TCP-IP Basics
TCP-IP Basics
Let me try to give you a short (it will not be very short) and simple introduction to TCP/IP. I will try to keep it as simple as possible (it
too simple for some of you, but if you need all the TCP/IP details, you need to go to your local bookstore and buy on of these books wit
pages on TCP/IP). I will also not bother you with the history of TCP/IP and the Internet, unless required for the understanding of the se
IP-address:
Each Ethernet board worldwide has a unique Ethernet-address, it is a 48 bit number
(the first 24 bits indicate the manufacturer, the last 24 bits are a unique number for each
Ethernet board/controller-chip assigned by the manufacturer).
This is also called the MAC-address.
When systems on a local area network ("LAN") are configured with NetBEUI or IPX/SPX protocol, they use these hardware-addresses to
each other, so there is no need to define manually a network address.
But TCP/IP was designed as a Wide-area-network ("WAN"), able to continue to function, even if part of the network was not operating
( damaged or destroyed).
TCP/IP uses IP-addresses, which are 32-bit numbers. To make it easier to memorize such IP-addresses, they are usually expressed as
numbers (example: 192.168.10.1), where each of the 4 numbers is within the range of '0' to '255' (there are restriction on using '0' an
avoid using them.).
When setting up a small private network, you are free to use ANY IP-address, however, when you are connected to a company network
need to ask the Network-administrator to assign you an IP-address. And if you are connected to the Internet, your ISP (Internet Servic
Provider) will assign an IP-address to you.
Even if a network is NOT connected to the Internet, it has become custom to use on private networks a range of IP-addresses, which a
reserved for private networks (that makes it later possible to connect your private network to the Internet without having to re-configu
everything). The reserved IP-address is: 192.168.x.y, where x=same number on all systems and y=different/unique number on all sy
A small network of 3 systems would use:
On a small network, you can still memorize the IP-addresses used, but if your network grows to 50+ systems, it becomes a serious
management job. But TCP/IP offers some help by allowing to configure it to:
"obtain an IP address automatically":
To be able to make this automatic assignment, there needs to be now on the network a database, keeping track of possible IP-address
whom these addresses have been assigned:
DHCP (Dynamic Host Configuration Protocol)
On bootup, the system sends out a call on the network to find a DHCP-server, which assigns an IP-address to such a system. The IP
are usually assigned NOT permanently, but for a specific time (could be days, weeks, months or on Internet-connections just for the O
connection). If the system contacts the DHCP-server again during this time, the 'lease' on the IP-address is extended. But if you come
from a long vacation, your 'lease' of the IP-address may have expired, that IP-address may have been assigned now to somebody else
you/your computer get now assigned a new IP-address.
Windows95 itself does NOT include any DHCP-server, you need to connect to a Windows NT (or similar class) server , which is configur
DHCP-server.
Microsoft supplies now with Windows98/ME and with Windows 2000/XP a feature for
DHCP-server may also be buildin to some other products ( example : software Router for
Internet Connection Sharing ) .
If you are using/intend to use "obtain an IP address automatically", please do NOT reply
on it without verifying, that you did get an IP-address assigned.
Please make the check using either "winipcfg" , "ipconfig" or view the Status information.
Looks simple until now ? Actually there is already a lot more 'hidden' actions:
The systems have IP-addresses, but Ethernet-boards ONLY know their Ethernet-address, so as soon as a TCP/IP configured system is s
on, it is advertising its presence onto the network:" Hey, I am alive, my Ethernet address is '08000b 0a0238' and my IP-address is
'192.168.10.2' ". , and each TCP/IP system on the network builds up a table with all this information, which is usually checked/verified
intervals of 15 min.
If your system needs now to communicate with a station, for which it does NOT have an entry in its table of IP/Ethernet-Addresses, it
a search-message to everybody ("Broadcast-Message") like: " Hey, I like to communicate with the IP-address '192.168.10.4', but I d
know your Ethernet-Address. Please, identify yourself". This causes the system with the requested IP-address to send out its advertisin
These processes are called ARP (Address Resolution Protocol) and RARP (Reversed Address Resolution Protocol).
