TCP\IP Model

A. Physical

· Physical devices that interconect computers

· eg Cabling connectors and sending signals

B. Data link layer\Network interface layer\Network access layer

· 1st layer to have protocols

· Interpreting the signals sent by other devices

· Ethernet Defines physical layer attributes , defines protocols to nodes in same network ie a
single link

C. Network layer\Internet layer

· Allows different devices to communicate with other networks through devices known as routers

· A network of different networks is called internetwork most famous internetwork is the internet

· eg between your home network and server

· IP protocol most common

· Client and server exist with client initiating request

· A node can have several client and server applications running at the same time
D. The Transport layer

· Decides which programs get what data eg. browser gets webpages and mail app gets emails

· Most common TCP

· TCP has mechanisms for reliable data transfer UDP does not
E. Application layer

· Application specific protocols

· Basically its the contents of the package

OSI(Open systems Interconnection)

“Please Do Not Throw Sausage Pizza Away.”

1. Physical layer

· Transimission of raw bit

· Attributes such as Vtg level of one bit, Duration of 1 bit, Use of pins in pin connectors, Topology,
How to establish and terminate connection

2. Data link layer

· Sender breaks the info into data frames and transmits each frame sequentially, then processes
the acknowledgement from the receiver

· Each frame has source and destination address

· Main function error control and flow control

· LAN DL protocols ARCnet(token bus), Ethernet, Token Ring(ring or star network... only a host that
has the token can transmit data)

3. Network

· Control subnet operation . IP protocol exists at this layer

· Connection oriented(guarantees msg delivery) and Connectionless transmission

 · Routes packet on basis of static table or dynamically

· Prevent formation of bottlenecks by having too many packets in subnet at the same time

· Accounting function ensures packets sent=Packets received

4. Transport layer

· Segmentation of data

· Any error during transmission is corrected here

· If no ACK is received the packet is retransmitted or the connection is timed out

· Marks packets with seqencing info if they are received out of order

· Multiplex output to save cost and increase BW

· Allows individual applcations to acces processes with local address of process called ports and
the connection is called sockets

5. Session Layer

· Session setup, data exchanges teardown

· dialogue control(one way or 2 way)

· Token mgmt

· Synchronization - inserts checkpoints so if the session is terminated abruptly only data after last
checkpoint is retransmitted

6.Presentation layer

· Encrption, decryption, data compression and reformatting

7. Application layer

· Electronics mail handling , vitual terminal to control remote systems,remote file access etc

CONCEPTS CENTRAL TO OSI

Services- What the layer does

Interfaces- How layers above can access it

Protocols

DEVICES

1.cables(physical)
2 types-copper and fiber

common twisted pair copper cables -category5 cat5e cat6

cat5e-reduce crosstalk

cat6- better than cat 5 and 5e but expensive and has less max length at high speed

fiber-more expensive delicate

2.hub(physical)

· talks to all devices

· upto individual devices to detect if the msg is meant for them

· lots of noise collision domain(only one device can comm at a time) if multiple send the signal can
interfere with each other leading to data losses

3.switch(dll)

· inspect ethernet data and sends it to intended system

4.router(network)

· inspect ip data and transmit to particular network using static tables or dynamically

· share data with each other using bgp or border gateway protocol for most optimum paths

PHYSICAL

· Uses modulation technique call line coding

· std cat6 cable has 8 wires of twisted pairs allow duplex comm....(.simplex is 1 direction)...
reserves 1-2 pairs for a single direction(full duplex 2 way at same time half duplex 2 way but at
diff times)

· standards 10BASET (10 is transmission in Mbits)(BASE meaning baseband

transmission\linecoding)(T means twisted pair)

· Network port is connector on switches or routers -Most common RJ45 connector

DLL

· ETHERNET: CSMA\CD -checks if a channel is clear and a device can send data. If 2 nodes try to
send data at the same time the computers detect the collision and stop sending data

· Has source and destination address

· MAC address: 48bit 6groups of 2 digits in hex or 1digits in octet 2^48 possible adresses
 · MAC is divided into 2 parts 1st 3 octets are
OUI-Manufacturer specific

Vendor assigned

eg (cisco)(vendorassigned)

· If LSB of 1st octet of destination address is 0 it meant for only that(unicast-send all meant for 1)

· If LSB of 1st octet of destination address is 1 it is multicast(send all accept by dest cofigred to
accept multicast)

· Ethernet address of ff:ff:ff:ff:ff:ff

Ethernet frame

Preamble

· 1st 7bytes alternate 1's & 0's buffer between frames last byte is SFD or start frame delimiter
(peamble over)

Destination MAC

Source MAC

VLAN Header: Out of an interface configured to relay that specific tag

Ether type : Which protocol of frame

Frame check sequence: checksum CRC

NETWORK LAYER

· IP addresses 32 bit adresses of 4 octet 1 octet=0 to 255 they belong to networks not to devices

