lnternetworking With TCP/IP
`Vol I:
`Principles, Protocols, and Architecture
`Third Edition
`
`DOUGLAS E. COMER
`Department of Computer Sciences
`Purdue University
`West Lafayette, IN 47907
`
`PRENTICE HALL
`Upper Saddle River, New Jersey 07458
`
`1
`
`Comcast, Ex. 1133
`
`

`

`Library of Congress Cataloging-in-Publication Data
`Comer, Douglas
`Intemctworlang with TCP/IP/ Douglas E. Comer. -- 3rd ed.
`p.
`cm.
`Includes bibliographical references and index.
`Contents: v. 1. Principles, protocols, and architecture
`ISBN 0-13-216987-8 (v. 1)
`1. TCP/IP (Computer network protocol) 2. Client/server computing.
`3. lntcmctworltlng (felecommunication)
`I. Title.
`TK5105.585.C66
`1995
`005.2--dc20
`
`95-1830
`CIP
`
`Acquisitions editor: ALAN APT
`Production editor: IRWIN ZUCKER
`Cover designer: WENDY ALLING JUDY
`Buyer: LORI BULWIN
`Editorial assistant: SHIRLEY MCGUIRE
`
`© 1995 by Prentice-Hall, lnc.
`Upper Saddle River, New Jersey 07458
`
`All rights reserved. No part of this book may be
`reproduced, in any form or by any means,
`without permission in writing from the publisher.
`The author and publisher of this book have used their best efforts in preparing this book. These efforts include the
`development, research, and testing of the theories and programs to determine their effectiveness. The author and
`publisher make no warranty of any kind, expressed or implied, with regard to these programs or the documentation
`contained in this book. The author and publisher shall not be liable in any event for incidental or consequential damages
`in connection with, or arising out of, the furnishing, performance, or use of these programs.
`UNIX is a registered trademark of UNIX System Laboratories, Incorporated
`proNET-10 is n trademark of Proteon Corporation
`LSI 11 is a trademark of Digital Equipment Corporation
`Microsoft Windows is a trademark of Microsoft Corporation
`
`Printed in the United States of America
`20 19 18 17 16 15 14 13 12 11
`
`ISBN 0-13-216987-8
`
`Prentice-Hall International (UK) Limited, London
`Prentice-Hall of Australia Pty. Limited, Sydney
`Prentice-Hall Canada Inc., Toronto
`Prentice-Hall Hispanoamericana, S.A., Mexico
`Prentice-Hall of India Private Limited, New Delhi
`Prentice-Hall of Japan, Inc., Tokyo
`Pearson Education Asia Pte. Ltd., Singapore
`Editora Prentice-Hall do Brasil, Ltda., Rio de Janeiro
`
`2
`
`

`

`To Chrfs
`To Chris
`
`3
`
`

`

`Additional Enthusiastic Comments About
`lnternetworking With TCP/IP Volume 1
`
`"Unquestionably THE reference for TCP/IP; both informative and easy to
`read, this book is liked by both novice and experienced. "
`- Raj Yavatkar
`University of Kentucky
`US Editor, Computer Communications
`"The third edition maintains Comer's lnternetworking with TCP/IP as the
`acknowledged leader in TCP/IP books by adding up-to-the-minute ma(cid:173)
`terial on A TM, CIDR, firewalls, DHCP and the next version of IP, /Png."
`- Ralph Drams
`Bucknell University
`IFTF Working Group Chair
`"Doug Comer remains the first and best voice of Internet technology.
`Despite the legion of 'Internet carpetbaggers' (the current crop of 'au(cid:173)
`thors' who can barely spell F-T-P) which contributes noise - but no
`knowledge - on the Internet and its infrastructure, Dr. Comer shines
`through as the premiere source for lucid explanations and accurate infor(cid:173)
`mation. He sets a standard for which many strive, but precious few at(cid:173)
`tain. "
`- Marshall Rose
`Dover Beach Consulting
`IETF Area Director
`
`"Comer's Volume 1 drastically changed the course of networking history."
`- Dan Lynch
`lnterop Company
`JAB Member
`
`"When you need to teach the details of TCP/IP, you need the latest in(cid:173)
`formation. Once again, Comer separates the chaff from the wheat with
`his latest edition of the TCP/IP book that a generation of networkers grew
`up with."
`- Shawn Ostermann
`Ohio University
`
`4
`
`