This ARP/RARP works fine on a local-area-network (on an Ethernet network), but will NOT work for Internet communications, because:
- the Database of Ethernet-to-IP-address would need to have 10+ Million entries
- the Internet would only be busy with ARP/RARP.
Gateway/Router:
To connect a TCP/IP local-area-network to another TCP/IP LAN (which could be the complete Internet) or via a Wide-Area-Network (WA
need now a device called : Gateway or Router
Now, also the 'Subnet-Mask', which is usually '255.255.255.0', becomes important: if you now like to connect to 207.68.137.53 (which
Website of Microsoft), TCP/IP checks your own IP-address and the IP-address of the destination against the Subnet-mask. Lets do that
comparison on a binary level:
TCP/IP compare now the part of the addresses, defined by the '1's in the subnet-mask
( or simple: the part of the IP-addresses, where the subnet-mask is 255 ):
xxx indicates, that this part of an IP-address does not matter anymore :
if your system connects to another system on the same network (like a local server, in this
example at 192.168.10.10) , that part of the address (the first 24-bits in this example) are the same,
( 192.168.10.xxx ) so TCP/IP looks up the Ethernet address in its ARP table and connects directly
to that system.
But if there is a difference in these 24-bits, then TCP/IP connects to the Gateway (in this example: 192.168.10.20), and it is now the jo
Gateway to establish somehow the connection to the destination system (somewhere inside that Internet 'cloud'). The Gateway/Router
for that purpose special tables and passed on the request to the next router, which itself goes to the next, which itself goes to the next
until you reach the destination.
( If you have on your network multiple gateways/routers (maybe one for a permanent Internet connection and
another for a company internal WAN), you need to program the systems to select the proper gateway using the
ROUTE-command )
Each Router/gateway on the network (which could be the Internet or a Wide-Area-Network WAN)
passes on the message, until it reaches its destination, and the reply comes back the same way
(for more details on Routing: Setup TCP/IP Routing ).
The above assumes, that all systems have an IP-address, which is valid on the Internet !
If you connect via dialup-connection to the Internet, but like to use the connection on
multiple systems on a network, you need a Proxy.
When explaining the use of a Gateway / Router, I usually use this story:
You can check this yourself: open on Win95 a DOS-window and run the 'tracert
HOSTS/LMHOSTS:
it is difficult to remember IP-addresses, it is much easier to remember names (and having the computer lookup the name and find the
address). That is the purpose of the 'HOSTS'-file and 'LMHOSTS'-file: Windows95 TCP/IP installs in "C:\WINDOWS" a file called 'hosts
'lmhosts.sam', rename/copy it to 'hosts'/'lmhosts' and then use it to define the names:
all lines starting with an '#' are comment lines.
The formatting of 'hosts' and 'lmhosts' is the same:
IP-address, some spaces, computername
example:
172.0.0.1 localhost -> used for internal purposes (loopback), do NOT delete
192.0.0.150 p120 -> refering to a system on the local network
207.68.137.53 www.microsoft.com -> such Internet-Websites URL's are just names for an IP-address
DNS:
Too much work to typ these IP-addresses ?
Looks like another item for automation, and exactly that is DNS : Domain Name Service:
it allows to use names instead of IP-addresses, but you need to configure it as part of the TCP/IP-properties:
If you now define an address ( like: http://www.microsoft.com/ or someserver.com in the picture below)
TCP/IP will make:
1: a call out to a DNS-server, asking for the IP of someserver.com
2: the DNS server will reply with the IP-address (in this example 192.5.6.111)
3: TCP/IP makes now the connection to the requested server someserver.com,
using the IP-address 192.5.6.111 :
Port:
TCP/IP is a complex protocol, offering multiple services (especially on the Internet), like:
- HTTP (=Web-Browsing)
- FTP
- e-mail
- file sharing
For each of these services, a port is used for the specific type of communication (advanced TCP/IP)