The illustrated network : how TCP/IP works in a ... - GBV

The IllustratedNetwork

How TCP/IP Works

in a Modern Network

Second Edition

Walter Goralski

M<MORGAN KAUFMANN PUBLISHERS

AN IMPRINT OF ELSEVIER

Contents

About the Author xxi

Foreword xxl*i

Preface xxv

Acknowledgments xxxv

PART I NETWORKING BASICS

CHAPTER 1 Protocols and Layers 3

The Illustrated Network 7

Remote Access to Network Devices 8

File Transfer to a Router 10

CLI and GUI 12

Wireshark and Packet Capture 13

First Explorations in Networking 14

Protocols 15

Standards and Organizations 16

Request for Comment and the Internet EngineeringTask Force 19

Internet Administration 21

Layers 23

Simple Networking 23

Protocol Layers 25

The TCP/IP Protocol Suite 25

The TCP/IP Layers 26

Protocols and Interfaces 28

Encapsulation 28

The Layers of TCP/IP 30

The Physical Layer 31

The Data Link Layer 32

The Network Layer 36

The Transport Layer 38

The Application Layer 41

Session Support 42

Internal Representation Conversion 42

Applications in TCP/IP 43

The TCP/IP Protocol Suite 45

Questions for Readers 45

vi Contents

CHAPTER 2 TCP/IP Protocols and Devices 47

Protocol Stacks on the Illustrated Network 50

Layers, Protocols, Ports, and Sockets 51

The TCP/IP Protocol Stack 54

The Client-Server Model 55

TCP/IP Layers and Client-Server 55

The IP Layer 57

The Transport Layer 59

Transmission Control Protocol 59

User Datagram Protocol 59

The Application Layer 60

Bridges, Routers, and Switches 60

Segmenting LANs 61

Bridges 63

Routers 64

LAN Switches 65

Virtual LANs 66

VLAN Frame Tagging 67


CHAPTER 3 Network Link Technologies n

Illustrated Network Connections 74

Displaying Ethernet Traffic 74

Displaying SONET Links 76

Displaying DSL Links 79

Displaying Wireless Links 81

Frames and the Link Layer 84

The Data Link Layer 84

The Evolution of Ethernet 85

Ethernet II and IEEE 802.3 Frames 86

MAC Addresses 87

The Evolution of DSL 89

PPPand DSL 90

PPP Framing for Packets 91

DSL Encapsulation 92

Forms of DSL 93

The Evolution of SONET 94

A Note about Network Errors 95

Packet over SONET/SDH 96

Wireless LANs and IEEE 802.11 97

Wi-Fi 99

Contents vii

IEEE 802.11 MAC Layer Protocol 100

The IEEE 802.11 Frame 102


CHAPTER 4 Packet Optical Networks and Forward Error

Correction 107

Packet Optical Networks and Error Correction 108

Packet Optical Networks and the Optical Transport

Network 110

Standards for Packet Optical Networks and Forward

Error Correction Ill

Handling Single Bit Errors and Burst Errors Ill

Hamming Distance and Hamming Codes 113

A Better Hamming Code Method 115

Hamming Code in Action 117

Hamming Code Implementation 121

Burst Errors and Interleaving 123

Modern FEC Operation 124

FEC and SONET/SDH 126

FEC and OTN 129

The OTN Frame and FEC 131

Generic Framing Procedure 131

FEC Research and Development 132

OTN for the Illustrated Network 133


PART 11 CORE PROTOCOLS

CHAPTER 5 IPv4 and IPv6 Addressing 139

IP Addressing 139

The Network/Host Boundary 147

The IPv4 Address 147

Private IPv4 Addresses 152

Understanding IPv4 Addresses 152

The IPv6 Address 154

Features of IPv6 Addressing 154

IPv6 Address Types and Notation 155

IPv6 Address Prefixes 156

Subnetting and Supernetting 157

Subnetting in IPv4 157

Subnetting Basics 158

CIDR and VLSM 162

viii Contents

IPv6 Addressing Details 166

IP Address Assignment 168

Complete IPv4 and IPv6 Address Ranges 170


CHAPTER 6 Address Resolution Protocol 175

ARP and LANs 178

ARP Packets 185

Example ARP Operation 187

ARP Variations 188

Proxy ARP 189

Reverse ARP 190

ARPs on WANs 190

ARP and IPv6 191

Neighbor Discovery Protocol 192

ND Address Resolution 193


CHAPTER 7 IPv4 and IPv6 Headers 197

Packet Headers and Addresses 200

The IPv4 Packet Header 202

Fragmentation and IPv4 204

Fragmentation and MTU 206

Fragmentation and Reassembly 208

Path MTU Determination 208

A Fragmentation Example 209

Limitations of IPv4 211

The IPv6 Header Structure 211

IPv4 and IPv6 Headers Compared 214

IPv6 Header Changes 214

IPv6 and Fragmentation 216


CHAPTER 8 Internet Control Message Protocol 221

ICMP and Ping 224

The ICMP Message Format 227

ICMP Message Fields 228

ICMP Types and Codes 229

Sending ICMP Messages 235

When ICMP Must Be Sent 235

When ICMP Must Not Be Sent 236

Contents ix

Ping 236

Traceroute 237

Path MTU 239

ICMPv6 241

Basic ICMPv6 Messages 241

Time Exceeded 243

Neighbor Discovery and Autoconfiguration 243

Routers and Neighbor Discovery 244

Interface Addresses 245

Neighbor Solicitation and Advertisement 245


CHAPTER 9 Routing 247

Routers and Routing Tables 250

Hosts and Routing Tables 252

Direct and Indirect Delivery 256

Routing 260

Direct Delivery Without Routing 260

Indirect Delivery and the Router 262


CHAPTER 10 Forwarding IP Packets 267

Router Architectures 273

