`
`INTERNETWORKING WITH
`
`‘TCP/oe
`
`SAMSUNG 1024
`
`1 ee |PRINCIPLES, ay
`
`AND ARCHITECTURE
`
`DOUGLAS E. COMER
`
`
`
`1
`
`SAMSUNG 1024
`
`
`
`
`
`Internetworking With TCP/IP
`Vol I:
`Principles, Protocols, and Architecture
`Third Edition
`
`DOUGLAS E. COMER
`
`Department of Computer Sciences
`Purdue University
`West Lafayette, IN 47907
`
`PRENTICE HALL
`EnglewoodCliffs, New Jersey 07632
`
`
`
`2
`
`
`
`2. Client/server computing.
`_I. Title.
`95-1830
`CIP
`
`Acquisitions editor: ALAN APT
`Production editor:
`IRWIN ZUCKER
`Cover designer: WENDY ALLING JUDY
`Buyer: LORI BULWIN
`Editorial assistant: SHIRLEY MCGUIRE
`
`=a
`
`©1995 by Prentice-Hall, Inc.
`A Simon & Schuster Company
`EnglewoodCliffs, New Jersey 07632
`
`All rights reserved. No part of this book may be
`reproduced, in any form or by any means,
`without permission in writing from the publisher.
`
`Library of Congress Cataloging-in-Publication Data
`Comer, Douglas
`Intemetworking with TCP/IP / Douglas E. Comer. -- 3rd ed.
`p.
`cm.
`Includes bibliographical references and index.
`Contents: v. 1. Principles, protocols, and architecture
`ISBN 0-13-216987-8 (v. 1)
`1. TCP/IP (Computer network protocol)
`3. Intemetworking (Telecommunication)
`TKS105.585.C66
`1995
`005,2--de20
`
`
`
`The author and publisher of this book have used their best efforts in preparing this book. These efforts include the
`development,research, andtesting of the theories and programsto determine their effectiveness. The author and
`publisher make no warranty of any kind, expressed or implied, with regard to these programsor the documentation
`contained in this book. The author and publisher shall not be liable in any event for incidental or consequential damages
`in connection with, or arising out of, the furnishing, performance, or use of these programs.
`
`UNIX is a registered trademark of UNIX System Laboratories, Incorporated
`proNET-10 is atrademark of Proteon Corporation
`LSI 11 is a trademark of Digital Equipment Corporation
`Microsoft Windowsis a trademark of Microsoft Corporation
`
`Printed in the United States of America
`
`10098765 4 3
`
`ISBN O-13-216987-8
`
`Prentice-Hall International (UK) Limited, London
`Prentice-Hall of Australia Pty. Limited, Sydney
`Prentice-Hall Canada Inc., Toronto
`Prentice-Hall Hispanoamericana, $.A., Mexico
`Prentice-Hall of India Private Limited, New Delhi
`Prentice-Hall of Japan, Inc., Tokyo
`Simon & Schuster Asia Pte. Ltd., Singapore
`Editora Prentice-Hall do Brasil, Ltda., Rio de Janeiro
`
`3
`
`
`
`1d easy to
`
`qunications
`
`7/IP as the
`qinute ma-
`2, IPng.”
`
`echnology.
`rop of ‘au-
`'— but no
`ner shines
`urate infor-
`ous few alt-
`
`ing history.”
`
`he latest in-
`wheat with
`orkers grew
`
`Contents
`
`Foreword
`
`Preface
`
`Chapter 1
`
`Introduction And Overview
`
`Ll
`12
`13
`14
`id
`16
`1.7
`18
`19
`1.10
`Ldl
`112
`
`The Motivation For Internetworking
`The TCP/IP Internet
`2
`Internet Services
`3
`
`1
`
`8
`
`6
`
`History And Scope Of The Internet
`The Internet Architecture Board
`The IAB Reorganization
`9
`The Internet Society
`11
`11
`Internet Request For Comments
`Internet Protocols And Standardization
`Future Growth And Technology
`12
`Organization Of The Text
`13
`Summary
`14
`
`12
`
`Chapter 2 Review Of Underlying Network Technologies
`
`21
`2.2
`2.3
`24
`2.5
`2.6
`2.7
`28
`2.9
`
`17
`Introduction
`Two Approaches To Network Communication
`Wide Area And Local Area Networks
`19
`Ethernet Technology
`20
`Fiber Distributed Data Interconnect (FDDI)
`Asynchronous Transfer Mode
`36
`ARPANETTechnology
`37
`National Science Foundation Networking
`ANSNET
`44
`
`39
`
`18
`
`32
`
`xxi
`
`xxiii
`
`17
`
`Vii
`
`
`
`4
`
`
`
`
`
`
`
`
`
`
`
`
`viii
`
`Contents
`
`49
`
`59
`
`44
`A Planned Wide Area Backbone
`2.10
`2.11 Other Technologies Over Which TCP/IP Has Been Used
`2.12
`Summary And Conclusion
`47
`
`44
`
`Chapter 3
`
`Internetworking Concept And Architectural Model
`
`3.1
`3.2.
