Transcript of Tcp IP Overview
- 1. ibm.com/redbooks TCP/IP Tutorial and Technical Overview
Lydia Parziale David T. Britt Chuck Davis Jason Forrester Wei Liu
Carolyn Matthews Nicolas Rosselot Understand networking
fundamentals of the TCP/IP protocol suite Introduces advanced
concepts and new technologies Includes the latest TCP/IP protocols
Front cover
- 2. TCP/IP Tutorial and Technical Overview December 2006
International Technical Support Organization GG24-3376-07
- 3. Copyright International Business Machines Corporation
1989-2006. All rights reserved. Note to U.S. Government Users
Restricted Rights -- Use, duplication or disclosure restricted by
GSA ADP Schedule Contract with IBM Corp. Eighth Edition (December
2006) Note: Before using this information and the product it
supports, read the information in Notices on page xvii.
- 4. Copyright IBM Corp. 1989-2006. All rights reserved. iii
Contents Notices . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . xviii Preface . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . xix The team that wrote this redbook.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xx Become a published author . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . xxii Comments welcome. . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . xxiii Part 1. Core TCP/IP protocols . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 1 Chapter 1. Architecture, history, standards, and trends
. . . . . . . . . . . . . . . 3 1.1 TCP/IP architectural model . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 4 1.1.1 Internetworking . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 4 1.1.2 The TCP/IP
protocol layers . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 6 1.1.3 TCP/IP applications. . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.2 The roots
of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 12 1.2.1 ARPANET . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
1.2.2 NSFNET . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 15 1.2.3 Commercial use of
the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 16 1.2.4 Internet2 . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 18 1.2.5 The Open
Systems Interconnection (OSI) Reference Model . . . . . . 20 1.3
TCP/IP standards . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 21 1.3.1 Request for Comments
(RFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
1.3.2 Internet standards . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 24 1.4 Future of the Internet.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 26 1.4.1 Multimedia applications. . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 26 1.4.2 Commercial
use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 26 1.4.3 The wireless Internet. . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 27 1.5 RFCs
relevant to this chapter . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 27 Chapter 2. Network interfaces . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
2.1 Ethernet and IEEE 802 local area networks (LANs) . . . . . . .
. . . . . . . . . . 30 2.1.1 Gigabit Ethernet . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 2.2
Fiber Distributed Data Interface (FDDI). . . . . . . . . . . . . .
. . . . . . . . . . . . . 33 2.3 Serial Line IP (SLIP) . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 34 2.4 Point-to-Point Protocol (PPP) . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 35 2.4.1 Point-to-point
encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 37 2.5 Integrated Services Digital Network (ISDN) . . . . .
. . . . . . . . . . . . . . . . . . 38 2.6 X.25. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 39
- 5. iv TCP/IP Tutorial and Technical Overview 2.7 Frame relay .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 41 2.7.1 Frame format. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
41 2.7.2 Interconnect issues . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 43 2.7.3 Data link layer
parameter negotiation . . . . . . . . . . . . . . . . . . . . . . .
. 43 2.7.4 IP over frame relay . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 44 2.8 PPP over SONET and
SDH circuits . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 45 2.8.1 Physical layer . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . 46 2.9 Multi-Path
Channel+ (MPC+) . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 46 2.10 Asynchronous transfer mode (ATM) . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 47 2.10.1 Address
resolution (ATMARP and InATMARP) . . . . . . . . . . . . . . . 47
2.10.2 Classical IP over ATM. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 50 2.10.3 ATM LAN emulation . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
2.10.4 Classical IP over ATM versus LAN emulation. . . . . . . . .
. . . . . . . . 59 2.11 Multiprotocol over ATM (MPOA) . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 60 2.11.1 Benefits
of MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 60 2.11.2 MPOA logical components . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . 61 2.11.3 MPOA
functional components. . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 62 2.11.4 MPOA operation . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 63 2.12 RFCs
relevant to this chapter . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 64 Chapter 3. Internetworking protocols . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 67 3.1
Internet Protocol (IP) . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 68 3.1.1 IP addressing . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 68 3.1.2 IP subnets . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 72 3.1.3 IP
routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 77 3.1.4 Methods of delivery:
Unicast, broadcast, multicast, and anycast . . . 84 3.1.5 The IP
address exhaustion problem . . . . . . . . . . . . . . . . . . . .
. . . . . 86 3.1.6 Intranets: Private IP addresses . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 89 3.1.7 Network Address
Translation (NAT) . . . . . . . . . . . . . . . . . . . . . . . . .
89 3.1.8 Classless Inter-Domain Routing (CIDR) . . . . . . . . . .
. . . . . . . . . . . . 95 3.1.9 IP datagram. . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
3.2 Internet Control Message Protocol (ICMP) . . . . . . . . . . .
. . . . . . . . . . . . 109 3.2.1 ICMP messages . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 3.2.2
ICMP applications . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 117 3.3 Internet Group Management
Protocol (IGMP) . . . . . . . . . . . . . . . . . . . . 119 3.4
Address Resolution Protocol (ARP) . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 119 3.4.1 ARP overview . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
3.4.2 ARP detailed concept . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 120 3.4.3 ARP and subnets . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
3.4.4 Proxy-ARP or transparent subnetting . . . . . . . . . . . . .
. . . . . . . . . . 123 3.5 Reverse Address Resolution Protocol
(RARP) . . . . . . . . . . . . . . . . . . . . 124 3.5.1 RARP
concept. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 125 3.6 Bootstrap Protocol (BOOTP). . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 125
- 6. Contents v 3.6.1 BOOTP forwarding . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 129 3.6.2 BOOTP
considerations . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 130 3.7 Dynamic Host Configuration Protocol (DHCP)
. . . . . . . . . . . . . . . . . . . . 130 3.7.1 The DHCP message
format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
132 3.7.2 DHCP message types. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 134 3.7.3 Allocating a new network
address. . . . . . . . . . . . . . . . . . . . . . . . . . 134
3.7.4 DHCP lease renewal process . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 137 3.7.5 Reusing a previously allocated
network address . . . . . . . . . . . . . . 138 3.7.6 Configuration
parameters repository. . . . . . . . . . . . . . . . . . . . . . .
. 139 3.7.7 DHCP considerations . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 139 3.7.8 BOOTP and DHCP
interoperability . . . . . . . . . . . . . . . . . . . . . . . . .
140 3.8 RFCs relevant to this chapter . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 140 Chapter 4. Transport layer
protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
143 4.1 Ports and sockets . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 144 4.1.1 Ports . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 144 4.1.2 Sockets . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 4.2
User Datagram Protocol (UDP). . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 146 4.2.1 UDP datagram format . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 4.2.2
UDP application programming interface . . . . . . . . . . . . . . .
. . . . . . 149 4.3 Transmission Control Protocol (TCP) . . . . . .
. . . . . . . . . . . . . . . . . . . . . 149 4.3.1 TCP concept . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 150 4.3.2 TCP application programming interface . . . .
. . . . . . . . . . . . . . . . . 164 4.3.3 TCP congestion control
algorithms . . . . . . . . . . . . . . . . . . . . . . . . . 165
4.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 170 Chapter 5. Routing protocols. .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
171 5.1 Autonomous systems . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 173 5.2 Types of IP routing
and IP routing algorithms . . . . . . . . . . . . . . . . . . . . .
174 5.2.1 Static routing . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 175 5.2.2 Distance vector
routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 176 5.2.3 Link state routing. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 177 5.2.4 Path vector
routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 178 5.2.5 Hybrid routing . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.3
Routing Information Protocol (RIP) . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 180 5.3.1 RIP packet types . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180
5.3.2 RIP packet format . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 181 5.3.3 RIP modes of operation .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
5.3.4 Calculating distance vectors . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 182 5.3.5 Convergence and counting to
infinity . . . . . . . . . . . . . . . . . . . . . . . 185 5.3.6
RIP limitations . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 189 5.4 Routing Information Protocol
Version 2 (RIP-2) . . . . . . . . . . . . . . . . . . . 189 5.4.1
RIP-2 packet format . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 190
- 7. vi TCP/IP Tutorial and Technical Overview 5.4.2 RIP-2
limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 192 5.5 RIPng for IPv6. . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
192 5.5.1 Differences between RIPng and RIP-2 . . . . . . . . . . .
