TCP/IP and Routing

I. TCP/IP Theory

A. TCP/IP tutorials:

Tutorail 1

Tutorial 2

Tutorial 3

B. Many protocols can and do co-exist:

1. ISO/OSI -- Rarely implemented 7 layer approach

• Demo of sending data through the ISO/OSI model
• Demo of receiving data through the ISO/OSI model

2. IPX -- Novell's original networking implementation

• Mainly used in NetWare
• Also used in PC games for LAN games

3. AppleTalk

• Primarily used on Macintoshes, but Unix/Linux/Microsoft implementations exist
• Can be run across different hardware
• LocalTalk -- serial lines
• EtherTalk -- standard ethernet
• Visualizing packets - a tool to capture and display packets is very informative and instructional.

II. Description of TCP/IP

A. 4 layer approach:

1. Network interface - the wire
2. Internet - uses several protocols (i.e. IP, ARP RARP, ICMP) for routing and delivering packets (routers function at this layer)
3. Transport - establishes and maintains end-to-end communication between 2 hosts. Provides acknowledgment (ACK) of receipt, flow control, sequence of packets. (example protocols include TCP, UDP)
4. Application - connects end-user applications to the network. (example protocols include SSH, FTP, DNS, Telnet)

B. Main protocols to keep in mind:

Internet Layer

• ICMP - Internet Control Message Protocol - error message, routing assistance
• ARP -- Address Resolution Protocol - translates IP addresses to hardware addresses

Transport Layer

• TCP -- Transmission Control Protocol - reliable
• UDP -- User Datagram Protocol - best effort, unverified

C. Physical network types

• Token Ring
• FDDI - fiber distributed data interface
• ATM - asynchronous transfer mode
• Ethernet - CSMA/CD - polite computer dinner party. Computers don't interrupt each other. They wait for a lull in the conversation, then speak. If more then one computer starts to talk at once collision accurs) they all stop, excuse themselves, then wait for a specified amount of time then one will start talking again.
  

III. Description of Ethernet

• Thicknet (10Base5)
  
• Thinnet (10Base2)
  
• Twisted Pair (10BaseT/100BaseT)
• Fiber (10BaseF/100BaseF)
  
• Ethernet headers and trailers
• Ethernet addresses - unique 48-bit (6 byte) MAC (Media Access Control) values

IV. ARP -- Address Resolution Protocol

ARP uses link layer broadcast to find the machine with the requested IP (Is there anyone with the 146.201.200.2 out there?)

SA relevance: used to track down users of multiple IPs. One machine will have the correct ARP table and the offender the wrong ARP table.

ARP tables

Sample ARP table (arp -a on Linux):

Address HWtype HWaddress Flags Mask Iface
ug2.cs.fsu.edu ether 00:C0:F0:13:18:78 C * eth0
ug3.cs.fsu.edu ether 00:C0:F0:13:18:74 C * eth0
fe0.c4500.lov.fsu.edu ether 00:00:0C:36:F9:B2 C * eth0
upsilon.cs.fsu.edu ether 08:00:20:75:FE:D0 C * eth0
export.cs.fsu.edu ether 08:00:20:04:D2:F5 C * eth0
access.cs.fsu.edu ether 08:00:20:0E:B0:40 C * eth0
sync.cs.fsu.edu ether 00:C0:F0:16:4D:13 C * eth0
exec.cs.fsu.edu ether 00:A0:24:8E:31:06 C * eth0
rho.cs.fsu.edu ether 08:00:20:04:D3:E5 C * eth0
mary.cs.fsu.edu ether 08:00:20:75:D8:60 C * eth0
annexcs.cs.fsu.edu ether 00:C0:F0:16:34:66 C * eth0

Sample WindowsNT arp -a command output:

Interface: 128.186.121.35
Internet Address Physical Address Type
128.186.121.10 08-00-20-1d-f0-37 dynamic
128.186.121.36 00-a0-24-8e-31-06 dynamic
128.186.121.41 08-00-20-7d-4f-49 dynamic
128.186.121.83 00-c0-f0-16-4d-13 dynamic
128.186.121.160 00-c0-f0-16-37-1c dynamic
128.186.121.174 00-c0-f0-16-25-45 dynamic
128.186.121.236 00-00-a7-00-b5-b0 dynamic

 

More stuff next time ;-)