Internet Protocols and Tools

Dr. Michele C. Weigle

CS 312 - Internet Concepts
Old Dominion University
Much of these slides are based on materials and notes from Dr. Ralph Grove

This work is licensed under a

Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported Licens
e
 "The Internet is a global system of
interconnected computer networks that use
the standard Internet Protocol Suite (TCP/IP)
to serve billions of users worldwide."
http://en.wikipedia.org/wiki/Internet

Computer 1 Computer 2

255.254.253.252 1.2.3.4
The Internet
CS 312 - Internet Concepts / Weigle 2
Inside the "Cloud"

CS 312 - Internet Concepts / Weigle 3

 Outline
• Internet Protocols Overview
• Network Layer: IP
• Transport Layer: TCP and UDP
• DNS
• Internet Tools

CS 312 - Internet Concepts / Weigle 4

 What is a Protocol?
Main Entry: pro-to-col
1: An original draft, minute, or record of a document
or transaction
2a: A preliminary memorandum often formulated and signed by diplomatic
negotiators as a basis for a final convention or treaty
b: The records or minutes of a diplomatic conference or congress that show
officially the agreements arrived at by the negotiators
3a: A code prescribing strict adherence to correct etiquette and precedence
(as in diplomatic exchange and in the military services)
b: A set of conventions governing the treatment and especially the
formatting of data in an electronic communications system
4: A detailed plan of a scientific or medical experiment, treatment, or
procedure
CS 312 - Internet Concepts / Weigle 5
 What is a Protocol?
• Human protocols: • Network protocols:
– “Do you have the – Machines rather than
time?” humans
– “I have a question” – All communication
– Introductions activity in Internet
governed by
protocols

• Both:
– Specific messages sent
– Specific actions taken
when messages (or
other events) received
Protocols define format, order
of messages sent and received
among network entities, and
actions taken on message
transmission, receipt

CS 312 - Internet Concepts / Weigle 6

 A protocol is a specification for a
set of message exchanges
Human protocol: Get the time Computer protocol: Get the
from a stranger class time from a web server

TCP
Hi
connection
request
TCP
Hi
connection
Do you reply
GET http://www.cs.odu.edu/~mweigle/CS312-
have F20/
the time?
Yes!
It’s 11 <web
am Time page>

CS 312 - Internet Concepts / Weigle 7

 Important Internet Protocols
• IP - Internet Protocol

• TCP - Transmission Control Protocol

• UDP - User Datagram Protocol

• DNS - Domain Name System

• HTTP - HyperText Transfer Protocol
– we'll spend a whole lecture on this later

CS 312 - Internet Concepts / Weigle 8

 Layered Protocol Stack
• Each layer implements a service
• Each layer interacts only with those above/below

Advantages: Modularity, Simplicity

CS 312 - Internet Concepts / Weigle 9
 Internet Protocol Stack
• Application layer
– Supporting network applications (email, web
browsing, file transfer)
• SMTP, HTTP, FTP
• Transport layer
– Host-host data transfer
• TCP, UDP
• Network layer
– Routing of packets from source to destination
• IP, routing protocols
• Link layer
– Data transfer between directly connected
network elements
Different services
• Ethernet, 802.11, ATM, SONET, …
specified at each
• Physical layer layer interface
– The insertion of individual bits “on the wire”
CS 312 - Internet Concepts / Weigle 10
 Internet Protocol Stack
Each layer implements a protocol with its peer layer in
a distributed system
Application protocol

Transport protocol

Network protocol

Link protocol

Physical (signaling)
protocol
End system A End system B
CS 312 - Internet Concepts / Weigle 11
 Protocol Layering in the Internet
• At sender, each layer takes data from above
– Adds header information to create new data unit
– Passes new data unit to layer below
• Process reversed at receiver

CS 312 - Internet Concepts / Weigle 12

 Outline
network

• Internet Protocols Overview

• Network Layer: IP
• Transport Layer: TCP and UDP
• DNS
• Internet Tools

CS 312 - Internet Concepts / Weigle 13

Internet Protocol (IP)
network
• Governs node-to-node packet
transmission
• Characteristics
– Connectionless: no fixed route, dynamic
routing
– Decentralized: no control center
– Robust: no single point of failure
– Open architecture: vendor-independent, any
network can connect (Ethernet, radio, etc.)

