Help for UNIX System Administrators
`
`O'REILLY®
`
`Craig H unt
`
`001
`
`Apple Inc.
`APL1110
`U.S. Patent No. 8,724,622
`
`

`

`TCP/IP Network Administration
`
`002
`
`

`

`TCP/IP Network Administration
`Second Edition
`
`Craig Hunt
`
`O'REILLY®
`Beijing · Cambridge · Farnham · KOln · Pat-is · Sebastopol · Taipei · Tokyo
`
`003
`
`

`

`TCP/IP Network Administration, Second Edition
`by Craig Hunt
`
`Copyright © 1998, 1992 Craig Hunt. All rights reserved.
`Printed in the United States of America.
`
`Published by O'Reilly & Associates, Inc., 101 Morris Street, Sebastopol, CA 95472.
`
`Editor: Mike Loukides
`
`Update Editor: Gigi Estabrook
`
`Production Editor: Nicole Gipson Arigo
`
`Printing History:
`
`August 1992:
`
`March 1993:
`
`September 1993:
`
`January 1994:
`
`May 1994:
`
`january 1998:
`
`First Edition.
`
`Minor corrections.
`
`Minor corrections.
`
`Minor corrections.
`
`Minor corrections.
`
`Second Edition.
`
`Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered
`trademarks and The Java™ Series is a trademark of O'Reilly & Associates, Inc. The association
`of a crab and the topic of TCP!IP is a trademark of O'Reilly & Associates, Inc.
`
`Many of the designations used by manufacturers and sellers to distinguish their products are
`claimed as trademarks. Where those designations appear in this book, and O'Reilly &
`Associates, Inc. was aware of a trademark claim, the designations have been printed in caps
`or initial caps.
`
`While every precaution has been taken in the preparation of this book, the publisher assumes
`no responsibility for errors or omissions, or for damages resulting from the use of the
`information contained herein.
`
`ISBN: 1-56592-322-7
`[M]
`
`[6/01]
`
`004
`
`

`

`TCP/IP Network Administra.tion, Second Edilion
`by Craig Hunt
`
`Copyright © 1998, 1992 Craig Hunt. All rights reserved.
`Printed in the United States of America.
`
`P ublished by O'Reilly & Associates, Inc., 101 Morris Street, Sebastopol, CA 95472.
`
`Editor: Mike Loukides
`
`Update Editor: Gigi Estabrook
`
`Production Editor: Nicole Gipson Arigo
`
`Printing History:
`
`August 1992:
`
`March 1993:
`
`First Edition.
`
`Mirror corrections.
`
`September 1993:
`
`Minor corrections.
`
`January 1994:
`
`May 1994:
`
`January 1998:
`
`Minor corrections.
`
`Minor corrections.
`
`Second Edition.
`
`Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered
`trademarks and The Java™ Series is a trademark of O'Reilly & Associates, Inc. The association
`of a crab and the topic of TCP liP is a trademark of O'Reilly & Associates, Inc.
`
`Many of the designations used by manufacturers and sellers to distinguish their products are
`claimed as trademarks. Where those designations appear in this book, and O'Reilly &
`Associates, Inc. was aware of a trademark claim, the designations have been printed in caps
`or initial caps.
`
`While every precaution has been taken in the preparation of this book, the publisher assumes
`no responsibility for errors or omissions, or for damages resulting from the use of the
`information contained herein.
`
`ISBN: 1-56592-322-7
`[M]
`
`[6/ 01]
`
`005
`
`

`

`1
`
`Overview of TCP /IP
`
`In this chapte~·:
`• TCP/IP and the
`Internet
`• AData
`Communications
`Model
`• TCP liP Protocol
`Architecture
`• Network Access Layer
`• Internet Layet·
`• Tt-ansport Layer
`• Application Layet·
`• Summary
`
`All of us who use a UNIX desktop system- engineers, educators, scientists, and
`business people-have second careers as UNIX system administrators. Networking
`these computers gives us new tasks as network administrators.
`
`Network administration and system administration are two different jobs. System
`administration tasks such as adding users and doing backups are isolated to one
`independent computer system. Not so with network administration. Once you
`place your computer on a network, it interacts with many other systems. The way
`you do network administration tasks has effects, good and bad, not only on your
`system but on od1er systems on the network. A sound understanding of basic net(cid:173)
`work administration benefits everyone.
`
`Networking computers dramatically enhances meir ability to communicate- and
`most computers are used more for communication man computation. Many main(cid:173)
`frames and supercomputers are busy crunching d1e numbers for business and sci(cid:173)
`ence, but the number of such systems pales in comparison to me millions of
`systems busy moving mail to a remote colleague or retrieving information from a
`remote reposito1y. Fu1ther, when you think of me hundreds of millions of desktop
`systems that are used primarily for preparing documents to communicate ideas
`from one person to another, it is easy to see why most computers can be viewed
`as communications devices.
`
`The positive impact of computer communications increases with me number and
`type of computers mat pa1ticipate in the network. One of the great benefits of
`TCP/IP is d1at it provides interoperable communications between all types of hard(cid:173)
`ware and all kinds of operating systems.
`
`1
`
`006
`
`

