each other.

Name servers

In each zone, there is a primary name server and one or more secondary name servers.
Name servers contain two kinds of address mappings Authoritative mappings and Cached
mappings. Authoritative mappings used for hosts within the zone. Cached mappings used for
previously requested mappings to hosts not in the zone.

Domain Name

Domain name reflect the domain hierarchy. Domain names are written from a host name
to a top-level domain, with each part of the domain name separated by a dot. To be
unambiguous, the names assigned to machines must be carefully selected from a name space
with complete control over the binding between the names and IP addresses.
Flat Name Space and Hierarchical Name Space

A domain name space was designed to have a hierarchical name space. In this design the
names are defined in an inverted-tree structure with the root at the top.

The information contained in the domain name space must be stored. However, it is very
inefficient and also unreliable to have just one computer store such a huge amount of
information. In this section, we discuss the distribution of the domain name space. DNS is a
protocol that can be used in different platforms. In the Internet, the domain name space (tree) is
divided into three different sections: generic domains, country domains, and the inverse domain.

Domain Name Hierarchy

D o m a in N a m e H ie ra r c h y

c om edu net gov in t m il o rg ae ... us ... zw

y ahoo c nn rutgers y ale

C o u n tr y D o m a in s

cs eng

G en e ric D o m a in s

Figure 10.1 : Domain Name hierarchy

Domain hierarchy has two types Generic Domain or Organization Domain and Country
Domain. The generic domain divides registered hosts according to their behavior. The generic
domain convention allows seven possible three-character labels describing organization type.
 com Commercial organization
edu Educational institution
gov Government institution
int International organization
mil Military organization
net Network support center
org Organization other than those listed above

The country domain name follows the same format as generic domain but uses two-
character country abbreviation. For reading the domain name start with the most specific
information given about the host and become more and more general with each label until they
reach the rightmost label.

10.2 DNS protocol

When client wants to know an IP address for a host name then client sends a DNS query
to the primary name server in its zone. If name server contains the mapping, it returns the IP
address to the client. Otherwise, the name server forwards the request to the root name server.
The request works its way down the tree toward the host until it reaches a name server with the
correct mapping. Clients communicate with DNS servers using either TCP or UDP on port 53.

The following diagram shows header details about the DNS protocols:

0 15 16 31

T rans ac tion Id en tific ation F lags

N um b er of Q u es tions N um b er of A ns w er R R s

N um b er of A uth oritative R R s N um b er of A dd ition al R R s

Q u es tions
(va ria b le len g th )

A ns w er R es ou rc e R ec ords
(va ria b le len g th )

A uth oritative R es ourc e R ec ords

(va ria b le len g th )

A ddition al R es ourc e R ec ords

(va ria b le len g th )

Figure 10.2 : DNS Packet

DNS packet fields contain the following details:

Transaction Identification

Random number used to match client queries with name server responses

Flags

1 4 1 1 1 1 3 4

QR opcode AA TC RD RA (unused) rcode

Figure 10.3 : DNS Flags details

QR : 0=Query, 1=Response
opcode : 0=standard query, 1=inverse query, 2=status request
AA : Authoritative answer
TC : Truncated DNS packet
RD : Recursion desired
RA : Recursion available
rcode Return code. 0=no error, 3=name error

Transaction Identification

Random number used to match client queries with name server responses

Number of Questions

Number of DNS queries in the packet

Number of Answer RRs

Number of non-authoritative DNS responses in the packet

Number of Authoritative RRs:

Number of authoritative DNS responses in the packet

Number of Additional RRs:

Number of other DNS responses in the packet (usually contains other DNS servers in
domain)

Questions & Answers:

Variable length fields to store DNS queries and DNS server responses
DNS Query

DNS Packet Question field contains a sequence of queries:

Query name
(variable length)

Query Type Query Class

Figure 10.4 DNS Query packet

Query Name:
Contains an encoded form of the name for which we are seeking an IP address
Query Type
1=IP address, 2=name server, 12=pointer record, etc.
Query Class
1=Internet address

DNS queries must be encoded in a special way. Divide host address into segments
whenever a period appears. For each segment, store a byte representing the length of the segment
followed by the letters in the segment. Store a zero byte at the end of the query.

DNS Responses

DNS Packet RR fields contain a sequence of resource records:

D o m a in n a m e
( va r ia b le l e n g t h )

T yp e C la s s
T im e - t o - li v e
R e s o u rc e d a ta le n g th
R es o urc e D ata
( v a r i a b l e l e n g th )

Figure 10.5 DNS response packet

Domain Name

Encoded domain name for query

Type & Class

Same as for query (1=IP; 1=Internet)

Time-to-Live

How long this response will be useful

Resource Data

Contains the four-byte IP address

DNS responses are often compressed to save space. It uses the following algorithm. If all or
part of the domain name field appears earlier in the packet (e.g., in a prior RR), then store a
pointer to the earlier copy instead. Here the pointer is 2-byte code.

Address Caching

Going to the root server and then down the tree every time we need to resolve an address
is inefficient. Instead of this we have address caching at name servers. It store host-to-IP-address
mappings from recently requested host names at name server. When the same address is
requested later, use the cached version at the local name server instead of recursively querying
other name servers again.

Default DNS

When Host issues a query to DNS server, can add the default domain. Default domain
added to end of ever DNS query. Domain search order is specified in resolv.conf file.

DNS has two types of messages: query and response. Both types have the same format.
The query message consists of a header and question records; the response message consists of a
header, question records, answer record The question records are used in the question section of
the query and response messages. The resource records are used in the answer, authoritative and
additional information sections of the response message.
10.3 Let us Sum Up

The domain name hierarchy is divided into zones. A Zone is a separate portion of the
DNS hierarchy. No two zones should overlap each other.

Domain Name

Domain name reflect the domain hierarchy. Domain names are written from a host name
to a top-level domain, with each part of the domain name separated by a dot.

Flat Name Space and Hierarchical Name Space

A domain name space was designed to have a hierarchical name space

DNS protocol

When client wants to know an IP address for a host name then client sends a DNS query
to the primary name server in its zone

10.4 Lesson end Activities

What is DNS?

10.5 Points for Discussion

Discuss the Domain hierarchy?

10.6 Check your Progress

1. Explain the process of DNS protocol?

2. Write Short notes on: a) DNS query; b) DNS Responses

10.7 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Unit III

Lesson 11. Internet Protocol (IP)

11.0 Aims and Objectives

11.1 Introduction
11.2 Datagrams
11.3 Let us Sum Up
11.4 Lesson end Activities
11.5 Points for Discussion
11.6 Check your Progress
11.7 References

11.0 Aims and Objectives

To learn the Internet protocol and their header information

11.1 Introduction

IP is the main protocol at the network layer. It is used by both TCP and UDP. Every piece
of TCP and UDP data that gets transferred around an internet goes through the IP layer at both
end systems and at every intermediate router.

IP provides an unreliable, connectionless datagram delivery service.

By unreliable we mean there are no guarantees that an IP datagram successfully gets to

its destination. IP provides a best effort service. When something goes wrong, such as a router
temporarily running out of buffers, IP has a simple error handling algorithm: throw away the
datagram and try to send an ICMP message back to the source. Any required reliability must be
provided by the upper layers (e.g., TCP).

The term connectionless means that IP does not maintain any state information about
successive datagrams. Each datagram is handled independently from all other datagrams. This
also means that IP datagrams can get delivered out of order. If a source sends two consecutive
datagrams (first A, then B) to the same destination, each is routed independently and can take
different routes, with B arriving before A.

11.2 Datagrams

Packets in the IP layer are called datagrams. The above figure shows the data gram
format. A datagram consisting of two parts: header and data. The header can be from 20 to 60
bytes and contain s information essential for routing and delivery of data.
IP Header details

Figure 11.1 IP Header

Description of fileds:

Version

The first filed defines the version number of the IP.

Hlen

Header length - Defines the length of the header in multiples of four bytes. The four bits
can represent a number between 0 and 15, which, when multiplied by 4, gives a
maximum of 60 bytes.

Service type

It defines how the datagram should be handled.

Total length

This defines the total length of the IP datagram. It is 16 bits filed and can define up to
65,536 bytes.

Identification

The identification field is used in fragmentation. Each fragment is identified with a

sequence number in this field.

Flags

Flags field deal with fragmentation. The datagram can be first, middle or last fragment or
may not be fragmented.

Fragmentation offset

This offset is a pointer that shows the offset of the data in the original ndatagram

Time to Live

This filed defines the number of hops a datagram can travel before it is discarded,

Protocol

Defines which upper-layer protocol data are encapsulated in the datagram( TCP, UDP,
ICMP, etc.)

Source Address

It used to identify the original source of the datagram. It contains source system internet
address.

Destination Address

It used to identify the original Destination of the datagram. It contains destination system
internet address.

Options

It can contain information for routing, timing, management and alignment.

11.3 Let Us Sum Up

IP is the main protocol at the network layer. It is used by both TCP and UDP.

Datagrams

Packets in the IP layer are called datagrams.

Fields :

 Version
 Hlen
 Service type
 Total length
 Identification
 Flags
 Fragmentation offset
 Time to Live
 Protocol
 Source Address
 Destination Address
 Options

11.4 Lesson end Activities

What is the purpose of fragment offset?

11.5 Points for Discussion

What is datagram?

11.6 Check your progress

Describe the IP datagram in details.

11.7 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 12. The Internet Control Message Protocol (ICMP)

12.0 Aims and Objectives

12.1 Introduction
12.2. ICMP
12.3 ICMP Messages
12.4 Let us Sum Up
12.5 Lesson end Activities
12.6 Points for Discussion
12.7 Check your progress
12.8 References

12.0 Aims and Objectives

To learn how the TCP/IP managing error messages

12.1 Introduction

The Internet Control Message Protocol (ICMP) is a helper protocol that supports IP with
facility for error reporting and simple queries. ICMP messages are encapsulated as IP datagrams.

12.2. ICMP

The Internet Control Message Protocol (ICMP) protocol is classic example of a client server
application. The Internet Control Message Protocol (ICMP) is part of the Internet protocol suite
and defined in RFC 792 . The ICMP server executes on all IP end system computers and all IP
intermediate systems (i.e routers). The protocol is used to report problems with delivery of IP
datagrams within an IP network. It can be sued to show when a particular End system is not
responding, when an IP network is not reachable, when a node is overloaded, when an error
occurs in the IP header information, etc. The protocol is also frequently used by Internet
managers to verify correct operations of End Systems and to check that routers are correctly
routing packets to the specified destinations.

The Internet Control Message Protocol (ICMP) protocol is classic example of a client server
application. The Internet Control Message Protocol (ICMP) is part of the Internet protocol suite
and defined in RFC 792. The ICMP server executes on all IP end system computers and all IP
intermediate systems (i.e routers). The protocol is used to report problems with delivery of IP
datagrams within an IP network. It can be sued to show when a particular End system is not
responding, when an IP network is not reachable, when a node is overloaded, when an error
occurs in the IP header information, etc.
 The protocol is also frequently used by Internet managers to verify correct operations of End
Systems and to check that routers are correctly routing packets to the specified destinations. The
Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected
networks called the Catenet. The network connecting devices are called Gateways. These
gateways communicate between themselves for control purposes via a Gateway to Gateway
Protocol (GGP). Occasionally a gateway or destination host will communicate with a source
host, for example, to report an error in datagram processing.

ICMP, uses the basic support of IP as if it were a higher level protocol, however, ICMP is
actually an integral part of IP, and must be implemented by every IP module. Is a protocol for the
exchange of error messages and other vital information between (Physical) Internet entities such
as hosts and routers. ICMP is a network layer protocol, often it is placed next to the IP protocol.

ICMPHeader ICMPDataArea

IPHeader IPData Area

Frame Header Frame Area

Figure 12.1 ICMP packet in IP

ICMP lies just above IP, as ICMP messages are carried inside IP Packets. ICMP messages
are carried as IP payload, just as TCP/UDP segments are carried as IP payload. When a host
receives an IP packet with ICMP specified as the upper layer protocol, it de-multiplexes the
packet to ICMP, just as it would demultiplex a packet to TCP/UDP.

ICMP functions announce network errors such as a host or entire portion of the network
being unreachable, due to some type of failure. A TCP or UDP packet directed at a port number
with no receiver attached is also reported via ICMP. Announce network congestion when a
router begins buffering too many packets, due to an inability to transmit them as fast as they are
being received, It will generate ICMP Source Quench messages. Directed at the sender, these
messages should cause the rate of packet transmission to be slowed. The following diagram
shows the ICMP messages.
12.3 ICMP Messages

Figure 12.2 ICMP messages

ICMP also assisted in troubleshooting. ICMP supports an Echo function, which just sends a
packet on a round--trip between two hosts. Ping, a common network management tool, is based
on this feature. Ping will transmit a series of packets, measuring average round--trip times and
computing loss percentages. If an IP packet's TTL field drops to zero, the router discarding the
packet will often generate an ICMP packet announcing time out. TraceRoute is a tool which
maps network routes by sending packets with small TTL values and watching the ICMP timeout
announcements. The following diagram illustrated the ICMP error messages.

Figure 12.3 ICMP Error messages

ICMP datagram structure

The ICMP datagram, being an IP datagram, contains the usual IP header. This is followed
by an ICMP header which varies slightly between the different types of ICMP message. The
general format is shown below:

Figure 12.4 ICMP Header format

ICMP Message Types

Type Message Type Description
3 Destination Unreachable Packet could not be delivered
11 Time Exceeded Time to live field hit 0
12 Parameter Problem Invalid header field
4 Source Quench Choke Packet
5 Redirect Teach a router about geography
8 Echo Ask a machine if it is alive
0 Echo Reply Yes, I am alive
13 Timestamp Request Same as Echo request, but with timestamp
14 Timestamp Reply Same as Echo reply, but with timestamp

The DESTINATION UNREACHABLE message is used when the subnet or a router cannot
locate the destination. The TIME EXCEEDED message is sent when a packet is dropped
because its counter has reached zero. This event is symptom that packets are looping, that there
is enormous congestion, or that the timer values are being set too low.

The PARAMETER PROBLEM message indicates that an illegal value has been detected in a
header field. This problem indicates a bug in the sending host’s IP software or possibly in the
software of a router transited.
 The SOURCE QUENCH message was formerly used to throttle hosts that were sending too
many packets. When a host received this message, it was expected to slow down. It is rarely used
any more when congestion occurs.