Basic Router Architectures 274

Another Router Architecture 276

Router Access 278

The Console Port 279

The Auxiliary Port 279

The Network 279

Forwarding Table Lookups 280

Dual Stacks, Tunneling, and IPv6 282

Dual Protocol Stacks 282

Tunneling 283

Tunneling Mechanisms 285

Transition Considerations 287


CHAPTER 11 User Datagram Protocol 289

UDP Ports and Sockets 292

WhatUDP Is For 296

x Contents

The UDP Header 297

IPv4 and IPv6 Notes 299

Port Numbers 300

Well-Known Ports .....301

The Socket 304

UDP Operation 304

UDP Overflows 304


CHAPTER 12 Transmission Control Protocol 307

TCP and Connections 310

The TCP Header 310

TCP Mechanisms 313

Connections and the Three-Way Handshake 314

Connection Establishment 316

Data Transfer 317

Closing the Connection 319

Flow Control 320

TCP Windows 321

Flow Control and Congestion Control 322

Performance Algorithms 323

TCP Behaving Badly? 324

TCP and FTP 326


CHAPTER 13 Multiplexing and Sockets 331

Layers and Applications 331

The Socket Interface 334

Socket Libraries 335

TCP Stream Service Calls 336

The Socket Interface: Good or Bad? 337

The "Threat" of Raw Sockets 338

Socket Libraries 339

The Windows Socket Interface 340

TCP/IP and Windows 340

Sockets for Windows 341

Sockets on Linux 341


Contents xi

PART HI ROUTING AND ROUTING PROTOCOLS

CHAPTER 14 Routing and Peering 351

Network Layer Routing and Switching 354

Connection-Oriented and Connectionless Networks 355

Quality of Service 356

Host Routing Tables 358

Routing Tables and FreeBSD 359

Routing Tables and RedHat Linux 360

Routing and Windows 361

The Internet and the Autonomous System 363

The Internet Today 364

The Role of Routing Policies 367

Peering 368

Picking a Peer 371


CHAPTER 15 IGPs: RIP, OSPF, and IS-IS 375

Interior Routing Protocols 383

The Three Major IGPs 384

Routing Information Protocol 385

Distance-Vector Routing 385

Broken Links 387

Distance-Vector Consequences 387

RIPvl 388

RIPv2 389

RIPng for IPv6 393

A Note on IGRP and EIGRP 395

Open Shortest Path First 395

Link States and Shortest Paths 396

What OSPF Can Do 397

OSPF Router Types and Areas 399

Non-backbone, Non-stub Areas 400

OSPF Designated Router and Backup DesignatedRouter 401

OSPF Packets 401

OSPFv3 for IPv6 402

Intermediate System-Intermediate System 403

The IS-IS Attraction 404

IS-IS and OSPF 404

Contents

Similarities of OSPF and IS-IS 405

Differences between OSPF and IS-IS 405

IS-IS for IPv6 406


CHAPTER 16 Border Gateway Protocol 409

BGP as a Routing Protocol 409

Configuring BGP 412

The Power of Routing Policy 414

BGP and the Internet 416

EGP and the Early Internet 416

The Birth of BGP 417

BGP as a Path-Vector Protocol 418

IBPG and EBGP 419

IGP Next Hops and BGP Next Hops 420

BGP and the IGP 420

Other Types of BGP 421

BGP Attributes 423

BGP and Routing Policy 425

BGP Scaling 425

BGP Message Types 426

BGP Message Formats 427

The Open Message 427

The Update Message 427

The Notification Message 429


CHAPTER 17 Expanded Uses for BGP 431

Introduction 431

Optimal Route Reflection (ORR) 432

"Regular" Route Reflection 433

ORR Considered 434

BGP and Flow Specification 435

BGP and DDoS 436

BGP Flow Spec Details 439

BGP in the Very Large Data Center 441

Data Centers as CLOS Networks 441

Layer 2 and Layer 3 in a Folded CLOS Network

Data Center 444

Use iBGP or eBGP? 445

Contents xiii

Let Data Center Use eBGP, Not an IGP 446

Example of BGP Use in the Data Center 447

Distributing Link-State Information with BGP 450

The IGP Limitations 451

The BGP Solution 451

Implementing BGP for Link-State Protocols 452

Juniper Network's Implementation Details 454

Summary of Supported and Unsupported Features 455

Configuring BGP-LS on the Illustrated Network 455


CHAPTER 18 Multicast 459

A First Look at IPv4 Multicast 463

Multicast Terminology 465

Dense and Sparse Multicast 466

Dense-Mode Multicast 467

Sparse-Mode Multicast 467

Multicast Notation 467

Multicast Concepts 468

Reverse-Path Forwarding 468

The RPF Table 469

Populating the RPF Table 469

Shortest-Path Tree 470

Rendezvous Point and Rendezvous-Point

Shared Trees 471

Protocols for Multicast 471

Multicast Hosts and Routers 472

Multicast Group Membership Protocols 473

Multicast Routing Protocols 474

Any-Source Multicast and SSM 475

Multicast Source Discovery Protocol 476

Frames and Multicast 477

IPv4 Multicast Addressing 478

IPv6 Multicast Addressing 480

PIM-SM 482

The Resource Reservation Protocol and PGM 483

Multicast Routing Protocols 483

IPv6 Multicast 484


xiv Contents

PART IV IP SWITCHING AND VPNs

CHAPTER 19 MPLS and IP Switching 489

Converging What? 493

Fast Packet Switching 493

Frame Relay 494

Asynchronous Transfer Mode 497

Why Converge on TCP/IP? 499

MPLS 500

Basic MPLS Terminology 504

Signaling and MPLS 505

Label Stacking 506

MPLS and VPNs.

