TCP/IP Tutorial and Technical Overview - Lehigh CSEchuah/courses/cse343/tcp-ip-tutorial.pdfTCP/IP...

TCP/IP Tutorial and Technical Overview

Martin W. Murhammer, Orcun Atakan, Stefan Bretz,Larry R. Pugh, Kazunari Suzuki, David H. Wood

International Technical Support Organization

http://www.redbooks.ibm.com

GG24-3376-05

International Technical Support Organization

TCP/IP Tutorial and Technical Overview

October 1998

GG24-3376-05�

Take Note!

Before using this information and the product it supports, be sure to read the general information in Appendix A, “SpecialNotices” on page 673.

Sixth Edition (October 1998)

This edition applies to Transmission Control Protocol/Internet Protocol (TCP/IP) in general and selected IBM and OEMimplementations thereof.

Comments may be addressed to:IBM Corporation, International Technical Support OrganizationDept. HZ8 Building 678P.O. Box 12195Research Triangle Park, NC 27709-2195

When you send information to IBM, you grant IBM a non-exclusive right to use or distribute the information in any way it believesappropriate without incurring any obligation to you.

Copyright International Business Machines Corporation 1989, 1998. All rights reserved.Note to U.S. Government Users — Documentation related to restricted rights — Use, duplication or disclosure is subject torestrictions set forth in GSA ADP Schedule Contract with IBM Corp.

Contents

Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiiiThe Team That Wrote This Redbook . . . . . . . . . . . . . . . . . . . . . . . . xiiiComments Welcome . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv

Part 1. Architecture and Core Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Chapter 1. Introduction to TCP/IP - History, Architecture and Standards . 31.1 Internet History - Where It All Came From . . . . . . . . . . . . . . . . . . . 3

1.1.1 Internetworks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.1.2 The Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.1.3 ARPANET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.1.4 NSFNET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.1.5 Commercial Use of the Internet . . . . . . . . . . . . . . . . . . . . . . . 71.1.6 Information Superhighway . . . . . . . . . . . . . . . . . . . . . . . . . . 81.1.7 Internet2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91.1.8 The Open Systems Interconnect (OSI) Model . . . . . . . . . . . . . . . 9

1.2 TCP/IP Architectural Model - What It Is All About . . . . . . . . . . . . . . 111.2.1 Internetworking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111.2.2 The TCP/IP Protocol Stack . . . . . . . . . . . . . . . . . . . . . . . . . 121.2.3 TCP/IP Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141.2.4 Bridges, Routers and Gateways . . . . . . . . . . . . . . . . . . . . . . 15

1.3 Finding Standards for TCP/IP and the Internet . . . . . . . . . . . . . . . . 171.3.1 Request For Comments (RFC) . . . . . . . . . . . . . . . . . . . . . . 181.3.2 Internet Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191.3.3 Major Internet Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . 20

1.4 Future of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211.5 IBM and the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

1.5.1 The Network Computing Framework . . . . . . . . . . . . . . . . . . . 22

Chapter 2. Internetworking and Transport Layer Protocols . . . . . . . . . 272.1 Internet Protocol (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

2.1.1 IP Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272.1.2 IP Subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302.1.3 IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352.1.4 Methods of Delivery - Unicast, Broadcast, Multicast and Anycast . . 392.1.5 The IP Address Exhaustion Problem . . . . . . . . . . . . . . . . . . . 422.1.6 Intranets (Private IP Addresses) . . . . . . . . . . . . . . . . . . . . . . 442.1.7 Classless Inter-Domain Routing (CIDR) . . . . . . . . . . . . . . . . . 452.1.8 IP Datagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

2.2 Internet Control Message Protocol (ICMP) . . . . . . . . . . . . . . . . . . 582.2.1 ICMP Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 592.2.2 ICMP Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

2.3 Internet Group Management Protocol (IGMP) . . . . . . . . . . . . . . . . . 672.4 Address Resolution Protocol (ARP) . . . . . . . . . . . . . . . . . . . . . . 68

2.4.1 ARP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682.4.2 ARP Detailed Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . 682.4.3 ARP and Subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 712.4.4 Proxy-ARP or Transparent Subnetting . . . . . . . . . . . . . . . . . . 71

2.5 Reverse Address Resolution Protocol (RARP) . . . . . . . . . . . . . . . . 72

Copyright IBM Corp. 1989, 1998 iii

2.5.1 RARP Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 722.6 Ports and Sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73

2.6.1 Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732.6.2 Sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

2.7 User Datagram Protocol (UDP) . . . . . . . . . . . . . . . . . . . . . . . . . 752.7.1 UDP Datagram Format . . . . . . . . . . . . . . . . . . . . . . . . . . . 762.7.2 UDP Application Programming Interface . . . . . . . . . . . . . . . . . 77

2.8 Transmission Control Protocol (TCP) . . . . . . . . . . . . . . . . . . . . . 782.8.1 TCP Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 782.8.2 TCP Application Programming Interface . . . . . . . . . . . . . . . . . 882.8.3 TCP Congestion Control Algorithms . . . . . . . . . . . . . . . . . . . 88

2.9 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93

Chapter 3. Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 953.1 Basic IP Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95

3.1.1 Routing Processes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973.1.2 Autonomous Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

3.2 Routing Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 983.2.1 Static Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 983.2.2 Distance Vector Routing . . . . . . . . . . . . . . . . . . . . . . . . . . 993.2.3 Link State Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104

3.3 Interior Gateway Protocols (IGP) . . . . . . . . . . . . . . . . . . . . . . . 1063.3.1 Routing Information Protocol (RIP) . . . . . . . . . . . . . . . . . . . 1063.3.2 Routing Information Protocol Version 2 (RIP-2) . . . . . . . . . . . . 1083.3.3 RIPng for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1103.3.4 Open Shortest Path First (OSPF) . . . . . . . . . . . . . . . . . . . . 112

3.4 Exterior Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 1343.4.1 Exterior Gateway Protocol (EGP) . . . . . . . . . . . . . . . . . . . . 1343.4.2 Border Gateway Protocol (BGP-4) . . . . . . . . . . . . . . . . . . . 135

3.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

Chapter 4. Application Protocols . . . . . . . . . . . . . . . . . . . . . . . . 1494.1 Characteristics of Applications . . . . . . . . . . . . . . . . . . . . . . . . 149

4.1.1 Client/Server Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1494.2 Domain Name System (DNS) . . . . . . . . . . . . . . . . . . . . . . . . . 150

4.2.1 The Hierarchical Namespace . . . . . . . . . . . . . . . . . . . . . . 1514.2.2 Fully Qualified Domain Names (FQDNs) . . . . . . . . . . . . . . . . 1514.2.3 Generic Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1524.2.4 Country Domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1524.2.5 Mapping Domain Names to IP Addresses . . . . . . . . . . . . . . . 1534.2.6 Mapping IP Addresses to Domain Names — Pointer Queries . . . . 1534.2.7 The Distributed Name Space . . . . . . . . . . . . . . . . . . . . . . 1534.2.8 Domain Name Resolution . . . . . . . . . . . . . . . . . . . . . . . . 1544.2.9 Domain Name System Resource Records . . . . . . . . . . . . . . . 1574.2.10 Domain Name System Messages . . . . . . . . . . . . . . . . . . . 1594.2.11 A Simple Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1634.2.12 Extended Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1654.2.13 Transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1654.2.14 DNS Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1664.2.15 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

4.3 TELNET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1674.3.1 TELNET Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1674.3.2 Terminal Emulation (Telnet 3270) . . . . . . . . . . . . . . . . . . . . 1724.3.3 TN3270 Enhancements (TN3270E) . . . . . . . . . . . . . . . . . . . 173

iv TCP/IP Tutorial and Technical Overview

4.3.4 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1754.4 File Transfer Protocol (FTP) . . . . . . . . . . . . . . . . . . . . . . . . . . 175

4.4.1 Overview of FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1754.4.2 FTP Operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1764.4.3 Reply Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1784.4.4 FTP Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1794.4.5 A Sample FTP Session . . . . . . . . . . . . . . . . . . . . . . . . . . 1794.4.6 Anonymous FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1804.4.7 Remote Job Entry Using FTP . . . . . . . . . . . . . . . . . . . . . . 180

4.5 Trivial File Transfer Protocol (TFTP) . . . . . . . . . . . . . . . . . . . . . 1804.5.1 TFTP Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1814.5.2 Protocol Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1814.5.3 TFTP Multicast Option . . . . . . . . . . . . . . . . . . . . . . . . . . 1824.5.4 Security Issue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

4.6 Remote Execution Command Protocol (REXEC and RSH) . . . . . . . . 1834.6.1 Principle of Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

4.7 Simple Mail Transfer Protocol (SMTP) . . . . . . . . . . . . . . . . . . . . 1844.7.1 How SMTP Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1864.7.2 SMTP and the Domain Name System . . . . . . . . . . . . . . . . . 1914.7.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