`

`Contents
`
`Foreword
`
`Preface
`
`Chapter 1
`
`Introduction And Overview
`
`1
`
`The Motivation For Internetworking
`I .I
`The TCP/IP Internet 2
`1.2
`Internet Services 3
`1.3
`History And Scope Of The Internet 6
`1.4
`The Internet Architecture Board 8
`1.5
`The JAB Reorganization 9
`1.6
`The Internet Society
`1.7
`11
`Internet Request For Comments
`1.8
`11
`Internet Protocols And Standardization
`1.9
`1.10 Future Growth And Technology
`12
`I .II Organization Of The Text
`13
`1.12
`Summary
`14
`
`12
`
`xxi
`
`xxiii
`
`1
`
`Chapter 2 Review Of Underlying Network Technologies
`
`17
`
`Introduction
`2.1
`17
`Two Approaches To Network Communication
`2.2
`2.3 Wide Area And Local Area Networks
`19
`2.4
`Ethernet Technology
`20
`2.5
`Fiber Distributed Data Interconnect (FDDI)
`2.6
`Asynchronous Transfer Mode
`36
`2.7
`ARPANET Technology
`37
`2.8
`National Science Foundation Networking
`2 .9
`ANSNET 44
`
`39
`
`18
`
`32
`
`VII
`
`5
`
`

`

`viii
`
`Contents
`
`2.10 A Planned Wide Area Backbone 44
`2.11 Other Technologies Over Which TCP/JP Has Been Used 44
`47
`2.12
`Summary And Conclusion
`
`Chapter 3
`
`lnternetworking Concept And Architectural Model
`
`49
`
`3.1
`3 .2
`3.3
`3.4
`3.5
`3.6
`3.7
`3.8
`3.9
`3 .10
`
`Introduction 49
`Application-level Interconnection 49
`50
`Network-level Interconnection
`Properties Of The Internet SI
`Internet Architecture 52
`Interconnection Through IP Routers 52
`54
`The User's View
`All Networks Are Equal 54
`The Unanswered Questions 55
`56
`Summary
`
`Chapter 4
`
`Internet Addresses
`
`59
`
`59
`Introduction
`4.1
`Universal Identifiers 59
`4.2
`Three Primary Classes Of IP Addresses 60
`4.3
`4.4
`Addresses Specify Network Connections 61
`Network And Broadcast Addresses 61
`4.5
`limited Broadcast 62
`4.6
`4.7
`62
`Interpreting Zero To Mean "This"
`4.8 Weaknesses In Internet Addressing 63
`65
`4.9
`Dotted Decimal Notation
`loopback Address 65
`4.10
`4.11
`Summary Of Special Address Conventions
`4 .12
`Internet Addressing Authority 66
`4.13 An Example 67
`4 .14 Network Byte Order 69
`Summary 70
`4.15
`
`66
`
`Chapter 5 Mapping Internet Addresses To Physical Addresses (ARP)
`
`73
`
`5.1
`5.2
`5.3
`5.4
`
`Introduction
`73
`The Address Resolution Problem
`73
`74
`Two Types Of Physical Addresses
`74
`Resolution Through Direct Mapping
`
`6
`
`

`

`Contents
`
`ix
`
`Resolution Through Dynamic Binding 75
`5.5
`The Address Resolution Cache 76
`5.6
`ARP Refinements 77
`5.7
`Relationship Of ARP To Other Protocols 77
`5.8
`ARP Implementation
`5.9
`77
`5.10 ARP Encapsulation And Identification
`5.11 ARP Protocol Format 79
`81
`5.12
`Summary
`
`79
`
`Chapter 6 Determining An Internet Address At Startup (RARP)
`
`83
`
`6.1
`6.2
`6.3
`6.4
`6.5
`
`83
`Introduction
`Reverse Address Resolution Protocol (RARP)
`86
`Timing RARP Transactions
`Primary And Backup RARP Servers
`Summary 87
`
`86
`
`84
`
`Chapter 7
`
`Internet Protocol: Connectionless Datagram Delivery
`
`89
`
`7.1
`7.2
`7.3
`7.4
`7.5
`7.6
`7.7
`7.8
`7.9
`
`Introduction
`89
`A Virtual Network
`89
`Internet Architecture And Philosophy 90
`The Concept Of Unreliable Delivery 90
`Connectionless Delivery System 91
`Purpose Of The Internet Protocol 91
`The Internet Datagram 91
`Internet Datagram Options
`Summary
`106
`
`100
`
`Chapter 8
`
`Internet Protocol: Routing IP Datagrams
`
`109
`
`Introduction
`8.1
`109
`Routing In An Internet
`8.2
`109
`111
`Direct And Indirect Delivery
`8.3
`113
`Table-Driven IP Routing
`8.4
`113
`Next-Hop Routing
`8.5
`Default Routes
`8.6
`115
`Host-Specific Routes
`8.7
`115
`The IP Routing Algorithm
`8.8
`116
`Routing With IP Addresses
`8.9
`116
`8.10 Handling Incoming Datagrams
`
`118
`
`7
`
`