`

`2
`
`Chapte,.l: Ove,.view ofTCP/IP
`
`This book is a practical, step-by-step guide to configuring and managing TCP/IP
`networking software on UNIX computer systems. TCP!IP is the software package
`that dominates UNIX data communications. It is the leading communications soft(cid:173)
`ware for UNIX local area networks and enterprise intranets, and for the foundation
`of the worldwide Internet.
`
`The name "TCP/IP'' refers to an entire suite of data communications protocols. The
`suite gets its name from two of the protocols that belong to it: the Transmission
`Conu·ol Protocol and the Internet Protocol. Although there are many other proto(cid:173)
`cols in the suite, TCP and IP are certainly two of the most impo1tant.
`
`The first part of this book discusses the basics of TCP/IP and how it moves data
`across a network. The second part explains how to configure and run TCP /IP on a
`UNIX system. Let's start with a little history.
`
`TCP /IP and the Internet
`In 1969 the Advanced Research Projects Agency (ARPA) funded a research and
`development project to create an experimental packet-switching network. This
`network, called the ARPANEI: was built to study techniques for providing robust,
`reliable, vendor-independent data communications. Many techniques of modern
`data communications were developed in the ARPANET.
`
`The experimental ARPANET was so successful that many of the organizations
`attached to it began to use it for daily data communications. In 1975 the ARPANET
`was converted from an experimental network to an operational network, and the
`responsibility for administering the network was given ro the Defense Communica(cid:173)
`tions Agency (DCA). • However, development of the ARPANET did not stop just
`because it was being used as an operational network; the basic TCP/IP protocols
`were developed after the ARPANET was operational.
`
`The TCP/IP protocols were adopted as Milita.y Standards (MIL STD) in 1983, and
`all hosts connected to the network were requ ired to convert to the new protocols.
`To ease this conversion, DARPAt funded Bolt, Beranek, and Newman (BBN) to
`implement TCP/IP in Berkeley (BSD) UNIX. Thus began the marriage of UNIX and
`TCP/IP.
`
`About the time that TCP/IP was adopted as a standard, the term Internet came
`into common usage. In 1983, tl1e old ARPANET was divided into MILNET, the
`
`• DC.\ has smce changed its name to Defense Information Systems Agency (DISA).
`t During the 1980s and early 1990s. ARPA, which is pan of the U.S Dcpanment of Defense, was
`named Defense Ad,·anccd Research Projects Agency (DARPA). Currently known as ARPA, the agency is
`again preparmg to change its name to DARPA. Whether it is known as ARPA or DARPA. the agency and
`its mbsion of funding ad\'anced research has remained the same.
`
`007
`
`