The REDIRECT MESSAGE is used when a router notices that a packet seems to be routed
wrong. It is used by the router to tell the sending host about the probable error.

The ECHO and ECHO REPLY messages are used to see if a given destination is reachable
and alive. Upon receiving the ECHO message, the destination is expected to send an ECHO
REPLY message back.

The TIMESTAMP REQUEST and TIMESTAMP REPLY messages are similar, except that
the arrival time of the message and the departure time of the reply are recorded in the reply. This
facility is used to measure network performance.

Code

The exact meaning of the value contained within this field depends on the message Type.
For example, with an ICMP Type 3 message ("Destination unreachable"), a Code value of 0
means "Network unreachable", which implies a router failure. A Code of 1 means "Host
unreachable".

Checksum

The checksum field provides error detection for the ICMP header only and is calculated
in the same way as the IP header checksum.

Parameters

The usage of this field depends on the type of message. For example, Type 3 messages do
not use this field, while Type 0 and 8 messages use the field to store an identifier and sequence
number.

Data

Typically, the data is the IP header and first 64 bits of the original datagram, i.e. the one
that failed and prompted the ICMP message. Including the first 64 bits of the original datagram
allows the ICMP message to be matched to the datagram that caused it.
Destination Unreachable Codes

Code Definition

0 Net Unreachable

1 Host Unreachable

2 Protocol Unreachable

3 Port Unreachable

4 Fragmentation needed & Don’t Fragment was set

5 Source Route failed

6 Destination Network Unknown

7 Destination Host Unknown

8 Source Host Isolated

9 Communication Destination Network is Administratively

Prohibited

10 Communication Destination Host is Administratively

Prohibited

11 Destination Network Unreachable for Type of Service

12 Destination Host Unreachable for Type of Service

13 Communication Administratively Prohibited

14 Host Precedence Violation

15 Precedence Cutoff Violation

 Redirect Codes

Code Definition

0 Redirect Datagram for the Network (or subnet)

1 Redirect Datagram for the Host

2 Redirect Datagram for the Type of Service &

Network

3 Redirect Datagram for the Type of Service & Host

Time Exceeded Codes

Code Definition

0 Time to Live Exceeded in Transit

1 Fragment Reassembly Time

Exceeded

Parameter Problem Codes

Code Definition

0 Pointer Indicates the

Error

1 Missing a Required
Option

2 Bad Length
12.4 Let Us Sum Up

The Internet Control Message Protocol(ICMP)

The Internet Control Message Protocol (ICMP) protocol is classic example of a client server
application. The protocol is used to report problems with delivery of IP datagrams within an IP
network.

12.5 Lesson end Activities

1. How errors are managed in the TCP/IP ?

12.6 Points for Discussion

1. Discuss why we are using error code for error messages

12.7 Check your Progress

1. Explain the ICMP protocol.

2. Write short notes on ICMP datagram structure.

12.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 13. Fragmentation and Reassembly

13. 0 Aims and Objectives

13.1 Introduction
13.2 Fragmentation and Defragmentation
13.3 Let us Sum Up
13.4 Lesson end Activities
13.5 Points for Discussion
13.6 Check your Progress
13.7 References

13.0 Aims and Objectives

To learn how the TCP/IP packets are fragmented and reassembly

13.1 Introduction

TCP/IP is designed for use with many different kinds of network. Unfortunately, network
designers do not agree about how big packets can be. Ethernet packets can be 1500 octets long.
Arpanet packets have a maximum of around 1000 octets. Some very fast networks have much
larger packet sizes. At first, you might think that IP should simply settle on the smallest possible
size. Unfortunately, this would cause serious performance problems. When transferring large
files, big packets are far more efficient than small ones. So we want to be able to use the largest
packet size possible. But we also want to be able to handle networks with small limits. There
are two provisions for this. First, TCP has the ability to "negotiate" about datagram size. When
a TCP connection first opens, both ends can send the maximum datagram size they can handle.
The smaller of these numbers is used for the rest of the connection.

13.2 Fragmentation and Defragmentation

When sending data between Ethernet networks to Arpanet, It can't handle packets of that
size. For this reason, there are provisions to split datagrams up into pieces. This is referred
to as "fragmentation Furthermore, every host implementation of TCP/IP must be prepared to
accept pieces and put them back together. This is referred to as "reassembly".

The following diagram shows that normal IP datagram packet with Maximum
Transmission Unit(MTU)
 Figure 13.1 IP Packet with MTU

If the data size is less than the MTU then padding will be added for transmission. The
following diagram illustrates this.

Figure 13.2 IP data with padding

Different protocols have different packet size ie., MTU size Following table show the details.

Table 13.1 Protocols with MTU size

The following diagram shows how a big packet can be fragmented and fix for a MTU.
 Figure 13.3 Fragmented data packet

13.3 Let us Sum Up

Fragmentation and Reassembly

TCP/IP is designed for use with many different kinds of network. Unfortunately, network
designers do not agree about how big packets can be.

For example, when sending data between Ethernet networks to Arpanet, It can't handle
packets of that size. For this reason, there are provisions to split datagrams up into pieces.
This is referred to as "fragmentation. Furthermore, every host implementation of TCP/IP
must be prepared to accept pieces and put them back together. This is referred to as
"reassembly".

13.4 Lesson end Activities

1. Why we need Fragmentation?

13.5 Points for Discussion

1. How tcp/ip packets are fragmented?

13.6 Check your progress

1. How fragmented packets are correctly identified by the receiver end?

13.7 References
1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,
Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 14. Routing

14.0 Aims and Objectives

14.1 Introduction
14.2 Routing
14.3 Routing Protocol Vs Routed Protocol
14.4 Types of routing table entries
14.5 Classification of routing table
14.6 Let us Sum Up
14.7 Lesson end Activities
14.8 Points for Discussion
14.9 Check your Progress
14.10 References

14.0 Aims and Objective

To learn how the TCP/IP packets are transfer from one end to another end

14.1 Introduction

There are two distinct processes to delivering IP datagram: IP Forwarding and IP Routing. IP
Forwarding tells how to pass a packet from an input interface to the output interface? IP Routing
tells how to find and setup the routing tables? It determine route taken by packets from source to
destination

Forwarding must be done as fast as possible. On routers, is often done with support of
hardware. On PCs, is done in kernel of the operating system. Routing is less time-critical, On a
PC, routing is done as a background process.

Packets are transfer from one system to another system using for forwarding and transfer
from the sender to the receiver using routing. Forwarding is a process of passing packets along to
the next hop. There is only one forwarding table and has prefix and next-hop information.
Routing is a process of populating the forwarding table. You might have multiple routing
databases - e.g. both OSPF and BGP Routing databases have more information. Routing is based
on address lookup, maximum prefix match and search operation.
14.2 Routing

A router, by definition, has two or more network interface layers (since it connects two or
more networks). Any system with multiple interfaces is called multihomed. A host can also be
multihomed but unless it specifically forwards packets from one interface to another, it is not
called a router. Also, routers need not be special hardware boxes that only move packets around
an internet.

Conceptually, IP routing is simple, especially for a host. If the destination is directly

connected to the host (e.g., a point-to-point link) or on a shared network (e.g., Ethernet or token
ring), then the IP datagram is sent directly to the destination. Otherwise the host sends the
datagram to a default router, and lets the router deliver the datagram to its destination.

The IP layer can be configured to act as a router in addition to acting as a host. Most
multiuser systems today, including almost every Unix system, can be configured to act as a
router. We can then specify a single routing algorithm that both hosts and routers can use. The
fundamental difference is that a host never forwards datagrams from one of its interfaces to
another, while a router forwards datagrams. A host that contains embedded router functionality
should never forward a datagram unless it has been specifically configured to do so

Packets are transfer from one system to another system using for forwarding and transfer
from the sender to the receiver using routing. Forwarding is a process of passing packets along to
the next hop. There is only one forwarding table and has prefix and next-hop information.
Routing is a process of populating the forwarding table. You might have multiple routing
databases - e.g. both OSPF and BGP Routing databases have more information. Routing is based
on address lookup, maximum prefix match and search operation.

14.3 Routing Protocol Vs Routed Protocol

Routing Protocols

Routing protocol used to update the routing table information. It will collect the information
based on advertisement and also send routing information to other systems. Eg. RIP, OSPF

Routed Protocols

Routed protocols used to route the packets across network. It forward data to one network
to another network Eg. IPX, DecNet

Routing table

Routing Table is used by the Routing Protocols. It defines the topology of the network. It
must be consistent with other router’s tables. Two types of routing tables are existed, Static and
dynamic routing tables. Static tables are constructed by network administrator and the Dynamic
tables are constructed by the routing protocols.

14.4 Types of routing table entries

Network route – In this type of entry destination addresses is a network address (e.g.,
10.0.2.0/24). Most entries are network routes.

Host route – This type of entry destination address is an interface address (e.g., 10.0.1.2/32).
This entry used to specify a separate route for certain hosts

Default route – This type of entry used when no network or host route matches. The router
that is listed as the next hop of the default route is the default gateway.

Loopback address - Routing table used the loopback address (127.0.0.1) which means the
next hop lists the loopback (lo0) interface as outgoing interface.

Adding an interface - Configuring an interface eth2 with 10.0.2.3/24 adds a routing table
entry:

Adding a default gateway - Configuring 10.0.2.1 as the default gateway adds the entry

The steps that IP performs when it searches its routing table :

1. Search for a matching host address.

2. Search for a matching network address.
3. Search for a default entry. (The default entry is normally specified in the routing table as
a network entry, with a network ID of 0.)

A matching host address is always used before a matching network address

14.5 Classification of routing table

In routing table two types of protocol are used, ie Interior Gateway protocols (IGP) and
Exterior Gateway protocols (EGP). Kind of information that is carried and the way the routing
table are calculated based on Distance-vector protocols or Link-state protocols.

Interior Gateway protocols Vs Exterior Gateway Protocols

Interior Gateway Protocols are used within a single autonomous system. Generally it
have single network administration to administration. It has unique routing policy and makes
best use of network resources. This class of protocols are used inside an autonomous system, ex.-
RIP, OSPF, IGRP, EIGRP.

Exterior Gateway Protocols are used among different autonomous systems. It has
independent administrative entities. It is used to communication between independent network
infrastructures. This class of protocols is used outside, or between, autonomous systems, ex. –
BGP4, the current internet standard for EGP. BGP makes routing decisions based on network
policies, or rules. In EBGP, session occurs between routers in two different Autonomous
Systems. In IBGP, session occurs between routers in the same Autonomous Systems.

A multihomed network is a network that has more than one exit point to outside
networks.

Static or Dynamic Routing

Routing can be either static or dynamic, depending on how routing information is

generated and maintained. In static routing, routing information is entered manually by an
administrator and remains constant throughout the router’s operation. In dynamic routing, a
router is configured to automatically generate routing information and share the information with
neighboring routers.

Static routing

In static routing, a network administrator enters static routes in the routing table manually
by indicating the Network ID, the hop count and the router interface. The network ID, consisting
of a destination IP address and a subnet mask. The hop count is the distance between this router
and the neighboring router. The router interfaces through which forward the packets to the
destination.

Static routing has significant drawbacks. Because a network administrator defines a static
route, errors are more likely than with a dynamically assigned route. A simple typographical
error can create chaos on the network. An even greater problem is the inability of a static route to
adapt to topology changes. Whenever the topology changes, the administrator might have to
make changes to the routing tables entries on every static router. This does not scale well on a
large internetwork. Static routes have predictability, no overhead and simplicity. But lack of
scalability and can not adapt to a failure in a network

Dynamic Routing

Dynamic routing method has two parts: the routing protocol that is used between
neighboring routers to convey information about their network environment, and the routing
algorithm that determines paths through that network. The protocol defines the method used to
share the information externally, whereas the algorithm is the method used to process the
information internally.

The routing tables on dynamic routers are updated automatically based on the exchange
of routing information with other routers. The most common dynamic routing protocols are
Distance vector routing protocols and Link state routing protocols. Understanding how these
protocols work enables you to choose the type of dynamic routing that best suits your network
needs.

Dynamic routes are adapting to a failure in a network and work in large networks. The
disadvantages are increase in complexity and overhead on the lines and routers

14.6 Let Us Sum Up

Routing

A router, by definition, has two or more network interface layers (since it connects two or
more networks).

Routing Protocol Vs Routed Protocol

Routing Protocols

Routing protocol used to update the routing table information. It will collect the information
based on advertisement and also send routing information to other systems. Eg. RIP, OSPF

Routed Protocols

Routed protocols used to route the packets across network. It forward data to one network
to another network Eg. IPX, DecNet

Routing table

Routing Table is used by the Routing Protocols. It defines the topology of the network.

Types of routing table entries

Network route
Host route
Default route
Loopback address
Adding a default gateway
Interior Gateway protocols Vs Exterior Gateway Protocols

Interior Gateway Protocols are used within a single autonomous system. Generally it
have single network administration to administration.

Exterior Gateway Protocols are used among different autonomous systems. It has
independent administrative

Static or Dynamic Routing

In static routing, routing information is entered manually by an administrator and

remains constant throughout the router’s operation. In dynamic routing, a router is configured to
automatically generate routing information and share the information with neighboring routers.

14.7 Lesson end Activities

1. What is the purpose of Routing?

2. What is the different between Routing Protocol Vs Routed Protocol?

14.8 Points for Discussion

1. What is the content of Routing table?

14.9 Check your Progress

1. What is Interior Gateway protocols ?
2. What is Exterior Gateway Protocols?
3. What is Static routing?
4. What is Dynamic Routing?
5. Write short notes on types of routing fable entries.

14.10 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 15 Distance Vector Protocol and Link State Routing Protocols

15.0 Aims and Objectives

15.1 Introduction
15.2 Distance Vector Routing Protocols
15.3 Link State Routing Protocols
15.4 Routing Information Protocol (RIP)
15.5 Open Shortest Path First (OSPF)
15.6 Let us Sum Up
15.7 Lesson end Activities
15.8 Points for Discussion
15.9 Check your Progress
15.10 References

15.0 Aims and Objectives

To learn two types of routing protocols

15.1 Introduction
Distance vector routing protocols, the earliest dynamic routing protocols, are an
improvement over static routing, but have some limitations. When the topology of the
internetwork changes, distance vector routing protocols can take several minutes to detect the
change and make the appropriate corrections. Link state routing protocols are more reliable and
require less bandwidth than do distance vector routing protocols, they are also more complex,
more memory-intensive, and place a greater load on the CPU.