· DHCP assign Dynamic IP to new host joining the network automatically

 · Static IP of host must be manually configured(mostly for servers and network devices)

· IP Header-- 20bytes for IPv4

Version-Version of IP header IPv4 or IPv6

Service type- Qos tech -which datagrams have more imp

Total length of datagram

TTL-time to lve max hops before being thrown away

protocol-tcp\udp

options - give special characteristics to ip datagram for testing purposes

ENCAPSULATION THE Entire IP datagram becomes the payload of an Ethernet frame

IP adresses -Network ID and Host ID

Class A Class B Class C

Class A 1st Octet Network ID 2nd 3rd and 4th Octet is Host ID (24 bit for host space 2^24 max host)

Class B 1st 2 Octet Network ID 3rd and 4th Octet is Host ID

Class C 1st 3 Octet Network ID 4th Octet is Host ID

If 1st bit ----- 0 class A (0-127)

If 1st bits ----- 10 class B (128-191)

If 1st bits ----- 110 cass C (192-223)

Replaced by CIDR (Classless interdomain routing)

ARP-IP to MAC

All network devices have ARP table

--list of ip addresses and mac associated with them

--- ARP message is broadcasted ARP response with MAC address is given

SUBNETTING

Gateway router after determining class

---class A has too many routers

----divided into subnet having own gateway router

SUBNET ID

32 bit

for ip 9.1.9.9 1001.0001.1001.1001

subnet mask 255.255.255.0 1111.1111.1111.0000

wherever there is a corresponding 1 for ip in subnet mask is subnet id and remainder is host id

total number of subnet mask are 2 less than max since 0 not used and 255 for broadcast

for ip 9.1.9.9 00001001.00000001.00001001.00001001

subnet mask 255.255.255.224 11111111.11111111.11111111.11100000(27 1s)

2^5 32 possible host id (32-2=30)

alternate notation 9.1.9.9/27 CIDR notation

In CIDR classes are abandoned - if one wants to increase the number of hosts increase a 0 in subnet mast
and make it 255.255.254.0

Router

Sends frame to router-decapsultes ethernet frame-uses arp for finding location-duplicates datagram-
decrements ttl-puts its own mac as src-encapsulates frame transmit

in multinetwork it check its routing table connected to node

Routing table

1. destination network (net id and netmask)

2. catch all(ip adress with not lst)

3 Next hop(nxt router to receive data)

4 Total hops(best path to dest)

5. Interface(which interface it shld go out of)

Routing protocols

----+++Interior gateway protocol(within a single autonomous network eg. router in a corporation or ISP)

--link state routing protocols

it sends info about the connection state to all the surrounnding neighbours the sending router computes
it for best path
--distance vector protocols

send no. oh hops to immediate neighbours

----+++Exterior gateway protocol(outside autonomous)

Eg. BGP

Core internet router - edge router

ASN 32 bit but single decimal number

NON ROUTABLE ADDRESS SPACE

No Exterior gateway protocol will attempt connection to it can be used inside a network

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

TRANSPORT LAYER

Port 16bit number of a particular process on a node

Port 80-HTTP-Unencrypted web traffic notation IP:port no 8.8.8.8:80(socket no.)

Port 21-FTP

TCP SEGMENT
TCP Flags

URG-urgent

ACK-acknowledgement

PSh-Push

RST-reset

SYN-syncronize

FIN-finish

3way hand shake(Initiate connection)

SYN

SYN\ACK

ACK

4way handshake(terminat comm)

fin

ack

fin

ack

Socket states

LISTEN-Socket rdy and listening for connections

Syn_SENT(syn sen)

Syn_RECEIVED(syn\ack received)

Established(ack received)

Fin_wait(fin rec)

close_wait(ack sen ...closed at tcp layer but app hasnt released hold on socket)

closed

PORT 0 -comm on the same system

PORT 1-1023 -system ports

port 1024-49151 registered ports(databases and such)

ports 49152-65535 ephmeral ports(outbound comm)

APPLICATION LAYER

Most common webservers are Microsoft IIS, Apache, niginx

All layers

asks network stack of os to establish tcp

sees dest ip is not in network

route to gateway router doesnt know ip

ARP request

ARP Reply receives mac

Assign outbound ephmeral port (eg 50000)

TCP header(SYN flag set + calc checksum)-transport layer

IP datagram(calc checksum)-network layer

ethernet frame(calc checksum)-dll

send to gateway router - calc checksum compare to receivec frame

decapsulate ethernet frame performs checksum

check dest ip in routing table for best path

dec ttl by 1(default is 64)

calc new checksum

read and make new datagram

ARP table for next router

construct ethernet frame with source as itself

checksum

next router the repeats same things

if locall connected exit throough an interface c node is connected to

decapsulation
checks port

network stack checks for open socket

DNS(Domain name system)

Converts IP to website name(name resolution)

resolves name to closest ip

Std cnfiguration(IP+Subnet mask+Gateway for a host+DNS server)

Types

Caching and (domain lokups provided by ISP)

recursive servers(finding ip of domain that is not in cache-recursive resolution)

recursive resolution

· check in 13 root servers (respond in a tld name server that shld be queried)(anycast meaning
multiple servers having same ip)

· TLD Name servers (.com .org .in ) (pints to authorative server)

· authorative server (provides exact ip)

DNS uses UDP

Resource Record types(allow for multiple resolution)

A Record- point to a certain IPv4 address (multiple A records can exits at a single address)(DNS round
robin 1st configured ...