4.8 Multipurpose Internet Mail Extensions (MIME) . . . . . . . . . . . . . . . 1934.8.1 How MIME Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1964.8.2 The Content-Type Field . . . . . . . . . . . . . . . . . . . . . . . . . . 1964.8.3 The Content-Transfer-Encoding Field . . . . . . . . . . . . . . . . . . 2024.8.4 Using Non-ASCII Characters in Message Headers . . . . . . . . . . 2064.8.5 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207

4.9 Post Office Protocol (POP) . . . . . . . . . . . . . . . . . . . . . . . . . . 2084.9.1 POP3 Commands and Responses . . . . . . . . . . . . . . . . . . . 2084.9.2 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209

4.10 Internet Message Access Protocol Version 4 (IMAP4) . . . . . . . . . . 2094.10.1 IMAP4 Underlying Electronic Mail Models . . . . . . . . . . . . . . 2104.10.2 IMAP4 Commands and Responses . . . . . . . . . . . . . . . . . . 2104.10.3 Message Numbers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2114.10.4 IMAP4 States . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2124.10.5 Client Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2134.10.6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

4.11 Network Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2144.11.1 Standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2154.11.2 Bootstrap Protocol (BOOTP) . . . . . . . . . . . . . . . . . . . . . . 2154.11.3 Structure and Identification of Management Information (SMI) . . . 2154.11.4 Management Information Base (MIB) . . . . . . . . . . . . . . . . . 2164.11.5 Simple Network Management Protocol (SNMP) . . . . . . . . . . . 2204.11.6 Simple Network Management Protocol Version 2 (SNMPv2) . . . 2224.11.7 MIB for SNMPv2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2254.11.8 Single Authentication and Privacy Protocol . . . . . . . . . . . . . . 2264.11.9 The New Administrative Model . . . . . . . . . . . . . . . . . . . . . 2274.11.10 Simple Network Management Protocol Version 3 (SNMPv3) . . . 2284.11.11 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229

4.12 Remote Printing (LPR and LPD) . . . . . . . . . . . . . . . . . . . . . . 2304.13 Network File System (NFS) . . . . . . . . . . . . . . . . . . . . . . . . . 230

4.13.1 NFS Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2304.13.2 WebNFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2344.13.3 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

4.14 X Window System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235

Contents v

4.14.1 Functional Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . 2364.14.2 Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239

4.15 Finger Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2404.16 NETSTAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2404.17 Network Information System (NIS) . . . . . . . . . . . . . . . . . . . . . 2414.18 NetBIOS over TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241

4.18.1 NetBIOS over TCP/IP in IBM OS/2 Warp 4 . . . . . . . . . . . . . 2444.18.2 NetBIOS over TCP/IP in Microsoft Windows Systems . . . . . . . 2454.18.3 NetBIOS Name Server (NBNS) Implementations . . . . . . . . . . 247

4.19 Application Programming Interfaces (APIs) . . . . . . . . . . . . . . . . 2484.19.1 The Socket API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2484.19.2 Remote Procedure Call (RPC) . . . . . . . . . . . . . . . . . . . . . 2524.19.3 Windows Sockets Version 2 (Winsock V2.0) . . . . . . . . . . . . . 2564.19.4 SNMP Distributed Programming Interface (SNMP DPI) . . . . . . . 2574.19.5 FTP API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2594.19.6 CICS Socket Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 2604.19.7 IMS Socket Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 2604.19.8 Sockets Extended . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2604.19.9 REXX Sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260

Part 2. Special Purpose Protocols and New Technologies . . . . . . . . . . . . . . . 261

Chapter 5. TCP/IP Security Overview . . . . . . . . . . . . . . . . . . . . . 2635.1 Security Exposures and Solutions . . . . . . . . . . . . . . . . . . . . . . 263

5.1.1 Common Attacks Against Security . . . . . . . . . . . . . . . . . . . 2635.1.2 Solutions to Network Security Problems . . . . . . . . . . . . . . . . 2645.1.3 Implementations of Security Solutions . . . . . . . . . . . . . . . . . 2655.1.4 Network Security Policy . . . . . . . . . . . . . . . . . . . . . . . . . . 266

5.2 A Short Introduction to Cryptography . . . . . . . . . . . . . . . . . . . . . 2675.2.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2675.2.2 Symmetric or Secret-Key Algorithms . . . . . . . . . . . . . . . . . . 2685.2.3 Asymmetric or Public-Key Algorithms . . . . . . . . . . . . . . . . . . 2705.2.4 Hash Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2735.2.5 Digital Certificates and Certification Authorities . . . . . . . . . . . . 2785.2.6 Random-Number Generators . . . . . . . . . . . . . . . . . . . . . . 2795.2.7 Export/Import Restrictions on Cryptography . . . . . . . . . . . . . . 279

5.3 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2805.3.1 Firewall Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2815.3.2 Components of A Firewall System . . . . . . . . . . . . . . . . . . . 2825.3.3 Packet-Filtering Router . . . . . . . . . . . . . . . . . . . . . . . . . . 2825.3.4 Application Level Gateway (Proxy) . . . . . . . . . . . . . . . . . . . 2845.3.5 Circuit Level Gateway . . . . . . . . . . . . . . . . . . . . . . . . . . . 2885.3.6 Firewall Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289

5.4 Network Address Translation (NAT) . . . . . . . . . . . . . . . . . . . . . 2935.4.1 NAT Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2935.4.2 Translation Mechanism . . . . . . . . . . . . . . . . . . . . . . . . . . 2945.4.3 NAT Limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296

5.5 The IP Security Architecture (IPSec) . . . . . . . . . . . . . . . . . . . . . 2975.5.1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2975.5.2 Authentication Header (AH) . . . . . . . . . . . . . . . . . . . . . . . 2995.5.3 Encapsulating Security Payload (ESP) . . . . . . . . . . . . . . . . . 3035.5.4 Combining IPSec Protocols . . . . . . . . . . . . . . . . . . . . . . . 3075.5.5 The Internet Key Exchange Protocol (IKE) . . . . . . . . . . . . . . . 312

vi TCP/IP Tutorial and Technical Overview

5.5.6 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3255.6 SOCKS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326

5.6.1 SOCKS Version 5 (SOCKSv5) . . . . . . . . . . . . . . . . . . . . . . 3275.7 Secure Sockets Layer (SSL) . . . . . . . . . . . . . . . . . . . . . . . . . 331

5.7.1 SSL Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3315.7.2 SSL Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333

5.8 Transport Layer Security (TLS) . . . . . . . . . . . . . . . . . . . . . . . . 3375.9 Secure Multipurpose Internet Mail Extension (S-MIME) . . . . . . . . . . 3375.10 Virtual Private Networks (VPN) Overview . . . . . . . . . . . . . . . . . 337

5.10.1 VPN Introduction and Benefits . . . . . . . . . . . . . . . . . . . . . 3385.11 Kerberos Authentication and Authorization System . . . . . . . . . . . . 339

5.11.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3395.11.2 Naming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3405.11.3 Kerberos Authentication Process . . . . . . . . . . . . . . . . . . . 3405.11.4 Kerberos Database Management . . . . . . . . . . . . . . . . . . . 3435.11.5 Kerberos Authorization Model . . . . . . . . . . . . . . . . . . . . . 3445.11.6 Kerberos Version 5 Enhancements . . . . . . . . . . . . . . . . . . 344

5.12 Remote Access Authentication Protocols . . . . . . . . . . . . . . . . . 3455.13 Layer 2 Tunneling Protocol (L2TP) . . . . . . . . . . . . . . . . . . . . . 347

5.13.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3475.13.2 Protocol Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3485.13.3 L2TP Security Issues . . . . . . . . . . . . . . . . . . . . . . . . . . 350

5.14 Secure Electronic Transactions (SET) . . . . . . . . . . . . . . . . . . . 3505.14.1 SET Roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3515.14.2 SET Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3515.14.3 The SET Certificate Scheme . . . . . . . . . . . . . . . . . . . . . . 353

5.15 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355

Chapter 6. IP Version 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3576.1 IPv6 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3586.2 The IPv6 Header Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358

6.2.1 Packet Sizes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3616.2.2 Extension Headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3616.2.3 IPv6 Addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3676.2.4 Priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3716.2.5 Flow Labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372

6.3 Internet Control Message Protocol Version 6 (ICMPv6) . . . . . . . . . . 3726.3.1 Neighbor Discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3736.3.2 Stateless Address Autoconfiguration . . . . . . . . . . . . . . . . . . 3826.3.3 Multicast Listener Discovery (MLD) . . . . . . . . . . . . . . . . . . . 383

6.4 DNS in IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3866.4.1 Format of IPv6 Resource Records . . . . . . . . . . . . . . . . . . . 386

6.5 DHCP in IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3886.5.1 Differences between DHCPv6 and DHCPv4 . . . . . . . . . . . . . . 3896.5.2 DHCPv6 Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389

6.6 Mobility Support in IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3906.7 Internet Transition - Migrating from IPv4 to IPv6 . . . . . . . . . . . . . . 390