15.2 Distance Vector Routing Protocols

Distance-vector protocols advertise periodically sends to his neighbors and find how far
is the destination and how to the next hop to get there. It installs routes directly in tables.

The distance vector algorithm, also known as the Bellman-Ford algorithm, enables a
router to pass route updates to its neighbors at regularly scheduled intervals. Each neighbor then
adds its own distance value and forwards the routing information on to its immediate neighbors.
The result of this process is a table containing the cumulative distance to each network
destination.

One advantage of distance vector routing protocols is simplicity. Distance vector routing
protocols are easy to configure and administer. They are well suited for small networks with
relatively low performance requirements.
 Most distance vector routing protocols use a hop count as a routing metric. A routing
metric is a number associated with a route that a router uses to select the best of several matching
routes in the IP routing table. The hop count is the number of routers that a packet must cross to
reach a destination.

15.3 Link State Routing Protocols

Link state routing protocols address some of the limitations of distance vector routing
protocols. For example, link state routing protocols provide faster convergence than do distance
vector routing protocols. Convergence is the process by which routers update routing tables after
a change in network topology — the change is replicated to all routers that need to know about
it.

In Link-state protocols each router sends information about links to which it is attached
state of these links. It is flooded throughout the network. Every router calculates its routing table.

Unlike distance vector routing protocols, which broadcast updates to all routers at
regularly scheduled intervals, link state routing protocols provide updates only when a network
link changes state. When such an event occurs, a notification in the form of a link state
advertisement is sent throughout the network

You must decide where best to implement each type of routing.

However, static routing can be effective when used in combination with dynamic routing.
Instead of using static routing exclusively, you can use a static route as the redundant backup for
a dynamically configured route. In addition, you might use dynamic routing for most paths but
configure a few static paths where you want the network traffic to follow a particular route. For
example, you might configure routers to force traffic over a given path to a high-bandwidth link.

15.4 Routing Information Protocol (RIP)

Routing Information Protocol (RIP) first used in XNS (Xerox Network Systems). RIP
first documented in RFC 1058.

Routing Information Protocol (RIP) is the best known and most widely used of the
distance vector routing protocols. RIP version 1 (RIP v1), which is now outmoded, was the first
routing protocol accepted as a standard for TCP/IP. RIP version 2 (RIP v2) provides
authentication support, multicast announcing, and better support for classless networks. The
Windows Server 2003 Routing and Remote Access service supports both RIP v1 and RIP v2 (for
IPv4 only).
 Using RIP, the maximum hop count from the first router to the destination is 15. Any
destination greater than 15 hops away is considered unreachable. This limits the diameter of a
RIP internetwork to 15. However, if you place your routers in a hierarchical structure, 15 hops
can cover a large number of destinations.

RIP – Characteristics

In RIP packets are sent every 30 seconds or faster when necessary. Route is considered
down if it is not refreshed within 180 sec. (distance set to infinity). Two kinds of messages are
used, request and response. Hop count is used as a metric. The value of 1 to 15 is used (16
denotes infinity) as distance hop count. It doesn't support classless routing.

15.5 Open Shortest Path First (OSPF)

Open Shortest Path First (OSPF) protocol is the best known and most widely used link
state routing protocol. OSPF is an open standard developed by the Internet Engineering Task
Force (IETF) as an alternative to RIP. OSPF compiles a complete topological database of the
internetwork. The shortest path first (SPF) algorithm, also known as the Djikstra algorithm, is
used to compute the least-cost path to each destination. Whereas RIP calculates cost on the basis
of hop count only, OSPF can calculate cost on the basis of metrics such as link speed and
reliability in addition to hop count.

Unlike RIP, OSPF can support an internetwork diameter of 65,535 (assuming that each
link is assigned a cost of 1). OSPF transmits multicast frames, reducing CPU usage on a LAN.
You can hierarchically subdivide OSPF networks into areas, reducing router memory overhead
and CPU overhead.
15.6 Let Us Sum Up

Distance Vector Routing Protocols

Distance-vector protocols advertise periodically sends to his neighbors and find how far
is the destination and how to the next hop to get there. It installs routes directly in tables.

Link State Routing Protocols

Link state routing protocols address some of the limitations of distance vector routing
protocols. For example, link state routing protocols provide faster convergence than do distance
vector routing protocols.

In Link-state protocols each router sends information about links to which it is attached
state of these links. It is flooded throughout the network. Every router calculates its routing table.

Routing Information Protocol (RIP)

Routing Information Protocol (RIP) is the best known and most widely used of the
distance vector routing protocols.

Using RIP, the maximum hop count from the first router to the destination is 15. Any
destination greater than 15 hops away is considered unreachable. This limits the diameter of a
RIP internetwork to 15. However, if you place your routers in a hierarchical structure, 15 hops
can cover a large number of destinations.

Open Shortest Path First (OSPF)

Open Shortest Path First (OSPF) protocol is the best known and most widely used link
state routing protocol. OSPF is an open standard developed by the Internet Engineering Task
Force (IETF) as an alternative to RIP.

15.7 Lesson end Activities

1. What is Distance Vector Protocols?

2. What is Link State Routing Protocols?

15.8 Points for Discussion

1. Which routing protocol suitable for small network?
2. Which routing protocol is suitable for big networkl?
15.9 Check your Progress

1. What is Routing Information Protocol (RIP)?

2. What is Open Shortest Path First (OSPF)?

15.10 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Unit IV

Lesson 16. TCP and UDP Data Structures

16.0 Aims and Objectives

16.1 Introduction
16.2 TCP Data Structures
16.3 UDP Data Structures
16.4 Let us Sum Up
16.5 Lesson end Activities
16.6 Points for Discussion
16.7 Check your Progress
16.8 References

16.0 Aims and Objectives

To understand the field and data structure of TCP

To understand the field and data structure of UDP

16.1 Introduction

TCP and UDP are the two predominant transport layer protocols. Both use IP as the
network layer.

16.2 TCP Data Structures

TCP is defined in the RFC 793 and defines a reliable, connection orientated full duplex
byte stream for a user process. TCP creates a CONNECTION orientated service by contacting
the end system and establishing a set of guidelines both can support. Such agreements as how
much data segments can be transferred before an acknowledgement are received. TCP takes
large blocks of data coming from upper layers and segments them. Then it adds numbers to the
segments so the end system can sequence them at arrival and assemble the original block before
sending it to the upper layer. When TCP creates a connection between two end systems, it is
called a VIRTUAL CIRCUIT. This virtual circuit is created at the time the one system needs to
send a data stream to the end system and takes it down when the data transfer is completed.

The three phases of the TCP are CONNECTION ESTABLISHMENT, CONNECTION

MAINTENANCE and CONNECTION TIREDOWN.
 TCP is a reliable, connection oriented, and byte-stream protocol. It provides reliability
with a mechanism called Positive Acknowledgement with retransmission(PAR). The following
diagram shows the details about the header.

Figure 16.1 TCP Header details

TCP Header contain the following data information:

Source port address

Defines the application program in the source computer

Destination port address

Defines the application program in the destination computer

Sequence number

A stream of data from the application program may be divided into two or more TCP
segments. The sequence number field shows the position
Acknowledge number

This is valid only if the ACK bit in the control field is set. This number is used to
acknowledge the receipt of data from the other communication device. The number
defines the byte sequence number that is next expected.

Header length

Defines the header length

Reserved

A six-bit field is reserved for future use.

Control fields
URG - Urgent bit is set to validate the urgent pointer field
ACK - when set validates the acknowledgement number field
PSH - Used to inform the sender that a higher throughput is needed
RST - Used to reset the connection, when there is confusion in the sequence
Numbers
SYN - Used for sequence number synchronization in three types of segments:
connection request, connection confirmation and confirmation
acknowledgement
FIN - Used in connection termination in three types of segments : termination
request, termination confirmation and acknowledgement of termination
confirmation
Window size

Defines the size of the sliding window

Checksum

Used in error detection

Urgent pointer

Its value is valid only when the URG field is set. This pointer defines the end of urgent
data and the start of normal data.

Options and padding

Optional field in which used to convey additional information to the receiver or for
alignment purpose.
16.3 UDP Data Structures

UDP sends and receives datagrams for applications. A datagram is a unit of information
that travels from the sender to the receiver. like TCP, however, UDP is unreliable. There is no
guarantee that the datagram ever gets to its final destination

UDP is designed for applications where you don't need to put sequences of datagrams
together. It fits into the system much like TCP. There is a UDP header. The network software
puts the UDP header on the front of your data, just as it would put a TCP header on the front
of your data. Then UDP sends the data to IP, which adds the IP header, putting UDP's
protocol number in the protocol field instead of TCP's protocol number. However UDP doesn't
do as much as TCP does. It doesn't split data into multiple datagrams. It doesn't keep track
of what it has sent so it can resend if necessary. About all that UDP provides is port
numbers, so that several programs can use UDP at once. UDP port numbers are used just like
TCP port numbers. There are well-known port numbers for servers that use UDP. Note that
the UDP header is shorter than a TCP header. It still has source and destination port
numbers, and a checksum, but that's about it. No sequence number, since it is not needed.
UDP is used by the protocols that handle name lookups and a number of similar protocols.

UDP is defined in RFC 768. It is the protocol that does not consume system resources as
much as TCP but it unreliable and transfers data to the destination system with out establishing a
connection and hence, connectionless protocol. UDP sends data to the destination system in
numbered segments same as TCP but it can not retransmit erred segments if they get lost or
damaged.

UDP messages can be lost, duplicated, or arrive out of order.

Figure 16.2 UDP Header

 UDP uses 16 bit source and destination port number. Total length contains a count of
octets in the UDP datagrams, including the UDP header and the user data. The UDP checksum is
optional and need not be used at all.

UDP Pseudo Header

UDP Pseudo header used to verify that the UDP datagram has reached safe or not. The
fields contain source and destination IP address To verify the checksum, the receiver must
extract these fields from the IP header, assemble them into the pseudo-header format, and
recomputed the checksum.

Figure 16.3 : UDP Pseudo header

16.4 Let us Sum Up

TCP Data Structures

The three phases of the TCP are CONNECTION ESTABLISHMENT, CONNECTION

MAINTENANCE and CONNECTION TIREDOWN.
UDP Data Structures

UDP sends and receives datagrams for applications. A datagram is a unit of information
that travels from the sender to the receiver. like TCP, however, UDP is unreliable. There is no
guarantee that the datagram ever gets to its final destination

UDP Pseudo header used to verify that the UDP datagram has reached safe or not. The
fields contain source and destination IP address To verify the checksum, the receiver must
extract these fields from the IP header, assemble them into the pseudo-header format, and
recomputed the checksum.

TCP Header contain

 Source port address
 Destination port address
 Sequence number
 Acknowledge number
 Header length
 Reserved
 Control fields
o URG
o ACK
o PSH
o RST
o SYN
o FIN
 Window size
 Checksum
 Urgent pointer
 Options and padding

16.5 Lesson end Activities

1. Draw the TCP header.

2. Draw the UDP header.

16.6 Points for Discussion

1. What are the uniqueness with TCP and UDP data structure?

16.7 Check your Progress

1. Explain the TCP Data structure.

2. Explain the UDP data structure

16.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 17. TCP Finite State Machine

17.0 Aims and Objectives

17.1 Introduction
17.2 Algorithm for TCP state machine
17.3 TCP finite state machine
17.4 Let us Sum Up
17.5 Lesson end Activities
17.6 Points for Discussion
17.7 Check your progress
17.8 References

17.0 Aims and Objective

To learn about the TCP connection with Finite state machine

17.1 Introduction

Like any other system states TCP communication also defined with Finite state machine.
Reliable service is required for connection establishment and termination to perform connection-
oriented service. The step required establishing and release connections can be represented in a
finite state machine with the 11 states. Out of these states, some states are legal. Each connection
starts in the CLOSED state. From that, there are two possibilities, either passive open (LISTEN),
or active open (CONNECT). And the other side of the hosts performs the opposite operation.

The Host sends SYN for connection through active open. At host B does a LISTEN and
settles down to see who turns up. When SYN comes in, it is acknowledged and host goes to the
SYN RECVD state. When host B’s SYN is itself acknowledged, the three-way handshake is
completed and the server goes to the ESTABLISHED state. And data transfer between two hosts.
When the host A has had enough data, it sends FIN to host B. The host B received the command
and sends its ACK to host A with FIN. Host A received FIN and sends ACK to host B and
finally the host B releases the connection.

17.2 Algorithm for TCP state machine

The algorithm for TCP state machine is explained below:

1. The client is active open and sends SYN and sets on SYN SENT state.
2. While the other end the server must be passive open and sets on LISTEN state.
3. When SYN comes to the server, it sets on SYN RECVD and ready to receive.
4. When the server received SYN from the client, it sends its own SYN and ACK of client’s
SYN.
 5. The client received its ACK and server’s SYN and give reply to server by ACK and both
set on ESTABLISHED state.
6. And the data is transmitted between them.
7. At the end, suppose the client is on passive close. It goes on FIN WAIT-1 waiting for
ACK from the server.
8. When it received it sets on FIN WAIT-2 state and waiting for FIN, after receiving it the
client sends ACK to the server and sets on TIME WAIT state.

17.3 TCP finite state machine

Reset / any invalid input

begin
CLOSED

passive open

close active open / SYN

SYN / SYN + ACK
LISTEN
Close / timeout / reset
reset
send / SYN
SYN SYN / SYN + ACK SYN
RECVD SENT

SYN + ACK / ACK

ACK
close / FIN ESTAB CLOSE
FIN / ACK WAIT
close / FIN
timeout after
close / FIN
2 segment
lifetimes
FIN
fin / ACK LAST
WAIT-1
closing ACK

ACK FIN - ack / ACK ACK

FIN TIMED
WAIT-2 WAIT timeout after 2 segment lifetimes
fin / ACK

Figure
Figure 17.1 Finite State Machine – flow diagram
17.4 Let Us Sum Up

Algorithm for TCP state machine

The algorithm for TCP state machine is explained below:

1. The client is active open and sends SYN and sets on SYN SENT state.
2. While the other end the server must be passive open and sets on LISTEN state.
3. When SYN comes to the server, it sets on SYN RECVD and ready to receive.
4. When the server received SYN from the client, it sends its own SYN and ACK of client’s
SYN.
5. The client received its ACK and server’s SYN and give reply to server by ACK and both
set on ESTABLISHED state.
6. And the data is transmitted between them.
7. At the end, suppose the client is on passive close. It goes on FIN WAIT-1 waiting for
ACK from the server.
8. When it received it sets on FIN WAIT-2 state and waiting for FIN, after receiving it the
client sends ACK to the server and sets on TIME WAIT state.