`

`X
`
`Contents
`
`8.11 Establishing Routing Tables
`8.12
`Summary
`119 ·
`
`119
`
`Chapter 9
`
`Internet Protocol: Error And Control Messages (ICMP)
`
`123
`
`123
`124
`
`Introduction
`9.1
`123
`The Internet Control Message Protocol
`9.2
`Error Reporting vs. Error Correction
`9.3
`/CMP Message Delivery
`9.4
`125
`/CMP Message Format
`9.5
`126
`Testing Destination Reachability And Status (Ping)
`9.6
`Echo Request And Reply Message Format
`9.7
`128
`Reports Of Unreachable Destinations
`9.8
`128
`Congestion And Datagram Flow Control
`9.9
`130
`Source Quench Format
`9.10
`130
`9.11 Route Change Requests From Routers
`131
`9.12 Detecting Circular Or Excessively Long Routes
`9.13 Reporting Other Problems
`134
`9.14 Clock Synchronization And Transit Time Estimation
`9.15
`Information Request And Reply Messages
`136
`9.16 Obtaining A Subnet Mask
`136
`9.17 Summary
`137
`
`127
`
`133
`
`134
`
`Chapter 10 Subnet And Supernet Address Extensions
`
`139
`
`Introduction
`JO.I
`139
`10.2 Review Of Relevant Facts
`139
`10.3 Minimizing Network Numbers
`140
`10.4
`Transparent Routers
`141
`10.5 Proxy ARP
`142
`10.6
`Subnet Addressing
`143
`10.7 Flexibility In Subnet Address Assignment
`10.8
`Implementation Of Subnets With Masks
`10.9
`Subnet Mask Representation
`148
`JO.JO Routing In The Presence Of Subnets
`10.11 The Subnet Routing Algorithm
`150
`10.12 A Unified Routing Algorithm
`151
`10.13 Maintenance Of Subnet Masks
`152
`10.14 Broadcasting To Subnets
`152
`10.15 Supernet Addressing
`153
`10.16 The Effect Of Supernetting On Routing
`10.17 Summary
`155
`
`146
`147
`
`149
`
`154
`
`8
`
`

`

`Contents
`
`Chapter 11 Protocol Layering
`
`xi
`
`159
`
`11.1
`11 .2
`11.3
`11.4
`11.5
`11.6
`11.7
`11 .8
`11.9
`11.10
`11.11
`11 .12
`
`160
`
`159
`Introduction
`159
`The Need For Multiple Protocols
`The Conceptual Layers Of Protocol Software
`163
`Functionality Of The Layers
`X.25 And Its Relation To The ISO Model 164
`Differences Between X.25 And Internet Layering
`169
`The Protocol Layering Principle
`Layering In The Presence Of Network Substructure
`Two Important Boundaries In The TCP/IP Model
`174
`The Disadvantage Of Layering
`The Basic Idea Behind Multiplexing And Demultiplexing
`176
`Summary
`
`167
`
`171
`173
`
`174
`
`Chapter 12 User Datagram Protocol (UDP)
`
`179
`
`179
`
`179
`Introduction
`12 .1
`12 .2
`Identifying The Ultimate Destination
`180
`12.3 The User Datagram Protocol
`181
`12.4 Format Of UDP Messages
`182
`12.5 UDP Pseudo-Header
`183
`12.6 UDP Encapsulation And Protocol Layering
`12.7 Layering And The UDP Checksum Computation
`12.8 UDP Multiplexing, Demultiplexing, And Ports
`12.9 Reserved And Available UDP Port Numbers
`188
`12.10 Summary
`
`185
`185
`186
`
`Chapter 13 Reliable Stream Transport Service (TCP)
`
`191
`
`13.1
`13.2
`13.3
`13.4
`13.5
`13.6
`13.7
`13.8
`13.9
`13./0
`13.11
`
`192
`
`191
`Introduction
`19 1
`The Need For Stream Delivery
`Properties Of The Reliable Delivery Service
`193
`Providing Reliability
`The Idea Behind Sliding Windows
`The Transmission Control Protocol
`Ports, Connections, And Endpoints
`Passive And Active Opens 201
`201
`Segments, Streams, And Sequence Numbers
`Variable Window Size And Flow Control 202
`TCP Segment Format 203
`
`195
`198
`199
`
`9
`
`

