CIS 1140 Network Fundamentals

Chapter Four: Introduction to TCP/IP Protocols

Collected and CompiledBy JD WillardMCSE, MCSA, Network+, Microsoft IT Academy AdministratorComputer Information Systems InstructorAlbany Technical College

Attention: Accessing Demos• This course presents many demos. • The Demos require that you be logged in to the Virtual

Technical College web site when you click on them to run. • To access and log in to the Virtual Technical College web site:

– To access the site type www.vtc.com in the url window– Log in using the username: CIS 1140 or ATCStudent1– Enter the password: student (case sensitive)

• If you should click on the demo link and you get an Access Denied it is because you have not logged in to vtc.com or you need to log out and log back in.

• If you should click on the demo link and you are taken to the VTC.com web site page you should do a search in the search box for the CompTIA Network+ (2009 Objectives) Course and run the video from within that page.

Objectives• Identify and explain the functions of the core TCP/IP protocols

• Explain the TCP/IP model and how it corresponds to the OSI model

• Discuss addressing schemes for TCP/IP in IPv4 and IPv6 protocols

• Discuss addressing schemes for TCP/IP in IPv4 and IPv6 and explain how addresses are assigned automatically using DHCP (Dynamic Host Configuration Protocol)

• Describe the purpose and implementation of DNS (Domain Name System)

• Identify the well-known ports for key TCP/IP services

• Describe how common Application layer TCP/IP protocols are used

Network Protocols• A Protocol is a set of standards or rules that governs how

networks communicate• Protocols often provide services, such as e-mail or file

transfer. Most protocols are not intended to be used alone, but instead rely on and interact with other dependent or complimentary protocols

• Protocols vary according to their purpose, speed, transmission efficiency, utilization of resources, ease of setup, compatibility, and ability to travel between different LANs.

• Multiprotocol networks: networks running more than one protocol

• A group of protocols that is intended to be used together is called a protocol suite

• Most popular protocol suite is TCP/IP– Others: IPX/SPX, NetBIOS, and AppleTalk

Network Protocols Defined Demo Transport Protocols Demo Understanding Network Protocols Demo

Characteristics of TCP/IP (Transmission Control Protocol/Internet Protocol)

• TCP/IP is not one protocol but a suite of specialized protocols called subprotocols.• Subprotocols include TCP, IP, UDP, ARP, ICMP, IGMP etc.• Developed by US Department of Defense

– ARPANET (1960s)• Internet precursor

• Advantages of TCP/IP– Open nature

• Costs nothing to use– Flexible

• Runs on virtually any platform• Connects dissimilar operating systems and devices

– Routable• Transmissions carry Network layer addressing information• Suitable for large networks

Overview Demo Introduction Demo TCP IP Basics Demo

TCP/IP Compared to the OSI ModelThe TCP/IP suite of protocols can be divided into four layers that roughly correspond to the seven layers of the OSI Model.

■ Application layer — The Application layer corresponds to the Session, Presentation, and Application layers of the OSI model. Applications gain access to the network through this layer, via protocols such as the File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), Hypertext Transfer Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), and Dynamic Host Configuration Protocol (DHCP).■ Transport layer — This layer comparable to the Transport layer of the OSI model and contains the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), which provide flow control, error checking, and sequencing. All service requests use one of these protocols.■ Internet layer — This layer is comparable to the Network layer of the OSI model contains the Internet Protocol (IP), Internet Control Message Protocol (ICMP), Internet Group Message Protocol (IGMP), and Address Resolution Protocol (ARP). These protocols handle message routing and host address resolution.■ Network access layer (or Link layer) — This layer corresponds to the functions of the Physical and Data Link layers of the OSI mode and is responsible for describing the physical layout of the network and how messages are formatted and transmitted to the network wire.