17.5 Lesson end Activities

1. Draw the finite state machine states.

17.6 Points for Discussion

1. What is finite state machine?

17.7 Check your Progress

1. What are steps in TCP finite state machine?

17.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 18. TCP Connection Management

18.0 Aim and Objectives

18.1 Introduction
18.2 Connection Extablishment
18.3 Connection Release
18.4 Let us Sum Up
18.5 Lesson end Activities
18.6 Points for Discussion
18.7 Check Your Progress
18.8 References

18.0 Aim and Objectives

To under stand how TCP connections are established and released

18.1 Introduction

TCP is connection oriented. It establishes a logical connection between the two end to end
systems. Before transmitting data they will exchange the connection information called handshake.

18.2 Connection Establishment

Establishing connection the nodes are exchanged three segments so it is called “three-way
handshake”. One side executes a CONNECT primitive, specifying the destination IP address, destination
port, window size, and optionally some user data. This is delivered in a TCP segment with the SYN flag
on, the ACK flag off, and an Initial Sequence Number (ISN) which is randomly chosen. This is illustrated in
Figure 18.1.
 Figure 18.1.: TCP open connection. a: synchronous, b: simultaneous (full-duplex).

At first, one must say that host 2 has previously performed a LISTEN primitive on the
appropriate port. If not, the connection is rejected. In (a), host 1 opens the connection with an
ISN of x. Host 2 accepts the connect request by sending a TCP segment which acknowledges
host 1's request (ACK flag on and the ACKNOWLEDGEMENT NUMBER set to x+1) and its
own connection request (SYN flag on with an ISN of y). Host 1 acknowledges this request. Note
that the SYN flag consumes one byte of sequence space so that it can be acknowledged
unambiguously.

In (b), both hosts attempt a connection request at the same time. Only one connection is
established, not two, because a connection is identified by their end points, which are the same in
this case.

18.3 Connection Release

The three-way handshake is also used to terminate a connection, as illustrated in the following
figure.

Figure 18.2 : TCP close connection

In this example, host 1 terminates the connection by transmitting a segment with the FIN
flag set, containing optional data. Host 2 acknowledges this (the FIN flag also consumes one
byte of sequence space) and sets its own FIN flag. The third and last segment contains host 1's
acknowledgement of host 2's FIN flag.

During closing of connection, there can be following additional states in the State Transition diagram:

 FIN_WAIT1: AT THE CLIENT: The application shuts down. TCP sends the last data with FIN to the
server and moves into this state.
  FIN_WAIT2: AT THE CLIENT: On receipt of the Ack from the server, TCP moves into the state.
Waiting for the server to shutdown.
 CLOSE_WAIT: AT THE SERVER: The client has shutdown and is waiting for us to finish writing our
data and to shutdown.

 LAST_ACK: AT THE SERVER: The server has shutdown after the client has shutdown. However
the client has yet to acknowledge the segment.

 CLOSING: AT THE CLIENT: both applications are closing nearly simultaneously; The Fin segments
may be received by each side from the other side. But Ack from the server may not have been
received.

Closing a TCP connection (continued)

Active Close Passive Close

SENDER A RECEIVER B

Application Close REC FIN

Send FIN, SEQ=P Segment 1

Inform Application by
delivering EOF SEND ACK=P+1

Segment 2
REC ACK

Application Closes connection

Segment 3 Send FIN, SEQ=Q, ACK=P+1

REC FIN + ACK

Inform Application by delivering EOF, Time-Wait

SEND ACK=Q+1 Segment 4

REC ACK
 Figure 18.3 Closing a TCP connection (continued)

18.4 Let us Sum Up

TCP is connection oriented. It establishes a logical connection between the two end to end
systems. Before transmitting data they will exchange the connection information called handshake.

One side executes a CONNECT primitive, specifying the destination IP address, destination port,
window size, and optionally some user data. This is delivered in a TCP segment with the SYN flag on, the
ACK flag off, and an Initial Sequence Number (ISN) which is randomly chosen.

During closing of connection, The application shuts down. TCP sends the last data with FIN to
the server and moves into this state. On receipt of the Ack from the server, TCP moves into the state
and waiting for the server to shutdown. The client has shutdown and is waiting for us to finish writing
our data and to shutdown. The server has shutdown after the client has shutdown. However the client
has yet to acknowledge the segment. Both applications are closing nearly simultaneously; The Fin
segments may be received by each side from the other side. But Ack from the server may not have been
received.

18.5 Lesson end Activities

1. How TCP Connection Established?

18.6 Points for discussion

1. What are the information are passed while establishing connection?

2. What are the information are passed while releasing connection?

18.7 Check Your Progress

1. What is Handshaking?
18.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan,

McGraq-Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 19. TCP Output Processing

19.0 Aims and Objectives

19.1 Introduction
19.2 Timer Management
19.3 Packet Loss and Retransmission
19.4 Adaptive Retransmission

19.5 Flow Control

19.6 TCP Keep-Alive Messages
19.7 Slow Start Algorithm and Congestion Avoidance
19.8 Silly Window Syndrome (SWS)
19.9 Nagle Algorithm
19.10 TCP Selective Acknowledgment (RFC 2018
19.11 Let us Sum Up
19.12 Lesson and Activities
19.13 Points for Discussion
19.14 Check your Progress
19.15 References

19.0 Aims and Objectives

To learn about Timer management

To learn about adaptive retransmission
To learn about flow control

19.1 Introduction

For efficient processing of TCP data we require different techiniques like Timer
Management, Packet Loss and Retransmission, Adaptive Retransmission, Flow Control, TCP
Keep-Alive Messages, Slow Start Algorithm and Congestion Avoidance, Silly Window
Syndrome, Nagle Algorithm and TCP Selective Acknowledgment.

19.2 Timer Management

Retransmission Timer(RT)

Retransmission Timer started when a message is sent. If no ACK is received before the
timer expires the message is retransmitted. The transmitter keeps all transmitted segments in the
buffer until they have been ACKed. This timer is based upon the Retransmission Timeout (RTO)
Number which will depend upon the network type. When the RT expires, the RTO is increased
exponentially (to a preset limit) and the segment retransmitted. If the preset maximum limit is
exceeded an error message is sent to the ULP. The RTO is based upon the Round Trip Time
(RTT) - average time from transmission to acknowledgement. The RTT is developed from an
algorithm that develops an expected Smoothed Round Trip Time (SRTT). This can be set by
software.

Quiet Timer

This timer is started when a port is closed and is normally set to 30 seconds. This
prevents a just closed port from responding to a quick open. Late segments from the just closed
session may still be in enroute. Their receipt would cause an error.

Persistence Timer

This timer is started upon receipt of a receive window size = 0. When a transmitting
station receives a receive window size = 0, it pauses transmission until notified to begin by the
receiving station. This notification may be lost in Internet. If this timer expires, a one byte
segment is transmitted to the receiving station to assure it is still alive. If the receiving station is
still backlogged, it transmits a receive window size = 0. If the receiving window is open, it
transmits the new window size.

Keep Alive/Idle Timer

The Idle timer (normally set to 360 seconds) and the Keep-Alive timer (normally set to
10-20 seconds) are started when there in no traffic. When the Keep- Alive timer expires, an
empty packet is sent at regular intervals. Applies only to the server. If the Idle timer expires, the
connection is assumed to be broken and an error message is generated.

19.3 Packet Loss and Retransmission

TCP manages successfully with the loss of packets using a technique called
retransmission. When TCP data arrives, an acknowledgement is sent back to the sender. When
TCP data is sent, a timer is started. Again, if the timer expires before an acknowledgement
arrives, TCP retransmits the data.
 Figure 19.1 : Retransmission example

TCP must be ready to retransmit any packet that is lost on one of the connections.

19.4 Adaptive Retransmission

TCP estimates the round-trip for each active connection. For each connection, TCP
generates a sequence of round-trip estimates and uses a statistical function to produce a weighted
average. It also maintains an estimate of the variance and uses a linear combination of the
estimated mean and variance as the value of the timeout.

The following figure gives in detail. In (a), we have a connection with a relatively long
round-trip delay. In (b), we have a connection with a shorter round-trip delay. The goal is to wait
long enough to decide that a packet was lost, without waiting longer than necessary. When
delays start to vary, TCP adjusts the timeout to a value greater than the mean to accommodate
peaks.
 Figure 19.2. : Timeout and retransmission

19.5 Flow Control

TCP follows window mechanism to control the flow of data. When a connection is
established, each end of the connection allocates a buffer to hold incoming data, and sends the
size of the buffer to the other end. As data arrives, the receiver sends acknowledgements together
with the amount of buffer space available called a window advertisement.

If the receiving application can read data as quickly as it arrives, the receiver will send a
positive window advertisement with each acknowledgement. However, if the sender is faster
than the receiver, e.g. has a faster CPU or consuming the data is harder then producing it,
incoming data will eventually fill the receiving buffer, causing the receiver to announce that the
window is zero length. It is up to receiver to determine the window size, to evict packet loss. A
sender that receives a zero window advertisement must stop sending until it receives a positive
window. This is illustrated in the following figure.
 Figure 19.3: TCP flow control

The window size is generally fixed by operating system and it is the network
infrastructure who determines the segment size.

19.6 TCP Keep-Alive Messages

A TCP keep-alive packet is simply an ACK with the sequence number set to one less
than the current sequence number for the connection. A host receiving one of these ACKs
responds with an ACK for the current sequence number. Keep-alives can be used to verify that
the computer at the remote end of a connection is still available. TCP keep-alives can be sent
once every KeepAliveTime (defaults to 7,200,000 milliseconds or two hours) if no other data or
higher-level keep-alives have been carried over the TCP connection. If there is no response to a
keep-alive, it is repeated once every KeepAliveInterval seconds. KeepAliveInterval defaults to 1
second.
19.7 Slow Start Algorithm and Congestion Avoidance
When a connection is established, TCP starts slowly at first to assess the bandwidth of the
connection, and to avoid overflowing the receiving host or any other devices or links in the path.
The send window is set to two TCP segments, and if that is acknowledged, it is incremented to
three segments. If those are acknowledged, it is incremented again, and so on until the amount of
data being sent per burst reaches the size of the receive window on the remote host. At that point,
the slow start algorithm is no longer in use, and flow control is governed by the receive window.
However, congestion could still occur on a connection at any time during transmission. If this
happens (evidenced by the need to retransmit), a congestion-avoidance algorithm is used to
reduce the send window size temporarily and to grow it back towards the receive window size.
Slow start and congestion avoidance are discussed further in RFC 1122 and RFC 2581.

19.8 Silly Window Syndrome (SWS)

Silly Window Syndrome is described in RFC 1122. SWS is caused by the receiver
advancing the right window edge whenever it has any new buffer space available to receive data
and by the sender using any incremental window, no matter how small, to send more data. The
result can be a stable pattern of sending tiny data segments, even though both sender and receiver
have a large total buffer space for the connection. It also implements SWS avoidance on the
receive end of a connection by not opening the receive window in increments of less than a TCP
segment.

19.9 Nagle Algorithm

Nagle algorithm described in RFC 896. The purpose of this algorithm is to reduce the
number of very small segments sent, especially on high-delay (remote) links. The Nagle
algorithm allows only one small segment to be outstanding at a time without acknowledgment. If
more small segments are generated while awaiting the ACK for the first one, these segments are
coalesced into one larger segment. Any full-sized segment is always transmitted immediately, on
the assumption that there is a sufficient receive window available. The Nagle algorithm is
effective in reducing the number of packets sent by interactive applications, such as Telnet,
especially over slow links.

19.10 TCP Selective Acknowledgment (RFC 2018)

Selective Acknowledgement (SACK) is described in RFC 2018. SACK is especially
important for connections using large TCP window sizes. Prior to SACK, a receiver could only
acknowledge the latest sequence number of contiguous data that had been received, or the left
edge of the receive window. When SACK is enabled, the receiver continues to use the ACK
number to acknowledge the left edge of the receive window, but it can also acknowledge other
non-contiguous blocks of received data individually. SACK uses TCP header options.
19.11. Let Us Sum

TCP Output Processing

Timer Management

Retransmission Timer(RT)

Retransmission Timer started when a message is sent. If no ACK is received before the
timer expires the message is retransmitted. The transmitter keeps all transmitted segments in the
buffer until they have been ACKed.

Quiet Timer

This timer is started when a port is closed and is normally set to 30 seconds.

Persistence Timer

This timer is started upon receipt of a receive window size = 0

Keep Alive/Idle Timer

The Idle timer (normally set to 360 seconds) and the Keep-Alive timer (normally set to
10-20 seconds) are started when there in no traffic.

Packet Loss and Retransmission

TCP manages successfully with the loss of packets using a technique called
retransmission.

Adaptive Retransmission
TCP estimates the round-trip for each active connection. For each connection, TCP
generates a sequence of round-trip estimates and uses a statistical function to produce a weighted
average. It also maintains an estimate of the variance and uses a linear combination of the
estimated mean and variance as the value of the timeout.

Flow Control
TCP follows window mechanism to control the flow of data. When a connection is
established, each end of the connection allocates a buffer to hold incoming data, and sends the
size of the buffer to the other end. As data arrives, the receiver sends acknowledgements together
with the amount of buffer space available called a window advertisement.
 A sender that receives a zero window advertisement must stop sending until it receives a
positive window.

TCP Keep-Alive Messages

A TCP keep-alive packet is simply an ACK with the sequence number set to one less
than the current sequence number for the connection.

19.12 Lesson end Activities

What are facilities provided by the TCP to time management?

19.13 Points for Discussion

What is the purpose of retransmission

19.14 Check your Progress

1. What is Adaptive Transmission?

2. How TCP Flow Control works?

3. What is TCP Selective Acknowledgment ?

19.15 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan,

McGraq-Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 20. Socket Programming

21.0 Aims and Objectives

20.1 Introduction
20.2 Domain
20.3 Internet address conversion
20.4 Connection less (UDP) Communication
20.5 Connection oriented (TCP) Communication
20.6 Let us Sum Up
20.7 Lesson end Activities
20.8 Points for Discussion
20.9 Check your progress
20.10 References

20.0 Aims and Objectives

To learn about steps in connection oriented and connection less programming

20.1 Introduction

In Unix operating system we can write network programming using C in two different
methods. One is BSD’s Socket programming and other is AT&T’s TTL programming. Compare
to TTL method Socket programming is easier and flexible.