. . . . . . . . . . . 193 5.5.2 RIPng packet format . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 193 5.6
Open Shortest Path First (OSPF) . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 196 5.6.1 OSPF terminology. . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 5.6.2
Neighbor communication . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 205 5.6.3 OSPF neighbor state machine . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 206 5.6.4 OSPF route
redistribution . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 208 5.6.5 OSPF stub areas. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 210 5.6.6 OSPF
route summarization. . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 211 5.7 Enhanced Interior Gateway Routing Protocol
(EIGRP). . . . . . . . . . . . . . 212 5.7.1 Features of EIGRP . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 212 5.7.2 EIGRP packet types . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 214 5.8 Exterior Gateway
Protocol (EGP) . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 215 5.9 Border Gateway Protocol (BGP) . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 215 5.9.1 BGP concepts and
terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . .
216 5.9.2 IBGP and EBGP communication . . . . . . . . . . . . . . .
. . . . . . . . . . . 218 5.9.3 Protocol description. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 5.9.4
Path selection . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 223 5.9.5 BGP synchronization. . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
5.9.6 BGP aggregation. . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 228 5.9.7 BGP confederations . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
230 5.9.8 BGP route reflectors . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 231 5.10 Routing protocol
selection. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 233 5.11 Additional functions performed by the router.
. . . . . . . . . . . . . . . . . . . . 234 5.12 Routing processes
in UNIX-based systems . . . . . . . . . . . . . . . . . . . . . 235
5.13 RFCs relevant to this chapter . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 235 Chapter 6. IP multicast . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 237 6.1 Multicast addressing . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 238 6.1.1
Multicasting on a single physical network . . . . . . . . . . . . .
. . . . . . . 238 6.1.2 Multicasting between network segments . . .
. . . . . . . . . . . . . . . . . 240 6.2 Internet Group Management
Protocol (IGMP) . . . . . . . . . . . . . . . . . . . . 241 6.2.1
IGMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 241 6.2.2 IGMP operation . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
6.3 Multicast delivery tree . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 250 6.4 Multicast forwarding
algorithms. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 252 6.4.1 Reverse path forwarding algorithm . . . . . . . . .
. . . . . . . . . . . . . . . . 252 6.4.2 Center-based tree
algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 253 6.4.3 Multicast routing protocols . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 254 6.5 Distance Vector Multicast
Routing Protocol (DVMRP) . . . . . . . . . . . . . . 254 6.5.1
Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 254
- 8. Contents vii 6.5.2 Building and maintaining multicast
delivery trees . . . . . . . . . . . . . . 256 6.5.3 DVMRP tunnels.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 258 6.6 Multicast OSPF (MOSPF) . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 258 6.6.1 Protocol
overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 259 6.6.2 MOSPF and multiple OSPF areas . . . . .
. . . . . . . . . . . . . . . . . . . . 260 6.6.3 MOSPF and
multiple autonomous systems . . . . . . . . . . . . . . . . . . 260
6.6.4 MOSPF interoperability . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 261 6.7 Protocol Independent
Multicast (PIM) . . . . . . . . . . . . . . . . . . . . . . . . . .
. 261 6.7.1 PIM dense mode. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 262 6.7.2 PIM sparse mode . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 263 6.8 Interconnecting multicast domains . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 266 6.8.1 Multicast Source
Discovery Protocol (MSDP). . . . . . . . . . . . . . . . . 266
6.8.2 Border Gateway Multicast Protocol. . . . . . . . . . . . . .
. . . . . . . . . . . 269 6.9 The multicast backbone . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
6.9.1 MBONE routing . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 270 6.9.2 Multicast applications .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
271 6.10 RFCs relevant to this chapter . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 272 Chapter 7. Mobile IP . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 275 7.1 Mobile IP overview . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 276 7.1.1
Mobile IP operation . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 277 7.1.2 Mobility agent advertisement
extensions . . . . . . . . . . . . . . . . . . . . 278 7.2 Mobile
IP registration process . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 280 7.2.1 Tunneling . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
7.2.2 Broadcast datagrams . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 284 7.2.3 Move detection . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
284 7.2.4 Returning home. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 285 7.2.5 ARP considerations. .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 285 7.2.6 Mobile IP security considerations . . . . . . . . . . .
. . . . . . . . . . . . . . . 286 7.3 RFCs relevant to this chapter
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
286 Chapter 8. Quality of service . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 287 8.1 Why QoS?. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 288 8.2 Integrated Services . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 289 8.2.1
Service classes . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 292 8.2.2 Controlled Load Service . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
8.2.3 Guaranteed Service . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 295 8.2.4 The Resource Reservation
Protocol (RSVP) . . . . . . . . . . . . . . . . . 296 8.2.5
Integrated Services outlook. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 308 8.3 Differentiated Services . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309
8.3.1 Differentiated Services architecture . . . . . . . . . . . .
. . . . . . . . . . . . 310 8.3.2 Organization of the DSCP. . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 313 8.3.3
Configuration and administration of DS with LDAP. . . . . . . . . .
. . . 322
- 9. viii TCP/IP Tutorial and Technical Overview 8.4 RFCs
relevant to this chapter . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 325 Chapter 9. IP version 6 . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
9.1 IPv6 introduction . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 328 9.1.1 IP growth . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 328 9.1.2 IPv6 feature overview . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 330 9.2 The IPv6
header format. . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 330 9.2.1 Extension headers . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 9.2.2
IPv6 addressing . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 339 9.2.3 Traffic class . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
345 9.2.4 Flow labels . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 346 9.2.5 IPv6 security . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 347 9.2.6 Packet sizes . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 350 9.3
Internet Control Message Protocol Version 6 (ICMPv6) . . . . . . .
. . . . . . 352 9.3.1 Neighbor discovery . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 353 9.3.2 Multicast
Listener Discovery (MLD) . . . . . . . . . . . . . . . . . . . . .
. . . 365 9.4 DNS in IPv6. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 367 9.4.1
Format of IPv6 resource records. . . . . . . . . . . . . . . . . .
. . . . . . . . . 368 9.5 DHCP in IPv6 . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
9.5.1 DHCPv6 messages. . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 371 9.6 IPv6 mobility support . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 372 9.7 IPv6 new opportunities . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 376 9.7.1 New
infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 376 9.7.2 New services. . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
9.7.3 New research and development platforms . . . . . . . . . . .
. . . . . . . . 378 9.8 Internet transition: Migrating from IPv4 to
IPv6 . . . . . . . . . . . . . . . . . . . . 379 9.8.1 Dual IP
stack implementation: The IPv6/IPv4 node . . . . . . . . . . . .
380 9.8.2 Tunneling . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 381 9.8.3 Interoperability
summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 388 9.9 RFCs relevant to this chapter . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 389 Chapter 10. Wireless
IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 391 10.1 Wireless concepts . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 392 10.2
Why wireless? . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 395 10.2.1 Deployment and cost
effectiveness . . . . . . . . . . . . . . . . . . . . . . . 395
10.2.2 Reachability. . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 396 10.2.3 Scalability . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 396 10.2.4 Security . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 397 10.2.5
Connectivity and reliability. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 397 10.3 WiFi . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 397 10.4 WiMax . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 400 10.5
Applications of wireless networking. . . . . . . . . . . . . . . .