6.7.1 Dual IP Stack Implementation - The IPv6/IPv4 Node . . . . . . . . . 3916.7.2 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3926.7.3 Header Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3976.7.4 Interoperability Summary . . . . . . . . . . . . . . . . . . . . . . . . . 397

6.8 The Drive Towards IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3986.9 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398

Contents vii

Chapter 7. Dynamic IP, Mobile IP and Network Computers . . . . . . . . 4017.1 Bootstrap Protocol (BOOTP) . . . . . . . . . . . . . . . . . . . . . . . . . 401

7.1.1 BOOTP Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4057.1.2 BOOTP Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 405

7.2 Dynamic Host Configuration Protocol (DHCP) . . . . . . . . . . . . . . . 4067.2.1 The DHCP Message Format . . . . . . . . . . . . . . . . . . . . . . . 4067.2.2 DHCP Message Types . . . . . . . . . . . . . . . . . . . . . . . . . . 4087.2.3 Allocating a New Network Address . . . . . . . . . . . . . . . . . . . 4097.2.4 DHCP Lease Renewal Process . . . . . . . . . . . . . . . . . . . . . 4117.2.5 Reusing a Previously Allocated Network Address . . . . . . . . . . . 4127.2.6 Configuration Parameters Repository . . . . . . . . . . . . . . . . . . 4137.2.7 DHCP Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 4137.2.8 BOOTP and DHCP Interoperability . . . . . . . . . . . . . . . . . . . 413

7.3 Dynamic Domain Name System . . . . . . . . . . . . . . . . . . . . . . . 4147.3.1 The UPDATE DNS Message Format . . . . . . . . . . . . . . . . . . 4157.3.2 IBM's Implementation of DDNS . . . . . . . . . . . . . . . . . . . . . 4177.3.3 Proxy A Record Update (ProxyArec) . . . . . . . . . . . . . . . . . . 424

7.4 Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4267.4.1 Mobile IP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4267.4.2 Mobile IP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4277.4.3 Mobility Agent Advertisement Extensions . . . . . . . . . . . . . . . 4287.4.4 Mobile IP Registration Process . . . . . . . . . . . . . . . . . . . . . 4307.4.5 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4327.4.6 Broadcast Datagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . 4327.4.7 Move Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4337.4.8 ARP Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4337.4.9 Mobile IP Security Considerations . . . . . . . . . . . . . . . . . . . . 434

7.5 IP Masquerading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4347.6 The Network Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4347.7 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436

Chapter 8. Internet Protocols and Applications . . . . . . . . . . . . . . . 4378.1 The World Wide Web (WWW) . . . . . . . . . . . . . . . . . . . . . . . . 437

8.1.1 Web Browsers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4378.1.2 Web Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4398.1.3 Web Server Application Technologies . . . . . . . . . . . . . . . . . 439

8.2 Hypertext Transfer Protocol (HTTP) . . . . . . . . . . . . . . . . . . . . . 4408.2.1 Overview of HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4408.2.2 HTTP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441

8.3 Hypertext Markup Language (HTML) . . . . . . . . . . . . . . . . . . . . . 4488.4 The Extensible Markup Language (XML) . . . . . . . . . . . . . . . . . . 4488.5 Java . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449

8.5.1 Java Components Overview . . . . . . . . . . . . . . . . . . . . . . . 4498.5.2 JavaScript . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4518.5.3 Java in the World Wide Web . . . . . . . . . . . . . . . . . . . . . . . 4518.5.4 Java Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4518.5.5 Distributed Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453

8.6 Accessing Legacy Applications from the Web . . . . . . . . . . . . . . . 4558.6.1 Business Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . 4558.6.2 Technical Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4568.6.3 Security Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4568.6.4 IBM e-business Solutions . . . . . . . . . . . . . . . . . . . . . . . . . 457

8.7 Network News Transfer Protocol (NNTP) . . . . . . . . . . . . . . . . . . 4608.8 Gopher . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460

viii TCP/IP Tutorial and Technical Overview

8.9 Internet2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4628.9.1 Mission . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4628.9.2 Project Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4638.9.3 Internet2 and NGI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465

8.10 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465

Chapter 9. Multicast and Multimedia . . . . . . . . . . . . . . . . . . . . . . 4679.1 Multicasting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4679.2 Internet Group Management Protocol (IGMP) . . . . . . . . . . . . . . . . 469

9.2.1 IGMP Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4699.2.2 IGMP Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470

9.3 Multicast Routing Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . 4729.3.1 Distance Vector Multicast Routing Protocol (DVMRP) . . . . . . . . 4729.3.2 Multicast OSPF (MOSPF) . . . . . . . . . . . . . . . . . . . . . . . . 4779.3.3 Protocol Independent Multicast (PIM) . . . . . . . . . . . . . . . . . . 478

9.4 The Multicast Backbone . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4829.4.1 MBONE Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4829.4.2 MBONE Applications . . . . . . . . . . . . . . . . . . . . . . . . . . . 484

9.5 The Real-Time Protocols RTP and RTCP . . . . . . . . . . . . . . . . . . 4859.5.1 The Real-Time Transport Protocol (RTP) . . . . . . . . . . . . . . . 4859.5.2 The Real-Time Control Protocol . . . . . . . . . . . . . . . . . . . . . 4899.5.3 RTP Translators and Mixers . . . . . . . . . . . . . . . . . . . . . . . 4959.5.4 Real-Time Applications . . . . . . . . . . . . . . . . . . . . . . . . . . 496

9.6 Voice over IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4989.6.1 ITU-T Recommendation H.323 . . . . . . . . . . . . . . . . . . . . . 4999.6.2 Voice Compression (G.723.1 and G.729) . . . . . . . . . . . . . . . 5019.6.3 The VoIP Protocol Stack . . . . . . . . . . . . . . . . . . . . . . . . . 502

9.7 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504

Chapter 10. Quality of Service . . . . . . . . . . . . . . . . . . . . . . . . . . 50510.1 Why QoS? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50510.2 Integrated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506

10.2.1 Service Classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50810.2.2 The Reservation Protocol (RSVP) . . . . . . . . . . . . . . . . . . . 51110.2.3 The Future of Integrated Services . . . . . . . . . . . . . . . . . . . 522

10.3 Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52310.3.1 Differentiated Services Architecture . . . . . . . . . . . . . . . . . . 52410.3.2 Using RSVP with Differentiated Services . . . . . . . . . . . . . . . 53010.3.3 Configuration and Administration of DS Components with LDAP . 53210.3.4 Using Differentiated Services with IPSec . . . . . . . . . . . . . . . 53310.3.5 Internet Drafts on Differentiated Services . . . . . . . . . . . . . . . 534

10.4 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534

Chapter 11. Availability, Scalability and Load Balancing . . . . . . . . . 53511.1 Virtual Router Redundancy Protocol (VRRP) . . . . . . . . . . . . . . . 536

11.1.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53611.1.2 VRRP Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53711.1.3 VRRP Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53811.1.4 Sample Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 53911.1.5 VRRP Packet Format . . . . . . . . . . . . . . . . . . . . . . . . . . 540

11.2 Round-Robin DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54211.3 IBM eNetwork Dispatcher . . . . . . . . . . . . . . . . . . . . . . . . . . 543

11.3.1 eNetwork Dispatcher Components . . . . . . . . . . . . . . . . . . . 54311.3.2 Load Balancing with Weights . . . . . . . . . . . . . . . . . . . . . . 546

Contents ix

11.3.3 High Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54711.3.4 Server Affinity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54911.3.5 Rules-Based Balancing . . . . . . . . . . . . . . . . . . . . . . . . . 54911.3.6 Wide Area Network Dispatcher . . . . . . . . . . . . . . . . . . . . . 54911.3.7 Combining ISS and Dispatcher . . . . . . . . . . . . . . . . . . . . . 55011.3.8 Advisors and Custom Advisors . . . . . . . . . . . . . . . . . . . . . 55111.3.9 SNMP Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55211.3.10 Co-Location Option . . . . . . . . . . . . . . . . . . . . . . . . . . . 55211.3.11 ISP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55311.3.12 OS/390 Parallel Sysplex Support . . . . . . . . . . . . . . . . . . . 554

11.4 Alternative Solutions to Load Balancing . . . . . . . . . . . . . . . . . . 55611.4.1 Network Address Translation . . . . . . . . . . . . . . . . . . . . . . 55611.4.2 Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55811.4.3 HTTP Redirection . . . . . . . . . . . . . . . . . . . . . . . . . . . . 558

11.5 TCP/IP for OS/390 Using Workload Manager (WLM) . . . . . . . . . . 55811.5.1 Related Terminology and Products . . . . . . . . . . . . . . . . . . 55811.5.2 Overview of WLM . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559

11.6 OSPF Equal-Cost Multipath . . . . . . . . . . . . . . . . . . . . . . . . . 56011.7 OS/390 VIPA Connection Recovery . . . . . . . . . . . . . . . . . . . . 561

Chapter 12. Directory Protocols and Distributed Computing . . . . . . . 56312.1 Introduction to the Distributed Computing Environment (DCE) . . . . . 563