Application Programming Interface(API)

C language has own API for system as well as network programming. Most of the Unix
functions are written in C. In Unix we have two types of functions. One is library function and
another is systems calls.

System calls are functions which are interface to kernel. So it fast in execution.

In Unix, if you want to write a network program then you have to create a socket.

Unix Socket has three properties. They are Domain, Type of the socket and Protocol.

20.2 Domain

There are two types of domains are existed in the Internet Community. One is Unix
domain and another is Internet domain. Unix domain refers the local unix domain system. It is
referred with AF_UNIX and the posix name is AF_INET. This type of process used to
communicate with another process on the same unix system. In the Internet domain, it is referred
with AF_INET. This type of process used to communicate with another process on another
system through internet.
 In general two type of system architecture are there. One is big endinan and other is little
endian. It is nothing but one type of architecture following to store big number in the right hand
side and the other type storing small number in the right hand side.

In the Internet, there is a need to connect these two types of system. So they have a
common conversion method. Whenever a packet has send to network that data should be
converted into network byte order.

Inet_addr(), htons() and htonl()

Whenever a packet has send received from network that data should be converted into host byte
order.

Inet_ntoa(), ntohs() and ntohl()

20.3 Internet address conversion

Internet address is an octet value. It is necessary to convert internet addresses between

ASCII strings and network byte ordered binary values. inet_aton() Convert C character string
into binary network byte order value. inet_ntoa() Convert binary network byte ordered into its
corresponding dotted decimal order.

#include<arpa/inet.h>
int inet_aton(const char *stptr, struct in_addr *addrptr);
char *inet_ntoa(struct in_addr inaddr);

We have to use the address structure “ struct sockaddr_in“ which is available in the
Header file - <netinet/in.h>.

struct in_addr {
u_long s_addr;
};
struct sockaddr_in {
u_short sin_family; // protocol identifier; usually AF_INET
u_short sin_port; // port number – 0, then kernel chose
struct in_addr sin_addr; // IP address – INADDR_ANY
// refers to the IP address of the Current host
char sin_zero[8]; }; //unused, always zero

struct sockaddr is another address structure which is more generic, but compatible, both are 16
bytes, starting with the same field.
struct sockaddr {
u_short sa_family;
char sa_dat[14];};

Another address structure differ from internet, sockaddr_un is used for unix domain. We have to
use the header file <sys/un.h>

Socket Type

Different types of sockets are available. Mainly we are using UDP, TCP and IP.

Datagram – SOCK_DGRAM
• UDP level
Stream – SOCK_STREAM
• TCP level
Raw – SOCK_RAW
• IP level

If AF_UNIX, then it is name of a file not the socket type.

Protocols

TCP/IP is a collection of collaborative protocols. In this option we have to mention the

protocol.

TCP – IPPROTO_TCP
UDP – IPPROTO_UDP
IP – IPPROTO_IP
ARP – IPPROTO_ARP
0 to choose the default protocol

Multiple services

TCP/IP can handle multiple services at the same time. A service is a facility or function
provided by the server like FTP, telnet. Server provides this service through a protocol and port
number. Each service assigned by a port number. Port number is a 16 bit number. With the help
of the port number server uniquely identifies application processes/ network services.
In Unix, all services and their port numbers are listed in /etc/services file

Figure 20.1 Port and their services

Ports 0 – 1023, are reserved and servers or clients that you create will not be able to bind
to these ports unless you have root privilege.

Ports 1024 - 65535 , are available for use by your programs, but beware other network
applications maybe running and using these port numbers as well so do not make assumptions
about the availability of specific port numbers.

A server can support more than one service at a time from different client. If it is not
received the request from the client then it would idle. So, start a server process when it needs. In
Unix Inetd daemon taken care of this. Inetd bind port number to the service. In program we
have to use select() system call.

A socket contain

<protocol, source-address, local-port, destination address, destination-port>

<tcp, 202.54.650, 23, 195.30.15.2, 23>

20.4 Connectionless (UDP) Communication steps

1. Create socket
2. Bind address to the socket
3. Send / receive data
4. Close the socket

Client/Server application Model

The server executes first and waits to receive; the client executes second and sends the
first network packet to the server. After initial contact, either the client or the server is capable
of sending and receiving data.

Figure 20.2. Client/Server Communication

20.5 Connection oriented (TCP) Communication

Features of a TCP connection

 Connection Oriented
 Reliability
o Handles lost packets
o Handles packet sequencing
o Handles duplicated packets

 Full Duplex
 Flow Control
 Congestion Control

Connection oriented Steps

1. Create socket
2. Bind address to the socket
 3. Connect
4. Listen
5. Accept
6. Send / receive data
7. Close the socket

These steps are clearly shown in the following diagram:

Figure 20.3. Client/Server Communication in TCP

Socket creation

To create the socket we have the system call socket().

#include <sys/socket.h>

int socket(int address_family, int socket_type, int protocol_number);

It will return (-1) for failure otherwise success will return socket descriptor which can be
used in other network commands. In server first socket created is often known as a master
socket. Before send or receive data, it must be connected to another socket. Master socket bound
to port number. If the socket creation fail , Use perror() to find out the reason.
 int socket_desc;
socket_desc=socket(AF_INET, SOCK_STREAM, 0);
If (socket_desc == 0)
perror(“Create socket);
struct sockaddr_in address;
address.sin_family = AF_INET;
address.sin_addr.s.addr = INADDR_ANY;
7000 port is used for the connection
address.sin_port = htons(7000);

Binding address

Binding service name to port number we have system call bind(). It is used to specify for
a socket the protocol port number where it will wait for messages.

#include<sys/un.h> - Unix domain

#include<netinet/in.h> - Internet domain
int bind(int socket_id, struct sockaddr * address, int address_length);
socket_id - as created by the socket function
address – pointer to protocol structure of this socket
address_length – length in bytes of structure Referencesd by address

If bind fails, use perror() to find out the reason and success, use sendto()/ recvfrom()
functions to send or receive data.

Connect

Connect() system call is used on the client side to identify and possibly, start connection
to the server. It is required for connection oriented.

int connect ( in sd, const struct sockaddr *addr, int addrlen)

sd - file descriptor of the local socket
addr - pointer to protocol address of other scoket
addrlen - length in bytes of address strucutre
Eg.
#define SERV_NAME //www.bharathiar.ac.in
#define SERV_PORT // 8001
srtuct sockaddr_in servaddr;
struct hostent *hp; // info about host
int sd;
// initialisation
bzero((char *) &servaddr, sizeof(servaddr)):
servaddr.sin_family = AF_INET;
servaddr.sin.port = htons(SERV_PORT);
hp = gethostbyname(SERV_NAME);
If (hp == 0) {
 printf(stderr, “\nfailure to find %s\n”, SERV_NAME); exit(1);}
bcopy(hp->h_addr_list[0], (caddr_t)&servaddr.sin_addr, hp->h_length);
If(connect(sd, (struct sockaddr *) &servaddr, sizeof(servaddr)) < 0) {
perror(“Connect”); exit(1);

Information about Hostname

To get the details about the system and host name we have different functions and we have to

include the header file <netdb.h>

Function prototype

struct hostent *gethostbyname(const char *hostname);

Other functions are …

getpeername, gethostbyaddr, getprotobyname, getprotobynumber, getprotoent, getservbyname,

getservbyport, getservent, getnetbyname, getnetbynumber, getnetent

Info about hostname+aliases+IP addresses

struct hostent {
char *h_name; // host name
char **h_aliases; // null terminated list od alises
int h_addrtype; //host address type
int h_length; //length of address structure
char **h_addr_list; // null terminated list of address from name server
#define h_addr h_addr_list[0] }; // address for backward compatibility

Listen for connection

Socket must be told to listen for connection and also the maximum number of pending
connection using listen() system calls. We have to include the header file <sys/socket.h>

int listen(int sd, int qlen);

listen(socket_desc, 3);

there can be upto 3 connections pending

If a connection request arrives when there are already 3 connections pending, the client receives
a timeout error.
Accept

It tell the server to accept a connection. For this we have to use the header file <sys/socket.h>

int accept(int sd, struct sockaddr *addr, int addrlen);

int addrlen;
struct sockaddr_in address;
addrlen = sizeof(struct sockaddr_in);
new_socket = accept(sock_desc, (struct sockaddr *)&address, &addrlen)
if (new_socket<0)
perror(“accept connection”);

Sending data

To send the data or message we have the system call sendto().

int sendto(
int sd, // socket descriptor
char *msg, // data to be sent
int len, // size of message
int flags, // 0 or options -priority
struct sockaddr *to, // pointer to destination
int tolen); // length of the address

Flags in sendto

It have many flags some of them are :

MSG_DONTROUTE - bypass lookup of routing table

MSG_DONTWAIT - non-blocking(will return error code if it cannot be completed

immediately)

MSG_OOB – send out-of-band (urgent) data

Receiving data

Like sendto we also have separate system call for receiving data.
int recvfrom(
int sd, // socket descriptor
char *msg, // data to be sent
int len // size of message
 int flags, // 0 or options - priority
struct sockaddr *from, // pointer to address of sender
int fromlen); // length of the sender address

Flags in Receiving Data

Receiving data also have separate flags some of them are :

MSG_DONTWAIT - non-blocking(will return error code if it cannot be completed

immediately)

MSG_OOB – send out-of-band (urgent) data

MSG_PEEK - peek at incoming

MSG_WAITALL - wait for all the data requested with length

Closing the socket

The final step in the programe is closing the socket. We close the socket either using
close system call or shutdown system call.

int close(int sockfd);

or

int shutdown(int sd, int action);

Action 0 close for read

1 close for write

2 close for both read and write

20.6 Let Us Sum Up

Domain

There are two types of domains are existed in the Internet Community. One is Unix
domain and another is Internet domain.

Internet address conversion

Internet address is an octet value. It is necessary to convert internet addresses between

ASCII strings and network byte ordered binary values. inet_aton() Convert C character string
into binary network byte order value. inet_ntoa()Convert binary network byte ordered into its
corresponding dotted decimal order.

Another address structure differ from internet, sockaddr_un is used for unix domain. We
have to use the header file <sys/un.h>

Socket Type

Different types of sockets are available. Mainly we are using UDP, TCP and IP.

Datagram – SOCK_DGRAM
• UDP level
Stream – SOCK_STREAM
• TCP level
Raw – SOCK_RAW
• IP level

If AF_UNIX, then it is name of a file not the socket type.

Protocols

TCP/IP is a collection of collaborative protocols. In this option we have to mention the

protocol.

TCP – IPPROTO_TCP
UDP – IPPROTO_UDP
IP – IPPROTO_IP
ARP – IPPROTO_ARP
0 to choose the default protocol

Multiple services

TCP/IP can handle multiple services at the same time. A service is a facility or function
provided by the server like FTP, telnet.
 Ports 0 – 1023, are reserved and servers or clients that you create will not be able to bind
to these ports unless you have root privilege.

Ports 1024 - 65535 , are available for use by your programs, but beware other network
applications maybe running and using these port numbers as well so do not make assumptions
about the availability of specific port numbers.

Connectionless (UDP) Communication steps

1. Create socket
2. Bind address to the socket
3. Send / receive data
4. Close the socket

Connection Oriented (TCP) Communication steps

1. Create socket
2. Bind address to the socket
3. Connect
4. Listen
5. Accept
6. Send / receive data
7. Close the socket

Socket creation

Int socket(int address_family, int socket_type, int protocol_number);

Binding address

Binding service name to port number we have system call bind(). It is used to specify for
a socket the protocol port number where it will wait for messages.

Connect

Connect() system call is used on the client side to identify and possibly, start connection
to the server. It is required for connection oriented.

Information about Hostname

To get the details about the system and host name we have different functions and we have to

include the header file <netdb.h>

Listen for connection

Socket must be told to listen for connection and also the maximum number of pending
connection using listen() system calls. We have to include the header file <sys/socket.h>

int listen(int sd, int qlen);

Accept

It tell the server to accept a connection. For this we have to use the header file <sys/socket.h>

int accept(int sd, struct sockaddr *addr, int addrlen);

Sending data

To send the data or message we have the system call sendto().

int sendto(
int sd, // socket descriptor
char *msg, // data to be sent
int len, // size of message
int flags, // 0 or options -priority
struct sockaddr *to, // pointer to destination
int tolen); // length of the address

Receiving data

Like sendto we also have separate system call for receiving data.

int recvfrom(
int sd, // socket descriptor
char *msg, // data to be sent
int len // size of message
int flags, // 0 or options - priority
struct sockaddr *from, // pointer to address of sender
int fromlen); // length of the sender address

Closing the socket

The final step in the programe is closing the socket. We close the socket either using
close system call or shutdown system call.

int close(int sockfd);

int shutdown(int sd, int action);

 Action 0 close for read
1 close for write
2 close for both read and write

20.7 Lesson end Activities

1. Write an algorithm for connection oriented communication.

2. Write an algorithm for connection less communication

20.8 Points for Discussion

Why we need two type of domain?

20.9 Check your progress

How different protocols can be adopted in socket programming?

20.10 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

5. “Unix Network programming Networking APIs: Sockets and XTI Volume I”, W.
Richard Stevens
 Lesson 21. Application Layer

21.0 Aims and Objectives

21.1 Introduction
21.2 Telnet
21.3 Rlogin
21.4 Let us Sum Up
21.5 Lesson end Activities
21.6 Points for Discussion
21.7 Check your Progress
21.8 References

.21.0 Aims and Objectives

To learn about Remote login and telnet

21.1 Introduction

The Application layer handles the details of the particular application or service. This is
the layer which used to interact the users. There are many predefined such services are
implemented. Some important services are:

Remote Login (Telnet and Rlogin)

FTP

Email

Etc.

Remote Login

This is implemented based on Client/Server computing concepts. If a Client system wants

to communicate to Server, normally we need physical cabling. If the Server is far away from the
Client location then it is very difficult for direct physical cabling. A user from the client system
can login into the server which is far away from the server using Remote Login without direct
physical cabling.

There are two type of Remote login available under TCP/IP, ie Telnet and Rlogin
Telnet Vs Rlogin

Using telnet different Operating System can communicate each other. They can negotiate
for the type of services provided by them and how they are going to communicate each other.

For example a Unix user can login from the Windows system to Unix system

Implemented in Berkely Unix to communicate between different Unix Operating system.