`3.3
`34
`3.5
`3.6
`3.7
`3.8
`3.9
`3.10
`
`50
`
`49
`Introduction
`Application-Level Interconnection
`Network-Level Interconnection
`Properties Of The Internet
`51
`Internet Architecture
`52
`Interconnection Through IP Routers
`The User’s View 54
`54
`All Networks Are Equal
`The Unanswered Questions
`Summary
`56
`
`55
`
`49
`
`52
`
`Chapter 4 Internet Addresses
`
`59
`Introduction
`41
`59
`UniversalIdentifiers
`4.2
`Three Primary Classes Of IP Addresses
`4.3
`Addresses Specify Network Connections
`44
`Network And Broadcast Addresses
`61
`4.5
`Limited Broadcast
`62
`4.6
`Interpreting Zero To Mean “‘This’’
`4.7
`Weaknesses In Internet Addressing
`48
`Dotted Decimal Notation
`65
`49
`Loopback Address
`65
`4.10
`Summary Of Special Address Conventions
`4.11
`Internet Addressing Authority
`66
`4.12
` AnExample
`67
`4.13
`4.14. Network Byte Order
`4.15
`Summary
`70
`
`62
`63
`
`69
`
`60
`61
`
`66
`
`Chapter 5 Mapping Internet Addresses To Physical Addresses (ARP)
`
`73
`
`73
`Introduction
`The Address Resolution Problem 73
`Two Types Of Physical Addresses
`74
`Resolution Through Direct Mapping
`
`74
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Sf
`52
`
`5.3
`
`54
`
`
`5
`
`
`
`Contents
`
`Contents
`
`ix
`
`49
`
`Resolution Through Dynamic Binding
`5.5
`The Address Resolution Cache
`76
`5.6
`ARP Refinements
`77
`5.7
`Relationship Of ARP To Other Protocols
`5.8
`ARP Implementation
`77
`5.9
`5.10 ARP Encapsulation And Identification
`5.11 ARP Protocol Format
`79
`5.12
`Summary
`81
`
`75
`
`77
`
`79
`
`Chapter 6 Determining An Internet Address At Startup (RARP)
`
`83
`
`6.1
`6.2
`6.3
`6.4
`6.5
`
`83
`Introduction
`Reverse Address Resolution Protocol (RARP)
`Timing RARP Transactions
`86
`Primary And Backup RARP Servers
`Summary
`87
`
`86
`
`84
`
`59
`
`Chapter 7 Internet Protocol: Connectionless Datagram Delivery
`
`89
`
`89
`Introduction
`7.1
`89
`A Virtual Network
`7.2.
`Internet Architecture And Philosophy
`7.3
`The Concept Of Unreliable Delivery
`74
`Connectionless Delivery System 91
`7.5
`Purpose Of The Internet Protocol
`91
`7.6
`The Internet Datagram 91
`7.7.
`
`79
`Summary
`106
`
`78—Internet Datagram Options 100
`
`90
`90
`
`Chapter 8 Internet Protocol: Routing IP Datagrams
`
`109
`
`(ARP)
`
`73
`
`111
`
`109
`Introduction
`bl
`109
`Routing In An Internet
`8.2
`Direct And Indirect Delivery
`8.3
`Table-Driven IP Routing
`113
`84
`Next-Hop Routing
`113
`8.5
`115
`Default Routes
`8.6
`115
`Host-Specific Routes
`8.7
`The IP Routing Algorithm 116
`88
`Routing With IP Addresses
`116
`8.9
`810 Handling Incoming Datagrams
`
`118
`
`
`
`6
`
`
`
`
`
`
`
`8.11
`812
`
`Establishing Routing Tables
`Summary
`119
`
`119
`
`Contents
`
`Chapter 9 Internet Protocol: Error And Conirol Messages (ICMP)
`
`123
`
`91
`
`Introduction
`
`123
`
`123
`124
`
`130
`
`127
`
`134
`
`133
`
`Chapter 10 Subnet And Supernet Address Extensions
`
`10.1
`
`Introduction
`
`139
`
`The Internet Control Message Protocol
`9.2
`Error Reporting vs. Error Correction
`93
`ICMP Message Delivery
`125
`94
`ICMP Message Format
`126
`95
`Testing Destination Reachability And Status (Ping)
`9.6
`Echo Request And Reply Message Format
`128
`9.7
`Reports Of Unreachable Destinations
`128
`9.8
`Congestion And Datagram Flow Control
`9.9
`Source Quench Format
`130
`910
`131
`Route Change Requests From Routers
`9.11
`9.12 Detecting Circular Or Excessively Long Routes
`913
`Reporting Other Problems
`134
`9.14
`Clock Synchronization And Transit Time Estimation
`9.15
`Information Request And Reply Messages
`136
`916 Obtaining A Subnet Mask
`136
`917
`Summary
`137
`
`
`
`139
`Review Of Relevant Facts
`10.2.