`

`TCP/IP and the Internet
`
`3
`
`unclassified part of the Defense Data Network (DON), and a new, smaller
`ARPANET.
`''Internet" was used to refer to the entire network: MILNET plus
`ARPANET.
`
`In 1985 the National Science Foundation (NSF) created NSFNet and connected it to
`the then-existing Internet. The original NSFNet linked together the five NSF super(cid:173)
`computer centers. It was smaller than the ARPANET and no faster-56Kbps.
`Nonetheless, the creation of the NSFNet was a significant event in the history of
`the Internet because NSF brought with it a new vision of the use of the Internet.
`NSF wanted to extend the network to every scientist and engineer in the United
`States. To accomplish this, in 1987 NSF created a new, faster backbone and a
`three-tiered network topology that included the backbone, regional networks, and
`local networks.
`
`In 1990, the ARPANET formally passed out of existence, and the NSFNet ceased its
`role as a primary Internet backbone network in 1995. Still, today the Internet is
`larger than ever and encompasses more than 95,000 networks worldwide. This
`network of networks is linked together in the United States at several major inter(cid:173)
`connection pointS:
`
`• The three Network Access PointS (NAPs) created by the NSF to ensure contin(cid:173)
`ued broad-based access to the Internet.
`• The Federal Information Exchanges (FIXs) interconnect U.S. government net(cid:173)
`works.
`• The Commercial Information Exchange (CIX) was the first interconnect specifi(cid:173)
`cally for commercial Internet Service Providers (ISPs).
`
`• The Metropolitan Area Exchanges (MAEs) were also created to interconnect
`commercial ISPs.
`
`The Internet has grown far beyond its original scope. The original networks and
`agencies that built the Internet no longer play an essential role for the current net(cid:173)
`work. The Internet has evolved from a simple backbone network, through a three(cid:173)
`tiered hierarchical structure, to a huge network of interconnected, distributed net(cid:173)
`work hubs. It has grown exponentially since 1983-doubling in size every year.
`Through all of this incredible change one thing has remained constant: the Inter(cid:173)
`net is built on the TCP/IP protocol suite.
`
`A sign of rhe network's success is the confusion that surrounds the term internet.
`Originally it was used only as the name of the network buill upon the Inremer
`Protocol. Now internet is a generic term used to refer to an entire class of net(cid:173)
`works. An internet (lowercase "i") is any collection of separare physical networks,
`interconnected by a common protocol, to form a single logical network. The Inter(cid:173)
`net (uppercase "I") is the worldwide collection of interconnected networks, which
`grew our of the original ARPANET, that uses Internet Protocol (IP) to link the
`
`008
`
`

`

`4
`
`Chapter 1: Overview ofTCP/IP
`
`various physical networks into a single logical network. In this book, both "inter(cid:173)
`net" and "Internet" refer to networks that are interconnected by TCP!IP.
`
`Because TCP/ IP is required for Internet connection, the growth of the Internet has
`spurred interest in TCP/IP. As more organizations become familiar with TCP/IP,
`they see that its power can be applied in other network applications. The Internet
`protocols are often used for local area networking, even when the local network is
`not connected to the Internet. TCP/IP is also widely used to build enterprise net(cid:173)
`works. TCP/IP-based enterplise networks that use Internet techniques and World
`Wide Web tools to disseminate internal corporate information are called intranets.
`TCP/IP is the foundation of all of these varied networks.
`
`TCP liP Features
`The popularity of the TCP/IP protocols did not grow rapidly just because the pro(cid:173)
`tocols were there, or because connecting to the Internet mandated their use. They
`met an important need (worldwide data communication) at the right time, and
`they had several important features that allowed them to meet this need. These
`features are:
`
`•
`
`• Open protocol standards, freely available and developed independently from
`any specific computer hardware or operating system. Because it is so widely
`supported, TCP/ IP is ideal for uniting different hardware and software, even if
`you don't communicate over the Internet.
`Independence from specific physical network hardware. This allows TCP/IP to
`integrate many different kinds of networks. TCP/ IP can be run over an Ether(cid:173)
`net, a token ring, a dial-up line, an FDDI net, and virtually any other kind of
`physical transmission medium.
`• A common addressing scheme that allows any TCP!IP device to uniquely
`address any other device in the entire network, even if the network is as large
`as the worldwide Internet.
`• Standardized high-level protocols for consistent, widely available user services.
`
`Protocol Standards
`Protocols are formal rules of behavior. In international relations, protocols mini(cid:173)
`mize the problems caused by cultural differences when various nations work
`together. By agreeing tO a common set of rules that are widely known and inde(cid:173)
`pendent of any nation's customs, diplomatic protocols minimize misunderstand(cid:173)
`ings; everyone knows how to act and how to interpret the actions of others.
`Similarly, when computers communicate, it is necessary to define a set of rules to
`govern their communications.
`
`009
`
`