12.1.1 DCE Directory Service . . . . . . . . . . . . . . . . . . . . . . . . . . 56412.1.2 DCE Security Service . . . . . . . . . . . . . . . . . . . . . . . . . . 56612.1.3 DCE Threads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57012.1.4 DCE Remote Procedure Call . . . . . . . . . . . . . . . . . . . . . . 57112.1.5 Distributed Time Service . . . . . . . . . . . . . . . . . . . . . . . . 57212.1.6 Distributed File Service (DFS) . . . . . . . . . . . . . . . . . . . . . 57312.1.7 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575

12.2 The Andrew File System (AFS) . . . . . . . . . . . . . . . . . . . . . . . 57512.3 Lightweight Directory Access Protocol (LDAP) . . . . . . . . . . . . . . 577

12.3.1 LDAP - Lightweight Access to X.500 . . . . . . . . . . . . . . . . . 57712.3.2 The LDAP Directory Server . . . . . . . . . . . . . . . . . . . . . . . 57912.3.3 Overview of LDAP Architecture . . . . . . . . . . . . . . . . . . . . 58012.3.4 LDAP Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58112.3.5 LDAP Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58612.3.6 LDAP URLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58812.3.7 LDAP and DCE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58912.3.8 The Directory-Enabled Networks Initiative (DEN) . . . . . . . . . . 59012.3.9 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591

Part 3. Connection Protocols and Platform Implementations . . . . . . . . . . . . . 593

Chapter 13. Connection Protocols . . . . . . . . . . . . . . . . . . . . . . . 59513.1 Ethernet and IEEE 802.x Local Area Networks (LANs) . . . . . . . . . 59513.2 Fiber Distributed Data Interface (FDDI) . . . . . . . . . . . . . . . . . . . 59713.3 Asynchronous Transfer Mode (ATM) . . . . . . . . . . . . . . . . . . . . 598

13.3.1 Address Resolution (ATMARP and InATMARP) . . . . . . . . . . . 59813.3.2 Classical IP over ATM . . . . . . . . . . . . . . . . . . . . . . . . . . 60113.3.3 ATM LAN Emulation . . . . . . . . . . . . . . . . . . . . . . . . . . . 60613.3.4 Classical IP over ATM versus LAN Emulation . . . . . . . . . . . . 608

13.4 Data Link Switching: Switch-to-Switch Protocol . . . . . . . . . . . . . . 60913.4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609

x TCP/IP Tutorial and Technical Overview

13.4.2 Functional Description . . . . . . . . . . . . . . . . . . . . . . . . . . 60913.5 Serial Line IP (SLIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61113.6 Point-to-Point Protocol (PPP) . . . . . . . . . . . . . . . . . . . . . . . . 611

13.6.1 Point-to-Point Encapsulation . . . . . . . . . . . . . . . . . . . . . . 61213.7 Integrated Services Digital Network (ISDN) . . . . . . . . . . . . . . . . 61313.8 TCP/IP and X.25 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61413.9 Frame Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616

13.9.1 Frame Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61613.9.2 Interconnect Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . 61713.9.3 Data Link Layer Parameter Negotiation . . . . . . . . . . . . . . . . 61713.9.4 IP over Frame Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . 618

13.10 PPP over SONET and SDH Circuits . . . . . . . . . . . . . . . . . . . 61813.10.1 Physical Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619

13.11 Multiprotocol Label Switching (MPLS) . . . . . . . . . . . . . . . . . . . 61913.11.1 Forwarding Methods . . . . . . . . . . . . . . . . . . . . . . . . . . 62013.11.2 MPLS Usefulness . . . . . . . . . . . . . . . . . . . . . . . . . . . . 620

13.12 Enterprise Extender . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62113.12.1 Performance and Recovery . . . . . . . . . . . . . . . . . . . . . . 621

13.13 Multiprotocol Transport Network (MPTN) . . . . . . . . . . . . . . . . . 62213.13.1 Requirements for Mixed-Protocol Networking . . . . . . . . . . . . 62213.13.2 MPTN Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . 62213.13.3 MPTN Methodology . . . . . . . . . . . . . . . . . . . . . . . . . . 62313.13.4 MPTN Major Components . . . . . . . . . . . . . . . . . . . . . . . 623

13.14 Multi-Path Channel+ (MPC+) . . . . . . . . . . . . . . . . . . . . . . . . 62513.15 S/390 Open Systems Adapter 2 . . . . . . . . . . . . . . . . . . . . . . 626

13.15.1 OSA-2 Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62613.15.2 S/390 Unit Addresses Correlate with OSA-2 LAN Port Numbers 62713.15.3 Open Systems Adapter/Support Facility (OSA/SF) . . . . . . . . . 628

13.16 Multiprotocol over ATM (MPOA) . . . . . . . . . . . . . . . . . . . . . . 62813.16.1 Benefits of MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62913.16.2 MPOA Logical Components . . . . . . . . . . . . . . . . . . . . . . 62913.16.3 MPOA Functional Components . . . . . . . . . . . . . . . . . . . . 63013.16.4 MPOA Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631

13.17 Private Network-to-Network Interface (PNNI) . . . . . . . . . . . . . . . 63213.17.1 PNNI Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63313.17.2 PNNI Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63313.17.3 PNNI Signalling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636

13.18 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 636

Chapter 14. Platform Implementations . . . . . . . . . . . . . . . . . . . . . 63914.1 Software Operating System Implementations . . . . . . . . . . . . . . . 639

14.1.1 IBM OS/390 V2R6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63914.1.2 IBM TCP/IP V2R4 for VM . . . . . . . . . . . . . . . . . . . . . . . . 64414.1.3 IBM OS/400 V4R3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64614.1.4 IBM AIX 4.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65014.1.5 IBM TCP/IP 4.1 for OS/2 . . . . . . . . . . . . . . . . . . . . . . . . 65314.1.6 Functional Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . 655

14.2 IBM Hardware Platform Implementations . . . . . . . . . . . . . . . . . . 66014.2.1 The IBM Nways Router Family . . . . . . . . . . . . . . . . . . . . . 66114.2.2 The IBM Multiprotocol Switch Hub Family . . . . . . . . . . . . . . 66314.2.3 The IBM Workgroup Hubs and Workgroup Switches . . . . . . . . 66514.2.4 The IBM High Performance Controllers . . . . . . . . . . . . . . . . 66814.2.5 The IBM Nways Wide Area Switches . . . . . . . . . . . . . . . . . 66914.2.6 Functional Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . 669

Contents xi

Appendix A. Special Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . 673

Appendix B. Related Publications . . . . . . . . . . . . . . . . . . . . . . . 677B.1 International Technical Support Organization Publications . . . . . . . . 677B.2 Redbooks on CD-ROMs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678B.3 Other Publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678

How to Get ITSO Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 681How IBM Employees Can Get ITSO Redbooks . . . . . . . . . . . . . . . . . 681How Customers Can Get ITSO Redbooks . . . . . . . . . . . . . . . . . . . . 682IBM Redbook Order Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 683

List of Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 685

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 691

ITSO Redbook Evaluation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 693

xii TCP/IP Tutorial and Technical Overview

Preface

This redbook provides an introduction as well as a reference to the TransmissionControl Protocol/Internet Protocol (TCP/IP) suite of protocols and applications,which provide the foundation and framework for many computer networks, amongthem the world's largest, the Internet. This redbook explains the basics of TCP/IPand also includes an overview of the latest developments in the world of TCP/IPand the Internet. Special areas of interest are security (IPSec, VPN, certificate andkey management, etc.), Java, IP mobility and address management, multicasting,priority and bandwidth reservation, IPv6, directory protocols and, last but not least,the latest hardware and software developments.

To provide a comprehensive presentation of the topics, this book is structured asfollows:

Part 1 describes the history, architecture and standards of TCP/IP and alsoincludes the core network, transport, routing and application protocols of theTCP/IP suite.

Part 2 introduces new architectures and special purpose protocols, such as IPVersion 6, IP security, quality of service, load balancing and Internet protocols.

Part 3 discusses network connections and platform implementations of TCP/IP.

It has always been the purpose of this redbook to provide an introduction andoverview that is valuable to the TCP/IP novice to find the bearings in the world ofheterogeneous connectivity. For the benefit of readers who are new to TCP/IP, thisbasic information has been included with this edition in Part 1.

It is the main intention of the authors of this edition, however, to provide in-depthinformation on the most current protocols, technologies and implementations ofTCP/IP available today and which are actually used and deployed throughout theInternet as well as in private TCP/IP networks. This material has been compiled asboth an overview as well as a technical reference for advanced TCP/IP users andexperts in this area who want to broaden their scope of knowledge.

The Team That Wrote This RedbookThis redbook was produced by a team of specialists from around the world workingat the International Technical Support Organization, Raleigh Center. The leader ofthis project was Martin W. Murhammer.