. . . . . . . . . . . . 402 10.5.1 Last mile connectivity in
broadband services . . . . . . . . . . . . . . . . 402
- 10. Contents ix 10.5.2 Hotspots . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.5.3
Mesh networking . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 402 10.6 IEEE standards relevant to this
chapter . . . . . . . . . . . . . . . . . . . . . . . . 403 Part 2.
TCP/IP application protocols . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 405 Chapter 11.
Application structure and programming interfaces . . . . . . 407
11.1 Characteristics of applications. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 408 11.1.1 The client/server model.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
11.2 Application programming interfaces (APIs) . . . . . . . . . .
. . . . . . . . . . . . 410 11.2.1 The socket API . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
11.2.2 Remote Procedure Call (RPC) . . . . . . . . . . . . . . . .
. . . . . . . . . . . 415 11.2.3 The SNMP distributed programming
interface (SNMP DPI) . . . . . 419 11.2.4 REXX sockets . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
422 11.3 RFCs relevant to this chapter . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 423 Chapter 12. Directory and
naming protocols . . . . . . . . . . . . . . . . . . . . . . 425
12.1 Domain Name System (DNS) . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 426 12.1.1 The hierarchical namespace . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 426 12.1.2
Fully qualified domain names (FQDNs) . . . . . . . . . . . . . . .
. . . . . 428 12.1.3 Generic domains . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 428 12.1.4 Country
domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 429 12.1.5 Mapping domain names to IP addresses . .
. . . . . . . . . . . . . . . . . 429 12.1.6 Mapping IP addresses
to domain names: Pointer queries . . . . . . 430 12.1.7 The
distributed name space . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 430 12.1.8 Domain name resolution . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . 432 12.1.9 Domain Name
System resource records . . . . . . . . . . . . . . . . . . . 436
12.1.10 Domain Name System messages. . . . . . . . . . . . . . . .
. . . . . . . . 439 12.1.11 A simple scenario . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . 445 12.1.12
Extended scenario . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 449 12.1.13 Transport. . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450
12.1.14 DNS applications. . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 451 12.2 Dynamic Domain Name System .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
12.2.1 Dynamic updates in the DDNS . . . . . . . . . . . . . . . .
. . . . . . . . . . . 454 12.2.2 Incremental zone transfers in
DDNS. . . . . . . . . . . . . . . . . . . . . . . 456 12.2.3 Prompt
notification of zone transfer . . . . . . . . . . . . . . . . . . .
. . . . 457 12.3 Network Information System (NIS) . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 458 12.4 Lightweight
Directory Access Protocol (LDAP) . . . . . . . . . . . . . . . . .
. . 459 12.4.1 LDAP: Lightweight access to X.500 . . . . . . . . .
. . . . . . . . . . . . . . 460 12.4.2 The LDAP directory server .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
12.4.3 Overview of LDAP architecture . . . . . . . . . . . . . . .
. . . . . . . . . . . . 463 12.4.4 LDAP models . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
12.4.5 LDAP security . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 471 12.4.6 LDAP URLs. . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 474
- 11. x TCP/IP Tutorial and Technical Overview 12.4.7 LDAP and
DCE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 475 12.4.8 The Directory-Enabled Networks (DEN)
initiative . . . . . . . . . . . . . 477 12.4.9 Web-Based
Enterprise Management (WBEM) . . . . . . . . . . . . . . . 478 12.5
RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 478 Chapter 13. Remote execution and
distributed computing. . . . . . . . . . . 483 13.1 Telnet . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 484 13.1.1 Telnet operation . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
13.1.2 Network Virtual Terminal. . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 485 13.1.3 Telnet options . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
487 13.1.4 Telnet command structure . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 489 13.1.5 Option negotiation . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
13.1.6 Telnet basic commands . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 492 13.1.7 Terminal emulation (Telnet
3270) . . . . . . . . . . . . . . . . . . . . . . . . . 492 13.1.8
TN3270 enhancements (TN3270E) . . . . . . . . . . . . . . . . . . .
. . . . 493 13.1.9 Device-type negotiation. . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 494 13.2 Remote Execution
Command protocol (REXEC and RSH) . . . . . . . . . 495 13.3
Introduction to the Distributed Computing Environment (DCE). . . .
. . . 496 13.3.1 DCE directory service . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 498 13.3.2 Authentication
service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 502 13.3.3 DCE threads . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 505 13.3.4
Distributed Time Service . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 507 13.3.5 Additional information . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 509 13.4
Distributed File Service (DFS). . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 509 13.4.1 File naming . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
510 13.4.2 DFS performance . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 511 13.5 RFCs relevant to this
chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 512 Chapter 14. File-related protocols . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 513 14.1 File Transfer
Protocol (FTP) . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 514 14.1.1 An overview of FTP. . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 514 14.1.2 FTP
operations . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 515 14.1.3 The active data transfer . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 520 14.1.4
The passive data transfer . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 521 14.1.5 Using proxy transfer . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 522 14.1.6
Reply codes . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 523 14.1.7 Anonymous FTP . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525
14.1.8 Using FTP with IPv6 . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 525 14.1.9 Securing FTP sessions . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
14.2 Trivial File Transfer Protocol (TFTP) . . . . . . . . . . . .
. . . . . . . . . . . . . . . 529 14.2.1 TFTP usage . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
530 14.2.2 Protocol description. . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 531 14.2.3 TFTP packets . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 531
- 12. Contents xi 14.2.4 Data modes. . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 532 14.2.5
TFTP multicast option . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 532 14.2.6 Security issues . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533
14.3 Secure Copy Protocol (SCP) and SSH FTP (SFTP). . . . . . . . .
. . . . . . 533 14.3.1 SCP syntax and usage . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 533 14.3.2 SFTP syntax
and usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 535 14.3.3 SFTP interactive commands . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 536 14.4 Network File System
(NFS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 538 14.4.1 NFS concept . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . 538 14.4.2 File
integrity. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 542 14.4.3 Lock Manager protocol . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543
14.4.4 NFS file system . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . 543 14.4.5 NFS version 4 . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 543 14.4.6 Cache File System . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 545 14.4.7 WebNFS . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 545 14.5 The Andrew File System (AFS). . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 546 14.6 Common Internet
File System (CIFS) . . . . . . . . . . . . . . . . . . . . . . . .
. . 548 14.6.1 NetBIOS over TCP/IP . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 548 14.6.2 SMB/CIFS specifics .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
550 14.7 RFCs relevant to this chapter . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 552 Chapter 15. Mail
applications. . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 555 15.1 Simple Mail Transfer Protocol . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . 556 15.1.1 How
SMTP works . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 559 15.1.2 SMTP and the Domain Name System . . .
. . . . . . . . . . . . . . . . . . 565 15.2 Sendmail . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 568 15.2.1 Sendmail as a mail transfer agent (MTA) .
. . . . . . . . . . . . . . . . . . 568 15.2.2 How sendmail works .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
569 15.3 Multipurpose Internet Mail Extensions (MIME) . . . . . . .
. . . . . . . . . . . . 571 15.3.1 How MIME works . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 574 15.3.2
The Content-Transfer-Encoding field . . . . . . . . . . . . . . . .
. . . . . . 582 15.3.3 Using non-ASCII characters in message
headers . . . . . . . . . . . . 587 15.4 Post Office Protocol (POP)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
589 15.4.1 Connection states . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 589 15.4.2 POP3 commands and
responses . . . . . . . . . . . . . . . . . . . . . . . . . 590
15.5 Internet Message Access Protocol (IMAP4) . . . . . . . . . . .
. . . . . . . . . . 591 15.5.1 Fundamental IMAP4 electronic mail
models. . . . . . . . . . . . . . . . . 591 15.5.2 IMAP4 states. .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 592 15.5.3 IMAP4 commands and response interaction . . .
. . . . . . . . . . . . . 594 15.5.4 IMAP4 messages . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 597 15.6
RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 599 Chapter 16. The Web. . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
601
- 13. xii TCP/IP Tutorial and Technical Overview 16.1 Web
browsers . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 603 16.2 Web servers . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 604 16.3 Hypertext Transfer Protocol (HTTP) . . . . . . . . .