`

`A Data Communications Model
`
`5
`
`ln data communications these sers of rules are also called protocols. ln homoge(cid:173)
`neous networks, a single computer vendor specifies a set of communications rules
`designed to use the strengths of the vendor's operating system and hardware
`architecture. But homogeneous networks are like the culture of a single country(cid:173)
`only the na~ives are truly at home in it. TCP/IP attemprs to create a heterogeneous
`network with open protocols that are independent of operating system and archi(cid:173)
`tectural differences. TCP/IP protocols are available to everyone, and are developed
`and changed by consensus- not by the fiat of one manufacturer. Everyone is free
`to develop products to meet these open protocol specifications.
`
`The open nature of TCP/IP protocols requires publicly available standards docu(cid:173)
`ments. All protocols in the TCP/ IP protocol suite are defined in one of three Inter(cid:173)
`net standards publications. A number of the protocols have been adopted as
`Mililaty Standards (MIL STD). Others were published as Internet Engineering
`Notes (IEN)-though the lEN form of publication has now been abandoned. But
`most information about TCP/IP protocols is published as Requests for Comments
`(RFCs). RFCs contain the latest versions of the specifications of all standard TCP/IP
`protocols. As the title "Request for Comments" implies, the style and content of
`these documenrs is much less rigid than most standards documents. RFCs contain
`a wide range of interesting and useful information, and are not limited to the for(cid:173)
`mal specification of data communications protocols.
`
`As a network system administrator, you will no doubt read many of the RfCs your(cid:173)
`self. Some contain practical advice and guidance that is simple to understand.
`Other RFCs contain protocol implementation specifications defined in terminology
`that is unique to data communications.
`
`A Data Communications Model
`To discuss computer networking, it is necessaty to use terms that have special
`meaning. Even other computer professionals may not be familiar with aU the terms
`in the networking alphabet soup. As is always the case, English and computer(cid:173)
`speak are not equivalent (or even necessarily compatible) languages. Although
`descriptions and examples should make the meaning of the networking jargon
`more apparent, sometimes terms are ambiguous. A common frame of reference is
`necessary for understanding data communications terminology.
`
`An architectural model developed by the International Standards Organization
`(ISO) is frequently used to describe the structure and function of data communica(cid:173)
`tions protocols. This architectural model, which is called the Open Systems Inter(cid:173)
`connect Reference Model (OSI), provides a common reference for discussing
`
`• Interested in finding out how Internet standards are created? Read Tbe /111emet Sta11dards Process,
`RFC 1310.
`
`010
`
`

`

`6
`
`Chapter 1: Overview ofTCP/IP
`
`communications. The terms defined by this model are well understood and widely
`used in the data communications community-so widely used, in fact, that it is
`difficult to discuss data communications without using OSI's terminology.
`
`The OSI Reference Model contains seven layers that define the functions of data
`communications protocols. Each layer of the OSI model represents a function per(cid:173)
`formed when data is transferred between coope!"'.tting applications across an inter(cid:173)
`vening network. Figure 1-1 identifies each layer by name and provides a short
`functional description for it. Looking at this figure, the protocols are like a pile of
`building blocks stacked one upon another. Because of this appearance, the struc(cid:173)
`ture is often called a stack or protocol stack.
`
`0 Application Layer
`consists of application programs
`that use the network.
`0 Presentation Layer
`standardizes data presentation to
`the applications.
`0 Session Layer
`manages sessions between
`applications.
`0 Transport Layer
`provides end-to-end error
`deteclion and correction.
`0 Network Layer
`manages connections across the
`network for thB uppBr /ayBrs.
`0 Data Link Layer
`provides reliable data delivery
`across the physical/Ink.
`0 Physical Layer
`defines the physical characteristics
`I
`of the network media.
`
`Figure 1-1: 7be OS! Reference Model
`
`A layer does not define a single protocol-it defines a data communications func(cid:173)
`tion that may be performed by any number of protocols. Therefore, each layer
`may contain multiple protocols, each providing a service suitable to the function
`of that layer. For example, a file transfer protocol and an electronic mail protocol
`both provide user services, and both are part of the Application Layer.
`
`011
`
`