CS 312 - Internet Concepts / Weigle 14

 Responsibilities of IP
network
• Routing
– determining the best path
(route) from source to
destination
– routing protocols run on
intermediate routers

• Addressing
– every host has a unique IP
address

CS 312 - Internet Concepts / Weigle 15

 IP Addresses
network
• Unique number assigned to each node/host
– IPv4, 32 bits - max 232 addresses
– IPv6, 128 bits - 2128 addresses
IPv4

• IPv6 - 8 groups of 16 bits each

– ex: 2001:0db8:0000:0000:0000:ff00:0042:8329

• IPv4/IPv6 now co-exist

• Who assigns IP addresses? ICANN/IANA

CS 312 - Internet Concepts / Weigle 16

 Outline transport

• Internet Protocols Overview

• Network Layer: IP
• Transport Layer: TCP and UDP
• DNS
• Internet Tools

CS 312 - Internet Concepts / Weigle 17

 Transport Layer Services transport

• Controls data transfer between

processes on different hosts
• Transmission Control Protocol (TCP):
Reliable, in-order delivery
• User Datagram Protocol (UDP):
Unreliable, unordered ("best-effort")
delivery

CS 312 - Internet Concepts / Weigle 18

 TCP Functions transport

1. Error detection and correction (via

ACKs, retransmission)

2. In-order delivery of packets (correct

for dynamic routing)

3. Flow control (avoid buffer overflow)

4. Multiplexing (allows for multiple

connections)
CS 312 - Internet Concepts / Weigle 19
 UDP Functions transport

1. Error detection (no correction)

2. Multiplexing

No error correction, ordering, flow control

Advantage: faster (less overhead)

Uses: streaming media, VoIP, DNS

CS 312 - Internet Concepts / Weigle 20

 Transport Layer Services transport

• TCP service • UDP service

– connection-oriented – unreliable
– reliable transport
– flow control – does not provide:
– congestion control connection setup,
reliability, flow control,
– does not provide: timing, congestion control, timing,
minimum bandwidth or minimum bandwidth
guarantees guarantees

CS 312 - Internet Concepts / Weigle 21

 Port Numbers transport

• Associates IP messages with specific

application servers
• Some well-known port numbers
– HTTP 80 (HTTPS 443)
– SMTP 25 (for message submission 587)
– SSH 22

• IANA manages the list

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml

CS 312 - Internet Concepts / Weigle 22

Reminder: Protocol Layering in the Internet
• At sender, each layer takes data from above
– Adds header information to create new data unit
– Passes new data unit to layer below
• Process reversed at receiver

CS 312 - Internet Concepts / Weigle 23

 Demultiplexing
Application-layer P M M P
data 3 4
P applicatio P
Segment
header 1
M n 2
M
(has port #)
applicatio transport applicatio
Segment Htrans M n network n
transport link transport
Datagra Hnet segment
m network physical network
link link
Datagram
header physical
Sender 1 Receiver physical
Sender 2
(has IP addr)

• Demultiplexing is the process of delivering received

segments to the correct application-layer process
– IP address (in network-layer datagram header) identifies the
receiving machine
– Port number (in transport-layer segment header) identifies
the receiving process
CS 312 - Internet Concepts / Weigle
Internet Control Message Protocol (ICMP)
Type Code description
• Used by hosts, routers, 0 0 echo reply (ping)
gateways to communicate 3 0 network unreachable
network-level information 3 1 host unreachable
– Error reporting: e.g.,
unreachable {host, network, 3 2 protocol unreachable
port, protocol} 3 3 port unreachable
– Echo request/reply (used by 3 6 network unknown
ping) 3 7 host unknown
– TTL expired (used by 4 0 source quench (congestion
traceroute) control - not used)
8 0 echo request (ping)
• Provides network-layer 9 0 route advertisement
functions logically "above" IP 10 0 router discovery
11 0 TTL expired (traceroute)
• ICMP message: type + code + 12 0 bad IP header
first 8 bytes of IP datagram
triggering the ICMP message