   TCP/IP and OSI Models Demo  The TCP/IP Model (5:00)

The TCP/IP model compared with the OSI model

The TCP/IP Suite Demo

The TCP/IP Suite Demo continued

The TCP/IP Suite Demo continued

The TCP/IP Core Protocols

• TCP/IP suite subprotocols

• Operate in Transport or Network layers of OSI model

• Provide basic services to protocols in other layers

• Most significant protocols in TCP/IP suite– TCP– IP

Networking Protocols (6:17)

TCP/IP Suite Basics Demo

TCP (Transmission Control Protocol)

• Transport layer protocol that operates host to host.

• Provides reliable data delivery services– Connection-oriented subprotocol

• Establish connection before transmitting• Uses sequencing and acknowledgements• Provides flow control• TCP segment format

– Encapsulated by IP packet in Network layer• Becomes IP packet’s “data”

Understanding TCP Demo

Transmission Control Protocol Demo

Connection Controls and Windowing Demo

A TCP segment

TCP (cont’d.)• The TCP three-way handshake is

the process used to establish a TCP session.

• The steps to a TCP three-way handshake process are:

1. A host sends a SYN packet to the target host.

2. The target host responds to the original host with a SYN ACK packet.

3. The host responds to the target host with an ACK packet.

Establishing a TCP connection

UDP (User Datagram Protocol)

• Transport layer protocol• Provides unreliable data delivery services

– Connectionless transport service– No assurance packets received in correct sequence– No guarantee packets received at all– Best effort delivery– No error checking, sequencing– Lacks sophistication

• More efficient than TCP• Useful when large amounts of data need to be transferred

quickly such as with live audio and video transmissions over the Internet.

Understanding UPD Demo

13

A UDP segment

UDP (User Datagram Protocol)

IP (Internet Protocol)• Network layer protocol

– How and where data delivered, including:• Data’s source and destination addresses• Addressing schemes: uses an IP address, such as 10.1.1.1 and a Subnet

Mask such as 255.0.0.0 • Enables TCP/IP to internetwork

– Traverse more than one LAN segment• More than one network type through router• Routing: Statically and Dynamically via many routing protocols; OSPF,

BGP, RIP and EIGRP• Network layer data formed into packets

– IP packet• Data envelope that contains information for routers to transfer data

between different LAN segments• Unreliable, connectionless protocol

– Relies on upper layer protocols like TCP to ensure delivery and connection orientation

TCP/IP Demo Pt.2Internet Protocol Demo

Understanding IP Demo

IP Packet• IP datagram: packet,

in context of TCP/IP– Envelope for data

• IP adds the following header fields to each packet:– Source IP

Address– Destination IP

Address– Protocol– Checksum– Time to Live (TTL)

An IPv4 packet

IGMP• Operates at the Network layer of the OSI model and is a

protocol for defining host groups

• Manages multicasting on networks running IPv4

– Allows one node to send data to a defined group of nodes

• Similar to broadcast transmission

• All group members can receive broadcast messages intended for the group (called multicasts)

• Multicast groups can be composed of devices within the same network or across networks (connected with a router)

• Point-to-multipoint method

– Used for Internet teleconferencing or videoconferencing

Understanding IGMP Demo

ARP (Address Resolution Protocol )

• Network layer protocol used with IPv4 that provides IP address-to-MAC address name address resolution

• Obtains MAC (physical) address of host or node

– A host wishing to obtain a physical address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its physical hardware address.

• Creates database that maps MAC to host’s IP address

• ARP table (ARP Cache)

– Table of recognized MAC-to-IP address mappings

– Saved on computer’s hard disk

– Increases efficiency

– Contains dynamic and static entries

ARP (4:02)Understanding ARP Demo

ICMP (Internet Control Message Protocol)

ICMP is commonly used for troubleshooting and information gathering. ICMP allows you to test the path (among other things). Ping and Tracert are two tools that can be used to test a path and they both use ICMP. ICMP packets will be able to help send information about errors, control, and other informational messages.

