CCNA Guide to Cisco Networking Fundamentals Fourth Edition

1
CCNA Guide to Cisco Networking Fundamentals
Fourth Edition

• Chapter 3
• TCP/IP

2
Objectives

• Discuss the origins of TCP/IP
• Identify and discuss the different layer
  functions of TCP/IP
• Describe the functions performed by protocols in
  the TCP/IP protocol suite, including ICMP, UDP,
  TCP, ARP, and RARP

3
Objectives (continued)

• Use Ping and Trace and describe their functions
• Explain how packets are transmitted
• Describe the Cisco three-layer hierarchical model

4
Origins of TCP/IP

• Transmission Control Protocol/Internet Protocol
  (TCP/IP)
• Resulted from a coordinated effort by the U.S.
  Department of Defense (DOD)
• Advanced Research Projects Agency (ARPA)
• Charged with creating a wide area network (WAN)
• Results were TCP/IP and ARPANET
• DOD funded two projects
• The adaptation of TCP/IP to work with UNIX
• The inclusion of the TCP/IP protocol with
  Berkeley UNIX (BSD UNIX)

5
Overview of the TCP/IP Protocol Suite

• The TCP/IP model explains how the protocol suite
  works to provide communications
• Four layers Application, Transport,
  Internetwork, and Network Interface
• Requests for Comments (RFCs)
• Define, describe, and standardize the
  implementation and configuration of the TCP/IP
  protocol suite

6
(No Transcript)
7
Application Layer

• Protocols at the TCP/IP Application layer
  include
• File Transfer Protocol (FTP)
• Trivial File Transfer Protocol (TFTP)
• Network File System (NFS)
• Simple Mail Transfer Protocol (SMTP)
• Terminal emulation protocol (telnet)
• Remote login application (rlogin)
• Simple Network Management Protocol (SNMP)
• Domain Name System (DNS)
• Hypertext Transfer Protocol (HTTP)

8
Transport Layer

• Performs end-to-end packet delivery, reliability,
  and flow control
• Protocols
• TCP provides reliable, connection-oriented
  communications between two hosts
• Requires more network overhead
• UDP provides connectionless datagram services
  between two hosts
• Faster but less reliable
• Reliability is left to the Application layer

9
Transport Layer (continued)

• Ports
• TCP and UDP use port numbers for communications
  between hosts
• Port numbers are divided into three ranges
• Well Known Ports are those from 1 through 1,023
• Registered Ports are those from 1,024 through
  49,151
• Dynamic/Private Ports are those from 49,152
  through 65,535

10
(No Transcript)
11
Transport Layer (continued)

• TCP three-way handshake
• Establishes a reliable connection between two
  points
• TCP transmits three packets before the actual
  data transfer occurs
• Before two computers can communicate over TCP,
  they must synchronize their initial sequence
  numbers (ISN)
• A reset packet (RST) indicates that a TCP
  connection is to be terminated without further
  interaction

12
(No Transcript)
13
(No Transcript)
14
(No Transcript)
15
Transport Layer (continued)

• TCP sliding windows
• Control the flow and efficiency of communication
• Also known as windowing
• A method of controlling packet flow between hosts
• Allows multiple packets to be sent and affirmed
  with a single acknowledgment packet
• The size of the TCP window determines the number
  of acknowledgments sent for a given data transfer
• Networks that perform large data transfers should
  use large window sizes

16
Transport Layer (continued)

• TCP sliding windows (continued)
• Other flow control methods include
• Buffering
• Congestion avoidance

17
Internetwork Layer

• Four main protocols function at this layer
• Internet Protocol (IP)
• Internet Control Message Protocol (ICMP)
• Address Resolution Protocol (ARP)
• Reverse Address Resolution Protocol (RARP)
• ARP
• A routed protocol
• Maps IP addresses to MAC addresses
• ARP tables contain the MAC and IP addresses of
  other devices on the network