. . . . . . . . . . . . . . . . . . 605 16.3.1 Overview of HTTP. .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 605 16.3.2 HTTP operation. . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 606 16.4 Content . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 615 16.4.1 Static content . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 16.4.2
Client-side dynamic content . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 616 16.4.3 Server-side dynamic content. . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 617 16.4.4 Developing
content with IBM Web application servers . . . . . . . . . 621 16.5
RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 621 Chapter 17. Network management. . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 623 17.1 The
Simple Network Management Protocol (SNMP) . . . . . . . . . . . . .
. 624 17.1.1 The Management Information Base (MIB) . . . . . . . .
. . . . . . . . . . 625 17.1.2 The SNMP agent. . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 630 17.1.3
The SNMP manager . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 631 17.1.4 The SNMP subagent. . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . 632 17.1.5 The
SNMP model . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 633 17.1.6 SNMP traps. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 638 17.1.7
SNMP versions . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 639 17.1.8 Single authentication and
privacy protocol . . . . . . . . . . . . . . . . . . 647 17.2 The
NETSTAT utility . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 648 17.2.1 Common NETSTAT options . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . 649 17.2.2 Sample
NETSTAT report output . . . . . . . . . . . . . . . . . . . . . . .
. . . 649 17.3 RFCs relevant to this chapter . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 651 Chapter 18. Wireless
Application Protocol. . . . . . . . . . . . . . . . . . . . . . . .
655 18.1 The WAP environment . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 657 18.2 Key elements of the
WAP specifications. . . . . . . . . . . . . . . . . . . . . . . .
657 18.3 WAP architecture . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 658 18.4 Client
identifiers. . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 663 18.5 Multimedia messaging system
(MMS) . . . . . . . . . . . . . . . . . . . . . . . . . 663 18.6
WAP push architecture . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 664 18.6.1 Push framework . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664
18.6.2 Push proxy gateway (PPG). . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 665 18.6.3 Push access control protocol
(PAP) . . . . . . . . . . . . . . . . . . . . . . . 667 18.6.4
Service indication . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 668 18.6.5 Push over-the-air protocol
(OTA) . . . . . . . . . . . . . . . . . . . . . . . . . 668 18.6.6
Client-side infrastructure . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 668 18.6.7 Security . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
669 18.7 The Wireless Application Environment (WAE2) . . . . . . .
. . . . . . . . . . . 670 18.8 User Agent Profile (UAProf) . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671
- 14. Contents xiii 18.9 Wireless protocols. . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 672
18.9.1 Wireless Datagram Protocol (WDP) . . . . . . . . . . . . . .
. . . . . . . . . 672 18.9.2 Wireless Profiled Transmission Control
Protocol (WP-TCP) . . . . 674 18.9.3 Wireless Control Message
Protocol (WCMP) . . . . . . . . . . . . . . . . 678 18.9.4 Wireless
Transaction Protocol (WTP) . . . . . . . . . . . . . . . . . . . .
. . 679 18.9.5 Wireless Session Protocol (WSP). . . . . . . . . . .
. . . . . . . . . . . . . . 682 18.9.6 Wireless profiled HTTP
(W-HTTP) . . . . . . . . . . . . . . . . . . . . . . . . 695 18.10
Wireless security . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 696 18.10.1 Wireless Transport
Layer Security (WTLS). . . . . . . . . . . . . . . . . 696 18.10.2
Wireless Identity Module (WIM) . . . . . . . . . . . . . . . . . .
. . . . . . . 701 18.11 Wireless Telephony Application (WTA). . . .
. . . . . . . . . . . . . . . . . . . . 702 18.12 RFCs relevant to
this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 702 18.13 Specifications relevant to this chapter. . . . .
. . . . . . . . . . . . . . . . . . . . 703 Chapter 19. Presence
over IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 707 19.1 Overview of the presence service . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 710 19.2 Presence
Information Data Format (PIDF) . . . . . . . . . . . . . . . . . .
. . . . 714 19.3 Presence protocols . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 716 19.3.1 Binding
to TCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 718 19.3.2 Address resolution . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 718 19.4 RFCs
relevant to this chapter . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 718 Part 3. Advanced concepts and new
technologies . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 721 Chapter 20. Voice over Internet Protocol . . . . . . . .
. . . . . . . . . . . . . . . . . 723 20.1 Voice over IP (VoIP)
introduction . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 724 20.1.1 Benefits and applications . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 724 20.1.2 VoIP functional
components . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 726 20.2 Session Initiation Protocol (SIP) technologies. . . . .
. . . . . . . . . . . . . . . 730 20.2.1 SIP request and response.
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732
20.2.2 Sample SIP message flow . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . 733 20.2.3 SIP protocol architecture. . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 734 20.3
Media Gateway Control Protocol (MGCP) . . . . . . . . . . . . . . .
. . . . . . . 736 20.3.1 MGCP architecture . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 737 20.3.2 MGCP
primitives . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . 737 20.4 Media Gateway Controller (Megaco). . .
. . . . . . . . . . . . . . . . . . . . . . . . 738 20.4.1 Megaco
architecture . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 738 20.5 ITU-T recommendation H.323. . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 739 20.5.1 H.323
architecture. . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 739 20.5.2 H.323 protocol stack . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 741 20.6
Summary of VoIP protocols. . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 742 20.7 RFCs relevant to this chapter .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 743
Chapter 21. Internet Protocol Television. . . . . . . . . . . . . .
. . . . . . . . . . . . 745
- 15. xiv TCP/IP Tutorial and Technical Overview 21.1 IPTV
overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 746 21.1.1 IPTV requirements . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 747
21.1.2 Business benefits and applications . . . . . . . . . . . . .
. . . . . . . . . . . 749 21.2 Functional components . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 750
21.2.1 Content acquisition . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 750 21.2.2 CODEC (encode and
decode) . . . . . . . . . . . . . . . . . . . . . . . . . . . 750
21.2.3 Display devices and control gateway . . . . . . . . . . . .
. . . . . . . . . . 751 21.2.4 IP (TV) transport . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 752 21.3
IPTV technologies . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 752 21.3.1 Summary of protocol
standards . . . . . . . . . . . . . . . . . . . . . . . . . . 753
21.3.2 Stream Control Transmission Protocol . . . . . . . . . . . .
. . . . . . . . . 753 21.3.3 Session Description Protocol . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 754 21.3.4 Real-Time
Transport Protocol (RTP) . . . . . . . . . . . . . . . . . . . . .
. 756 21.3.5 Real-Time Control Protocol. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 762 21.3.6 Moving Picture Experts
Group (MPEG) standards . . . . . . . . . . . . 767 21.3.7 H.261. .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . 769 21.4 RFCs relevant to this chapter . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 770
Chapter 22. TCP/IP security . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 771 22.1 Security exposures and
solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
772 22.1.1 Common attacks against security . . . . . . . . . . . .
. . . . . . . . . . . . . 772 22.1.2 Solutions to network security
problems. . . . . . . . . . . . . . . . . . . . . 772 22.1.3
Implementations of security solutions . . . . . . . . . . . . . . .
. . . . . . . 774 22.1.4 Network security policy . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 776 22.2 A short
introduction to cryptography . . . . . . . . . . . . . . . . . . .
. . . . . . . . 777 22.2.1 Terminology . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 777 22.2.2
Symmetric or secret-key algorithms . . . . . . . . . . . . . . . .
. . . . . . . 779 22.2.3 Asymmetric or public key algorithms. . . .
. . . . . . . . . . . . . . . . . . . 780 22.2.4 Hash functions . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 785 22.2.5 Digital certificates and certification authorities
. . . . . . . . . . . . . . . 791 22.2.6 Random-number generators .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . 792 22.2.7
Export/import restrictions on cryptography . . . . . . . . . . . .