`

`XII
`
`Contents
`
`208
`
`13.12 Out Of Band Data
`205
`13.13 Maximum Segment Size Option
`206
`13.14 TCP Checksum Computation
`207
`13.15 Acknowledgements And Retransmission
`13.16 Timeout And Retransmission 209
`13 .I 7 Accurate Measurement Of Round Trip Samples 21 1
`13.18 Karn' s Algorithm And Timer Backoff 212
`13.19 Responding To High Variance In Delay 213
`13.20 Response To Congestion
`214
`13.21 Establishing A TCP Connection
`13.22 Initial Sequence Numbers 217
`13.23 Closing a TCP Connection
`217
`13.24 TCP Connection Reset 219
`13.25 TCP State Machine 219
`13.26 Forcing Data Delivery
`221
`13.27 Reserved TCP Port Numbers
`13.28 TCP Performance
`221
`13.29 Silly Window Syndrome And Small Packets 223
`13 .30 Avoiding Silly Window Syndrome
`224
`13.31 Summary 227
`
`216
`
`221
`
`Chapter 14 Routing: Cores, Peers, And Algorithms (GGP)
`
`231
`
`234
`
`Introduction
`14 .1
`231
`14.2 The Origin Of Routing Tables
`232
`14.3 Routing With Partial Information
`233
`14.4 Original Internet Architecture And Cores
`14.5 Core Routers
`235
`14.6 Beyond The Core Architecture To Peer Backbones
`14.7 Automatic Route Propagation
`240
`14.8 Vector Distance (Bellman-Ford) Routing
`240
`14.9 Gateway-To-Gateway Protocol (GGP)
`242
`14.10 GGP Message Formats
`243
`14.J 1 Link-State (SPF) Routing
`245
`14.12 SPF Protocols
`246
`14.13 Summary 246
`
`238
`
`Chapter 15 Routing: Autonomous Systems (EGP)
`
`249
`
`Introduction
`15.1
`249
`15.2 Adding Complexity To The Architectural Model
`15.3 A Fundamental Idea: Extra Hops
`250
`
`249
`
`10
`
`

`

`Contents
`
`xiii
`
`254
`
`15.4
`Autonomous System Concept 252
`15.5
`Exterior Gateway Protocol (EGP)
`15.6
`EGP Message Header 255
`15.7
`EGP Neighbor Acquisition Messages 256
`15.8
`257
`EGP Neighbor Reachability Messages
`15.9
`EGP Poll Request Messages 258
`15.10
`EGP Routing Update Messages 259
`15.11
`Measuring From The Receiver's Perspective
`15.12
`The Key Restriction Of EGP 262
`15.13
`Technical Problems 264
`15.14 Decentralization Of Internet Architecture 264
`15.15 Beyond Autonomous Systems 264
`265
`15 .16 Summary
`
`261
`
`Chapter 16 Routing: In An Autonomous System (RIP, OSPF, HELLO) 267
`
`267
`Introduction
`16.1
`16.2 Static Vs. Dynamic Interior Routes 267
`270
`16.3 Routing Information Protocol (RIP)
`16.4 The Hello Protocol 276
`16.5 Combining RIP, Hello, And EGP 278
`279
`16.6 The Open SPF Protocol (OSPF)
`16.7 Routing With Partial Information 286
`Summary 286
`16.8
`
`Chapter 17 Internet Multicasting (IGMP)
`
`289
`
`Introduction
`17.1
`289
`17.2 Hardware Broadcast 289
`17.3 Hardware Multicast 290
`17.4
`IP Multicast
`291
`17.5
`IP Multicast Addresses
`291
`17.6 Mapping IP Multicast To Ethernet Multicast
`17.7 Extending IP To Handle Multicasting
`293
`17.8
`Internet Group Management Protocol 294
`17.9
`IGMP Implementation
`294
`17.10 Group Membership State Transitions
`17.11 IGMP Message Format 296
`17.12 Multicast Address Assignment 297
`17.13 Propagating Routing Information 297
`17.14 The Mrouted Program 298
`17.15 Summary 300
`
`295
`
`292
`
`11
`
`

`

`xiv
`
`Chapter 18 TCP/IP Over ATM Networks
`
`Contents
`
`303
`
`18.1
`Introduction 303
`18.2 ATM Hardware 304
`18.3 Large ATM Networks 304
`18.4 The Logical View Of An ATM Network 305
`18.5 The Two ATM Connection Paradigms 306
`18.6 Paths, Circuits, And Identifiers 307
`18.7 ATM Cell Transport 308
`18.8 ATM Adaptation Layers 308
`18.9 AAL5 Convergence, Segmentation, And Reassembly 311
`18.10 Datagram Encapsulation And IP MTU Size 311
`18.11 Packet Type And Multiplexing 312
`18.12 IP Address Binding In An ATM Network 313
`18.13 Logical IP Subnet Concept 314
`18.14 Connection Management 315
`18.15 Address Binding Within An LIS 316
`18.16 ATMARP Packet Format 316
`18.17 Using ATMARP Packets To Determine An Address 318
`18.18 Obtaining Entries For A Server Database 320
`18.19 Timing Out ATMARP Information In A Server 320
`18.20 Timing Out ATMARP Information In A Host Or Router 320
`18.21 Summary 321
`
`Chapter 19 Client-Server Model Of Interaction
`
`325
`
`19.1
`Introduction 325
`19.2 The Client-Server Model 325
`19.3 A Simple Example: UDP Echo Server 326
`19.4 Time And Date Service 328
`19.5 The Complexity of Servers 329
`19.6 RARP Server 330
`19.7 Alternatives To The Client-Server Model 331
`19.8 Summary 332
`
`Chapter 20 The Socket Interface
`
`335
`
`20.1
`Introduction 335
`20.2 The UNIX 1/0 Paradigm And Network 110 336
`20.3 Adding Network 1/0 to UNIX 336
`20.4 The Socket Abstraction 337
`
`12
`
`