18
Internetwork Layer (continued)

• ARP (continued)
• When a computer transmits a frame to a
  destination on the local network
• It checks the ARP cache for an IP to MAC address
  mapping for the destination node
• ARP request
• If a source computer cannot locate an IP to MAC
  address mapping in its ARP table
• It must obtain the correct mapping

19
Internetwork Layer (continued)
20
Internetwork Layer (continued)

• ARP request (continued)
• A source computer broadcasts an ARP request to
  all hosts on the local segment
• Host with the matching IP address responds this
  request
• ARP request frame
• See Figure 3-7
• ARP cache life
• Source checks its local ARP cache prior to
  sending packets on the local network

21
Internetwork Layer (continued)
22
Internetwork Layer (continued)

• ARP cache life (continued)
• Important that the mappings are correct
• Network devices place a timer on ARP entries
• ARP tables reduce network traffic
• Reverse Address Resolution Protocol (RARP)
• Similar to ARP
• Used primarily by diskless workstations
• Which have MAC addresses burned into their
  network cards but no IP addresses
• Clients IP configuration is stored on a RARP
  server

23
Internetwork Layer (continued)

• RARP request frame
• See Figure 3-8
• RARP client
• Once a RARP client receives a RARP reply, it
  configures its IP networking components
• By copying its IP address configuration
  information into its local RAM
• ARP and RARP compared
• ARP is concerned with obtaining the MAC address
  of other clients
• RARP obtains the IP address of the local host

24
(No Transcript)
25
Internetwork Layer (continued)

• ARP and RARP compared (continued)
• The local host maintains the ARP table
• A RARP server maintains the RARP table
• The local host uses an ARP reply to update its
  ARP table and to send frames to the destination
• The RARP reply is used to configure the IP
  protocol on the local host
• Routers and ARP
• ARP requests use broadcasts
• Routers filter broadcast traffic
• Source must forward the frame to the router

26
Internetwork Layer (continued)

• ARP tables
• Routers maintain ARP tables to assist in
  transmitting frames from one network to another
• A router uses ARP just as other hosts use ARP
• Routers have multiple network interfaces and
  therefore also include the port numbers of their
  NICs in the ARP table
• The Ping utility
• Packet Internet Groper (Ping) utility verifies
  connectivity between two points
• Uses ICMP echo request/reply messages

27
Internetwork Layer (continued)
28
Internetwork Layer (continued)
29
Internetwork Layer (continued)

• The Trace utility
• Uses ICMP echo request/reply messages
• Can verify Internetwork layer (OSI-Network layer)
  connectivity
• Shows the exact path a packet takes from the
  source to the destination
• Accomplished through the use of the time-to-live
  (TTL) counter
• Several different malicious network attacks have
  also been created using ICMP messages
• Example ICMP flood

30
Internetwork Layer (continued)
31
Network Interface Layer

• Plays the same role as the Data Link and Physical
  layers of the OSI model
• The MAC address, network card drivers, and
  specific interfaces for the network card function
  at this level
• No specific IP functions exist at this layer
• Because the layers focus is on communication
  with the network card and other networking
  hardware

32
Understanding Frame Transmission

• Each host on a segment evaluates the frame
• To determine whether the listed destination MAC
  address matches its own or is a broadcast to all
  hosts
• The host makes a copy of the frame and sends the
  original along the network path
• On the destination host, frames are sent up the
  TCP/IP stack
• Removing each layer header information
• For a packet to be routed on a TCP/IP
  internetwork
• An IP address and MAC address are required for
  both the source and destination hosts

33
Routers on the Network

• A router requires
• An IP address for every network segment to which
  it is connected
• A separate network interface or port for each
  network segment
• Computers send frames to destinations that are
  not on their segment to the router (default
  gateway)
• The router must determine which subnet should
  receive the frame
• The router references its routing table