. . . . . . 793 22.3 Firewalls . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 794
22.3.1 Firewall concept . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 795 22.3.2 Components of a firewall
system . . . . . . . . . . . . . . . . . . . . . . . . . 796 22.3.3
Types of firewalls . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . 805 22.4 IP Security Architecture (IPSec)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 809
22.4.1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 810 22.4.2 Authentication
Header (AH) . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. 813 22.4.3 Encapsulating Security Payload (ESP) . . . . . . . . .
. . . . . . . . . . . . 817 22.4.4 Combining IPSec protocols. . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 823 22.4.5
Internet Key Exchange (IKE) protocol. . . . . . . . . . . . . . . .
. . . . . . 829 22.5 SOCKS . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 846
- 16. Contents xv 22.5.1 SOCKS Version 5 (SOCKSv5) . . . . . . .
. . . . . . . . . . . . . . . . . . . . 848 22.6 Secure Shell (1
and 2). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 853 22.6.1 SSH overview . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . 853 22.7 Secure
Sockets Layer (SSL). . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 854 22.7.1 SSL overview . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 854 22.7.2
SSL protocol . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 856 22.8 Transport Layer Security
(TLS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
861 22.9 Secure Multipurpose Internet Mail Extension (S-MIME) . . .
. . . . . . . . . 861 22.10 Virtual private networks (VPNs)
overview . . . . . . . . . . . . . . . . . . . . . . 861 22.10.1
VPN introduction and benefits. . . . . . . . . . . . . . . . . . .
. . . . . . . . 862 22.11 Kerberos authentication and authorization
system . . . . . . . . . . . . . . . 864 22.11.1 Assumptions . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 865 22.11.2 Naming . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . 865 22.11.3 Kerberos
authentication process. . . . . . . . . . . . . . . . . . . . . . .
. . 866 22.11.4 Kerberos database management . . . . . . . . . . .
. . . . . . . . . . . . . 870 22.11.5 Kerberos Authorization Model.
. . . . . . . . . . . . . . . . . . . . . . . . . . 871 22.11.6
Kerberos Version 5 enhancements. . . . . . . . . . . . . . . . . .
. . . . . 871 22.12 Remote access authentication protocols. . . . .
. . . . . . . . . . . . . . . . . . 872 22.13 Extensible
Authentication Protocol (EAP) . . . . . . . . . . . . . . . . . . .
. . . 874 22.14 Layer 2 Tunneling Protocol (L2TP) . . . . . . . . .
. . . . . . . . . . . . . . . . . . 875 22.14.1 Terminology . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 876 22.14.2 Protocol overview . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 877 22.14.3 L2TP security
issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 879 22.15 Secure Electronic Transaction (SET) . . . . . . .
. . . . . . . . . . . . . . . . . . 880 22.15.1 SET roles . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . 880 22.15.2 SET transactions. . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . 881 22.15.3 The SET
certificate scheme . . . . . . . . . . . . . . . . . . . . . . . .
. . . . 883 22.16 RFCs relevant to this chapter . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 885 Chapter 23. Port
based network access control . . . . . . . . . . . . . . . . . . .
889 23.1 Port based network access control (NAC) overview . . . . .
. . . . . . . . . . 890 23.2 Port based NAC component overview . .
. . . . . . . . . . . . . . . . . . . . . . . 891 23.3 Port based
network access control operation . . . . . . . . . . . . . . . . .
. . . 892 23.3.1 Port based network access control functional
considerations. . . . 904 23.4 RFCs relevant to this chapter . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 906
Chapter 24. Availability, scalability, and load balancing . . . . .
. . . . . . . . 907 24.1 Availability . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 909
24.2 Scalability . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . 909 24.3 Load balancing
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 910 24.4 Clustering . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 910
24.5 Virtualization . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . 912 24.6 Virtual Router
Redundancy Protocol (VRRP) . . . . . . . . . . . . . . . . . . . .
914
- 17. xvi TCP/IP Tutorial and Technical Overview 24.6.1
Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 914 24.6.2 VRRP definitions . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
916 24.6.3 VRRP overview . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 916 24.6.4 Sample configuration
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
918 24.6.5 VRRP packet format . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 919 24.7 Round-robin DNS . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 921 24.8 Alternative solutions to load balancing . . . . . . .
. . . . . . . . . . . . . . . . . . 921 24.8.1 Network Address
Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . .
922 24.8.2 Encapsulation . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . 923 24.9 RFCs relevant to
this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . 924 Appendix A. Multiprotocol Label Switching . . . . . .
. . . . . . . . . . . . . . . . . 925 A.1 MPLS: An introduction . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 926 A.1.1 Conventional routing versus MPLS forwarding mode. . .
. . . . . . . . 926 A.1.2 Benefits. . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 927 A.1.3
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 929 A.2 MPLS network processing . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 932
A.2.1 Label swapping. . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 932 A.2.2 Label switched path (LSP)
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 934
A.2.3 Label stack and label hierarchies . . . . . . . . . . . . . .
. . . . . . . . . . . . 934 A.2.4 MPLS stacks in a BGP environment.
. . . . . . . . . . . . . . . . . . . . . . . 936 A.2.5 Label
distribution protocols . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . 938 A.2.6 Stream merge. . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . 939 A.3
Emulating Ethernet over MPLS networks . . . . . . . . . . . . . . .
. . . . . . . . . 939 A.4 Generalized Multiprotocol Label Switching
(GMPLS) . . . . . . . . . . . . . . . 941 A.4.1 Benefits. . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . 941 A.4.2 MPLS and GMPLS comparison in OTN environment.
. . . . . . . . . . 942 A.4.3 How does GMPLS work? . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . 943 A.4.4 Link
Management Protocol (LMP) . . . . . . . . . . . . . . . . . . . . .
. . . . 944 A.4.5 Signaling for route selection and path setup. . .
. . . . . . . . . . . . . . . 947 A.4.6 GMPLS considerations . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 949
A.4.7 GMPLS examples. . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . 950 A.5 RFCs relevant to this chapter .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 952
Abbreviations and acronyms . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . 953 Related publications . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . 959 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . 959 Other
publications . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . 959 Online resources . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . 959 How to get IBM Redbooks . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . 961 Help from
IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 961 Index . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . 963
- 18. Copyright IBM Corp. 1989-2006. All rights reserved. xvii
Notices This information was developed for products and services
offered in the U.S.A. IBM may not offer the products, services, or
features discussed in this document in other countries. Consult
your local IBM representative for information on the products and
services currently available in your area. Any reference to an IBM
product, program, or service is not intended to state or imply that
only that IBM product, program, or service may be used. Any
functionally equivalent product, program, or service that does not
infringe any IBM intellectual property right may be used instead.
However, it is the user's responsibility to evaluate and verify the
operation of any non-IBM product, program, or service. IBM may have
patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does
not give you any license to these patents. You can send license
inquiries, in writing, to: IBM Director of Licensing, IBM
Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A. The
following paragraph does not apply to the United Kingdom or any
other country where such provisions are inconsistent with local
law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS
PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR
IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR
PURPOSE. Some states do not allow disclaimer of express or implied
warranties in certain transactions, therefore, this statement may
not apply to you. This information could include technical
inaccuracies or typographical errors. Changes are periodically made
to the information herein; these changes will be incorporated in
new editions of the publication. IBM may make improvements and/or
changes in the product(s) and/or the program(s) described in this
publication at any time without notice. Any references in this
information to non-IBM Web sites are provided for convenience only
and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the
materials for this IBM product and use of those Web sites is at
your own risk. IBM may use or distribute any of the information you
supply in any way it believes appropriate without incurring any
obligation to you. Information concerning non-IBM products was
obtained from the suppliers of those products, their published
announcements or other publicly available sources. IBM has not
tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBM
products. Questions on the capabilities of non-IBM products should
be addressed to the suppliers of those products. This information
contains examples of data and reports used in daily business
operations. To illustrate them as completely as possible, the
examples include the names of individuals, companies, brands, and
products. All of these names are fictitious and any similarity to
the names and addresses used by an actual business enterprise is
entirely coincidental. COPYRIGHT LICENSE: This information contains
sample application programs in source language, which illustrate
programming techniques on various operating platforms. You may
copy, modify, and distribute these sample programs in any form
without payment to IBM, for the purposes of developing, using,
marketing or distributing application programs conforming to the
application programming interface for the operating platform for
which the sample programs are written. These examples have not been
thoroughly tested under all conditions. IBM, therefore, cannot
guarantee or imply reliability, serviceability, or function of
these programs.