So a user from one unix server can login to remote unix server using Rlogin.

21.2 Telnet

Implemented based on Client server Model.

Telnet client Telnet Server Login shell

Pseudo
Terminal TCP/IP TCP/IP
terminal
driver
driver

User at a
terminal TCP Connection

Figure 21.1 Telnet Client/Server Overview

Telnet client interact with the user terminal where the user working and TCI/IP protocol
for remote communication. Whatever the user type is sent to the remote system and the server
response is displayed in the user terminal.

Telnet server interacts with TCP/IP protocol for the client communication and pseudo
terminal device. The pseudo device interacts with login shell.

From the Client to the Server, only one TCP connection is used for two way
communication.
 The terminal, pseudo terminal and TCP/IP implementation are part of the Operating
system kernel. The Telnet client and server are user application.

The TELNET Protocol

The Telnet protocol is used for remote logins to computer via the Internet. It is described
in RFC854. TELNET is a protocol that provides “a general, bi-directional, eight-bit byte oriented
communications facility”. telnet is a program that supports the TELNET protocol over TCP.
Many application protocols are built upon the TELNET protocol.

The Network Virtual Terminal

Communication is established using the TCP/IP protocols and communication is based on a
set of facilities known as a Network Virtual Terminal (NVT). It uses data and control over the
same connection At the user or client end the telnet client program is responsible for mapping
incoming NVT codes to the actual codes needed to operate the user's display device and is also
responsible for mapping user generated keyboard sequences into NVT sequences. The NVT uses
7 bit codes for characters, the display device, referred to as a printer in the RFC, is only required
to display the "standard" printing ASCII characters represented by 7 bit codes and to recognise
and process certain control codes. The 7 bit characters are transmitted as 8 bit bytes with most
significant bit set to zero. An end-of-line is transmitted as the character sequence CR (carriage
return) followed by LF (line feed). If it is desired to transmit an actual carriage return this is
transmitted as a carriage return followed by a NUL (all bits zero) character. All NVTs support a
minimal set of capabilities. Some terminals have more capabilities than the minimal set. The set
of options is not part of the TELNET protocol, so that new terminal features can be incorporated
without changing the TELNET protocol. TELNET includes support for a series of control
functions commonly supported by servers.

Control Codes for NVT

Decimal
Name code Function
Value

NULL NUL 0 No operation

Moves the printer to the next print line, keeping the same
Line Feed LF 10
horizontal position.

Carriage
CR 13 Moves the printer to the left margin of the current line.
Return
 The following further control codes are optional but should have the indicated defined
effect on the display.

Decimal
Name code Function
Value

Produces an audible or visible signal (which does NOT

BELL BEL 7
move the print head.

Moves the print head one character position towards the left
Back margin. [On a printing devices this mechanism was
BS 8
Space commonly used to form composite characters by printing
two basic characters on top of each other.]

Moves the printer to the next horizontal tab stop. It remains

Horizontal
HT 9 unspecified how either party determines or establishes where
Tab
such tab stops are located.

Moves the printer to the next vertical tab stop. It remains

Vertical
VT 11 unspecified how either party determines or establishes where
Tab
such tab stops are located.

Moves the printer to the top of the next page, keeping the
Form
FF 12 same horizontal position. [On visual displays this commonly
Feed
clears the screen and moves the cursor to the top left corner.]

The NVT keyboard is specified as being capable of generating all 128 ASCII codes by
using keys, key combinations or key sequences.

Commands
Commands are always introduced by a character with the decimal code 255 known as an
Interpret as Command (IAC) character. The complete set of special characters are :

Decimal
Name Meaning
Code

SE 240 End of sub negotiation parameters.

NOP 241 No operation

 Data mark. Indicates the position of a Synch event within the data
DM 242 stream. This should always be accompanied by a TCP urgent
notification.

BRK 243 Break. Indicates that the "break" or "attention" key was hit.

Suspend, interrupt or abort the process to which the NVT is

IP 244
connected.

Abort output. Allows the current process to run to completion but do

AO 245
not send its output to the user.

Are you there? Send back to the NVT some visible evidence that the
AYT 246
AYT was received.

Erase character. The receiver should delete the last preceding

EC 247
undeleted character from the data stream.

Erase line. Delete characters from the data stream back to but not
EL 248
including the previous CRLF.

Go ahead. Used, under certain circumstances, to tell the other end that
GA 249
it can transmit.

SB 250 Sub negotiation of the indicated option follows.

Indicates the desire to begin performing, or confirmation that you are

WILL 251
now performing, the indicated option.

Indicates the refusal to perform, or continue performing, the indicated

WONT 252
option.

Indicates the request that the other party perform, or confirmation that
DO 253
you are expecting the other party to perform, the indicated option.

Indicates the demand that the other party stop performing, or

DONT 254 confirmation that you are no longer expecting the other party to
perform, the indicated option.

IAC 255 Interpret as command

 Options are agreed by a process of negotiation which results in the client and server
having a common view of various extra capabilities that affect the interchange and the operation
of applications.

Either end of a telnet dialogue can enable or disable an option either locally or remotely.
The initiator sends a 3 byte command of the form

IAC,<type of operation>,<option>

The following patterns of option negotiation are defined.

Sender Receiver
Implication
Sent Responds

The sender would like to use a certain option if the receiver can
WILL DO handle it. The receiver says it can support the option. Option is now
in effect

The sender would like to use a certain option if the receiver can
WILL DONT handle it. The receiver says it cannot support the option. Option is
not in effect.

The sender requests that the receiver use a certain option. The
DO WILL
receiver says it can support the option. Option is now in effect.

The sender requests that the receiver use a certain option. The
DO WONT
receiver says it cannot support the option. Option is not in effect.

The sender will not use a certain option. Option disabled. DONT is
WONT DONT
only valid response.

The sender requests that the receiver does not use a certain option.
DONT WONT
Option disabled. WONT is only valid response.

For example if the sender wants the other end to suppress go-ahead it would send the byte
sequence

255(IAC),251(WILL),3

The final byte of the three byte sequence identifies the required action.
For some of the negotiable options values need to be communicated once support of the option
has been agreed. This is done using sub-option negotiation. Values are communicated via an
exchange of value query commands and responses in the following form.

IAC,SB,<option code number>,1,IAC,SE

and

IAC,SB,<option code>,0,<value>,IAC,SE

For example if the client wishes to identify the terminal type to the server the following
exchange might take place

Client 255(IAC),251(WILL),24
Server 255(IAC),253(DO),24
Server 255(IAC),250(SB),24,1,255(IAC),240(SE)
Client 255(IAC),250(SB),24,0,'V','T','2','2','0',255(IAC),240(SE)

The first exchange establishes that terminal type (option number 24) will be handled, the
server then enquires of the client what value it wishes to associate with the terminal type. The
sequence SB,24,1 implies sub-option negotiation for option type 24, value required (1). The
IAC,SE sequence indicates the end of this request. The repsonse IAC,SB,24,0,'V'... implies sub-
option negotiation for option type 24, value supplied (0), the IAC,SE sequence indicates the end
of the response (and the supplied value).

telnet is a generic TCP client. It sends whatever you type to the TCP socket. telnet prints
whatever comes back through the TCP socket. telnet used for testing TCP servers (ASCII based
protocols).

Example for telnet communication

1. telnet cse.bharathi.edu 7
2. Trying 202.115.10.35...
3. Connected to cse.bharathi.edu (202.115.10.35).
4. Escape character is '^]'.
5. Hi Ramesh
6. Hi Ramesh
7. stop it
8. stop it
9. ^]
10. telnet> quit
11. Connection closed.
21.3 Rlogin

Rlogin used to login between UNIX hosts. It is similar to Telnet but option negotiation is
not required, since both operating system on the client and server are known in advance.

Rlogin uses a single TCP connection between the client and server.

In the server system, the user has to create a file .rhosts and lines containing the clinet host name
and other user name.

Flow control is done by the Rlogin client otherwise user has to type Control-S to stop the
terminal output.

Client can interrupt the process on the server by pressing interrupt keys.

The protocol requires rlogin server software to be running on the host that is going to allow
remote access; it is usually called rlogind (for rlogin daemon, the latter word being the standard
UNIX term for a background server process). The server listens for incoming connection
requests on TCP port 513. A user who wants to remotely log in to the server runs the rlogin
command on his or her local host, and specifies the name of the server. The client makes a TCP
connection to the server, and then sends to the server a string containing the following
information:

 The login name of the user on the client machine.

 The login name that the user wants to use on the server (which is often the same as
the user’s login name on the client, but not always.)

 Control information such as the type and speed of the terminal.

The server processes this information and begins the login process. It will normally
prompt the user for a password to log in to the remote host. Assuming the password is correct;
the user will be logged in to the remote host and can use it as if he or she were locally connected.

21.4 Let Us Sum Up

Application Layer

The Application layer handles the details of the particular application or service.

Remote Login

This is implemented based on Client/Server computing concepts.

There are two type of Remote login available under TCP/IP, ie Telnet and Rlogin
Telnet

Implemented based on Client server Model.

Telnet client interact with the user terminal where the user working and TCI/IP protocol
for remote communication.

The TELNET Protocol

The Telnet protocol is used for remote logins to computer via the Internet. It is described
in RFC854. TELNET is a protocol that provides “a general, bi-directional, eight-bit byte oriented
communications facility”. telnet is a program that supports the TELNET protocol over TCP.
Many application protocols are built upon the TELNET protocol.

The Network Virtual Terminal

The NVT keyboard is specified as being capable of generating all 128 ASCII codes by
using keys, key combinations or key sequences.

Commands
Commands are always introduced by a character with the decimal code 255 known as an
Interpret as command (IAC) character. The complete set of special characters are :

Rlogin

Rlogin used to login between UNIX hosts. It is similar to Telnet but option negotiation is
not required, since both operating system on the client and server are known in advance.

In the server system, the user has to create a file .rhosts and lines containing the clinet
host name and other user name.

21.5 Lesson end Activities

What is the difference between Remote login and telnet?

21.6 Points for Discussion

What is the purpose of remote login and telnet?

21.7 Check your Progress

1. How Remote login works?

2. How tenet works?

3. Write Short Notes on a) R Login, b) Telnet

21.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 22. File Transfer Protocol

22.0 Aims and Objectives

22.1 Introduction
22.2 File transfer protocol (FTP)
22.3 Trivial File Transfer protocol (TFTP)
22.4 Let us Sum Up
22.5 Lesson – End Activities
22.6 Point for Discussion
22.7 Check your Progress
22.8 References

22.0 Aims and Objectives

To learn about File transfer protocol

22.1 Introduction

Network operating system provides the facilities to share the file in the network in any
one of the three methods. In the first method, the server provide the storage facilities for the files,
which has been shared by client computers those computers do not have local hard disk. In the
second methods the client computers also have the hard disk. Periodically, each computer sends
or updates the copies of the files to the server using archival facility, so it will helpful in
accidental loss. Third method is used in the big organizations like banks where we have one
databases but it can be shared by different users, from different places.

On-line access and whole-file copying

On-line access methods provide the facilities to access the same file concurrently.
Whatever changes made to the file take immediately and that also available to all program that
access the file.

Whole-file copying methods provide that whenever a program wants to access a file, the
program obtains a local copy.

22.2 File Transfer Protocol (FTP)

In the Internet File Transfer protocol (FTP) is the standard protocol for file transfer. FTP
copies a complete file from one system to another system. To use FTP we need a user account to
login otherwise we have to use the anonymous FTP user account. It is defined in RFC 959.

The file transfer protocol (FTP) allows a user on any computer to get files from another
computer, or to send files to another computer. Security is handled by requiring the user to
specify a user name and password for the other computer. Provisions are made for handling
file transfer between machines with different character set, end of line conventions, etc. This
is not quite the same thing as more recent "network file system" or "netbios" protocols, which
will be described below. Rather, FTP is a utility that you run any time you want to access a file
on another system. You have to use it to copy the file to your own system. You then work with
the local copy.

The main issues to be considered are:

1. Procedures for accumulating messages into files so as to minimise FTP overheads with
short messages (applies only to existing message types);
2. file naming conventions for existing message types (existing AHL);
3. file naming conventions for new message types (no existing AHL);
4. file renaming;
5. use of directories;
6. account names and passwords;
7. FTP sessions;
8. Local FTP requirements;
9. File compression.

Advantages of FTP

Interactive Access

FTP provides an interactive interface that allows users to interact with remote servers.

Format Specification

FTP allows the clients to specify the type and representation of stored data.

Authentication Control

Server allows only the authorized clients to access.

 User
User at a
interface
terminal

Control connection
User protocol Server
interpreter protocol
(FTP commands) interpreter

FTP replies

File Data connection

User data Server data
system File
transfer transfer
system
function function

Figure 22.1 File Transfer protocol – processes

FTP uses two TCP connections to transfer a file. The server always waiting for the client
request at the port for FTP(21). It is a passive open. The client initiates the connection. it is an
active open. Based on this the control connection is established in the normal client-server
fashion. This connection stays up for the entire period of communication. This connection is
used for commands from the client to the server and for the server’s replies.

A data connection is created each time a file is transferred between the client and server.

The user interface used to interact the user and convert these into FTP commands that are
sent to the server and vice versa through the control connection.

Data Representation

FTP protocol provides different types of data transfer. These are based on File type,
Format control, and structure and transmission mode.

File Type

ASCII file type

The sender converts the local text file into NVT ACSII format and send through data
connection. On the other end receiver convert the NVT ASCII format file into local text
file format. This is the default method.
 EBCDIC file type

If the both systems are EBCDIC systems then this method is used for text file conversion.

Image file type

The data is sent as a contiguous stream of bits. Also called binary file type.

Local file type

This method of binary files is transfer with different sizes. So the sender has to specify
the number of bits per transmission byte.

File Control

ASCII and EBCDIC file type can use this choice

Nonprint

The file contains no vertical format information. This is the default method.

Telnet format control

The file contains telnet vertical format controls for a printer to interpret.

Fortran carriage control

Fortran format control characters are used for first character of each line.

Structure

File structure

The file is considered as a contiguous stream of bytes. There is no internal file structure.
This is the default structure.

Record structure

This structure is only used with text files.

Page structure

Each page is transmitted with page number. So the receiver can receive the page in
random order.
Transmission mode

Stream mode

The file is transferred as a stream of bytes.

Block mode

The file transferred as a series of blocks, each preceded by one or more header bytes.