34
Routers on the Network (continued)
35
Network to Network

• Routers maintain routing tables that they use to
  route packets from one network to another
• When a network uses TCP/IP, each port on a router
  requires an IP address
• Allows the router to correctly forward the packet
  to the appropriate network segment
• On a TCP/IP network, the logical addresses on a
  certain segment must be matched
• If you move a computer from one segment to
  another, the IP address will have to be changed

36
Network to Network (continued)
37
Dynamic or Static Tables

• Routing tables match network addresses with the
  addresses of the routers that handle those
  networks
• The tables can be built statically or dynamically
• Dynamic updates are provided through routing
  protocols
• A router capable of dynamic routing can choose
  from among the various routes on a network
• The router communicates with other dynamic
  routers
• To determine the most efficient route from one
  point to another on the network

38
Dynamic or Static Tables (continued)

• Methods to determine the best path across a
  network
• The distance-vector algorithm
• The link-state algorithm

39
Transmitting Packets to Remote Segments

• When TCP/IP hosts transmit packets to remote
  segments
• They contact their default gateway (usually a
  router)
• The router checks its routing tables against the
  destination IP address
• To locate the appropriate network interface
  through which to forward the packet
• Router re-addresses the frame or sends the packet
  to the next router in the path (indirect routing)

40
Routing Packets
41
Routing Packets (continued)
42
Routing Packets (continued)
43
Routing Packets (continued)
44
The Cisco Three-Layer Hierarchical Model

• Cisco Three-Layer Hierarchical model
• Does not describe how communications take place
• Focuses on how best to design a network
• Especially a relatively large network or one that
  is expected to grow
• Each layer of the model is involved in specific
  functions
• Is typically defined by a particular type of
  device
• The three layers of the model from bottom up are
  Access, Distribution, and Core

45
(No Transcript)
46
Access Layer

• The layer closest to the users, where they attach
  to the network
• Could be a router if the network is very small
• But typically a hub or layer 2 switch
• Sometimes called the desktop layer because it
  deals with connecting workstations to the network
• Frames are delivered to the users at this layer

47
Distribution Layer

• Separates the Access layer from the Core layer
• Implements network policies, and provides many
  networking services
• Such as Network Address Translation (NAT),
  firewall protection, and quality of service (QoS)
• IP addressing hierarchy is managed at this layer
• IP addressing is the process of assigning unique
  IP addresses to devices on the network
• Typically involves routers and includes all of
  the router functions
• Provides almost all of the connectivity tasks

48
Core Layer

• Responsible for switching large amounts of data
  quickly and efficiently
• To prevent slowing down the switching process
• This layer should not be burdened with security
  or traffic control measures or any unnecessary
  additional equipment
• The primary device at this layer is a high-end
  layer 3 switch
• Essentially the backbone of the network

49
Summary

• TCP/IP is not limited to transmission control and
  Internet protocols
• TCP/IP was started by the Defense Advanced
  Research Projects Agency (DARPA)
• TCP/IP maps to a four-layer network model
  Application, Transport, Internetwork, and Network
  Interface
• The Application layer in the TCP/IP model covers
  the Application, Presentation, and Session layers
  of the OSI reference model

50
Summary (continued)

• The TCP and UDP protocols reside at the Transport
  layer of the TCP/IP networking model
• Both TCP and UDP use port numbers from 1 to
  65,535 to establish their communications between
  two points
• The Internet Protocol (IP) resides at the
  Internetwork layer and provides the logical
  address that can be passed through a router
• You can use the Ping utility with IP and ICMP to
  diagnose and troubleshoot network connections

51
Summary (continued)

• Address Resolution Protocol (ARP) and Reverse ARP
  (RARP) reside in the Internetwork layer
• The MAC address is the final leg of communication
  between hosts
• Routing tables can be created manually and
  dynamically
• Cisco developed the Three-Layer Hierarchical
  model to help network administrators design more
  efficient networks