CS 312 - Internet Concepts / Weigle 25

 Outline
• Internet Protocols Overview
• Network Layer: IP
• Transport Layer: TCP and UDP
• DNS
• Internet Tools

CS 312 - Internet Concepts / Weigle 26

 applicatio
Domain Name System (DNS) n

• Computers (hosts, routers) connected to the

Internet have two forms of names:
– IP address — a 32 bit identifier used for
addressing hosts and routing data to them
– Hostname — an ASCII string used by applications

• The DNS is an Internet-wide service that

provides mappings between IP addresses and
hostnames
– The DNS is a distributed database implemented in
a hierarchy of name servers
– The DNS is also an application-layer protocol

CS 312 - Internet Concepts / Weigle 27

 Name Hierarchy in DNS

• hostname = "dot" separated concatenation of

domain names along path toward the root
– odu.edu
– cs.odu.edu
– linux.cs.odu.edu
CS 312 - Internet Concepts / Weigle 28
 Top-Level Domains (TLDs)

• Seven original top-level domains (TLDs)

– .com, .edu, .net, .org, .mil, .gov, .int

• Over 1000 TLDs now

https://data.iana.org/TLD/tlds-alpha-by-domain.txt

CS 312 - Internet Concepts / Weigle 29

 DNS

DNS Server
www.harding.edu 128.82.4.20
www.google.com → 1.4.5.8
www.cnn.com → 4.6.2.8
www.hulu.com → 6.7.8.9
Etc ...

● DNS servers contact parent servers for missing

entries
● Authoritative name servers are responsible for
specific domains

CS 312 - Internet Concepts / Weigle 30

 Domain Requests
1. Host atria.cs.odu.edu wants to know the IP
address of www.yahoo.com
– atria contacts its local DNS server cruzan.cs.odu.edu
2. To resolve a non-local name, the local name
server queries the root server
3. The root server responds with the TLD
for .com
4. The local DNS server contacts the TLD server
5. TLD DNS server response with the
authoritative server for yahoo.com
6. The local DNS server contacts the
authoritative server dns.yahoo.com
7. dns.yahoo.com responds with IP address of
www.yahoo.com
8. Local DNS server delivers result to atria
https://www.cs.odu.edu/~mweigle/CS455-S13/Sched?action=download&upname=2-4-DNS.pdf

CS 312 - Internet Concepts / Weigle 31

 DNS is Distributed
Servers are replicated world-wide

root name servers

IP addresses are cached

• 2nd and subsequent lookups are faster
• cache entries expire, to prevent staleness
CS 312 - Internet Concepts / Weigle 32
 Outline
• Internet Protocols Overview
• Network Layer: IP
• Transport Layer: TCP and UDP
• DNS
• Internet Tools

CS 312 - Internet Concepts / Weigle 33

 ifconfig
• ifconfig (internet configuration)
– view network config, find IP address (eth0, en0, wifi0, etc.)

CS 312 - Internet Concepts / Weigle 34

 ping
• ping (packet internet gopher)
– check connection and delay
– uses Internet Control Message Protocol (ICMP)

CS 312 - Internet Concepts / Weigle 35

 traceroute
• displays route and transmission delay
• uses ICMP, with increasing TTL
• sends 3 packets at a time (each may go to different
routers)
• For all i:
– sends 3 packets that will reach router i on path towards
destination
• TTL decremented at each router encountered on the path
– router i will send ICMP "TTL expired" message back to
sender
– sender times the interval between transmission and reply
CS 312 - Internet Concepts / Weigle 36
 traceroute
% traceroute fast.cs.odu.edu

Tracing route to fast.cs.odu.edu [128.82.4.4]

over a maximum of 30 hops:

1 1 ms <1 ms <1 ms wrt54g.weigle.home [192.168.2.127]