507

MPLS Tables.. 508

Configuring MPLS Using Static LSPS 508

The Ingress Router 508

The Transit Routers 509

The Egress Router 509

Traceroute and LSPs 510


CHAPTER 20 MPLS-Based Virtual Private Networks 513

PPTP for Privacy 516

Types of VPNs 518

Security and VPNs 519

VPNs and Protocols 520

PPTP 520

L2TP 521

PPTP and L2TP Compared 522

Types of MPLS-Based VPNs 523

Layer 3 VPNs 523

Layer 2 VPNs 525

VPLS: An MPLS-Based L2VPN 527

Router-by-Router VPLS Configuration 527

P Router (P9) 530

CE6 Router 532

Does it Really Work? 532


CHAPTER 21 EVPN and VXLAN 535

EVPN Overview 536

L2VPNs and EVPN Compared 540

Contents xv

EVPN Services Overview 541

EVPN Control Plane Operation 542

Layer 2 and Layer 3 and EVPN 547

VXLAN and EVPN Data Planes 549

Configuring an EVPN with VXLAN on the Illustrated

Network 557


PART V APPLICATION LEVEL

CHAPTER 22 Dynamic Host Configuration Protocol 563

DHCP and Addressing 566

DHCP Server Configuration 566

Router Relay Agent Configuration 569

Getting Addresses on LAN2 569

Using DHCP on a Network 570

BOOTP 572

BOOTP Implementation 573

BOOTP Messages 574

BOOTP Relay Agents 575

BOOTP "Vendor-Specific Area" Options 575

Trivial File Transfer Protocol 576

TFTP Messages 577

TFTP Download 578

DHCP 578

DHCP Operation 580

DHCP Message Type Options 582

DHCP and Routers 582

DHCPv6 583

DHCPv6 and Router Advertisements 584

DHCPv6 Operation 585


CHAPTER 23 The Domain Name System 587

DNS Basics 590

The DNS Hierarchy 591

Root Name Servers 592

Root Server Operation 592

Root Server Details 592

DNS in Theory: Name Server, Database, and Resolver 593

Adding a New Host 594

Recursive and Iterative Queries 595

xvi Contents

Delegation and Referral 595

Glue Records 597

DNS in Practice: Resource Records and Message Formats....598

DNS Message Header 600

DNSSec 601

DNS Tools: nslookup, dig, and drill 602

DNS in Action 602


CHAPTER 24 File Transfer Protocol 613

Overview 613

PORT andPASV 617

FTP and GUIS 619

FTP Basics 621

FTP Commands and Reply Codes 623

FTP Data Transfers 625

Passive and Port 626

File Transfer Types 629

When Things Go Wrong 630

FTP Commands 631

Variations on a Theme 633

A Note on NFS 634


CHAPTER 25 SMTP and Email 637

Architectures for Email 640

Sending Email Today 642

The Evolution of Email in Brief 646

SMTP Authentication 647

Simple Mail Transfer Protocol 647

Multipurpose Internet Mail Extensions 650

MIME Media Types 650

MIME Encoding 651

An Example of a MIME Message 652

Using POP3 to Access Email 652

Headers and Email 654

Home Office Email 658


CHAPTER 26 Hypertext Transfer Protocol 661

HTTP in Action 661

Uniform Resources 667

URIs 667

Contents

URLs 668

URNs 670

HTTP 671

The Evolution of HTTP 672

HTTP Model 674

HTTP Messages 675

Trailers and Dynamic Web Pages 675

HTTP Requests and Responses 675

HTTP Methods 677

HTTP Status Codes 678

HTTP Headers 679

General Headers 679

Request Headers 680

Response Headers 680