`

`Contents
`
`xv
`
`20.5
`20.6
`20.7
`20.8
`20.9
`20.10
`20.11
`20.12
`20.13
`20.14
`20.15
`20.16
`20.17
`20.18
`20.19
`20.20
`20.21
`20.22
`20.23
`20.24
`20.25
`20.26
`20.27
`20.28
`
`338
`
`340
`
`Creating A Socket 337
`Socket Inheritance And Termination
`Specifying A Local Address 339
`Connecting Sockets To Destination Addresses
`Sending Data Through A Socket 341
`Receiving Data Through A Socket 343
`Obtaining Local And Remote Socket Addresses 344
`Obtaining And Setting Socket Options
`345
`Specifying A Queue Length For A Server
`346
`How A Server Accepts Connections
`346
`Servers That Handle Multiple Services
`347
`Obtaining And Setting Host Names
`348
`Obtaining And Setting The Internal Host Domain
`BSD UNIX Network Library Calls
`349
`Network Byte Order Conversion Routines 350
`IP Address Manipulation Routines
`351
`Accessing The Domain Name System
`352
`Obtaining Information About Hosts
`354
`Obtaining Information About Networks
`355
`Obtaining Information About Protocols
`355
`Obtaining Information About Network Services
`An Example Client
`357
`An Example Server
`359
`Summary
`362
`
`349
`
`356
`
`Chapter 21 Bootstrap And Autoconfiguration (BOOTP, DHCP)
`
`365
`
`Introduction
`21.1
`365
`21.2 The Need For An Alternative To RARP
`366
`21.3 Using IP To Determine An IP Address
`366
`21.4 The BOOTP Retransmission Policy
`367
`21.5 The BOOTP Message Format
`368
`21.6 The Two-Step Bootstrap Procedure
`21.7 Vendor-Specific Field
`370
`21.8 The Need For Dynamic Configuration
`21.9 Dynamic Host Configuration
`372
`21.10 Dynamic IP Address Assignment 372
`21.11 Obtaining Multiple Addresses 373
`21.12 Address Acquisition States
`374
`21.13 Early Lease Termination
`374
`21.14 Lease Renewal States
`376
`21.15 DHCP Message Format
`377
`21 .16 DHCP Options And Message Type
`
`369
`
`370
`
`378
`
`13
`
`

`

`Contents
`
`383
`
`xvi
`
`21.J 7 Option Overload 379
`21.J 8 DHCP And Domain Names 319
`21.19 Summary 380
`
`Chapter 22 The Domain Name System (DNS)
`
`22.1
`Introduction 383
`22.2 Names For Machines 384
`22.3 Flat Namespace 384
`22.4 Hierarchical Names 385
`22.5 Delegation Of Authority For Names 386
`22.6 Subset Authority 386
`22.7 TCP/IP Internet Domain Names 387
`22.8 Official And Unofficial Internet Domain Names 388
`22.9
`Items Named And Syntax Of Names 390
`22.10 Mapping Domain Names To Addresses 391
`22 .I 1 Domain Name Resolution 393
`22 .12 Efficient Translation 394
`22.13 Caching: The Key To Efficiency 395
`22.14 Domain Server Message Format 396
`22.15 Compressed Name Format 399
`22.16 Abbreviation Of Domain Names 399
`22.17 Inverse Mappings 400
`22.18 Pointer Queries 401
`22.19 Object Types And Resource Record Contents 401
`22.20 Obtaining Authority For A Subdomain 402
`22.21 Summary 403
`
`Chapter 23 Applications: Remote Login (TELNET, Rlogin)
`
`407
`
`23.1
`Introduction 407
`23.2 Remote Interactive Computing 407
`23.3 TELNET Protocol 408
`23 .4 Accommodating Heterogeneity 410
`23.5 Passing Commands That Control The Remote Side 412
`23.6 Forcing The Server To Read A Control Function 4 14
`23.7 TELNET Options 414
`23.8 TELNET Option Negotiation 415
`23.9 Rlogin (BSD UNIX) 416
`23.10 Summary 417
`
`14
`
`