- 19. xviii TCP/IP Tutorial and Technical Overview Trademarks The
following terms are trademarks of the International Business
Machines Corporation in the United States, other countries, or
both: 1350 Advanced Peer-to-Peer Networking AIX 5L AIX AS/400 CICS
developerWorks ESCON HiperSockets IBM Global Network ibm.com IBM
IPDS Lotus Notes Lotus MVS Notes Operating System/2 OS/2 OS/390
OS/400 RACF Redbooks (logo) Redbooks RISC System/6000 System/390
VTAM WebSphere z/OS The following terms are trademarks of other
companies: SAP, and SAP logos are trademarks or registered
trademarks of SAP AG in Germany and in several other countries.
CacheFS, Enterprise JavaBeans, EJB, IPX, Java, Java Naming and
Directory Interface, JavaBeans, JavaScript, JavaServer, JavaServer
Pages, JavaSoft, JDBC, JDK, JSP, JVM, J2EE, ONC, Solaris, Sun, Sun
Microsystems, WebNFS, and all Java-based trademarks are trademarks
of Sun Microsystems, Inc. in the United States, other countries, or
both. Internet Explorer, Microsoft, MSN, Windows NT, Windows, and
the Windows logo are trademarks of Microsoft Corporation in the
United States, other countries, or both. Intel, Intel logo, Intel
Inside logo, and Intel Centrino logo are trademarks or registered
trademarks of Intel Corporation or its subsidiaries in the United
States, other countries, or both. UNIX is a registered trademark of
The Open Group in the United States and other countries. Linux is a
trademark of Linus Torvalds in the United States, other countries,
or both. Other company, product, or service names may be trademarks
or service marks of others.
- 20. Copyright IBM Corp. 1989-2006. All rights reserved. xix
Preface The TCP/IP protocol suite has become a staple of today's
international society and global economy. Continually evolving
standards provide a wide and flexible foundation on which an entire
infrastructure of applications are built. Through these we can seek
entertainment, conduct business, make financial transactions,
deliver services, and much, much more. However, because TCP/IP
continues to develop and grow in order to meet the changing needs
of our communities, it might sometimes be hard to keep track of new
functionality or identify new possibilities. For this reason, the
TCP/IP Tutorial and Technical Overview provides not only an
introduction to the TCP/IP protocol suite, but also serves as a
reference for advanced users seeking to keep their TCP/IP skills
aligned with current standards. It is our hope that both the novice
and the expert will find useful information in this publication. In
Part I, you will find an introduction to the core concepts and
history upon which TCP/IP is founded. Included is an introduction
to the history of TCP/IP and an overview of its current
architecture. We also provide detailed discussions about the
protocols that comprise the suite, and how those protocols are most
commonly implemented. Part II expands on the information provided
in Part I, providing general application concepts (such as file
sharing) and specific application protocols within those concepts
(such as the File Transfer Protocol, or FTP). Additionally, Part II
discusses applications that might not be included in the standard
TCP/IP suite but, because of their wide use throughout the Internet
community, are considered de facto standards. Finally, Part III
addresses new concepts and advanced implementations within the
TCP/IP architecture. Of particular note, Part III examines the
convergence of many formerly disparate networks and services using
IP technology. Conjointly, this section reviews potential dangers
of this IP convergence and approaches the ever-growing standards
used to secure and control access to networks and networked
resources. We purposely kept this book platform independent.
However, we recognize that you might have a need to learn more
about TCP/IP on various platforms, so the following Web sites might
assist you in further researching this topic: TCP/IP and System z:
http://www.ibm.com/servers/eserver/zseries/zos/bkserv/
- 21. xx TCP/IP Tutorial and Technical Overview TCP/IP and System
p: http://www.ibm.com/systems/p/library/index.html TCP/IP and
System i:
http://www.ibm.com/servers/eserver/iseries/tcpip/index.html TCP/IP
and System x:
http://www.ibm.com/servers/eserver/support/xseries/allproducts/insta
lling.html The team that wrote this redbook This redbook was
produced by a team of specialists from around the world working at
the International Technical Support Organization, Poughkeepsie
Center. Lydia Parziale is a Project Leader for the ITSO team in
Poughkeepsie, New York with domestic and international experience
in technology management including software development, project
leadership, and strategic planning. Her areas of expertise include
e-business development and database management technologies. Lydia
is a Certified IT Specialist with an MBA in Technology Management
and has been employed by IBM for 23 years in various technology
areas. David T. Britt is a Software Engineer for IBM in Research
Triangle Park, NC, working specifically with the z/OS
Communications Server product. He is a subject matter expert in the
Simple Networking Management Protocol (SNMP) and File Transfer
Protocol (FTP), and has written educational material for both in
the form of IBM Technotes, Techdocs, and Webcasts. He holds a
degree in Mathematical Sciences from the University of North
Carolina in Chapel Hill, and is currently pursuing a master of
science in Information Technology and Management from the
University of North Carolina in Greensboro.
- 22. Preface xxi Chuck Davis is a Security Architect in the U.S.
He has 12 years of experience in IT security field. He has worked
at IBM for nine years. His areas of expertise include IT security
and privacy. He has written extensively about UNIX/Linux and
Internet security. Jason Forrester is an IT Architect for IBM
Global Technology Services in Boulder, CO. He has more than 12
years of experience with network communications. Specializing in IT
strategy and architecture, Jason has designed large-scale
enterprise infrastructures. He holds a CCIE certification and his
work has lead to multiple patents on advanced networking concepts.
Dr. Wei Liu received his Ph.D. from Georgia Institute of
Technology. He has taught TCP/IP networks in the University of
Maryland (UMBC campus) and he has participated in ICCCN conference
organization committees. Dr. Liu has given lectures at Sun Yat-Sen
University and Shantou University in Next Generation Networks
(NGNs). With more than 30 technical publications (in packet
networks, telecommunications, and standards), he has received
several awards from ATIS committees. Dr. Wei Liu has more than 10
years of telecom industry experience, having participated in
various network transformation projects and service integration
programs. Currently, he is investigating new infrastructure
opportunities (virtualization, network, services, security, and
metadata models) that can lead to future offering and new
capabilities.
- 23. xxii TCP/IP Tutorial and Technical Overview Thanks to the
following people for their contributions to this project and laying
the foundation for this book by writing the earlier version: Adolfo
Rodriguez, John Gatrell, John Karas, Roland Peschke, Srinath
Karanam, and Martn F. Maldonado International Technical Support
Organization, Poughkeepsie Center Become a published author Join us
for a two- to six-week residency program! Help write an IBM Redbook
dealing with specific products or solutions, while getting hands-on
experience with leading-edge technologies. You'll have the
opportunity to team with IBM technical professionals, Business
Partners, and Clients. Your efforts will help increase product
acceptance and client satisfaction. As a bonus, you'll develop a
network of contacts in IBM development labs, and increase your
productivity and marketability. Find out more about the residency
program, browse the residency index, and apply online at:
ibm.com/redbooks/residencies.html Carolyn Matthews is an IT
Architect for IBM Global Technology Services in South Africa. She
is an infrastructure architect for one of South Africas largest
accounts. She also acts as a consultant, using various IBM
techniques. Carolyn holds an honors degree in Information Systems
and is currently pursuing her masters degree in Information
Systems. Her areas of expertise include TCP/IP networks, IT
architecture, and new technologies. Nicolas Rosselot is a Developer
from Santiago, Chile. He has most recently been teaching an
Advanced TCP/IP Networking class at Andres Bello University.