Entity Headers 681

Cookies 682


CHAPTER 27 Securing Sockets with SSL 685

SSL and Web Sites 685

The Lock 689

Secure Socket Layer 690

Privacy, Integrity, and Authentication 691

Privacy 691

Integrity 692

Authentication 693

Public Key Encryption 694

Pocket Calculator Encryption at the Client 694

Example 695

Pocket Calculator Decryption at the Server 695

Public Keys and Symmetrical Encryption 696

SSL as a Protocol 697

SSL Protocol Stack 697

SSL Session Establishment 698

SSL Data Transfer 699

SSL Implementation 700

SSL Issues and Problems 701

SSL and Certificates 702


xviii Contents

PART VI NETWORK MANAGEMENT

CHAPTER 28 Simple Network Management Protocol 707

SNMP Capabilities 710

The SNMP Model 714

The MIB and SMI 716

The SMI 716

The MIB 718

RMON 720

The Private MIB 721

SNMP Operation 722

SNMPv2 Enhancements 726

SNMPv3 727


CHAPTER 29 Cloud, SDN, and NFV 731

Cloud Computing and Networking Defined 732

Cloud Computing Service Models 734

Infrastructure as a Service (IaaS) 735

Platform as a Service (PaaS) 736

Software as a Service (SaaS) 737

Cloud Computing Models 738

SDNs 740

Service Chaining 742

Implementing SDNs 744

Contrail: An Example SDN Architecture 746

NFV 748

Virtio and SR-IOV 749

NFV and Service Chaining 752

Cloud Networking and TCP/IP 753

Clouds and Security 755


PART Vli SECURITY

CHAPTER 30 Secure Shell (Remote Access) 761

Using SSH 761

SSH Basics 764

SSH Features 765

SSH Architecture 766

SSH Keys 767

Contents xix

SSH Protocol Operation 768

Transport Layer Protocol. 770

Authentication Protocol 772

The Connection Protocol 773

The File Transfer Protocol 774

SSH in Action 776

Questions For Readers 784

CHAPTER 31 Network Address Translation 785

Using NAT 788

Advantages and Disadvantages of NAT 788

Four Types of NAT 789

NAT in Action 795

Questions For Readers 798

CHAPTER 32 Firewalls 799

What Firewalls Do 802

A Router Packet Filter 802

Stateful Inspection on a Router 803

Types of Firewalls 807

Packet Filters 807

Application Proxy 808

Stateful Inspection 808

DMZ 810


CHAPTER 33 IP Security 813

IPSEC in Action 816

CEO 817

CE6 818

Introduction to IPSec 819

IPSec RFCs 819

IPSec Implementation 819

IPSec Transport and Tunnel Mode 821

Security Associations and More 822

Security Policies 822

Authentication Header 823

Encapsulating Security Payload 825

Internet Key Exchange 828


xx Contents

PART VIII MEDIA

CHAPTER 34 Voice over Internet Protocol 833

VoIP in Action 836

The Attraction of VoIP 838

What Is "Voice"? 839

The Problem of Delay 840

Packetized Voice 842

Protocols for VoIP 843

RTP for VoIP Transport 843

Signaling 846

H.323, the International Standard 847

SIP, the Internet Standard 849

MGCP and Megaco/H.248 851

Putting It All Together 852


List of Acronyms 855

Bibliography 867

Index 869

The illustrated network : how TCP/IP works in a ... - GBV

Documents

Transcript of The illustrated network : how TCP/IP works in a ... - GBV