Martin W. Murhammer is a Senior I/T Availability Professional at the InternationalTechnical Support Organization Raleigh Center. Before joining the ITSO in 1996,he was a Systems Engineer in the Systems Service Center at IBM Austria. He has13 years of experience in the personal computing environment including such areasas heterogeneous connectivity, server design, system recovery, and Internetsolutions. He is an IBM Certified OS/2 Engineer and a Certified LAN ServerEngineer and has previously coauthored nine redbooks during projects at the ITSORaleigh and Austin Centers.

Orcun Atakan is an Internet Specialist at the Information Systems TechnicalSupport help desk in IBM Turkey, where he has been working for three years. His

Copyright IBM Corp. 1989, 1998 xiii

areas of expertise is IP security, Internet, Java, Firewalls and the IBM eNetworkrange of products.

Stefan Bretz is a Support Specialist at IBM Network Service Software in Germany.He has two years of experience in the MVS TCP/IP field with a focus on FTP andSockets. His areas of expertise include IP multicasting, RTP and RSVP. He holdsa Bachelor's Degree in Computer Engineering from the Berufsakademie (Universityof Applied Studies) in Mannheim.

Larry R. Pugh has worked for IBM for 25 years. His career at IBM includes jobsas a Systems Programmer, Systems Engineer, and Telecommunications Analyst.He has worked in networking for the past 20 years. In his early networking careerhe assisted IBM customers with configuring and implementing SNA networks. Tenyears ago he joined IBM Education, where he is currently working as anInstructor/Developer. He developed and taught SNA courses before he switched toTCP/IP courses and lab configurations for TCP/IP networks six years ago. Larrygraduated from Grambling State University in Grambling, La., in 1973 with a degreein Applied Mathematics and Computer Science.

Kazunari Suzuki is an Advisory I/T Specialist working for the Network DesignSupport Office at IBM Japan. He has five years of experience supporting IBMnetworking hardware products, focusing on TCP/IP and SNA connectivity. Hisareas of expertise also include MVS and DB2.

David H. Wood is a Senior Software Specialist with IBM UK. He has 10 yearsexperience in networking software. His current areas of expertise include OS/2,LAN/WARP Server, WorkSpace On-Demand, Network Computers, Dynamic IP,NetWare, DCE and Windows NT.

Thanks to the following people for their invaluable contributions to this project:

Karl Wozabal, Marco Pistoia, Harry J. Dutton, Linda Robinson, GailChristensen, Kathryn CasamentoInternational Technical Support Organization, Raleigh Center

Fant SteeleInternational Technical Support Organization, Rochester Center

Uwe ZimmermannInternational Technical Support Organization, Austin Center

Edward Britton, Alfred Christensen, Charlotte Davis, Ed Ellesson, ChrisGage, Pratik Gupta, Brian K. Haberman, Ricardo Haragutchi, Lap Huynh, DavidJacobson, Charles Kunzinger, Acee Lindem, Calvin Stacy Powers, LauraRademacher, Catherine M. Rossi, Bill Stephenson, Glenn Stump, John TavsIBM Research Triangle Park

Christopher MetzIBM New York

Brian Carpenter, Member of the IAB and Co-Chair of the IETF WorkingGroup for Differentiated ServicesIBM United Kingdom

xiv TCP/IP Tutorial and Technical Overview

Pete Russell, Lynda LinneyIBM United Kingdom

Nagatsugu Yamanouchi, Yuhji Mori, Tatsuji Namatsu, Kohji YokoeAtsushi Itoh, Atsuhiko Iwamura, Kunihiko TejimaIBM Japan

Scott S. GassInternational Network Services

Thanks to the authors and contributors of previous editions of this redbook:

Peter Frick, Gerard Bourbigot, Frank VandewieleAuthors of first edition

Peter Frick, Lesia Antonowytsch Cox, Ricardo HaragutchiAuthors of second edition

Philippe Beaupied, Frederic DebuloisAuthors of third edition

Philippe Beaupied, Francis LiAuthors of fourth edition

Eamon Murphy, Matthias Enders, Steve HayesAuthors of fifth edition

Antonius Bekker, Paul D. Bosco, Bob Botts, Edward Britton, AlfredChristensen, Niels Christiansen, Jim Curran, Pete Haverlock, BarryNusbaum, Richard Ryniker, Bruce Wilder;TCP/IP Development Team, Raleigh;International Technical Support Organization Rochester Center;Telecommunications Education Center, Raleigh;Contributors to previous editions

Comments WelcomeYour comments are important to us!

We want our redbooks to be as helpful as possible. Please send us yourcomments about this or other redbooks in one of the following ways:

Fax the evaluation form found in “ITSO Redbook Evaluation” on page 693 tothe fax number shown on the form.

Use the electronic evaluation form found on the Redbooks Web sites:

For Internet users http://www.redbooks.ibm.com/For IBM Intranet users http://w3.itso.ibm.com/

Send us a note at the following address:

[email protected]

Preface xv

xvi TCP/IP Tutorial and Technical Overview

Part 1. Architecture and Core Protocols

Copyright IBM Corp. 1989, 1998 1

2 TCP/IP Tutorial and Technical Overview

Chapter 1. Introduction to TCP/IP - History, Architecture andStandards

Today, the Internet, World Wide Web, and Information Super Highway are familiarterms to millions of people all over the world. Transmission ControlProtocol/Internet Protocol (TCP/IP) is the protocol suite developed for the Internet.In this chapter we describe how the Internet was formed, how it developed and howit is likely to develop in the future. We also look at the basic properties of TCP/IP.

1.1 Internet History - Where It All Came FromNetworks have become a fundamental, if not the most important, part of today'sinformation systems. They form the backbone for information sharing inenterprises, governmental and scientific groups. That information can take severalforms. It can be notes and documents, data to be processed by another computer,files sent to colleagues, and even more exotic forms of data.

Most of these networks were installed in the late 60s and 70s, when networkdesign was the "state of the art" topic of computer research and sophisticatedimplementers. It resulted in multiple networking models such as packet-switchingtechnology, collision-detection local area networks, hierarchical enterprise networks,and many other excellent technologies.

From the early 70s on, another aspect of networking became important: protocollayering, which allows applications to communicate with each other. A completerange of architectural models were proposed and implemented by various researchteams and computer manufacturers.

The result of all this great know-how is that today any group of users can find aphysical network and an architectural model suitable for their specific needs. Thisranges from cheap asynchronous lines with no other error recovery than abit-per-bit parity function, through full-function wide area networks (public or private)with reliable protocols such as public packet-switching networks or private SNAnetworks, to high-speed but limited-distance local area networks.

The down side of this exploding information sharing is the rather painful situationwhen one group of users wants to extend its information system to another groupof users who happen to have a different network technology and different networkprotocols. As a result, even if they could agree on a type of network technology tophysically interconnect the two locations, their applications (such as mailingsystems) still would not be able to communicate with each other because of thedifferent protocols.

This situation was recognized rather early (beginning of the 70s) by a group ofresearchers in the U.S. who came up with a new principle: internetworking. Otherofficial organizations became involved in this area of interconnecting networks, suchas ITU-T (formerly CCITT) and ISO. All were trying to define a set of protocols,layered in a well-defined suite, so that applications would be able to talk to otherapplications, regardless of the underlying network technology and the operatingsystems where those applications run.

Copyright IBM Corp. 1989, 1998 3

1.1.1 InternetworksThose original designers, funded by the Defense Advanced Research ProjectsAgency (DARPA), of the ARPANET protocol suite introduced fundamental conceptssuch as layering and virtualizing in the world of networking, well before ISO eventook an interest in networking.

The official organization of those researchers was the ARPANET Network WorkingGroup, which had its last general meeting in October 1971. DARPA continued itsresearch for an internetworking protocol suite, from the early NCP (Network ControlProgram) host-to-host protocol to the TCP/IP protocol suite, which took its currentform around 1978. At that time, DARPA was well known for its pioneering ofpacket-switching over radio networks and satellite channels. The first realimplementations of the Internet were found around 1980 when DARPA startedconverting the machines of its research network (ARPANET) to use the newTCP/IP protocols. In 1983, the transition was completed and DARPA demandedthat all computers willing to connect to its ARPANET use TCP/IP.

DARPA also contracted Bolt, Beranek, and Newman (BBN) to develop animplementation of the TCP/IP protocols for Berkeley UNIX on the VAX and fundedthe University of California at Berkeley to distribute that code free of charge withtheir UNIX operating system. The first release of the Berkeley Software Distributionto include the TCP/IP protocol set was made available in 1983 (4.2BSD). Fromthat point on, TCP/IP spread rapidly among universities and research centers andhas become the standard communications subsystem for all UNIX connectivity.The second release (4.3BSD) was distributed in 1986, with updates in 1988(4.3BSD Tahoe) and 1990 (4.3BSD Reno). 4.4BSD was released in 1993. Due tofunding constraints, 4.4BSD was the last release of the BSD by the ComputerSystems Research Group of the University of California at Berkeley.