- 24. Preface xxiii Comments welcome Your comments are important
to us! We want our Redbooks to be as helpful as possible. Send us
your comments about this or other Redbooks in one of the following
ways: Use the online Contact us review redbook form found at:
ibm.com/redbooks Send your comments in an e-mail to:
redbooks@us.ibm.com Mail your comments to: IBM Corporation,
International Technical Support Organization Dept. HYTD Mail
Station P099 2455 South Road Poughkeepsie, NY 12601-5400
- 25. xxiv TCP/IP Tutorial and Technical Overview
- 26. Copyright IBM Corp. 1989-2006. All rights reserved. 1 Part
1 Core TCP/IP protocols The Transmission Control Protocol/Internet
Protocol (TCP/IP) suite has become the industry-standard method of
interconnecting hosts, networks, and the Internet. As such, it is
seen as the engine behind the Internet and networks worldwide.
Although TCP/IP supports a host of applications, both standard and
nonstandard, these applications could not exist without the
foundation of a set of core protocols. Additionally, in order to
understand the capability of TCP/IP applications, an understanding
of these core protocols must be realized. With this in mind, Part I
begins with providing a background of TCP/IP, the current
architecture, standards, and most recent trends. Next, the section
explores the two aspects vital to the IP stack itself. This portion
begins with a discussion of the network interfaces most commonly
used to allow the protocol suite to interface with the physical
network media. This is followed by the protocols that must be
implemented in any stack, including protocols belonging to the IP
and transport layers. Part 1
- 27. 2 TCP/IP Tutorial and Technical Overview Finally, other
standard protocols exist that might not necessarily be required in
every implementation of the TCP/IP protocol suite. However, there
are those that can be very useful given certain operational needs
of the implementation. Such protocols include IP version 6, quality
of service protocols, and wireless IP.
- 28. Copyright IBM Corp. 1989-2006. All rights reserved. 3
Chapter 1. Architecture, history, standards, and trends Today, the
Internet and World Wide Web (WWW) are familiar terms to millions of
people all over the world. Many people depend on applications
enabled by the Internet, such as electronic mail and Web access. In
addition, the increase in popularity of business applications
places additional emphasis on the Internet. The Transmission
Control Protocol/Internet Protocol (TCP/IP) protocol suite is the
engine for the Internet and networks worldwide. Its simplicity and
power has led to its becoming the single network protocol of choice
in the world today. In this chapter, we give an overview of the
TCP/IP protocol suite. We discuss how the Internet was formed, how
it developed, and how it is likely to develop in the future. 1
- 29. 4 TCP/IP Tutorial and Technical Overview 1.1 TCP/IP
architectural model The TCP/IP protocol suite is so named for two
of its most important protocols: Transmission Control Protocol
(TCP) and Internet Protocol (IP). A less used name for it is the
Internet Protocol Suite, which is the phrase used in official
Internet standards documents. In this book, we use the more common,
shorter term, TCP/IP, to refer to the entire protocol suite. 1.1.1
Internetworking The main design goal of TCP/IP was to build an
interconnection of networks, referred to as an internetwork, or
internet, that provided universal communication services over
heterogeneous physical networks. The clear benefit of such an
internetwork is the enabling of communication between hosts on
different networks, perhaps separated by a large geographical area.
The words internetwork and internet are simply a contraction of the
phrase interconnected network. However, when written with a capital
I, the Internet refers to the worldwide set of interconnected
networks. Therefore, the Internet is an internet, but the reverse
does not apply. The Internet is sometimes called the connected
Internet. The Internet consists of the following groups of
networks: Backbones: Large networks that exist primarily to
interconnect other networks. Also known as network access points
(NAPs) or Internet Exchange Points (IXPs). Currently, the backbones
consist of commercial entities. Regional networks connecting, for
example, universities and colleges. Commercial networks providing
access to the backbones to subscribers, and networks owned by
commercial organizations for internal use that also have
connections to the Internet. Local networks, such as campus-wide
university networks. In most cases, networks are limited in size by
the number of users that can belong to the network, by the maximum
geographical distance that the network can span, or by the
applicability of the network to certain environments. For example,
an Ethernet network is inherently limited in terms of geographical
size. Therefore, the ability to interconnect a large number of
networks in some hierarchical and organized fashion enables the
communication of any two hosts belonging to this internetwork.
- 30. Chapter 1. Architecture, history, standards, and trends 5
Figure 1-1 shows two examples of internets. Each consists of two or
more physical networks. Figure 1-1 Internet examples: Two
interconnected sets of networks, each seen as one logical network
Another important aspect of TCP/IP internetworking is the creation
of a standardized abstraction of the communication mechanisms
provided by each type of network. Each physical network has its own
technology-dependent communication interface, in the form of a
programming interface that provides basic communication functions
(primitives). TCP/IP provides communication services that run
between the programming interface of a physical network and user
applications. It enables a common interface for these applications,
independent of the underlying physical network. The architecture of
the physical network is therefore hidden from the user and from the
developer of the application. The application need only code to the
standardized communication abstraction to be able to function under
any type of physical network and operating platform. As is evident
in Figure 1-1, to be able to interconnect two networks, we need a
computer that is attached to both networks and can forward data
packets from one network to the other; such a machine is called a
router. The term IP router is also used because the routing
function is part of the Internet Protocol portion of the TCP/IP
protocol suite (see 1.1.2, The TCP/IP protocol layers on page 6).
Two networks interconnected by a router equals Internet A Router R
One Virtual Network Network 1 Network 2 Router R Network 3Network 1
Network 2 Router R Multiple networks interconnected by routers
(also seen as 1 virtual network, an Internet) Two networks
interconnected by a router equals Internet A Router R One Virtual
Network Network 1 Network 2 Router R Network 3Network 1 Network 2
Router R Multiple networks interconnected by routers (also seen as
1 virtual network, an Internet)
- 31. 6 TCP/IP Tutorial and Technical Overview To be able to
identify a host within the internetwork, each host is assigned an
address, called the IP address. When a host has multiple network
adapters (interfaces), such as with a router, each interface has a
unique IP address. The IP address consists of two parts: IP address
= The network number part of the IP address identifies the network
within the internet and is assigned by a central authority and is
unique throughout the internet. The authority for assigning the
host number part of the IP address resides with the organization
that controls the network identified by the network number. We
describe the addressing scheme in detail in 3.1.1, IP addressing on
page 68. 1.1.2 The TCP/IP protocol layers Like most networking
software, TCP/IP is modeled in layers. This layered representation
leads to the term protocol stack, which refers to the stack of
layers in the protocol suite. It can be used for positioning (but
not for functionally comparing) the TCP/IP protocol suite against
others, such as Systems Network Architecture (SNA) and the Open
System Interconnection (OSI) model. Functional comparisons cannot
easily be extracted from this, because there are basic differences
in the layered models used by the different protocol suites. By
dividing the communication software into layers, the protocol stack
allows for division of labor, ease of implementation and code
testing, and the ability to develop alternative layer
implementations. Layers communicate with those above and below via
concise interfaces. In this regard, a layer provides a service for
the layer directly above it and makes use of services provided by
the layer directly below it. For example, the IP layer provides the
ability to transfer data from one host to another without any
guarantee to reliable delivery or duplicate suppression. Transport
protocols such as TCP make use of this service to provide
applications with reliable, in-order, data stream delivery.