`

`Contents
`
`xvii
`
`Chapter 24 Applications: File Transfer And Access (FTP, TFTP, NFS) 419
`
`24.1
`Introduction 419
`24.2 File Access And Transfer 419
`24.3 On-line Shared Access 420
`24.4
`Sharing By File Transfer 421
`24.5 FTP: The Major TCP/IP File Transfer Protocol 421
`24.6 FTP Features 422
`24.7 FTP Process Model 422
`24.8
`TCP Port Number Assignment 424
`24.9
`The User's View Of FTP 424
`24.10
`An Example Anonymous FTP Session
`24.11
`TFTP 427
`24.12
`NFS 429
`24.13
`NFS Implementation
`429
`24.14
`Remote Procedure Call (RPC) 430
`24.15
`Summary 431
`
`426
`
`Chapter 25 Applications: Electronic Mail (822, SMTP, MIME)
`
`433
`
`25.1
`Introduction
`433
`25.2 Electronic Mail 433
`25.3 Mailbox Names And Aliases 435
`25.4 Alias Expansion And Mail Forwarding 435
`25.5 The Relationship Of lnternetworking And Mail 436
`25.6 TCP/IP Standards For Electronic Mail Service 438
`25.7 Electronic Mail Addresses 438
`25.8 Pseudo Domain Addresses 440
`25.9 Simple Mail Transfer Protocol (SMTP) 440
`25.10 The MIME Extension For Non-ASCII Data 443
`25.11 MIME Multipart Messages 444
`25.12 Summary 445
`
`Chapter 26 Applications: Internet Management (SNMP, SNMPv2)
`
`447
`
`26.1
`Introduction
`447
`26.2 The Level Of Management Protocols 447
`26.3 Architectural Model 448
`26.4 Protocol Architecture 450
`26.5 Examples of MIB Variables 451
`26.6 The Structure Of Management Information 452
`
`15
`
`

`

`xviii
`
`Contents
`
`26.7
`26.8
`26.9
`26.10
`26.11
`26.12
`
`Formal Definitions Using ASN.l 453
`Structure And Representation Of MIB Object Names
`Simple Network Management Protocol 458
`SNMP Message Format 460
`Example Encoded SNMP Message 462
`Summary 463
`
`453
`
`465
`
`471
`
`Chapter 27 Summary Of Protocol Dependencies
`
`27.1
`Introduction 465
`27.2 Protocol Dependencies 465
`27.3 Application Program Access 467
`27.4
`Summary 468
`
`Chapter 28 Internet Security And Firewall Design
`
`28.1
`Introduction 471
`28.2 Protecting Resources 472
`28.3 The Need For An Information Policy 472
`28.4 Communication, Cooperation, And Mutual Mistrust 474
`28.5 Mechanisms For Internet Security 475
`28.6 Firewalls And Internet Access 476
`28.7 Multiple Connections And Weakest Links 477
`28.8 Firewall Implementation And High-Speed Hardware 478
`28.9 Packet-Level Filters 479
`28.10 Security And Packet Filter Specification 480
`28.11 The Consequence Of Restricted Access For Clients 481
`28.12 Accessing Services Through A Firewall 481
`28.13 The Details Of Firewall Architecture 483
`28.14 Stub Network 484
`28.15 An Alternative Firewall Implementation 484
`28.16 Monitoring And Logging 485
`28.17 Summary 486
`
`Chapter 29 The Future Of TCP/IP (IPng, IPv6)
`
`489
`
`29.1
`Introduction
`489
`29.2 Why Change TCP/IP And The Internet? 490
`29.3 Motivation For Changing IPv4 491
`29.4 The Road To A New Version Of IP 492
`29.5 The Name Of The Next IP 492
`
`16
`
`

`

`Contents
`
`xix
`
`29.6 Features Of !Pv6 493
`29.7 General Form Of An f Pv6 Datagram 494
`!Pv6 Base Header Format 494
`29.8
`!Pv6 Extension Headers 496
`29.9
`29.10 Parsing An !Pv6 Datagram 497
`f Pv6 Fragmentation And Reassembly 498
`29.11
`29.12 The Consequence Of End-To-End Fragmentation
`f Pv6 Source Routing 500
`29.13
`500
`f Pv6 Options
`29.14
`502
`29.15 Size Of The f Pv6 Address Space
`502
`29.16 f Pv6 Colon Hexadecimal Notation
`503
`29.17 Three Basic f Pv6 Address Types
`29.18 The Duality Of Broadcast And Multicast 504
`29.19 An Engineering Choice And Simulated Broadcast 504
`29.20 Proposed f Pv6 Address Space Assignment 504
`506
`29.21 !Pv4 Address Encoding And Transition
`29.22 Providers, Subscribers, And Address Hierarchy
`507
`29.23 Additional Hierarchy
`508
`29.24 Summary
`
`498
`
`506
`
`Appendix 1 A Guide To RFCs
`
`Appendix 2 Glossary Of lnternetworking Terms And Abbreviations
`
`Bibliography
`
`Index
`
`511
`
`557
`
`591
`
`599
`
`17
`
`