• Network layer protocol

– Reports on data delivery success/failure

• Announces transmission failures to sender

– Network congestion

– Data fails to reach destination

– Data discarded: TTL expired

• ICMP cannot correct errors

– Provides critical network problem troubleshooting information• ICMPv6 used with IPv6

Understanding ICMP Demo

Connectivity ParametersThe following table summarizes the configuration settings required to connect to a TCP/IP network.

Parameter Purpose

IP address

The IP address Identifies both the logical host and the logical network addresses.

Each host on the entire network must have a unique IP address.

Two devices on the same subnet must have IP addresses with the same network portion of the address.

Two devices on the same subnet must have unique host portions of the IP address.

Do not use the first or the last host address on a subnet address range.

Subnet maskThe subnet mask identifies which portion of the IP address is the network address, and which portion is the host address. Two devices on the same subnet must be configured with the same subnet mask.

Default gateway

The default gateway identifies the router to which communications for remote networks are sent. The default gateway address is the IP address of the router interface on the same subnet as the local host. Without a default gateway set, most clients will be unable to communicate with hosts outside of the local subnet.

DNS serverThe DNS server address identifies the DNS server that is used to resolve host names to IP addresses.

Host name The host name identifies the logical name of the local system.

IP Addressing Overview

IP Addressing Demo Pt.1

IP Addressing Demo Pt.2

IP Addresses Demo

Addressing in TCP/IP

• Networks recognize two addresses– Logical (Network layer)– Physical (MAC, hardware) addresses

• IP protocol handles logical addressing• Specific parameters

– Unique 32-bit number• Divided into four octets (sets of eight bits) separated

by periods• Example: 144.92.43.178

– Network class determined from first octet

 What is an IP Address? Demo IP Address Demo

Adding Protocols Demo

Binary and Dotted Decimal Notation• Dotted decimal notation

– Common way of expressing IP addresses

– Decimal number between 0 and 255 represents each octet

– Period (dot) separates each decimal• Each number in dotted decimal address has binary equivalent

– Convert each octet

– Remove decimal points• Base 2 Numbering is Binary

– Consists of ‘0’ and ‘1’. Bits are either “Off” (0) or “On” (1)– Computers like Binary!– IP Addresses are comprised of four 8 bit octets that are expressed as a

decimal number between 0 and 255 separated by a period Bit Value 128 64 32 16 8 4 2 1Bit 1 0 1 1 0 0 1 1 =

128+32+16+2+1=179

A Binary Lesson Demo

Solutions for Binary Demo Binary Addressing Demo

Binary Math (7:59)

Binary to Decimal ConversionsBit Number: 8 7 6 5 4 3 2

1Binary Equiv: 27 26 25 24 23 22 21

20

Decimal Equiv: 128 64 32 16 8 4 21

Binary Number: 1 0 0 1 1 1 01

Decimal Equiv: 128+ 0+ 0+ 16+ 8+ 4+ 0+1=

157

1) Determine what decimal numbers in the table will create the number you want to make.

2) Enter a “1” under each value you must use. Enter a “0” for each value that is not used in the Binary Number line.

3) The resulting combination of 0’s and 1’s is the binary equivalent of the number.

Sample Binary to Decimal Conversion

Convert Decimal 5 to Binary

Bit Number: 8 7 6 5 4 3 21

Binary Equiv: 27 26 25 24 23 22 21

20

Decimal Equiv: 128 64 32 16 8 4 21

Binary Number: 0 0 0 0 0 1 01

4) Determine what decimal numbers in the table will create the decimal number 5 (4+1).

5) The resulting combination of 00000101 is the binary equivalent of the decimal number 5.

Address Classes• There are three primary classes of network addresses:

A, B, and C. – The actual class used is based on the size of the

network.• An IP address is accompanied by a subnet mask.• Each address class has a different default subnet mask. • IP addresses are expressed in dotted-decimal format,

such as 192.168.123.132.• Each set of four dotted-decimal numbers represents

eight bits of the binary address. – The addresses range from 00000000 to 11111111,

or, in decimal notation, from 0 to 255.