1st req 2nd req

10.1.1.1 10.1.1.2

10.1.1.2 10.1.1.3

10.1.1.3 10.1.1.4

10.1.1.4 10.1.1.1

AAAA record - returns ipv6 address

CNAME record - transfer traffic from one domain to another(google to www.google.com to ip)

MX record - mail exchange

SRV record - location of services

TXT record -

all can be 63 char long

.com TLD

google domain

www subdomain

root name server(root zone)

tld server(tld zone)

authoritativ serve()

zone files (cofig for ones)

----Start of authority SOA(name and name server authoritive for it)

---NS (other servers tha may be responsible for this zone)

----Resource records

-----reverse record zone files(like ptr record ip to name)

DHCP(App layer)(dynamic ,automatic or fixed address allocation)

==DHCP discovery

DHCP lease

--Server discovery(discover msg)(67 to 68)(0.0.0.0:67 to 255.255.255.255:68)

--DHCPOFFER

--DHCPREQUEST

--DHCPACK

DHCP release

NAT(At network layer)

Outbound:src Ip translated to address of router for security reason(IP masquerading)

NAT(At transported layer)

using port forwarding

Inbound:Port preservation router remembers port of client .Router directs all traffic toward a particular
port to that node

VPN

Tunneling protocolto be a part of a network that it is not physicall connected to

The App Trans network layer are encapsulted inside payload of transport layer and sent through tunnel
then layer are stripped away packet decrypted and encapsulated ad forwarded

Dial Up

Modems to convert digital to analog

· TCarrier technologies

1. T1(Transmission system 1) 1st Tcarrier std 24calls per 1 twisted pair

2. T3 3 T1 lines

· DSL (use DSLAMs)

3. call and use data at the same time data transmitted at diff freq of call
4. ADSL- upload slower than download

5. SDSL -upload and download same

6. HDSL

· Cable broadband

7. uses tv cable lines uses internet diff freq

8. shared bw controlled by cable modem

9. connected to CMTS which connectd multiple consumers to ISP

· Fibre FTTX
10. Fibre to the neighbourhob fttn after that twisted pair copper

11. fibre to the building fttb after than twisted pair

12. fiber to the home ftth

13. fttb and ftth may be fttp which is fibre to the premises
 14. uses ONT convert optical protocols to twisted pair protocols

PPP(Point to Point protocol) - between ISP and client between 2 point(used by ISP to enable dial up)

PPPoE-netween ISP and client in ethernet(ADSL)

WANs

Connects 2 remote networks as one

Point to Point VPNs alternative to WAN

Wireless Networking

IEEE 802.11 std basically Wifi std

Wireless access point connect wireless part to wired part

\\Adhoc - Communication with each other (shareit grp)

\\WLAN - All devices comm with access points forward to connected to gateway router

\\MESH - Made of Access points and connected to wired network

Channels are frequency bands

Due to absence of switches wireless devices use diff freq bands to avoid collision domains

check traffic on channels and transmit

Security

WEP 40 bit key

WPA 128 bit key

WPA 2 256 bit key

MAC filtering

acces only to only specific MAC addresses

ICMP - why a connection generated an error

windows --- ping,tracert, pathping,Test-NetConnection,ipconfig -all

lnux ----- ping, traceroute, mtr,nc -v -z

nslookup

15. google.com

16. server 8.8.8.8

17. set type=AAAA or TXT or CNAME

18. set debug

Hosts files

IP addresses = some user defined names

loop back adrees for IPv4 127.0.0.1

IPv6 is 128 bit address 8 grps-4 hex numbers

eg 2001:0db6:85a3:0000:0000:8a3e:0270:7324

2001:0db6 -documentation and education

ff00:: -multicast

notation

preceding zeros can be removed

concecutive groups of 0s can be replaced by :: on once per address

2001:0db6:85a3:0000:0000:8a3e:0270:7324

can be
2001:db685a3::8a3e:270:7324

loop back ::1

1st 64 bit network id

2nd 64 bit host id

Link local unicast address (FE80::)(similay to dhcp)

IPv6 host convert MAC 48 bit to 64 bit

inserted into address host id

IPv4 Mapped address space

Ipv4 on Ipv6

1st 80 0s

16 1s

Ipv4 bits

Ipv6 on IPv4

IPv6 tunnels that encapsulate IPv6 in IPv4 header pass them through IPv4 network decapsulate and send
them along