`

`2
`
`Review Of Underlying
`Network Technologies
`
`2.1 Introduction
`
`It is important to understand that the Internet is not a new kind of physical net(cid:173)
`work. It is, instead, a method of interconnecting physical networks and a set of conven(cid:173)
`tions for using networks that allow the computers they reach to interact. While network
`hardware plays only a minor role in the overall design, understanding the internet tech(cid:173)
`nology requires one to distinguish between the low-level mechanisms provided by the
`hardware itself and the higher-level facilities that the TCP/IP protocol software pro(cid:173)
`vides. It is also important to understand how the facilities supplied by packet-switched
`technology affect our choice of high-level abstractions.
`This chapter introduces basic packet-switching concepts and terminology, and then
`reviews some of the underlying network hardware technologies that have been used in
`TCP/IP internets. Later chapters describe how these networks are interconnected and
`how the TCP/IP protocols accommodate vast differences in the hardware. While the list
`presented here is certainly not comprehensive, it clearly demonstrates the variety among
`physical networks over which TCP/IP operates. The reader can safely skip many of the
`technical details, but should try to grasp the idea of packet switching and try to imagine
`building a homogeneous communication system using such heterogeneous hardware.
`Most important, the reader should look closely at the details of the physical address
`schemes the various technologies use; later chapters will discuss in detail how high(cid:173)
`level protocols use physical addresses.
`
`17
`
`18
`
`

`

`Chap. 2
`
`Review Of Underlying Network Technologies
`
`18
`2.2 Two Approaches To Network Communication
`Whether they provide connections between one computer and another or between
`terminals and computers, communication networks can be divided into two basic types:
`circuit-switched (sometimes called connection oriented) and packet-switchedt (some(cid:173)
`times called connectionless). Circuit-switched networks operate by forming a dedicated
`connection (circuit) between two points. The U.S. telephone system uses circuit switch(cid:173)
`ing technology - a telephone call establishes a circuit from the originating phone
`through the local switching office, across trunk lines, to a remote switching office, and
`finally to the destination telephone. While a circuit is in place, the phone equipment
`samples the microphone repeatedly, encodes the samples digitally, and transmits them
`across the circuit to the receiver. The sender is guaranteed that the samples can be
`delivered and reproduced because the circuit provides a guaranteed data path of 64
`Kbps (thousand bits per second), the rate needed to send digitized voice. The advantage
`of circuit switching lies in its guaranteed capacity: once a circuit is established, no other
`network activity will decrease the capacity of the circuit. One disadvantage of circuit
`switching is cost: circuit costs are fixed, independent of traffic. For example, one pays
`a fixed rate for a phone call, even when the two parties do not talk.
`Packet-switched networks, the type usually used to connect computers, take an en(cid:173)
`tirely different approach. In a packet-switched network, data to be transferred across a
`network is divided into small pieces called packets that are multiplexed onto high capa(cid:173)
`city intermachine connections. A packet, which usually contains only a few hundred
`bytes of data, carries identification that enables the network hardware to know how to
`send it to the specified destination. For example, a large file to be transmitted between
`two machines must be broken into many packets that are sent across the network one at
`a time. The network hardware delivers the packets to the specified destination, where
`software reassembles them into a single file again. The chief advantage of packet(cid:173)
`switching is that multiple communications among computers can proceed concurrently,
`with intermachine connections shared by all pairs of machines that are communicating.
`The disadvantage, of course, is that as activity increases, a given pair of communicating
`computers receives less of the network capacity. That is, whenever a packet switched
`network becomes overloaded, computers using the network must wait before they can
`send additional packets.
`Despite the potential drawback of not being able to guarantee network capacity,
`packet-switched networks have become extremely popular. The motivations for adopt(cid:173)
`ing packet switching are cost and performance. Because multiple machines can share
`the network hardware, fewer connections are required and cost is kept low. Because en(cid:173)
`gineers have been able to build high speed network hardware, capacity is not usually a
`problem. So many computer interconnections use packet-switching that, throughout the
`remainder of this text, the term network will refer only to packet-switched networks.
`
`tin fact, it is possible to build hybrid hardware technologies; for our purposes, only the difference in
`functionality is important.
`
`19
`
`