Compressed mode

Simple run-length encoding compresses consecutive appearances of the same byte.

Anonymous FTP

FTP allows only the authorized users to access the files. Some files may be used the
public. In this case most TCP/IP provides the facility called anonymous FTP user whish don’t
have password.

22.3 Trivial File Transfer protocol (TFTP)

FTP requires clients and servers to manage multiple concurrent TCP connections. TFTP
does not need complex connections like FTP. It provides restricted operations and does not
provide any authentication.

TFTP runs on top of UDP or any other unreliable packet delivery system, using timeout
and retransmission to ensure that data arrives. The sending side transmits a file in fixed size
blocks and awaits an acknowledge for each block before sending the next. The receiver
acknowledges each block upon receipt.

Client or server first sends a request for file transfer. The request packet contains file
name and whether the file will be read or written. Block of the file is numbered consecutively
starting at 1. Each data packet contains a header that specifies the number of the blocks it
carriers, and each acknowledgement contains the number of block being acknowledge. A block
of less than 512 bytes signals the end of file. It is possible to send an error message either in the
place of data or an acknowledgement; error terminates the transfer.

The initial packet must use operation codes 1 or 2 to specify either read request or a write
request, the FILENAME field to specify the name of a file, and MODE field to specify whether
the client will read the file, write the file, or both.
Common FTP Commands

? to request help or information about the FTP commands

to set the mode of file transfer to ASCII

ascii
(this is the default and transmits seven bits per character)

to set the mode of file transfer to binary

binary (the binary mode transmits all eight bits per byte and thus provides less chance of a
transmission error and must be used to transmit files other than ASCII files)

bye to exit the FTP environment (same as quit)

cd to change directory on the remote machine

close to terminate a connection with another computer

closes the current FTP connection with brubeck,

close brubeck
but still leaves you within the FTP environment.

delete to delete (remove) a file in the current remote directory (same as rm in UNIX)

get to copy one file from the remote machine to the local machine

copies file ABC in the current remote directory to (or on top of) a file
get ABC DEF
named DEF in your current local directory.

copies file ABC in the current remote directory to (or on top of) a file
get ABC
with the same name, ABC, in your current local directory.

help to request a list of all available FTP commands

lcd to change directory on your local machine (same as UNIX cd)

ls to list the names of the files in the current remote directory

mkdir to make a new directory within the current remote directory

to copy multiple files from the remote machine to the local machine;
mget
you are prompted for a y/n answer before transferring each file
 copies all the files in the current remote directory to your current local
mget * directory, using the same filenames. Notice the use of the wild card
character, *.

to copy multiple files from the local machine to the remote machine;
mput
you are prompted for a y/n answer before transferring each file

open to open a connection with another computer

opens a new FTP connection with brubeck;

open brubeck you must enter a username and password for a brubeck account
(unless it is to be an anonymous connection).

put to copy one file from the local machine to the remote machine

pwd to find out the pathname of the current directory on the remote machine

quit to exit the FTP environment (same as bye)

rmdir to to remove (delete) a directory in the current remote directory

22.4 Let Us Sum Up

File transfer protocol (FTP)

In the Internet File Transfer protocol (FTP) is the standard protocol for file transfer. FTP
copies a complete file from one system to another system. To use FTP we need a user account to
login otherwise we have to use the anonymous FTP user account.

Advantages of FTP

Interactive Access
FTP provides an interactive interface that allows users to interact with remote servers.
Format Specification
FTP allows the clients to specify the type and representation of stored data.
Authentication Control
Server allows only the authorized clients to access.
Anonymous FTP

FTP allows only the authorized users to access the files. Some files may be used the
public. In this case most TCP/IP provides the facility called anonymous FTP user whish don’t
have password.

Trivial File Transfer protocol (TFTP)

FTP requires clients and servers to manage multiple concurrent TCP connections. TFTP
does not need complex connections like FTP. It provides restricted operations and does not
provide any authentication.

22.5 Lesson end activities

What are commands available for FTP?

22.6 Points for Discussion

What is need for file transfer?

22.7 Check Your Progress

1. Describe the FTP protocols.

2. What is purpose of TFTP?

3. List at the advantages of FTP.

22.8 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 23. Email

23.0 Aims and Objectives

23.1 Introduction
23.2 Electronic Mail Addresses Scheme
23.3 TCP/IP Standard for Electronic Mail Services
23.4 Simple Mail Transfer Protocol (SMTP)
23.5 Post Office Protocol (POP3)
23.6 Internet Message Access Protocol (IMAP4)
23.7 Let us Sum Up
23.8 Lesson end Activities
23.9 Points for Discussion
23.10 Check your progress
23.11 References

23.0 Aims and Objectives

To learn how Email is working

To learn about SMTP POP3 and IMAP protocols

23.1 Introduction

Electronic mails provide the facilities to users to send memos or files across the Internet,
even if the remote destination is temporarily unreachable. The mail system using a technique
called spooling for delayed delivery. Whenever a user send a mail message, the system stores the
details like message, sender and receiver address and time of send. After some time the message
has send as a background process.

23.2 Electronic Mail Addresses Scheme

Electronic mail address consists of two parts. The first part is the mailbox(local part)
identifying name followed by an @ symbol and the domain name of the destination. Domain
name is the domain name of a mail destination to which the mail should be delivered.

local part@ domain name

Domain name is not necessarily the mail server. Mail server may have longer/cryptic name.
Multiple servers may exist to tolerate failures.

To Identifying the mail server for a domain the mail server uses DNS query, asking for MX
records (Mail eXchange). Then, a regular DNS query to learn the IP address.
 Three major components of emails are User agents, Mail servers and Protocols. Users deal
with a user agent, of which there are a multitude to choose from. Popular user agents for Unix
include MH, Berkeley Mail, Elm, and Mush.

The exchange of mail using TCP is performed by a message transfer agent (MTA). The most
common MTA for Unix systems is Sendmail. Users normally don't deal with the MTA. It is the
responsibility of the system administrator to set up the local MTA. Users often have a choice,
however, for their user agent.

Protocols used between mail servers is SMTP and between mail server and user agent are
POP3 (Post Office Protocol [RFC 1939]) and IMAP( Internet Mail Access Protocol [RFC 1730])

Mail servers used to transferring e-mail to and from other servers. Mail server is always on
and always accessible. User agents used to intuitive interface for the user. User agents are
sometimes on and sometimes accessible. The communication between the two MTAs uses NVT
ASCII. Commands are sent by the client to the server, and the server responds with numeric
reply codes and optional human-readable strings

Figure 23.1 Services of User Agent

Messages sent through a series of servers. A server stores incoming messages in a queue. To
wait attempts to transmit them to the next hop. If the next hop is not reachable. The server stores
the message and tries again later. Each hop adds its identity to the message by adding a
“Received” header with its identity. It is helpful for diagnosing problems with e-mail.
Alias Expansion and Mail forwarding

Mail forwarding software allows copies of an incoming message to be sent to one or

more destinations. A single user can have multiple mail identifiers, or a group can have a single
mail alias.

23.3 TCP/IP Standard for Electronic Mail Services

To extend the interoperability of electronic mail, TCP/IP divides its mail standards into
two sets. One standard, given in RFC 2822, specifies the syntactic format used for mail
messages; the other standard specifies the details of electronic mail exchange between two
computers.

According to RFC 2822, a mail message is represented in textual form and is divided into
two parts: a header and a body, which is separated by a blank line. The line begin with To: and
contains the electronic mail address of the intended recipient on the remainder of the line. A line
that begins with From : contains the electronic mail address of the sender.

23.4 Simple Mail Transfer Protocol (SMTP)

SMTP protocol focus on how the underlying mail delivery mail delivery system passes
messages across an internet from one machine to another. Communication between a client and
server consists of readable ASCII text. Commands are sent by the client to the server, and the
server responds with numeric reply codes and optional human-readable strings.

Simple Mail Transfer Protocol is a client server protocol. Client is the sending mail server.
Server is the receiving mail server. It is reliable. It built on top of TCP (on port 25). SMTP is a
push protocol. Sending server pushes the file to the receiving server rather than waiting for the
receiver to request it. SMTP commands are ASCII text and response is three-digit status code
and phrase. To synchronous the communication sender awaits response from a command before
issuing the next command. Though pipelining of commands was added later. The
communication consists of three phases of transfer handshaking (greeting), transfer of messages
and closure.

SMTP used to send e-mail to a remote mail server. Sending mail server transmits e-mail
message to a mail server running on a remote machine. Each server in the path adds its identifier
to the message. Single TCP connection require for control and data.

SMTP uses MIME standard for sending non-text data

E-mail messages have two parts, a header - in 7-bit U.S. ASCII text and a body, also
represented in 7-bit U.S. ASCII text. The header contain series of lines ending in carriage return
and line feed. Each line contains a type and value, separated by “:”
 Body contains series of text lines with no additional structure/meaning and conventions arose
over time (e.g., e-mail signatures). It uses 7-bit U.S. ASCII. But for non-English text and binary
files like images and executables it converts non-ASCII data to ASCII. For this purpose it is
using Base64 encoding: map each group of three bytes into four printable U.S.-ASCII characters.
Uuencode (Unix-to-Unix Encoding) was widely used.

Envelopes, Headers, and Body

Electronic mail is composed of three pieces.

1. The envelope is used by the MTAs for delivery.

RFC 821 specifies the contents and interpretation of the envelope, and the protocol used
to exchange mail across a TCP connection.

2. Headers are used by the user agents. Each header field contains a name, followed by a
colon, followed by the field value. RFC 822 specifies the format and interpretation of the
header fields. (Headers beginning with an X- are user-defined fields. The others are
defined by RFC 822.)
3. The body is the content of the message from the sending user to the receiving user. RFC
822 specifies the body as lines of NVT ASCII text. When transferred using the DATA
command, the headers are sent first, followed by a blank line, followed by the body. Each
line transferred using the DATA command must be less than 1000 bytes.

The user agent takes what we specify as the body, adds some headers, and passes the result to
the MTA. The MTA adds a few headers, adds the envelope, and sends the result to another
MTA.

The term content is often used to describe the combination of headers and the body. The
content is sent by the client with the

Multipurpose Internet Mail Extensions(MIME)

MIME does not require any of the extensions that we've described previously in this
section (extended SMTP or non-ASCII headers). MIME just adds some new headers (in
accordance with RFC 822) that tell the recipient the structure of the body The body can still be
transmitted using NVT ASCII, regardless of the mail contents. While some of the extensions
we've just described might be nice to have along with MIME-the extended SMTP SIZE
command, since MIME messages can become large, and non-ASCII headers-these extensions
are not required by MIME. All that's required to exchange MIME messages with another party is
for both ends to have a user agent that understands MIME. No changes are required in any of the
MTAs.
 In MIME we have to mention the content type ie., the type of data contained in the
message and content-transfer-encoding ie., : how the data are encoded

It contains definitions for a set of content types and subtypes. E.g., like image with subtypes
gif and jpeg or text with subtypes plain, html, and richtext or application with subtypes
postscript and msword or multipart for messages with multiple data types.

A way to encode the data in ASCII format normally as base64 encoding, as in

uuencode/uudecode

MIME version From: [email protected]

To: [email protected]
Subject: University emblem
method used MIME-Version: 1.0
to encode data Content-
Transfer-Encoding: base64
Content-Type: image/jpeg

type and subtype base64 encoded data .....

.........................
......base64 encoded data

encoded data

Figure 23.2 MIME type email

Retrieving E-Mail from the Server

Server stores incoming e-mail by mailbox based on the “From” field in the message. Users
need to retrieve e-mail asynchronous from when the message was sent with a way to view the
message and reply and with a way to organize and store the messages .
23.5 Post Office Protocol (POP3)

POP support users with intermittent network connectivity. Allow them to retrieve e-mail
messages when connected and view/manipulate messages when disconnected.

Typical user-agent interacts with a POP server to connect the server and retrieve all e-mail
messages. It stores the retrieve messages on the user’s PCs as new messages. It deletes the
messages from the server and disconnect from the server. User agent still uses SMTP to send
messages but does not handle multiple mailboxes easily. It designed to put user’s incoming e-
mail in one folder.

POP not designed to keep messages on the server instead, designed to download messages to
the client. SMTP poorly handling of multiple-client access to mailbox because increasingly
important as users have home PC, work PC, laptop, cyber café computer, friend’s machine, etc.
High network bandwidth overhead required for transfers all of the e-mail messages, often well
before they are read and supports connected and disconnected operation. Users can download
message contents on demand.

Multiple clients can connect to mailbox at once to detect changes made to the mailbox by
other clients. Server keeps state about message (e.g., read, replied to). Clients can retrieve
individual parts separately of MIME parts of messages and partial fetch E.g., text of a message
without downloading attachments. Multiple mailboxes on the server are require for client so
client can create, rename, and delete mailboxes and client can move messages from one folder to
another. It should provide search on server before downloading messages

23.6 Internet Message Access Protocol (IMAP4)

The current version of IMAP since 1996, IMAP version 4 revision 1 (IMAP4rev1), is
defined by RFC 3501.

Advantages

Connected and disconnected modes of operation

When using IMAP4, clients often stay connected as long as the user interface is active
and download message content on demand.

Multiple clients simultaneously connected to the same mailbox

IMAP protocol specifically allows simultaneous access by multiple clients and provides
mechanisms for clients to detect changes made to the mailbox by other, concurrently connected,
clients.
Access to MIME message parts and partial fetch

The IMAP4 protocol allows clients to separately retrieve any of the individual MIME
parts and also to retrieve portions of either individual parts or the entire message. These
mechanisms allow clients to retrieve the text portion of a message without retrieving attached
files or to stream content as it is being fetched.

Message state information

Through the use of flags defined in the IMAP4 protocol clients can keep track of message
state, for example whether or not the message has been read, replied to, or deleted. These flags
are stored on the server, so different clients accessing the same mailbox at different times can
detect state changes made by other clients. The IMAP4 protocol supports both pre-defined
system flags and client defined keywords, System flags indicate state information such as
whether a message has been read. Keywords, which are not supported by all IMAP servers,
allow messages to be given one or more tags whose meaning is up to the client.

Multiple mailboxes on the server

IMAP4 clients can create, rename, and/or delete on the server, and move messages
between mailboxes. Multiple mailbox support also allows servers to provide access to shared and
public folders.

Server-side searches

IMAP4 provides a mechanism for a client to ask the server to search for messages
meeting a variety of criteria. This mechanism avoids requiring clients to download every
message in the mailbox in order to perform these searches.