Address Classes Demo IP Classes (9:52)

IP Address Classes Demo

Classful Addressing

• Adheres to network class distinctions– Only Class A, B, and C addresses are recognized– Network ID limited to first 8 bits in Class A, first 16

bits in Class B, and first 24 bits in Class C• Fixed network ID size ultimately limits number of hosts a

network can include

First Octet 1-126

First Octet 128 – 191

First Octet 192 - 223

Components of an IP Address Demo

Classful Addressing• IPv4 addresses have a default class. The address class identifies

the range of IPv4 addresses. The following table shows the default address class for each IPv4 address range.

ClassFirst Octet

RangeNumber of Networks

Maximum Addressable Hosts per Network

A1-126

126

(1.0.0.0 to 126.0.0.0)

16,777,214

(1.0.0.1 to 1.255.255.254)

B128-191

16,384

(128.1.0.0 to 191.255.0.0)

65,534

(128.1.0.1 to 128.1.255.254)

C192-223

2,097,152

(192.0.1.0 to 223.255.255.0)

254

(192.168.1.1 to 192.168.1.254)

Reserved Addresses

• Certain types of IP addresses reserved for special functions

• Network ID Cannot Be 127– 127 is reserved for lookback functions

• Network ID and Host ID Cannot Be 255 (All Bits Set to 1)– In broadcast addresses, octet(s) representing host information

set to all 1s (255 in decimal notation)– 255 is a broadcast address

• Network ID and Host ID Cannot Be 0 (All Bits Set to 0)– In network IDs, bits for host information set to 0– 0 means “this network only”

• Host ID Must Be Unique to the Network

IP Address Rules Demo

Addressing in TCP/IP

• ipconfig: Windows NT, XP, Vista, 2000, 2003, 2008 command to view IP information

• Winipcfg: Win98, ME– ifconfig on Unix

and Linux

/all switch

IPConfig,Ifconfig, Winipcfg Demo

Results of the ipconfig /all command on a Windows XP or Windows Vista workstation

Ipconfig Demo

What Is a Subnet Mask?

• In binary form, the subnet mask is always a series of 1's followed by a series of 0's (1's and 0's are never mixed in sequence in the mask). A simple mask might be 255.255.255.0.– Distinguishes the Network ID from the Host ID– Combines with device IP address to mask the Network ID with all 1s

• Informs network about segment, network where device attached– Used to specify whether the destination host is local or remote (ANDing)

• Four octets (32 bits)– Expressed in binary or dotted decimal notation

• Assigned same way as IP addresses– Manually or automatically (via DHCP)

Subnet Masks DemoSubnet Mask Demo

Subnet Masks

• Every device on TCP/IP-based network identified by subnet mask– 32-bit number that, when combined with device’s IP address,

informs rest of network about segment or network to which a device is attached

• Subnetting, subdividing single class of networks into multiple, smaller logical networks or segments, depends on subnet masks to identify how a network is subdivided– Indicates where network information is located in an IP address– “1” bits indicate corresponding bits in IP address contain network

information– “0” bits indicate corresponding bits in IP address contain host

information• To calculate host’s network ID given IP address and subnet mask,

perform ANDing

Subnet Masks Demo

Solutions for Masks Demo

Anding IP Addresses Demo

Default Subnet Masks (No Subnetting)

Bits Used for Subnet MaskBits Used for Subnet MaskAddressAddressClassClass

Dotted DecimalDotted DecimalNotationNotation

Dotted DecimalDotted DecimalNotationNotation

Class A

Class B

Class C

Class A

Class B

Class C

11111111 00000000 00000000 00000000

11111111 11111111 00000000 00000000

11111111 11111111 11111111 00000000

11111111 00000000 00000000 00000000

11111111 11111111 00000000 00000000

11111111 11111111 11111111 00000000

255.0.0.0

255.255.0.0

255.255.255.0

255.0.0.0

255.255.0.0

255.255.255.0

Class B ExampleClass B Example

16.200131.107.

0.0255.255.