As TCP/IP internetworking spread rapidly, new wide area networks were created inthe U.S. and connected to ARPANET. In turn, other networks in the rest of theworld, not necessarily based on the TCP/IP protocols, were added to the set ofinterconnected networks. The result is what is described as The Internet. Someexamples of the different networks that have played key roles in this developmentare described in the next sections.

1.1.2 The InternetWhat exactly is the Internet? First, the word internet (also internetwork) is simply acontraction of the phrase interconnected network. However, when written with acapital “I” the Internet refers to a worldwide set of interconnected networks, so theInternet is an internet, but the reverse does not apply. The Internet is sometimescalled the connected Internet.

The Internet consists of the following groups of networks (see the following sectionsfor more information on some of these):

Backbones: large networks that exist primarily to interconnect other networks.Currently the backbones are NSFNET in the US, EBONE in Europe, and largecommercial backbones.

Regional networks connecting, for example, universities and colleges.

Commercial networks providing access to the backbones to subscribers, andnetworks owned by commercial organizations for internal use that also haveconnections to the Internet.


Local networks, such as campus-wide university networks.

In many cases, particularly for commercial, military and government networks,traffic between these networks and the rest of the Internet is restricted (see also5.3, “Firewalls” on page 280).

1.1.3 ARPANETSometimes referred to as the “grand-daddy of packet networks,” the ARPANET wasbuilt by DARPA (which was called ARPA at that time) in the late 60s toaccommodate research equipment on packet-switching technology and to allowresource sharing for the Department of Defense's contractors. The networkinterconnected research centers, some military bases and government locations. Itsoon became popular with researchers for collaboration through electronic mail andother services. It was developed into a research utility run by the DefenseCommunications Agency (DCA) by the end of 1975 and split in 1983 into MILNETfor interconnection of military sites and ARPANET for interconnection of researchsites. This formed the beginning of the “capital I” Internet.

In 1974, the ARPANET was based on 56 Kbps leased lines that interconnectedpacket-switching nodes (PSN) scattered across the continental U.S. and westernEurope. These were minicomputers running a protocol known as 1822 (after thenumber of a report describing it) and dedicated to the packet-switching task. EachPSN had at least two connections to other PSNs (to allow alternate routing in caseof circuit failure) and up to 22 ports for user computer (host) connections. These1822 systems offered reliable, flow-controlled delivery of a packet to a destinationnode. This is the reason why the original NCP protocol was a rather simpleprotocol. It was replaced by the TCP/IP protocols, which do not assume reliabilityof the underlying network hardware and can be used on other-than-1822 networks.This 1822 protocol did not become an industry standard, so DARPA decided laterto replace the 1822 packet switching technology with the CCITT X.25 standard.

Data traffic rapidly exceeded the capacity of the 56 Kbps lines that made up thenetwork, which were no longer able to support the necessary throughput. Todaythe ARPANET has been replaced by new technologies in its role of backbone onthe research side of the connected Internet (see NSFNET later in this chapter),whereas MILNET continues to form the backbone of the military side.

1.1.4 NSFNETNSFNET, the National Science Foundation Network, is a three-level internetwork inthe United States consisting of:

The backbone: a network that connects separately administered and operatedmid-level networks and NSF-funded supercomputer centers. The backbonealso has transcontinental links to other networks such as EBONE, theEuropean IP backbone network.

Mid-level networks: of three kinds (regional, discipline-based andsupercomputer consortium networks).

Campus networks: whether academic or commercial, connected to themid-level networks.

First BackboneOriginally established by the National Science Foundation (NSF) as acommunications network for researchers and scientists to access theNSF supercomputers, the first NSFNET backbone used six DEC

Chapter 1. Introduction to TCP/IP - History, Architecture and Standards 5

LSI/11 microcomputers as packet switches, interconnected by 56Kbps leased lines. A primary interconnection between the NSFNETbackbone and the ARPANET existed at Carnegie Mellon, whichallowed routing of datagrams between users connected to each ofthose networks.

Second BackboneThe need for a new backbone appeared in 1987, when the first onebecame overloaded within a few months (estimated growth at thattime was 100% per year). The NSF and MERIT, Inc., a computernetwork consortium of eight state-supported universities in Michigan,agreed to develop and manage a new, higher-speed backbone withgreater transmission and switching capacities. To manage it theydefined the Information Services (IS) which is comprised of anInformation Center and a Technical Support Group. The InformationCenter is responsible for information dissemination, informationresource management and electronic communication. The TechnicalSupport Group provides support directly to the field. The purpose ofthis is to provide an integrated information system witheasy-to-use-and-manage interfaces accessible from any point in thenetwork supported by a full set of training services.

Merit and NSF conducted this project in partnership with IBM andMCI. IBM provided the software, packet-switching andnetwork-management equipment, while MCI provided thelong-distance transport facilities. Installed in 1988, the new networkinitially used 448 Kbps leased circuits to interconnect 13 nodalswitching systems (NSS) supplied by IBM. Each NSS was composedof nine IBM RISC systems (running an IBM version of 4.3BSD UNIX)loosely coupled via two IBM Token-Ring Networks (for redundancy).One Integrated Digital Network Exchange (IDNX) supplied by IBM wasinstalled at each of the 13 locations, to provide:

Dynamic alternate routing Dynamic bandwidth allocation

Third BackboneIn 1989, the NSFNET backbone circuits topology was reconfiguredafter traffic measurements and the speed of the leased linesincreased to T1 (1.544 Mbps) using primarily fiber optics.

Due to the constantly increasing need for improved packet switchingand transmission capacities, three NSSs were added to the backboneand the link speed was upgraded. The migration of the NSFNETbackbone from T1 to T3 (45Mbps) was completed in late 1992. Thesubsequent migration to gigabit levels has already started and willcontinue through the late 1990s.

In April 1995 the US government discontinued its funding of NSFNET. This was inpart a reaction to growing commercial use of the network. About the same time,NSFNET gradually migrated the main backbone traffic in the U.S. to commercialnetwork service providers, and NSFNET reverted to being a network for theresearch community. The main backbone network is now run in cooperation withMCI and is known as the vBNS (very high speed Backbone Network Service).


NSFNET has played a key role in the development of the Internet. However, manyother networks have also played their part and/or also make up a part of theInternet today.

1.1.5 Commercial Use of the InternetIn recent years the Internet has grown in size and range at a greater rate thananyone could have predicted. A number of key factors have influenced this growth.Some of the most significant milestones have been the free distribution of Gopherin 1991, the first posting, also in 1991, of the specification for hypertext and, in1993, the release of Mosaic, the first graphics-based browser. Today the vastmajority of the hosts now connected to the Internet are of a commercial nature.This is an area of potential and actual conflict with the initial aims of the Internet,which were to foster open communications between academic and researchinstitutions. However, the continued growth in commercial use of the Internet isinevitable so it will be helpful to explain how this evolution is taking place.

One important initiative to consider is that of the Acceptable Use Policy (AUP) . Thefirst of these policies was introduced in 1992 and applies to the use of NSFNET. Acopy of this can be obtained at nic.merit.edu/nsfnet/acceptable.use.policy . At theheart of this AUP is a commitment "to support open research and education".Under "Unacceptable Uses" is a prohibition of "use for for-profit activities", unlesscovered by the General Principle or as a specifically acceptable use. However, inspite of this apparently restrictive stance the NSFNET was increasingly used for abroad range of activities, including many of a commercial nature, before reverting toits original objectives in 1995.

The provision of an AUP is now commonplace among Internet Service Providers,although the AUP has generally evolved to be more suitable for commercial use.Some networks still provide services free of any AUP.

Let us now focus on the Internet service providers who have been most active inintroducing commercial uses to the Internet. Two worth mentioning are PSINet andUUNET, which began in the late 80s to offer Internet access to both businessesand individuals. The California-based CERFnet provided services free of any AUP.An organization to interconnect PSINet, UUNET and CERFnet was formed soonafter, called the Commercial Internet Exchange (CIX), based on the understandingthat the traffic of any member of one network may flow without restriction over thenetworks of the other members. As of July 1997, CIX had grown to more than 146members from all over the world connecting member internets. At about the sametime that CIX was formed, a non-profit company, Advance Network and Services(ANS), was formed by IBM, MCI and Merit, Inc. to operate T1 (subsequently T3)backbone connections for NSFNET. This group was active in increasing thecommercial presence on the Internet.

ANS formed a commercially oriented subsidiary called ANS CO+RE to providelinkage between commercial customers and the research and education domains.ANS CO+RE provides access to NSFNET as well as being linked to CIX. In 1995ANS was acquired by America Online.

In 1995, as the NSFNET was reverting to its previous academic role, thearchitecture of the Internet changed from having a single dominant backbone in theU.S. to having a number of commercially operated backbones. In order for thedifferent backbones to be able to exchange data, the NSF set up four Network


Access Points (NAPs) to serve as data interchange points between the backboneservice providers.