`

`A Data Communications Model
`
`7
`
`Every protocol communicates with its peer. A peer is an implementation of the
`same protocol in the equivalent layer on a remote system; i.e., the local file trans(cid:173)
`fer protocol is the peer of a remote file transfer protocol. Peer-level communica(cid:173)
`tions must be standardized for successful communications to take place. In the
`abstract, each protocol is concerned only with communicating to its peer; it does
`not care about the layer above or below it.
`
`However, there must also be agreement on how to pass data between the layers
`on a single computer, because every layer is involved in sending data from a local
`application to an equivalent remote application. The upper layers rely on the
`lower layers to transfer the data over the underlying network. Data is passed down
`the stack from one layer to the next, until it is transmitted over the network by the
`Physical Layer protocols. At the remote end, the data is passed up the stack to the
`receiving application. The individual layers do not need to know how the layers
`above and below them function; they only need to know how to pass data to
`them. Isolating network communications functions in different layers minimizes
`the impact of technological change on the entire protocol suite. New applications
`can be added without changing the physical network, and new network hardware
`can be installed without rewriting the application software.
`
`Although the OSI model is useful, the TCP/ IP protocols don't match its structure
`exactly. Therefore, in our discussions of TCP/ IP, we use the layers of the OSI
`model in the following way:
`
`Application Layer
`The Application Layer is the level of the protocol hiera1·chy where user(cid:173)
`accessed network processes reside. In this text, a TCP/ IP application is any
`network process that occurs above the Transport Layer. This includes all of the
`processes that users directly interact with, as well as other processes at this
`level that users are not necessarily aware of.
`
`Presentation Layer
`For cooperating applications to exchange data, tl1ey must agree about how
`data is represented. In OSI, this layer provides standard data presentation rou(cid:173)
`tines. This function is frequently handled within the applications in TCP/ IP,
`though increasingly TCP/ IP protocols such as XDR and MIME perform this
`function.
`
`Session Layer
`As with the Presentation Layer, the Session Layer is not identifiable as a sepa(cid:173)
`rate layer in the TCP/ IP protocol hierarchy. The OSI Session Layer manages
`the sessions (connection) between cooperating applications. In TCP/IP, this
`function largely occurs in tl1e Transport Layer, and the term "session" is not
`used. For TCP/ IP, the terms "socket" and "port" are used to describe the path
`over which cooperating applications communicate.
`
`012
`
`

`

`8
`
`Chapter I: Overview ofTCP/IP
`
`Transport Layer
`Much of our discussion of TCP/ IP is directed to the protocols that occur in the
`Transport Layer. The Transport Layer in the OSI reference model guarantees
`that the receiver gets the data exactly as it was sent. In TCP / IP this function is
`performed by the Transmission Control Protocol (TCP). However, TCP/ IP
`offers a second Transport Layer service, User Datagram Protocol (UDP), that
`does not perform the end-to-end reliability checks.
`
`Network Layer
`The Network Layer manages connections across the network and isolates the
`upper layer protocols from the details of the underlying network. The Internet
`Protocol (IP), which isolates the upper layers from the underlying network
`and handles the addressing and delive1y of data, is usually described as
`TCP/ IP's Network Layer.
`
`Data Link Layer
`The reliable delive1y of data across the underlying physical network is han(cid:173)
`dled by the Data Link Layer. TCP/ IP rarely creates protocols in the Data Link
`Layer. Most RFCs that relate to the Data Link Layer discuss how IP can make
`use of existing data link protocols.
`
`Physical Layer
`The Physical Layer defines the characteristics of the hardware needed to carry
`the data transmission signal. Features such as voltage levels, and the number
`and location of interface pins, are defined in this layer. Examples of standards
`at the Physical Layer are interface connectors such as RS232C and V.35, and
`standards for local area network wiring such as IEEE 802.3. TCP/ IP does not
`define physical standards-
`it makes use of existing standards.
`
`The terminology of the OSI reference model helps us describe TCP/ IP, but to fully
`understand it, we must use an architectural model that more closely matches the
`structure of TCP/ IP. The next section introduces the protocol model we'll use to
`describe TCP / IP.
`
`TCP/IP Protocol Architecture
`While there is no universal agreement about how to describe TCP/ IP with a lay(cid:173)
`ered model, it is generally viewed as being composed of fewer layers than the
`seven used in the OSI model. Most descriptions of TCP l iP define three to five
`functional levels in the protocol architecture. The four-level model illustrated in
`Figure 1-2 is based on the three layers (Application, Host-to-Host, and Network
`Access) shown in the DOD Protocol Model in the DDN Protocol Handbook(cid:173)
`Volume 7, with the addition of a separate Internet layer. This model provides a
`reasonable pictorial represemation of the layers in the TCP/ IP protocol hierarchy.
`
`013
`
`