131.107.

w.x.

IP Address

Subnet Mask

Network ID

Host ID 16.200

y.z

IPv6 Addressing• Composed of 128 bits• Eight 16-bit fields• Typically represented in hexadecimal numbers

– Separated by a colon– Example: FE22:00FF:002D:0000:0000:0000:3012:CCE3

• Abbreviations for multiple fields with zero values– 00FF can be abbreviated FF– 0000 can be abbreviated 0

• Multicast address– Used for transmitting data to many different devices simultaneously

• Anycast address– Represents any one interface from a group of interfaces

• Modern devices and operating systems can use both IPv4 and IPv6

IPv6 Basics DemoIPv4 and IPv6 (5:18)

Why IPv6? Demo

ADDRESS ASSIGNMENT

IP Address Assignment Demo Pt.1 Configure TCP/IP Demo

Because IP addresses assigned to hosts must be unique, the use of IP addresses on the Internet is controlled by organizations that ensure that no two organizations are given the same range of IP addresses to assign to hosts.•The Internet Assigned Numbers Authority (IANA) manages the assignment of IP addresses on the Internet. IANA is operated by the Internet Corporation for Assigned Names and Numbers (ICANN). •IANA allocates blocks of IP addresses to Regional Internet Registries (RIRs). An RIR has authority for IP addresses in a specific region of the world. •An RIR assigns a block of addresses to Internet Service Providers (ISPs). •An ISP assigns one or more IP addresses to individual computers or organizations connected to the Internet.•On private networks IP addresses are assigned to computers either manually, called static addressing, or automatically through a DHCP server which is called dynamic address allocation.

DHCP (Dynamic Host Configuration Protocol)

• Automatically assigns device a unique IP address• Application layer protocol• Reasons for implementing– Reduce time and planning for IP address management– Reduce potential for error in assigning IP addresses– Enable users to move workstations and printers– Make IP addressing transparent for mobile users

• DHCP leasing process

– Device borrows (leases) an IP address while attached to network

• Lease time

– Determined when client obtains IP address at log on

– User may force lease termination

• DHCP service configuration

– Specify leased address range

– Configure lease duration

• Several steps to negotiate client’s first lease

Dynamic Clients Demo

Dynamic Addressing Demo

DHCP Leasing Process

• Device borrows (leases) an IP address while attached to network

• Lease time– Determined when client obtains IP address at log on– User may force lease termination

• ipconfig /release

• DHCP service configuration– Specify leased address range– Configure lease duration• Several steps to negotiate client’s first lease

DHCP Leasing Process

• The client goes through a four stage broadcast based process to obtain an IP Address lease from a DHCP server.– Step 1: Upon bootup the client sends out a DHCPDISCOVER packet in

broadcast fashion to discover the identity and whereabouts of all DHCP servers on the broadcast segment.

– Step 2: Upon receiving the broadcast any DHCP servers on that broadcast segment will respond with their own DHCPOFFER packet.

– Step 3: The client will accept the first offer received and respond with a DHCPREQUEST broadcast. Other DHCP servers who have made an offer hear this broadcast and return their IP address to the pool.

– Step 4: The chosen DHCP server responds with an DHCPACK confirming the clients acceptance of the IP lease along with additional information such as subnet mask, default gateway and DNS server.

DHCP Addressing Overview (4:35)

DHCP Leasing Process

DHCP Lease Process Demo DHCP in a Routed Environment Demo

DHCPDISCOVERBROADCAST

DHCPOFFERBROADCAST

DHCPREQUESTBROADCAST

DHCPACKBROADCAST

IP Lease Renewal

DHCP Leases (4:24)

Terminating a DHCP Lease

• Lease expiration– Automatic

• Established in server configuration– Manually terminated at any time

• Client’s TCP/IP configuration• Server’s DHCP configuration

• Circumstances requiring lease termination– DHCP server fails and replaced

• Windows: release of TCP/IP settings• DHCP services run on several server types

– Installation and configurations vary

Private Addresses• Private addresses

– Allow hosts in organization to communicate across internal network– Cannot be routed on public network

• Specific IPv4 address ranges reserved for private addresses– 10.0.0.0 - 10.255.255.255 - Addresses: 16,777,216– 172.16.0.0 - 172.31.255.255 - Addresses: 1,048,576– 192.168.0.0 - 192.168.255.255 - Addresses: 65,536

• The private addressing works well for allowing computers to access resources inside the private network only

– Routers inside the private network can route traffic between private addresses with no trouble.