Another type of interchange is the Metropolitan Area Ethernet (MAE). SeveralMAEs have been set up by Metropolian Fiber Systems (MFS), who also have theirown backbone network. NAPs and MAEs are also referred to as public exchangepoints (IXPs). Internet Service Providers (ISPs) typically will have connections to anumber of IXPs for performance and backup.

Similar to CIX in the United States, European Internet providers formed the RIPE(Réseaux IP Européens) organization to ensure technical and administrativecoordination. RIPE was formed in 1989 to provide a uniform IP service to usersthroughout Europe. Currently, more than 1000 organizations participate in RIPE,and close to 6 million hosts (as of February 1998) could be reached viaRIPE-coordinated networks.

Today, the largest Internet backbones run at OC3 (155 Mbps) or OC12 (622 Mbps).By late 1998 OC12 should be the standard speed for major backbones.

1.1.6 Information SuperhighwayOne recent and important initiative was the creation of the U.S. Advisory Councilon the National Information Infrastructure (NIIAC) headed by U.S. Vice President AlGore (who has been credited with coining the phrase “information superhighway”).The Advisory Council, which was made up of representatives from many areas ofindustry, government, entertainment and education, met for a period of two yearsfrom 1994-6. At the end of their term, they concluded their work with the publishingof two major reports:

Kickstart Initiative: Connecting America's Communities to the InformationSuperhighway

A Nation of Opportunity: Realizing the Promise of the InformationSuperhighway

Among the findings in these reports are the goal that every person in the U.S.should have access to the Internet by the year 2005, with all schools and librariesbeing connected by the year 2000.

Although the reports do not specify direct government funding for expansion of theInternet, preferring "commercial and competitive initiatives" to be the driving force, itdoes give a responsibility to all levels of government to ensure fair access andremove regulatory obstacles. Both reports may be found at:

http://www.benton.org/contents.html

From a more international perspective, the Group of Seven (G7) ministers met inBrussels in February 1995 to discuss the emerging Global Information Infrastructure(GII). The conference was attended by science, technology and economicministers of Canada, the United Kingdom, France, Japan, Germany, Italy and theUnited States, and focused on technological, cultural and economic issuesregarding the development of an international infrastructure.

Both the NIIAC and the GII described above were important initiatives whichincreased acceptance, and encouraged further growth, of the Internet.


The most recent and substantive government affirmation for the Internet came, in1996, in the form of the Next Generation Internet initiative. This was launched bythe Clinton administration with the goals of:

Connecting universities and national labs with networks that are 100-1000times faster than today's (as of October 1996) Internet.

Promote expermentation with the next generation of networking technologies.

Demonstrate new applications that meet important national goals and missions.

The initiative included funding of $100 million for 1998.

1.1.7 Internet2The success of the Internet and the subsequent frequent congestion of theNSFNET and its commercial replacement led to some frustration among theresearch community who had previously enjoyed exclusive use of the Internet.The university community, therefore, together with government and industrypartners, and encouraged by the funding component of the NGI, have formed theInternet2 project.

Internet2 has the following principle objectives:

To create a high bandwidth, leading-edge network capability for the researchcommunity in the U.S.

To enable a new generation of applications and communication technologies tofully exploit the capabilities of broadband networks.

To rapidly transfer newly developed technologies to all levels of education andto the broader Internet community, both in the U.S. and abroad.

For further information, please refer to 8.9, “Internet2” on page 462.

1.1.8 The Open Systems Interconnect (OSI) ModelAround the same time that DARPA was researching for an internetworking protocolsuite in response to the requirement for the establishment of networking standards,which eventually led to TCP/IP and the Internet (see 1.1, “Internet History - WhereIt All Came From” on page 3), an alternative standards approach was being led bythe CCITT (Comité Consultatif International Telephonique et Telegraphique, orConsultative Committee on International Telephony and Telegraphy), and the ISO(International Organization for Standardization ). The CCITT has since become theITU-T (International Telecommunications Union - TelecommunicationStandardization Sector).

This effort resulted in the OSI (Open Systems Interconnect) Reference Model (ISO7498), which defined a seven-layer model of data communication with physicaltransport at the lower layer and application protocols at the upper layers. Thismodel, shown in Figure 1 on page 10, is widely accepted as a basis for theunderstanding of how a network protocol stack should operate and as a referencetool for comparing network stack implementations.


Application

Presentation

Session

Transport

Network

Data Link

Physical

Application

Presentation

Session

Transport

Network

Data Link

Physical

3376A\3376F1D5

Figure 1. The OSI Reference Model

The OSI Reference Model has seven layers; each layer provides a set of functionsto the layer above and, in turn, relies on the functions provided by the layer below.Although messages can only pass vertically through the stack from layer to layer,from a logical point of view, each layer communicates directly with its peer layer onother nodes.

The seven layers are:

ApplicationNetwork applications such as terminal emulation and file transfer

PresentationFormatting of data and encryption

SessionEstablishment and maintenance of sessions

TransportProvision of reliable and unreliable end-to-end delivery

NetworkPacket delivery, including routing

Data LinkFraming of units of information and error checking

PhysicalTransmission of bits on the physical hardware

The two standards processes approach standardization from two differentperspectives. The OSI approach started from a clean slate and defined standards,adhering tightly to their own model, using a formal committee process withoutrequiring implementations. The Internet uses a less formal engineering approach,where anybody can propose and comment on RFCs, and implementations arerequired to verify feasibility. The OSI protocols developed slowly, and becauserunning the full protocol stack is resource intensive, they have not been widelydeployed, especially in the desktop and small computer market. In the meantime,TCP/IP and the Internet were developing rapidly and being put into use.


1.1.8.1 X.500: The Directory Service StandardThe OSI protocols did, however, address issues important in large distributedsystems that were developing in an ad hoc manner in the desktop and Internetmarketplace. One such important area was directory services. The CCITT createdthe X.500 standard in 1988, which became ISO 9594, Data CommunicationsNetwork Directory, Recommendations X.500-X.521 in 1990, though it is stillcommonly referred to as X.500.

X.500 organizes directory entries in a hierarchical name space capable ofsupporting large amounts of information. It also defines powerful searchcapabilities to make retrieving information easier. Because of its functionality andscalability, X.500 is often used together with add-on modules for interoperationbetween incompatible directory services. X.500 specifies that communicationbetween the directory client and the directory server uses the Directory AccessProtocol (DAP). For further information on X.500 and directories, please seeChapter 12, “Directory Protocols and Distributed Computing” on page 563.

1.2 TCP/IP Architectural Model - What It Is All AboutThe TCP/IP protocol suite is named for two of its most important protocols:Transmission Control Protocol (TCP) and Internet Protocol (IP). Another name forit is the Internet Protocol Suite, and this is the phrase used in official Internetstandards documents. The more common term TCP/IP is used to refer to theentire protocol suite in this book.

1.2.1 InternetworkingThe first design goal of TCP/IP was to build an interconnection of networks thatprovided universal communication services: an internetwork, or internet. Eachphysical network has its own technology-dependent communication interface, in theform of a programming interface that provides basic communication functions(primitives). Communication services are provided by software that runs betweenthe physical network and the user applications and that provides a commoninterface for these applications, independent of the underlying physical network.The architecture of the physical networks is hidden from the user.

The second aim is to interconnect different physical networks to form what appearsto the the user to be one large network. Such a set of interconnected networks iscalled an internetwork or an internet.

To be able to interconnect two networks, we need a computer that is attached toboth networks and that can forward packets from one network to the other; such amachine is called a router. The term IP router is also used because the routingfunction is part of the IP layer of the TCP/IP protocol suite (see 1.2.2, “The TCP/IPProtocol Stack” on page 12).

Figure 2 on page 12 shows two examples of internets.


Two networks interconnected by a router equals Internet A

Router

R

OneVirtual

Network

Network 1 Network 2

Router

R Network 3Network 1 Network 2

Router

R

Multiple networks interconnected by routers(also seen as 1 virtual network, an Internet)

3376a\3376F1D1

Figure 2. Internet Examples. Two interconnected sets of networks, each seen as onelogical network.

The basic properties of a router are:

From the network standpoint, a router is a normal host.

From the user standpoint, routers are invisible. The user sees only one largeinternetwork.

To be able to identify a host on the internetwork, each host is assigned an address,the IP address. When a host has multiple network adapters (interfaces), eachinterface has a unique IP address. The IP address consists of two parts:

IP address =

The network number part of the IP address is assigned by a central authority and isunique throughout the Internet. The authority for assigning the host number part ofthe IP address resides with the organization that controls the network identified bythe network number. The addressing scheme is described in detail in 2.1.1, “IPAddressing” on page 27.

1.2.2 The TCP/IP Protocol StackThe TCP/IP protocol suite has evolved over a period of some 30 years. Like mostnetworking software, TCP/IP is modelled in layers. This layered representationleads to the term protocol stack, which is synonymous with protocol suite. It can beused for positioning (but not for comparing functionally) the TCP/IP protocol suiteagainst others, such as SNA and the Open System Interconnection (OSI) model(see Figure 1 on page 10). Functional comparisons cannot easily be extractedfrom this, as there are basic differences in the layered models used by the differentprotocol suites.