Built-in extension mechanism

Reflecting the experience of earlier Internet protocols, IMAP4 defines an explicit

mechanism by which it may be extended. Many extension to the base protocol have been
proposed and are in common use. IMAP2bis did not have an extension mechanism, and POP3
now has one defined by RFC 244.

23.7 Let Us Sum UP

Electronic mails provide the facilities to users to send memos or files across the Internet,
even if the remote destination is temporarily unreachable.
Simple Mail Transfer Protocol (SMTP)

SMTP protocol focus on how the underlying mail delivery mail delivery system passes
messages across an internet from one machine to another. Communication between a client and
server consists of readable ASCII text. Commands are sent by the client to the server, and the
server responds with numeric reply codes and optional human-readable strings.

Electronic mail is composed of three pieces.

1. The envelope is used by the MTAs for delivery.

RFC 821 specifies the contents and interpretation of the envelope, and the protocol used
to exchange mail across a TCP connection.

2. Headers are used by the user agents. Each header field contains a name, followed by a
colon, followed by the field value. RFC 822 specifies the format and interpretation of the
header fields. (Headers beginning with an X- are user-defined fields. The others are
defined by RFC 822.)
3. The body is the content of the message from the sending user to the receiving user. RFC
822 specifies the body as lines of NVT ASCII text. When transferred using the DATA
command, the headers are sent first, followed by a blank line, followed by the body. Each
line transferred using the DATA command must be less than 1000 bytes.

The user agent takes what we specify as the body, adds some headers, and passes the result to
the MTA. The MTA adds a few headers, adds the envelope, and sends the result to another
MTA.

The term content is often used to describe the combination of headers and the body. The
content is sent by the client with the

Multipurpose Internet Mail Extensions(MIME)

MIME does not require any of the extensions that we've described previously in this
section (extended SMTP or non-ASCII headers)

Retrieving E-Mail from the Server

Post Office Protocol (POP3)

POP support users with intermittent network connectivity. Allow them to retrieve e-mail
messages when connected and view/manipulate messages when disconnected.
IMAP4 (Internet Message Access Protocol)

Connected and disconnected modes of operation

When using IMAP4, clients often stay connected as long as the user interface is active
and download message content on demand.

Multiple clients simultaneously connected to the same mailbox

IMAP protocol specifically allows simultaneous access by multiple clients and provides
mechanisms for clients to detect changes made to the mailbox by other, concurrently connected,
clients.

Access to MIME message parts and partial fetch

The IMAP4 protocol allows clients to separately retrieve any of the individual MIME
parts and also to retrieve portions of either individual parts or the entire message. These
mechanisms allow clients to retrieve the text portion of a message without retrieving attached
files or to stream content as it is being fetched.

23.8. Lesson end Activities

1. What is purpose of MIME?

23.9 Points for Discussion

1. What is the content of Email?

23.10 Check your Progress

1. How SMTP working?

2. What are the advantages of IMAP?

3. What are the advantages of POP3?

23.11 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 24. INTERNET MANAGEMENT
Contents:

24.0 Aims and Objectives

24.1 Introduction
24.2 Simple Network Management Protocol (SNMP)
24.3 Let us Sum Up
24.4 Lesson-End Activities
24.5 Point for Discussion
24.6 Check Your Progress
24.7 References

24.0 Aims and Objectives

To learn about network management

To learn about SNMP Protocol

24.1 Introduction

Network Management is used to for effective utilisation of the network resources.

Network management of a TCP/IP internet consists of network management stations (managers)
communicating with network elements. The network elements can be anything that runs the
TCP/IP protocol suite: hosts, routers, X terminals, terminal servers, printers, and so on. The
software in the network element that runs the management software is called the agent.
Management stations are normally workstations with color monitors that graphically display
relevant facts about the elements being monitored (which links are up and down, volume of
traffic across various links over time, etc.).

The function of the network management can be classified and explained with the
following diagram.

Figure 24.1 Network management functions

24.2 Simple Network Management Protocol (SNMP)

Simple Network Management Protocol (SNMP) was developed in the late 80’s in order
to offer to network manager a standard tool for controlling networks. The Simple Network
Management Protocol (SNMP) is a framework for managing devices in an internet using the
TCP/IP protocol suite. This protocol used to governing network management and the monitoring
of network devices and their functions. It is a set of protocols for managing complex networks.
SNMP is a client-server protocol. It provides a set of fundamental operations for monitoring and
maintaining an internet.

Component of Network Management

Component of the TCP/IP Network management are SNMP, SMI and MIB.

1. A Management Information Base (MIB) that specifies what variables the network
elements maintain (the information that can be queried and set by the manager). RFC
1213 defines the second version of this, called MIB-II.
2. A set of common structures and an identification scheme used to reference the variables
in the MIB. This is called the Structure of Management Information (SMI) and is
specified in RFC 1155
3. The protocol between the manager and the element, called the Simple Network
Management Protocol (SNMP). RFC 1157 specifies the protocol. This details the format
of the packets exchanged. Although a wide variety of transport protocols could be used,
UDP is normally used with SNMP.

Figure 24.2 Component of Network management

 In order to be able to gather information with SNMP, the equipment connected on the
network must have Management Information Base (MIB). These bases are catalogues of integer,
counters, strings, etc. The manager asks the agents to send it some values. These values might be
for example, IP routing table.

SNMP defines the format of packets exchanged between a manager and an agent. It reads
and changes the status (values) of objects (variables) in SNMP packets

SMI defines the general rules for naming objects, defining object types (including range
and length), and showing how to encode objects and values. SMI does not define the number of
objects an entity should manage or name the objects to be managed or define the association
between the objects and their values.

MIB creates a collection of named objects, their types, and their relationships to each
other in an entity to be managed. MIB is a database of information maintained by the agent that
the manager can query or set.

Figure 24.3 Object identifier

All objects managed by SNMP are given an object identifier. An object identifier is a
sequence of integers separated by decimal points. These integers traverse a tree structure, similar
to DNS. The object identifier always starts with 1.3.6.1.2.1.
 Figure 24.4 Object Identifier

SNMP defines only five types of messages that are exchanged between the manager and agent.

1. Fetch the value of one or more variables: the get-request operator.

2. Fetch the next variable after one or more specified variables: the get-next-request
operator. (We describe what we mean by "next" later in this chapter.)
3. Set the value of one or more variables: the set-request operator.
4. Return the value of one or more variables: the get-response operator. This is the message
returned by the agent to the manager in response to the get-request, get-next-request, and
set-request operators.
5. Notify the manager when something happens on the agent: the trap operator.

The first three messages are sent from the manager to the agent, and the last two are from the
agent to the manager
24.3 Let Us Sum UP

SNMP (Simple Network Management protocol)

Simple Network Management Protocol (SNMP) was developed in the late 80’s in order
to offer to network manager a standard tool for controlling networks. The Simple Network
Management Protocol (SNMP) is a framework for managing devices in an internet using the
TCP/IP protocol suite.

Component of Network Management

A Management Information Base (MIB) that specifies what variables the network
elements maintain (the information that can be queried and set by the manager). RFC 1213
defines the second version of this, called MIB-II.

1. A set of common structures and an identification scheme used to reference the variables in the
MIB. This is called the Structure of Management Information (SMI) and is specified in RFC 1155
2. The protocol between the manager and the element, called the Simple Network Management
Protocol (SNMP). RFC 1157 specifies the protocol. This details the format of the packets
exchanged. Although a wide variety of transport protocols could be used, UDP is normally used
with SNMP.

24.4 Lesson end Activities

What is the need for Network management?

24.5 Points for Discussion

Explain the function of MIB

24.6 Check You Progress

How SNMP works?

24.7 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill

 Lesson 25. X.25 Protocol

25.0 Aims and Objectives

25.1 Introduction
25.2 X.25 layers
25.3 Let us Sum Up
25.5 Lesson end Activities
25.5 Points for Discussion
25.6 Check Your Progress
25.7 References

25.0 Aims and Objectives

To learn about X.25 Protocol Architecture

25.1 Introduction

X.25 is a packet switching protocol used in a wide area network. It also called Subscriber
Network interface (SNI). In the X.25 view, a network operates much like a telephone system.

X.25 defines how a packet-mode terminal can be connected to a packet network for the
exchange of data. It describes the procedures necessary for establishing, maintaining and
terminating connection. It also describes the services like reverse charge, call direct and delay
control.

It defines how the user’s DTE communicates with the network and how packets are sent
over that network using DCEs. It uses virtual circuit approach to packet switching rather than a
datagram approach, and uses asynchronous TDM to multiplex packets.

25.2 X.25 layers

X.25 also has OSI seven layers with slight modifications. The important three layers are :
the link access procedure, balanced layer; and the packet layer protocol layer. These layers will
take care of the functions of OSI physical, data link and network layers. X.25 requires error
detection and correction in both the data link and the network layers.

Physical layer

At the physical layer X.25 specifies a protocol called X.21. This specifies a standard for
the physical interconnections between host computers and network packet switches. It describes
the procedures used to transfer packet from one machine to another.
Data Link Layer

X.25 provides data link controls using a bit-oriented protocol called link access
procedure, balanced (LAPB) which is a subset of High level Data Link Communication (HDLC).
The protocol specifies how data travels between a host and the packet switch to which it
connects. It refers data as frame. The The machines exchange acknowledgements for success
transmission of frames.

Network layer

In X.25 the network layer is called Packet Layer Protocol(PLP). The function of this
layer is connection establishing, data transfer and connection termination. This layer added his
control information in the header. This layer assembles a packet in the form the network expects.

Transport Layer

Transport layer provides end-to-end reliability. It will take care of the communication
between source host and destination host communication.

Session Layer

This layer used for remote terminal access. In this layer, its networks, a carrier provided
a special purpose host computer with dialup access called a Packet Assembler And Disassembler
(PAD). Subscribers, often travelers with portable computers, used a modem to dial up the local
PAD, made a network connection to a host computer, and logged in.

Presentation Layer

This layer provides some standard to represent data which is used in application layer. An ISO
standard known as Abstract Syntax Notation 1 (ASN 1) is used in this layer.

Application layer

Application layer deals with user applications like electronic mail or file transfer.

PLP uses two types of packets: Information packets and Control Packets.

Information Packets

Information Packets are used to transmit user data. Information packets are differentiated
from control packets by the last bit in the header. If this bit is set to 0, the packet is an
information packet. Two types of formats are existing, ie., short and long. The long format used
to support facilities with long delays.
General format identifier(GFI)

The GFI is a four bit field. The first bit is called Q bit. With this user can define two types
of data. The D bit is used in packet sequencing. The next two bits are called modulo bits. They
indicate the length of the header. If these bits 01, the header is short, or 10 then the header is
long.

Virtual circuit identification

The logical channel group number is a 4-bit field that together with the 8-bit logical
channel number, make up a 12-bit number that identifies the virtual circuit chosen for a given
transmission.

Control field

The control field consists of four sessions. P(S) and P(R) carry the packet sequence
numbers for flow and error control. P(S) stands for packet send and indicates the number of the
packets being sent. This number is assigned by the sending DTE to outgoing packets to be used
for sliding window ARQ. P(R) stands for packet receive and is the number of the next packet
expected by the receiver. This field is used to piggyback acknowledgements to information
packets when both parties have data to send.

In the shorter header, both the P(S) and P(R) fields are three bits long. Three bits limit the
size of the window to eight packets In the longer, each field contains seven bits. Seven bits allow
the window size to be as large as 128 packets. The M bit is used in packet sequencing. The last
bit in this field defines the packet as an I-Packet.

Control Packets

There are essentially two categories of control packets. The first category is used for flow
and error control. The second category is used for connection, termination and management
control.

Category I

Three types of packets are there.

RR(000)

Receive ready (RR) means that the station is ready to receive more packets. It also
acknowledge the receipt of a data packet by indicating the number of the next packet
expected in the P(R) field.
RNR (001)

Receive not ready means that the station cannot accept packets at this time. The other
party must stop sending packets as soon as this packet is received.

REJ (010)

Reject (REJ) means that there was an error in the packet identified by the P(R) field. The
other party must resend all packets including and following the packet indicated.

Category II

Category II carry additional information.

Call request/Incomming call

The call request and incoming call packets are used to local DTE to the local DCE.

Call Accepted/Call Connected

It indicates the acceptance of the requested connection by the called system.

Clear request/Clear Indication

The clear request and clear indication packets are used at the end of an exchange to
disconnect the connection.

Clear Confirm

It is used to send in response to the clear indication packet.

Interrupt

It is used under unusual circumstances to break into an exchange and get attention.

Interrupt confirm

It is used to confirm the receipt of the interrupt packet.

Reset Request/Reset indication

These are used to reset the sequence numbers in an exchange over a particular virtual
circuit.
25.3 Let Us Sum Up

X.25 is a packet switching protocol used in a wide area network. It also called Subscriber
Network interface (SNI). In the X.25 view, a network operates much like a telephone system.

Physical layer

At the physical layer X.25 specifies a protocol called X.21. This specifies a standard for
the physical interconnections between host computers and network packet switches.

Network layer

In X.25 the network layer is called Packet Layer Protocol(PLP). The function of this
layer is connection establishing, data transfer and connection termination.

Transport Layer

Transport layer provides end-to-end reliability. It will take care of the communication between
source host and destination host communication.

Session Layer

This layer used for remote terminal access. In this layer, its networks, a carrier provided
a special purpose host computer with dialup access called a Packet Assembler And Disassembler
(PAD).

Presentation Layer

This layer provides some standard to represent data which is used in application layer. An ISO
standard known as Abstract Syntax Notation 1 (ASN 1) is used in this layer.

Application layer

Application layer deals with user applications like electronic mail or file transfer.

25.4 Lesson End Activities

1. What is purpose of X.25 protocol?

25.5 Points for Discussion

What is Control Category I?

25.6 Check Your Progress

1. What are the layers in X.25 protocol?
2. Explain the layers of X25 protocol in detail.
25.7 References

1. “ Internetworking with TCP/IP Principles, Protocols, and Architecture Volume I”,

Douglas E. Comer, Prentice Hall of India Pvt. Ltd,

2. “Computer Networks”, Andrew S. Tanenbaum, Prentice Hall of India Pvt. Ltd.

3. “Introduction to Data Communications and Networking”, Behrouz Forouzan, McGraq-

Hill

4. “MCSE Networking Essentials Study Guide”, Duncan Anderson, Tata McGraw-Hill