2 29 ms 8 ms 8 ms 10.11.184.1
3 13 ms 13 ms 7 ms 68.10.14.137
4 9 ms 9 ms 23 ms nrfkdsrj01-ge0705.rd.hr.cox.net [68.10.14.25]
5 17 ms 15 ms 14 ms 12.118.122.77
6 34 ms 16 ms 14 ms tbr1-p010401.wswdc.ip.att.net [12.123.8.26]
7 13 ms 15 ms 13 ms ar5-p3110.wswdc.ip.att.net [12.123.8.129]
8 18 ms 15 ms 19 ms att-gw.dc.sprint.net [192.205.32.166]
9 15 ms 27 ms 22 ms sl-st22-ash-15-0.sprintlink.net [144.232.29.207]
10 * 27 ms 37 ms sl-bb24-rly-8-0.sprintlink.net [144.232.20.154]
11 18 ms 18 ms 18 ms sl-gw21-rly-9-0.sprintlink.net [144.232.14.54]
12 21 ms 22 ms 19 ms sl-vwan-9-0.sprintlink.net [160.81.98.58]
13 33 ms 50 ms 24 ms 128.82.254.198

Traceroute run sometime between 2006-2011 from Larchmont neighborhood in Norfolk to ODU

More recently, many networks refuse to answer ICMP echo

requests for security reasons
CS 312 - Internet Concepts / Weigle 37
 nslookup, dig
• nslookup (name server lookup)
– find IP for domain

• dig (domain information gopher)

– newer command (more options) than nslookup

CS 312 - Internet Concepts / Weigle 38

 Reminder: DNS Requests
1. Host atria.cs.odu.edu wants to know the IP
address of www.yahoo.com
– atria contacts its local DNS server cruzan.cs.odu.edu
2. To resolve a non-local name, the local name
server queries the root server
3. The root server responds with the TLD
for .com
4. The local DNS server contacts the TLD server
5. TLD DNS server response with the
authoritative server for yahoo.com
6. The local DNS server contacts the
authoritative server dns.yahoo.com
7. dns.yahoo.com responds with IP address of
www.yahoo.com
8. Local DNS server delivers result to atria
https://www.cs.odu.edu/~mweigle/CS455-S13/Sched?action=download&upname=2-4-DNS.pdf

CS 312 - Internet Concepts / Weigle 39

 DNS with dig
% dig @a.root-servers.net +trace www.yahoo.com
; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> @a.root-servers.net +trace
www.yahoo.com
. 518400 IN NS a.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS f.root-servers.net.
;; Received 1097 bytes from 198.41.0.4#53(a.root-servers.net) in 10 ms

com. 172800 IN NS c.gtld-servers.net.

com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
;; Received 1201 bytes from 192.5.5.241#53(f.root-servers.net) in 69 ms

yahoo.com. 172800 IN NS ns1.yahoo.com.

yahoo.com. 172800 IN NS ns5.yahoo.com.
;; Received 873 bytes from 192.26.92.30#53(c.gtld-servers.net) in 91 ms

www.yahoo.com. 60 IN CNAME new-fp-shed.wg1.b.yahoo.com.

wg1.b.yahoo.com. 172800 IN NS yf4.a1.b.yahoo.net.
wg1.b.yahoo.com. 172800 IN NS yf2.yahoo.com.
wg1.b.yahoo.com. 172800 IN NS yf3.a1.b.yahoo.net.
wg1.b.yahoo.com. 172800 IN NS yf1.yahoo.com.
;; Received 220 bytes from 202.165.97.53#53(ns5.yahoo.com) in 249 ms

CS 312 - Internet Concepts / Weigle 40

 DNS with dig
% dig www.yahoo.com

; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> www.yahoo.com

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34629
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;www.yahoo.com. IN A

;; ANSWER SECTION:
www.yahoo.com. 4 IN CNAME new-fp-
shed.wg1.b.yahoo.com.
new-fp-shed.wg1.b.yahoo.com. 3 IN A 74.6.231.21
new-fp-shed.wg1.b.yahoo.com. 3 IN A 74.6.143.25
new-fp-shed.wg1.b.yahoo.com. 3 IN A 74.6.143.26
new-fp-shed.wg1.b.yahoo.com. 3 IN A 74.6.231.20

;; Query time: 3 msec

;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Mon Aug 24 10:34:56 EDT 2020
;; MSG SIZE rcvd: 138

CS 312 - Internet Concepts / Weigle 41

 whois
• get DNS registry
information by
domain

.edu: http://whois.educause.edu

others:
https://domains.markmonitor.com/whois/

CS 312 - Internet Concepts / Weigle 42