The Internet protocols are modeled in four layers:


Applications

Transport

Internetwork

Network Interfaceand

Hardware

Applications

TCP/UDP

ICMP

IPARP/RARP

Network Interfaceand Hardware

.......

.......

.......

.......

3376a\3376F1D2

Figure 3. The TCP/IP Protocol Stack. Each layer represents a “package” of functions.

Application LayerThe application layer is provided by the program that uses TCP/IP forcommunication. An application is a user process cooperating with anotherprocess on the same or a different host. Examples of applications are Telnet,FTP, SMTP, and Gopher. The interface between the application andtransport layers is defined by port numbers and sockets, which is described inmore detail in 2.6, “Ports and Sockets” on page 73.

Transport LayerThe transport layer provides the end-to-end data transfer. Multipleapplications can be supported simultaneously. The transport layer isresponsible for providing a reliable exchange of information. The maintransport layer protocol is TCP which is discussed in more detail in 2.8,“Transmission Control Protocol (TCP)” on page 78.

Another transport layer protocol is User Datagram Protocol (UDP, discussedin 2.7, “User Datagram Protocol (UDP)” on page 75), which provides aconnectionless service in comparison to TCP, which provides aconnection-oriented service. That means that applications using UDP as thetransport protocol have to provide their own end-to-end flow control. Usually,UDP is used by applications that need a fast transport mechanism.

Internetwork LayerThe internetwork layer, also called the internet layer or the network layer,provides the “virtual network” image of an internet (that is, this layer shieldsthe higher levels from the physical network architecture below it). InternetProtocol (IP) is the most important protocol in this layer. It is a connectionlessprotocol that doesn't assume reliability from the lower layers. IP does notprovide reliability, flow control or error recovery. These functions must beprovided at a higher level.

Part of communicating messages between computers is a routing functionthat ensures that messages will be correctly delivered to their destination. IPprovides this routing function. IP is discussed in detail in 2.1, “InternetProtocol (IP)” on page 27. A message unit in an IP network is called an IPdatagram. This is the basic unit of information transmitted across TCP/IPnetworks. Other internetwork layer protocols are IP, ICMP, IGMP, ARP andRARP.


Network Interface LayerThe network interface layer, also called the link layer or the data-link layer, isthe interface to the actual network hardware. This interface may or may notprovide reliable delivery, and may be packet or stream oriented. In fact,TCP/IP does not specify any protocol here, but can use almost any networkinterface available, which illustrates the flexibility of the IP layer. Examplesare IEEE 802.2, X.25 (which is reliable in itself), ATM, FDDI and even SNA.Possible physical networks and interfaces that IBM TCP/IP products canconnect to are discussed in Chapter 13, “Connection Protocols” on page 595.

Note that the RFCs actually do not describe or standardize any network layerprotocols per se; they only standardize ways of accessing those protocolsfrom the internetwork layer.

The actual interactions between the layers are shown by the arrows in Figure 3 onpage 13. A more detailed “layering model” is shown in Figure 4.

Applications

Transport

Internetwork

Network Interfaceand Hardware

3376a\3376F1D3

SMTP, Telnet, FTP, Gopher...

TCP UDP

IPICMP

ARP RARP

Ethernet, Token-Ring, FDDI, X.25, Wireless, Async, ATM, SNA...

Figure 4. Detailed Architectural Model

1.2.3 TCP/IP ApplicationsThe highest-level protocols within the TCP/IP protocol stack are applicationprotocols. They communicate with applications on other internet hosts and are theuser-visible interface to the TCP/IP protocol suite.

All application protocols have some characteristics in common:

They can be user-written applications or applications standardized and shippedwith the TCP/IP product. Indeed, the TCP/IP protocol suite includes applicationprotocols such as:

– TELNET for interactive terminal access to remote internet hosts.

– FTP (file transfer protocol) for high-speed disk-to-disk file transfers.

– SMTP (simple mail transfer protocol) as an internet mailing system.

These are some of the most widely implemented application protocols, butmany others exist. Each particular TCP/IP implementation will include a lesseror greater set of application protocols.

They use either UDP or TCP as a transport mechanism. Remember that UDPis unreliable and offers no flow-control, so in this case the application has toprovide its own error recovery and flow-control routines. It is often easier tobuild applications on top of TCP, a reliable, connection-oriented protocol. Most


application protocols will use TCP, but there are applications built on UDP toprovide better performance through reduced protocol overhead.

Most of them use the client/server model of interaction.

1.2.3.1 The Client/Server ModelTCP is a peer-to-peer, connection-oriented protocol. There are no master/slaverelations. The applications, however, use a client/server model for communications.

A server is an application that offers a service to internet users; a client is arequester of a service. An application consists of both a server and a client part,which can run on the same or on different systems.

Users usually invoke the client part of the application, which builds a request for aparticular service and sends it to the server part of the application using TCP/IP asa transport vehicle.

The server is a program that receives a request, performs the required service andsends back the results in a reply. A server can usually deal with multiple requests(multiple clients) at the same time.

ClientA

TCP/IP

ClientB

TCP/IP

Server

TCP/IP

.....

Internet Network

3376a\3376F1D4

Figure 5. The Client/Server Model of Applications

Some servers wait for requests at a well-known port so that their clients know towhich IP socket they must direct their requests. The client uses an arbitrary portfor its communication. Clients that wish to communicate with a server that does notuse a well-known port must have another mechanism for learning to which portthey must address their requests. This mechanism might employ a registrationservice such as Portmap, which uses a well-known port.

For detailed information on TCP/IP application protocols, please refer to Chapter 4,“Application Protocols” on page 149.

1.2.4 Bridges, Routers and GatewaysForming an internetwork by interconnecting multiple networks is done by routers. Itis important to distinguish between a router, a bridge and a gateway.

Bridge Interconnects LAN segments at the network interface layer level andforwards frames between them. A bridge performs the function of aMAC relay, and is independent of any higher layer protocol (including


the Logical Link protocol). It provides MAC layer protocol conversion, ifrequired. Examples of bridges are:

A PC running the IBM Token-Ring Network Bridge program The IBM 8229 LAN bridge

A bridge can be said to be transparent to IP. That is, when an IP hostsends an IP datagram to another host on a network connected by abridge, it sends the datagram directly to the host and the datagram“crosses” the bridge without the sending IP host being aware of it.

Router Interconnects networks at the internetwork layer level and routespackets between them. The router must understand the addressingstructure associated with the networking protocols it supports and takedecisions on whether, or how, to forward packets. Routers are able toselect the best transmission paths and optimal packet sizes. The basicrouting function is implemented in the IP layer of the TCP/IP protocolstack, so any host or workstation running TCP/IP over more than oneinterface could, in theory and also with most of today's TCP/IPimplementations, forward IP datagrams. However, dedicated routersprovide much more sophisticated routing than the minimum functionsimplemented by IP.

Because IP provides this basic routing function, the term “IP router,” isoften used. Other, older, terms for router are “IP gateway,” “Internetgateway” and “gateway.” The term gateway is now normally used forconnections at a higher layer than the internetwork layer.

A router can be said to be visible to IP. That is, when a host sends anIP datagram to another host on a network connected by a router, itsends the datagram to the router and not directly to the target host.

Gateway Interconnects networks at higher layers than bridges or routers. Agateway usually supports address mapping from one network toanother, and may also provide transformation of the data between theenvironments to support end-to-end application connectivity. Gatewaystypically limit the interconnectivity of two networks to a subset of theapplication protocols supported on either one. For example, a VM hostrunning TCP/IP may be used as an SMTP/RSCS mail gateway.

Note: The term “gateway,” when used in this sense, is not synonymouswith “IP gateway.”

A gateway can be said to be opaque to IP. That is, a host cannot sendan IP datagram through a gateway; it can only send it to a gateway.The higher-level protocol information carried by the datagrams is thenpassed on by the gateway using whatever networking architecture isused on the other side of the gateway.

Closely related to routers and gateways is the concept of a firewall or firewallgateway, which is used to restrict access from the Internet to a network or a groupof networks controlled by an organization for security reasons. See 5.3, “Firewalls”on page 280 for more information on firewalls.


1.3 Finding Standards for TCP/IP and the InternetTCP/IP has been popular with developers and users alike because of its inherentopenness and perpetual renewal. The same holds true for the Internet as an opencommunications network. On the other hand, this openness could easily turn into asword with two edges if it were not controlled in some way. Although there is nooverall governing body to issue directives and regulations for the Internet — cont

TCP/IP Tutorial and Technical Overview - Lehigh CSEchuah/courses/cse343/tcp-ip-tutorial.pdfTCP/IP...

Documents

Transcript of TCP/IP Tutorial and Technical Overview - Lehigh CSEchuah/courses/cse343/tcp-ip-tutorial.pdfTCP/IP...