• To access the Internet, or a public network, computers have to have a public address. This is where Network Address Translation (NAT) comes into play.

– Routers on the Internet will not accept IP addresses in a private IP address range

Special Addresses Demo

Link-Local Addresses APIPA (Automatic Private IP Addressing)

• Link-local address

– Provisional address

– Capable of data transfer only on local network segment

• APIPA is a Microsoft implementation of automatic IP address assignment without a DHCP server. Using APIPA, hosts assign themselves an IP address on the 169.254.0.0 network (mask of 255.255.0.0). With APIPA:

– The host is configured to obtain IP information from a DHCP server (this is the default configuration).

– If a DHCP server can't be contacted, the host uses APIPA to assign itself an IP address.

– The host only configures the IP address and mask. It does not assign itself the default gateway and DNS server addresses. For this reason, APIPA can only be used on a single subnet.

• Disadvantage

– Computer only communicates with other nodes using addresses in APIPA range

IP Address Assignment Demo Pt.2 APIPA (3:42)

Static (manual) Assignment• Using static addressing, IP configuration information

must be manually configured on each host. Use static addressing: – On networks with a very small number of hosts. – On networks that do not change often or that will not grow. – To permanently assign IP addresses to hosts that must always

have the same address (such as printers, servers, or routers). – For hosts that cannot accept an IP address from DHCP. – To reduce DHCP-related traffic.

• Static addressing is very susceptible to configuration errors and duplicate IP address configuration errors.

• Static addressing disables both APIPA and DHCP capabilities on the host.

Static Addressing Demo

Static Clients Demo

Ports and Sockets• Ports are logical connections, provided by the TCP or UDP protocols at the

Transport layer, for use by protocols in the upper layers of the OSI model. TCP/IP uses port numbers stored in the header of a packet to determine what protocol incoming traffic should be directed to.

• Every process on a machine assigned a port number 0 to 65535

• Process’s port number plus host machine’s IP address equals process’s socket Example:10.216.5.1:53

– Ensures data transmitted to correct application

• Well Known Ports: in range 0 to 1023

– Assigned to processes that only the OS or system administrator can access

• Registered Ports: in range 1024 to 49151

– Accessible to network users and processes that do not have special administrative privileges

• Dynamic and/or Private Ports: in range 49152 through 65535

– Open for use without restriction

Common TCP and UDP Ports (8:09)

Understanding Port Numbers Demo

Sockets and Ports

Commonly used TCP/IP port numbers

Well Known Port Numbers Demo

Name Resolution Overview

NetBIOS Name Resolution Demo

Resolving a Host Name Demo

DHCP/ DNS/WINS Servers Demo

Name Resolution Overview Demo

• TCP/IP addressing– Long, complicated numbers– Good for computers

• People remember words better– Internet authorities established Internet node naming

system• Host

– Internet device• Host name

– Name describing device– Every host can take a host name

Host Names and DNS (Domain Name System)

Host Naming Demo

Domain Names• Domain

– Group of computers belonging to same organization– Share common part of IP address

• Domain name– Identifies domain (loc.gov)– Associated with company, university, government organization

• Fully qualified host name (blogs.loc.gov)– Local host name plus domain name

• Label (character string)– Separated by dots– Represents level in domain naming hierarchy

• Example: www.google.com– Top-level domain (TLD): com– Second-level domain: google– Third-level domain: www

• Second-level domain– May contain multiple third-level domains

• ICANN established domain naming conventions– Domain names must be registered with an Internet naming authority that works on behalf of

ICANN

What is DNS? Demo

Domain Names (cont’d.)