- 32. Chapter 1. Architecture, history, standards, and trends 7
Figure 1-2 shows how the TCP/IP protocols are modeled in four
layers. Figure 1-2 The TCP/IP protocol stack: Each layer represents
a package of functions These layers include: Application layer The
application layer is provided by the program that uses TCP/IP for
communication. An application is a user process cooperating with
another process usually on a different host (there is also a
benefit to application communication within a single host).
Examples of applications include Telnet and the File Transfer
Protocol (FTP). The interface between the application and transport
layers is defined by port numbers and sockets, which we describe in
more detail in 4.1, Ports and sockets on page 144. Transport layer
The transport layer provides the end-to-end data transfer by
delivering data from an application to its remote peer. Multiple
applications can be supported simultaneously. The most-used
transport layer protocol is the Transmission Control Protocol
(TCP), which provides connection-oriented reliable data delivery,
duplicate data suppression, congestion control, and flow control.
We discuss this in more detail in 4.3, Transmission Control
Protocol (TCP) on page 149. Another transport layer protocol is the
User Datagram Protocol (see 4.2, User Datagram Protocol (UDP) on
page 146). It provides connectionless, unreliable, Applications
Transport Internetwork Network Interface and Hardware Applications
TCP/UDP ICMP IP ARP/RARP Network Interface and Hardware .......
....... ....... .......
- 33. 8 TCP/IP Tutorial and Technical Overview best-effort
service. As a result, applications using UDP as the transport
protocol have to provide their own end-to-end integrity, flow
control, and congestion control, if desired. Usually, UDP is used
by applications that need a fast transport mechanism and can
tolerate the loss of some data. Internetwork layer The internetwork
layer, also called the internet layer or the network layer,
provides the virtual network image of an internet (this layer
shields the higher levels from the physical network architecture
below it). Internet Protocol (IP) is the most important protocol in
this layer. It is a connectionless protocol that does not assume
reliability from lower layers. IP does not provide reliability,
flow control, or error recovery. These functions must be provided
at a higher level. IP provides a routing function that attempts to
deliver transmitted messages to their destination. We discuss IP in
detail in Chapter 3, Internetworking protocols on page 67. A
message unit in an IP network is called an IP datagram. This is the
basic unit of information transmitted across TCP/IP networks. Other
internetwork-layer protocols are IP, ICMP, IGMP, ARP, and RARP.
Network interface layer The network interface layer, also called
the link layer or the data-link layer, is the interface to the
actual network hardware. This interface may or may not provide
reliable delivery, and may be packet or stream oriented. In fact,
TCP/IP does not specify any protocol here, but can use almost any
network interface available, which illustrates the flexibility of
the IP layer. Examples are IEEE 802.2, X.25 (which is reliable in
itself), ATM, FDDI, and even SNA. We discuss some physical networks
and interfaces in Chapter 2, Network interfaces on page 29. TCP/IP
specifications do not describe or standardize any network-layer
protocols per se; they only standardize ways of accessing those
protocols from the internetwork layer.
- 34. Chapter 1. Architecture, history, standards, and trends 9 A
more detailed layering model is included in Figure 1-3. Figure 1-3
Detailed architectural model 1.1.3 TCP/IP applications The
highest-level protocols within the TCP/IP protocol stack are
application protocols. They communicate with applications on other
internet hosts and are the user-visible interface to the TCP/IP
protocol suite. All application protocols have some characteristics
in common: They can be user-written applications or applications
standardized and shipped with the TCP/IP product. Indeed, the
TCP/IP protocol suite includes application protocols such as:
Telnet for interactive terminal access to remote internet hosts
File Transfer Protocol (FTP) for high-speed disk-to-disk file
transfers Simple Mail Transfer Protocol (SMTP) as an internet
mailing system These are some of the most widely implemented
application protocols, but many others exist. Each particular
TCP/IP implementation will include a lesser or greater set of
application protocols. They use either UDP or TCP as a transport
mechanism. Remember that UDP is unreliable and offers no
flow-control, so in this case, the application has to provide its
own error recovery, flow control, and congestion control
functionality. It is often easier to build applications on top of
TCP because it is a reliable stream, connection-oriented,
congestion-friendly, flow control-enabled protocol. As a result,
most application protocols will use TCP, but there are applications
built on UDP to achieve better performance through increased
protocol efficiencies. Most applications use the client/server
model of interaction. Applications Transport Internetwork Network
Interface and Hardware SMTP, Telnet, FTP, Gopher... TCP UDP IP ICMP
ARP RARP Ethernet, Token-Ring, FDDI, X.25, Wireless, Async, ATM,
SNA...
- 35. 10 TCP/IP Tutorial and Technical Overview The client/server
model TCP is a peer-to-peer, connection-oriented protocol. There
are no master/subordinate relationships. The applications, however,
typically use a client/server model for communications, as
demonstrated in Figure 1-4. A server is an application that offers
a service to internet users. A client is a requester of a service.
An application consists of both a server and a client part, which
can run on the same or on different systems. Users usually invoke
the client part of the application, which builds a request for a
particular service and sends it to the server part of the
application using TCP/IP as a transport vehicle. The server is a
program that receives a request, performs the required service, and
sends back the results in a reply. A server can usually deal with
multiple requests and multiple requesting clients at the same time.
Figure 1-4 The client/server model of applications Most servers
wait for requests at a well-known port so that their clients know
to which port (and in turn, which application) they must direct
their requests. The client typically uses an arbitrary port called
an ephemeral port for its communication. Clients that want to
communicate with a server that does not use a well-known port must
have another mechanism for learning to which port they must address
their requests. This mechanism might employ a registration service
such as portmap, which does use a well-known port. For detailed
information about TCP/IP application protocols, refer to Part 2,
TCP/IP application protocols on page 405. Client A TCP/IP Client B
TCP/IP Server TCP/IP ..... Internet Network
- 36. Chapter 1. Architecture, history, standards, and trends 11
Bridges, routers, and gateways There are many ways to provide
access to other networks. In an internetwork, this done with
routers. In this section, we distinguish between a router, a
bridge, and a gateway for allowing remote network access: Bridge
Interconnects LAN segments at the network interface layer level and
forwards frames between them. A bridge performs the function of a
MAC relay, and is independent of any higher layer protocol
(including the logical link protocol). It provides MAC layer
protocol conversion, if required. A bridge is said to be
transparent to IP. That is, when an IP host sends an IP datagram to
another host on a network connected by a bridge, it sends the
datagram directly to the host and the datagram crosses the bridge
without the sending IP host being aware of it. Router Interconnects
networks at the internetwork layer level and routes packets between
them. The router must understand the addressing structure
associated with the networking protocols it supports and take
decisions on whether, or how, to forward packets. Routers are able
to select the best transmission paths and optimal packet sizes. The
basic routing function is implemented in the IP layer of the TCP/IP
protocol stack, so any host or workstation running TCP/IP over more
than one interface could, in theory and also with most of today's
TCP/IP implementations, forward IP datagrams. However, dedicated
routers provide much more sophisticated routing than the minimum
functions implemented by IP. Because IP provides this basic routing
function, the term IP router, is often used. Other, older terms for
router are IP gateway, Internet gateway, and gateway. The term
gateway is now normally used for connections at a higher layer than
the internetwork layer. A router is said to be visible to IP. That
is, when a host sends an IP datagram to another host on a network
connected by a router, it sends the datagram to the router so that
it can forward it to the target host.
- 37. 12 TCP/IP Tutorial and Technical Overview Gateway
Interconnects networks at higher layers than bridges and routers. A
gateway usually supports address mapping from one network to
another, and might also provide transformation of the data between
the environments to support end-to-end application connectivity.
Gateways typically limit the interconnectivity of two networks to a
subset of the application protocols supported on either one. For
example, a VM host running TCP/IP can be used as an SMTP/RSCS mail
gateway. A gateway is said to be opaque to IP. That is, a host
cannot send an IP datagram through a gateway; it can only send it
to a gateway. The higher-level protocol information carried by the
datagrams is then passed on b