`

`TCP/IP Protocol Architecture
`
`9
`
`0 Application Layer
`consists of applications and
`processes that use the network.
`
`E) Host-to-Host Transport Layer
`provides end-to-end data
`delivery services.
`
`f) Internet Layer
`defines the datagram and handles
`the routing of data.
`0 Network Access Layer
`consists of routines for accessing
`physical networks.
`
`Figure 1-2: Layers in the TCP/IP protocol architecture
`
`As in the OSI model, data is passed down the stack when it is being sent to the
`network, and up the stack when it is being received from the network. The four(cid:173)
`layered structure of TCP/ IP is seen in the way data is handled as it passes down
`the protocol stack from the Application Layer to the underlying physical network.
`Each layer in the stack adds control information ro ensure proper delivery. This
`control information is called a header because it is placed in front of the data to
`be transmitted. Each layer treats all of the information it receives from the layer
`above as data and places its own header in front of that information. The addition
`of delivery information at every layer is called encapsulation. (See Figure 1-3 for
`an illustration of this.) When data is received, the opposite happens. Each layer
`strips off its header before passing the data on to the layer above. As information
`flows back up the stack, information received from a lower layer is interpreted as
`both a header and data.
`
`Each layer has its own independent data structures. Conceptually, a layer is
`unaware of the data structures used by the layers above and below it. In reality,
`the data structures of a layer are designed to be compatible with the structures
`used by the surrounding layers for the sake of more efficient data transmission.
`Still, each layer has its own data structure and its own terminology to describe that
`structure.
`
`Figure 1-4 shows the terms used by d ifferent layers of TCP/IP to refer to the data
`being transmitted. Applications using TCP refer to data as a stream, while applica(cid:173)
`tions using the User Datagram Protocol (UDP) refer to data as a message. TCP calls
`data a segment, and UDP calls its data structure a packet. The Internet layer views
`all data as blocks called datagrams. TCP/ IP uses many different types of
`
`014
`
`

`

`10
`
`Chapter 1: Overview ofTCP/IP
`
`Application Layer
`
`Transport Layer
`
`Data
`
`I
`·-------------------------------------------------------------~-----------
`Header ~ala
`~---------------------------------------------------------l L.. ------------
`I Header
`tnternet Layer
`'\)'
`I
`Header
`Data
`N;h;;rk A;c~~~-i;y;;---------------------------------JJ------1t----------.
`I
`
`Header
`
`Header
`
`~ Header
`
`~ Data
`
`Send
`
`Receive
`
`Figure 1-3: Data encapsulation
`
`underlying networks, each of which may have a different terminology for the data
`it transmits. Most networks refer to transmitted data as packets or frames. In Figure
`1-4 we show a network that transmits pieces of data it calls frames.
`
`Application Layer
`
`Transport Layer
`
`Internet Layer
`
`Network Access Layer
`
`TCP
`
`m
`[
`~ea~
`
`UDP
`
`I
`on<>
`~ss~
`
`datagram
`
`frame
`
`frame
`
`Figure 1-4: Data structures
`
`Let's look more closely at the function of each layer, working our way up from the
`Network Access Layer to the Application Layer.
`
`015
`
`