• ICANN approved over 240 country codes

• Host and domain names restrictions

– Any alphanumeric combination up to 253 characters

– Include hyphens, underscores, periods in name

– No other special characters Structure of DNS Demo

Host Files• ARPAnet used HOSTS.TXT file

– Associated host names with IP addresses– Host matched by one line

• Identifies host’s name, IP address• Alias provides nickname

• UNIX-/Linux-based computer– Host file called hosts, located in the /etc directory

• Windows computer– Host file called hosts– Located in Windows\system32\drivers\etc folder

Host Name Resolution Demo

DNS (Domain Name System)

• Hierarchical method of associating domain names with IP addresses– Refers to Application layer service that accomplishes association and organized

system of computers and databases making association possible• DNS redundancy

– Many computers across globe related in hierarchical manner– Root servers

• 13 computers (ultimate authorities)• Three components

– Resolvers• Any hosts on Internet needing to look up domain name information

– Name servers (DNS servers)• Databases of associated names, IP addresses• Provide information to resolvers on request

– Namespace • Abstract database of Internet IP addresses, associated names• Describes how name servers of the world share DNS information

The DNS Namespace Demo

Root Domain Name Servers Demo

An Overview of DNS (8:12)

DNS Resource Records• Entries for hostnames, IP addresses, and other information in the zone database are

stored in records. Each host has at least one record in the DNS database that maps the hostname to the IP address. The following table lists common resource records.

– The A record maps an IPv4 (32-bit) DNS host name to an IP address. This is the most common resource record type.

– The AAAA record maps an IPv6 (128-bit) DNS host name to an IP address. – The CNAME record provides alternate names (or aliases) to hosts that already have a

host record. Using a single A record with multiple CNAME records means that when the IP address changes, only the one A record needs to be modified.

– The MX record identifies servers that can be used to deliver e-mail. – The PTR record maps an IP address to a host name (i.e. "points" to an A record).

DNS Records Demo DNS Records (9:05)

Domain Name Space

• The Domain Name System (DNS) is a hierarchical, distributed database that maps logical host names to IP addresses. The DNS hierarchy is made up of the following components:

– . (dot) domain (also called the root domain) – Top Level Domains (TLDs) such as .com, .edu, .gov – Additional domains such as yahoo.com, microsoft.com, etc. – Hosts

• The fully-qualified domain name (FQDN) includes the host name and all domain names, separated by periods. The final period (for the root domain) is often omitted and implied.

DNS Resolution Process

Resolving www.microsoft.com

Name Resolution Demo

1. The client looks in its local cache to see if it has recently resolved the host name.

o If the information is not in the cache, it checks the Hosts file.

o If the IP address is not found, the host contacts its local DNS server. If the local DNS server can't be contacted, it continues contacting additional DNS servers until one responds.

o The client sends the name information to the DNS server.

2. The DNS server then checks its cache and Hosts file. If the information is not found, the DNS server checks any zone files that it holds for the requested name.

o If the DNS server can't find the name in its zones, it forwards the request to a root zone server. This server returns the IP address of a DNS server that has information for the corresponding top-level domain (such as .com).

3. The local DNS server then requests the information from the top-level domain server. This server returns the address of a DNS server with the information for the next highest domain (Microsoft).

4. The local DNS server then requests the information from the Microsoft DNS server which holds the necessary information. This server returns the address of the requested host name.

5. The local DNS server places the information in its cache and returns the IP address to the client.

6. The client host also places the information in its cache and uses the IP address to contact the desired destination device.

DDNS (Dynamic DNS)• Dynamic DNS (DDNS) enables clients or the DHCP server to update records

in the zone database. • Without dynamic updates, all A (host) and PTR (pointer) records must be

configured manually. With dynamic updates, records are created and deleted automatically.