`

`Sec. 2.3 Wide Area And Local Area Networks
`
`19
`
`2.3 Wide Area And Local Area Networks
`
`Packet~switched networks that span large geographical distances (e.g., the con(cid:173)
`tinental U.S.) are fundamentally different from those that span short distances (e.g., a
`single room). To help characterize the differences in capacity and intended use, packet
`switched technologies are often divided into two broad categories: wide area networks
`(WANs) and Local Area Networks (LANs). The two categories do not have formal de(cid:173)
`finitions. Instead, vendors appl_y the terms loosely to help customers distinguish among
`technologies.
`WAN technologies, sometimes called long haul networks, provide communication
`over large distances. Most WAN technologies do not limit the distance spanned; a
`WAN can allow the endpoints of a communication to be arbitrarily far apart. For ex(cid:173)
`ample, a WAN can span a continent or can join computers across an ocean. Usually,
`W ANs operate at slower speeds than LANs, and have much greater delay between con(cid:173)
`nections. Typical speeds for a WAN range from 56 Kbps to 155 Mbps (million bits per
`second). Delays across a WAN can vary from a few milliseconds to several tenths of a
`secondt
`LAN technologies provide the highest speed connections among computers, but sa(cid:173)
`crifice the ability to span large distances. For example, a typical LAN spans a small
`area like a single building or a small campus and operates between 10 Mbps and 2
`Gbps (billion bits per second). Because LAN technologies cover short distances, they
`offer lower delays than W ANs. The delay across a LAN can be as short as a few tenths
`of a millisecond, or as long as 10 milliseconds.
`We have already mentioned the general tradeoff between speed and distance: tech(cid:173)
`nologies that provide higher speed communication operate over shorter distances. There
`are other differences among technologies in the categories as well. In LAN technolo(cid:173)
`gies, each computer usually contains a network interface device that connects the
`machine directly to the network medium (e.g., a copper wire or coaxial cable). Often,
`the network itself is passive, depending on electronic devices in the attached computers
`to generate and receive the necessary electrical signals. In WAN technologies, a net(cid:173)
`work usually consists of a series of complex computers called packet switches intercon(cid:173)
`nected by communication lines and modems. The size of the network can be extended
`by adding a new switch and another communication line. Attaching a user's computer
`to a WAN means connecting it to one of the packet switches. Each switch along a path
`in the WAN introduces a delay when it receives a packet and forwards it to the next
`switch. Thus, the larger the WAN becomes the longer it takes to route traffic across it.
`This book discusses software that hides the technological differences between net(cid:173)
`works and makes interconnection independent of the underlying hardware. To appreci(cid:173)
`ate design choices in the software, it is necessary to understand how it relates to net(cid:173)
`work hardware. The next sections present examples of network technologies that have
`been used in the Internet, showing some of the differences among them. Later chapters
`show how the TCP/IP software isolates such differences and makes the communication
`system independent of the underlying hardware technology.
`
`tSuch long delays result from W ANs that communicate by sending signals to a satellite orbiting the
`earth.
`
`20
`
`

`

`20
`
`Review Of Underlying Network Technologies
`
`Chap. 2
`
`2.3.1 Network Hardware Addresses
`
`Each network hardware technology defines an addressing mechanism that comput(cid:173)
`ers use to specify the destination for each packet. Every computer attached to a net(cid:173)
`work is assigned a unique address, usually an integer. A packet sent across a network
`includes a destination address field that contains the address of the intended recipient.
`The destination address appears in the same location in all packets, making it possible
`for the network hardware to examine the destination address easily. A sender must
`know the address of the intended recipient, and must place the recipient's address in the
`destination address field of a packet before transmitting the packet.
`Each hardware technology specifies how computers are assigned addresses. The
`hardware specifies, for example, the number of bits in the address as well as the loca(cid:173)
`tion of the destination address field in a packet. Although some technologies use com(cid:173)
`patible addressing schemes, many do not. This chapter contains a few examples of
`hardware addressing schemes; later chapters explain how TCP/IP accommodates diverse
`hardware addressing schemes.
`
`2.4 Ethernet Technology
`
`Ethernet is the name given to a popular packet-switched LAN technology invented
`at Xerox PARC in the early 1970s. Xerox Corporation, Intel Corporation, and Digital
`Equipment Corporation standardized Ethernet in 1978; IEEE released a compatible ver(cid:173)
`sion of the standard using the number 802.3. Ethernet has become a popular LAN tech(cid:173)
`nology; most medium or large corporations use Ethernets. Because Ethernet is so popu(cid:173)
`lar, many variants exist; we will discuss the original design first and then .cover variants.
`
`1/2 INCH
`
`OUTER INSULATING JACKET
`
`BRAIDED METAL SHIELD
`
`POLYETHYLENE FILLER
`
`CENTER WIRE
`
`Figure 2.1 A cr