`

`In ternet Layer
`
`11
`
`Network Access Layer
`The Network Access Layer is the lowest layer of the TCP/IP protocol hierarchy. The
`protocols in this layer provide the means for the system to deliver data to the
`other devices on a directly anached network. It defines how to use the network to
`transmit an IP datagram. Unlike higher-level protocols, Network Access Layer pro(cid:173)
`tocols must know the details of the underlying network (itS packet structure,
`addressing, etc.) to correctly format the data being transmitted to comply with the
`network constraints. The TCP/IP Network Access Layer can encompass the func(cid:173)
`tions of all three lower layers of the OSI reference Model (Network, Data Link, and
`Physical).
`
`The Network Access Layer is often ignored by users. The design of TCP/ IP hides
`the function of the lower layers, and the bener known protocols (IP, TCP, UDP,
`etc.) are all higher-level protocols. As new hardware technologies appear, new
`Network Access protocols must be developed so that TCP/ IP networks can use the
`new hardware. Consequently, there are many access protocols-one for each
`physical network standard.
`
`Functions performed at this level include encapsulatio n of IP datagrams into the
`frames transmitted by the network, and mapping of IP addresses to the physical
`addresses used by the network. One of TCP/ IP's strengths is its universal address(cid:173)
`ing scheme. The IP address must be converted into an address that is appropriate
`for the physical network over which the datagram is transmitted.
`
`Two examples of RFCs that define network access layer protocols are:
`
`• RFC 826, Address Resolution Protocol (ARP), which maps IP addresses to Eth(cid:173)
`ernet addresses
`• RFC 894, A Standard for the Transmt:ssion of JP Datagrams over Ethernet Net(cid:173)
`works, which specifies how IP datagrams are encapsulated for transmission
`over Ethernet networks
`
`As implemented in UNIX, protocols in this layer often appear as a combination of
`device drivers and related programs. The modules that are identified with network
`device names usually encapsulate and deliver tl1e data to the network, while sepa(cid:173)
`rate programs perform related functions such as address mapping.
`
`Internet Layer
`The layer above the Network Access Layer in the protocol hierarchy is the Internet
`Layer. The Internet Protocol, RFC 791, is the heart of TCPIIP and the most impor(cid:173)
`tant protocol in the Internet Layer. IP provides the basic packet delivery service on
`which TCP/ IP networks are built. All protocols, in the layers above and below IP,
`
`016
`
`

`

`12
`
`Chapter 1: Overview ofTCP/IP
`
`use the Internet Protocol to deliver data. All TCP/ IP data flows through IP, incom(cid:173)
`ing and outgoing, regardless of its final destination.
`
`Internet Protocol
`The Imernet Protocol is the building block of the Internet. Its functions include:
`
`• Defining the datagram, which is the basic unit of transmission in the Internet
`
`• Defining the Internet addressing scheme
`• Moving data between the Network Access Layer and the Host-to-Host Trans-
`port Layer
`
`• Routing datagrams to remote hosts
`• Performing fragmentation and re-assembly of datagrams
`
`Before describing these functions in more detail, let's look at some of IF's charac(cid:173)
`teristics. First, IP
`is a connectionless protocol. This means that IP does not
`exchange control information (called a "handshake") to establish an end-to-end
`connection before transmitting data. In contrast, a connection-oriented protocol
`exchanges control information with the remote system to verify that it is ready to
`receive data before any data is sent. When the handshaking is successful, the sys(cid:173)
`tems are said to have established a connection. Internet Protocol relies on proto(cid:173)
`cols in other layers to establish the connection if they require connection-oriented
`service.
`
`IP also relies on protocols in the other layers to provide error detection and error
`recovery. The Internet Protocol is sometimes called an unreliable protocol because
`it contains no error detection and recovery code. This is not to say that the proto(cid:173)
`col cannot be relied on-quite the contrary. IP can be relied upon to accurately
`deliver your data to the connected network, but it doesn't check whether that data
`was correctly received. Protocols in other layers of the TCP/ IP architecture provide
`this checking when it is required.
`
`The datagram
`
`The TCP/ IP protocols were built to transmit data over the ARPANET, which was a
`packet switching network. A packet is a block of data that carries with it the infor(cid:173)
`mation necessary to deliver it-
`in a manner similar to a postal letter, which has an
`address written on its envelope. A packet switching network uses the addressing
`information in the packets to switch packets from one physical network to
`another, moving them toward their final destination. Each packet travels the net(cid:173)
`work independently of any other packet.
`
`The datagram is the packet format defined by Internet Protocol. Figure 1-5 is a
`pictorial representation of an IP datagram. The first five or six 32-bit words of the
`
`017
`
`

`

`Internet Layer
`
`13
`
`datagram are concrol information called the header. By defal:llt, the header is five
`words long; the sLxth word is optional. Because the header's length is variable, it
`includes a field called Internet Header Length (JHL) that indicates the header's
`length in words. The header contains all the information necessary to deliver the
`packet.
`
`Identification
`
`lo~t--------- Bits ----------1~,
`Ia
`I~
`I~
`I~
`I~
`I~
`~
`14
`13
`T
`Version I IHL I Type of Service
`Total Length
`Flags I Fragmentation Offset
`~ 4 E
`I Paddmg 1
`
`~ 3
`~­
`
`nme to Live
`
`I
`
`l
`
`Protocol
`
`Header Checksum
`
`Source Address
`
`Destination Address
`
`Op