• Dynamic DNS is required to support Active Directory. • A dynamic update occurs when a client modifies its corresponding resource

record on the DNS server. • Dynamic updates occur when:

– A network connection's IP address is added, deleted, or changed. – The DHCP server changes or renews an IP address lease. – The client's DNS information is manually changed using ipconfig

/registerdns. – The client boots. – A server is promoted to a domain controller.

Integrating DHCP DDNS Demo Dynamic DNS (4:26)

Application Layer Protocols

• Work over TCP or UDP plus IP

– Translate user requests into format readable by network

• HTTP

– HTTP is used by Web browsers and Web servers to exchange files (such as Web pages) through the World Wide Web and intranets

– HTTPS is a secure form of HTTP that uses SSL to encrypt data before it is transmitted.

• DHCP

– DHCP is a method for automatically assigning addresses and other configuration parameters to network hosts.

Other Protocols Built on TCP/IP Demo

Management Protocols (10:51)

Application Protocols (9:36)

Understanding HTTP Demo

Telnet

• Terminal emulation protocol– Log on to remote hosts

• Using TCP/IP protocol suite– TCP connection established

• Keystrokes on user’s machine act like keystrokes on remotely connected machine

• Often connects two dissimilar systems• Can control remote host• Drawback

– Notoriously insecure

The Concept of Telnet Demo

FTP (File Transfer Protocol)

• FTP provides a generic method of transferring files• Send and receive files via TCP/IP

– FTP can transfer both binary and text files, including HTML, to another host

• Host running FTP server portion– Accepts commands from host running FTP client

• FTP commands– Operating system’s command prompt

• No special client software required• FTP hosts allow anonymous logons• Secure FTP (SFTP)

– More secure version of FTP– SFTP uses Secure Shell (SSH) to secure data transfers. – SSH ensures that SFTP transmissions use encrypted commands and

data which prevent data from being transmitted over the network in clear text.

Understanding FTP & TFTP Demo

SFTP Demo

TFTP (Trivial File Transfer Protocol)• Enables file transfers between computers

– Simpler (more trivial) than FTP– TFTP is faster than FTP, but might be subject to file errors

• TFTP relies on Transport layer UDP– Connectionless– No error correction and does not guarantee reliable data

delivery• No ID or password required

– Security risk• No directory browsing allowed• Useful to load data, programs on diskless workstation

– Often used when transferring files such as video, audio, or images

NTP (Network Time Protocol)

• NTP is used to communicate time synchronization information between systems on a network

• Depends on UDP Transport layer services– Benefits from UDP’s quick, connectionless nature

• Time sensitive• Cannot wait for error checking

• Time synchronization importance– Routing– Time-stamped security methods– Maintaining accuracy, consistency between multiple

storage systems

PING (Packet Internet Groper)

• Provides verification– TCP/IP installed, bound to NIC, configured

correctly, communicating with network– Host responding

• Uses ICMP services– Send echo request and echo reply messages

• Determine IP address validity• Ping IP address or host name• Ping loopback address: 127.0.0.1

– Determine if workstation’s TCP/IP services running

Ping (5:16)

PING (cont’d.)

• Operating system determines PING command options, switches, syntax

Output from successful and unsuccessful PING

Ping Demo

Summary

• Protocols define the standards for communication between nodes on a network

• TCP/IP is most popular protocol suite, because of its low cost, open nature, ability to communicate between dissimilar platforms, and routability

• TCP provides reliability through checksum, flow control, and sequencing information

• IP provides information about how and where data should be delivered

• Every IP address contains two types of information: network and host

Summary (continued)

• Subnetting is implemented to control network traffic and conserve a limited number of IP addresses

• Dynamic IP address assignment can be achieved using BOOTP or the more sophisticated DHCP

• A socket is a logical address assigned to a specific process running on a host

• IPv6 provides several other benefits over IPv4• A domain is a group of hosts that share a domain name

and have part of their IP addresses in common• DNS is a hierarchical way of tracking domain names and

their addresses

The End