Intermediate%20TCP/IP

1
Intermediate TCP/IP

• PJC CCNA Semester 2 Ver. 3.0
• by
• William Kelly

2
The TCP/IP Protocol Suite

• Standard for Internetwork Communications
• TCP/IP closely maps to the OSI model and is
  helpful in understanding other protocols
• TCP/IP includes layer 3 and 4 protocols as well
  as upper layer protocols

3
OSI vs. TCP
4
Common TCP Protocols

• DNS Domain Name Server
• WINS Windows Naming Service
• HOSTS Static IP mapping file
• POP3 Post Office Protocol
• SMTP Simple Mail Transfer Protocol
• FTP File Transfer Protocol
• TFTP Trivial File Transfer Protocol
• HTTP Hypertext Transfer Protocol

5
Troubleshooting Protocols

• Telnet - used for testing the application layer
• Packet Internet Groper (ping) used for lower
  layer testing
• traceroute used to find a break in the
  internetwork path between the source and the
  destination networks

6
Windows Troubleshooting Protocols

• NBSTAT- used to troubleshoot NETBIOS name
  resolution
• NETSTAT useful to summarize TCP/IP connections
• ipconfig/winipcfg displays the current network
  settings (IP address of host, mask, gateway, and
  DNS information)

7
Transport Layer key points

• Protocols (TCP and UDP)
• Flow Control/Windowing
• Data Reliability
• 3-way handshakes
• Denial of Service
• Ports

8
Layer 4 Transport LayerTCP vs.
UDP

• Connection-oriented
• Reliable
• Messages divided into segments
• Reassembles at destination
• Resends data that is not acknowledged

• Connectionless
• Unreliable
• Messages are called datagrams
• Software checking of message delivery
• No reassembly of messages
• No acknowledgements
• No Flow Control

9
Transport Layer Protocols TCP Segment
Format
10
Transport Layer Protocols UDP Segment
Format
Notice port numbers are used in the formation of
both UDP and TCP segments
11
Flow Control and Windowing

• Flow control is the regulation of how much data
  is sent during a transmission period and
  windowing is the process of flow control
• TCP breaks down large pieces of data into
  segments suitable for transmission
• Windows size determines how many segments can be
  sent before acknowledgement
• A sliding window adjusts the number of segments
  sent to cope with congestion or slow processing
  by the destination host

12
Data Reliability

• Reliability is provided in 3 ways
• Sliding windows
• Controls the amount of information transferred
• Congestion avoidance and control
• Allows more than one segment to be sent before
  acknowledgement
• Positive acknowledgement with retransmission
• Synchronization
• Sequence numbers
• Sequencing of segments at source before
  transmission

13
3 Way Handshakes

• TCP allows a synchronization process prior to
  data transmission that forms a virtual circuit
• Sequence numbers included in the handshake
  assure that positive acknowledgements can be made
  to the connection request and to transmitted
  segments (Remember IP provides no verification
  that data was transmitted successfully)

14
3 Way Handshakes (cont.)
15
Denial of Service Attacks During Synchronization

• Syn Flooding is one type of DOS that uses a false
  source IP address during a 3 way handshake
  causing a reply to a non-existent address. This
  fills up the connection queue and exhausts system
  resources. Possible defenses include
• Decreasing the connection timeout
• Increasing the size of the connection queue

16
Ports

• Ports are represented by a 16 bit number ( 0
  -65,535 possible)
• Three types of ports are
• Well Known 0 1023
• Registered 1024 49,151
• Dynamic or Private 49,152 65,535
• A port number and an IP address for a socket
• Usually clients randomly assign source port
  numbers
• Note Numbers below 255 are for public
  applications, numbers between 255 and 1023 are
  assigned to companies for marketable
  applications, and numbers above 1023 are
  unregulated

17
Important Port Numbers!!
18
Internet Layer Protocols

• IP connectionless best-effort system to move
  datagrams to a destination
• ICMP Provides control and messaging
• ARP Address Resolution Protocol determines a
  MAC address for a known IP address
• RARP Reverse Address Resolution Protocol
  determines an IP address for a known MAC address
  (diskless workstations)