`10.3. Minimizing Network Numbers
`104
`Transparent Routers
`141
`10.5
`Proxy ARP
`142
`143
`10.6
`Subnet Addressing
`10.7—Flexibility In Subnet Address Assignment 146
`
`10.8
`Implementation Of Subnets With Masks
`147
`10.9
`Subnet Mask Representation
`148
`10.10 Routing In The Presence Of Subnets
`10.11 The Subnet Routing Algorithm 150
`10.12 A Unified Routing Algorithm 151
`10.13 Maintenance Of Subnet Masks
`152
`10.14 Broadcasting To Subnets
`152
`10.15 Supernet Addressing
`153
`10.16 The Effect Of Supernetting On Routing
`10.17 Summary
`155
`
`140
`
`149
`
`154
`
`7
`
`
`
` Contents
`
`Contents
`
`
`123
`
`139
`
`Chapter 11 Protocol Layering
`
`159
`
`159
`Introduction
`11.1
`159
`The Need For Multiple Protocols
`11.2.
`The Conceptual Layers Of Protocol Software
`11.3
`Functionality Of The Layers
`163
`11.4
`11.5 X.25 And Its Relation To The ISO Model
`
`164
`
`160
`
`11.6 Differences Between X.25 And Internet Layering
`11.7
`The Protocol Layering Principle
`169
`11.8
`Layering In The Presence Of Network Substructure
`11.9
`Two Important Boundaries In The TCP/IP Model
`11.10 The Disadvantage Of Layering
`174
`11.11 The Basic Idea Behind Multiplexing And Demultiplexing
`11.12 Summary
`176
`—
`
`167
`
`171
`173
`
`174
`
`Chapter 12 User Datagram Protocol (UDP)
`
`179
`
`12.1
`
`Introduction
`
`179
`
`179
`
`Identifying The Ultimate Destination
`12.2
`The User Datagram Protocol
`180
`12.3.
`Format Of UDP Messages
`181
`12.4
`12.5 UDP Pseudo-Header
`182
`183
`12.6 UDP Encapsulation And Protocol Layering
`12.7
`Layering And The UDP Checksum Computation
`12.8 UDP Multiplexing, Demultiplexing, And Ports
`12.9 Reserved And Available UDP Port Numbers
`12.10 Summary
`188
`
`185
`185
`186
`
`Chapier 13 Reliable Stream Transport Service (TCP)
`
`191
`
`192
`
`201
`202
`
`191
`Introduction
`13.1
`191
`The Need For Stream Delivery
`13.2.
`Properties Of The Reliable Delivery Service
`13.3.
`Providing Reliability
`193
`13.4
`The Idea Behind Sliding Windows
`13.5
`The Transmission Control Protocol
`13.6
`Ports, Connections, And Endpoints
`13.7
`Passive And Active Opens
`201
`13.8
`Segments, Streams, And Sequence Numbers
`13.9
`13.10 Variable Window Size And FlowControl
`13.11 TCP Segment Format
`
`195
`198
`199
`
`203
`
`8
`
`
`
`Contents
`
`211
`
`208
`
`216
`
`205
`13.12 Out Of Band Data
`206
`13.13 Maximum Segment Size Option
`207
`13.14 TCP Checksum Computation
`13.15 Acknowledgements And Retransmission
`13.16 Timeout And Retransmission
`209
`13.17 Accurate Measurement Of Round Trip Samples
`13.18 Karn’s Algorithm And Timer Backoff
`212
`13.19 Responding To High Variance In Delay
`213
`13.20 Response To Congestion
`214
`13.21 Establishing ATCP Connection
`13.22 Initial Sequence Numbers
`217
`13.23 Closing aTCP Connection
`217
`13.24 TCP Connection Reset
`219
`13.25 TCP State Machine
`219
`13.26 Forcing Data Delivery
`221
`13.27 Reserved TCP Port Numbers
`13.28 TCP Performance
`221
`13.29 Silly Window Syndrome And Small Packets
`13.30 Avoiding Silly Window Syndrome
`224
`13.31 Summary
`227
`
`
`
`221
`
`223
`
`Chapter 14 Routing: Cores, Peers, And Algorithms (GGP)
`
`14.1
`
`Introduction
`
`231
`
`232
`The Origin Of Routing Tables
`14.2
`Routing With Partial Information
`233
`14.3.
`14.4 Original Internet Architecture And Cores
`14.5.
`Core Routers
`235
`
`234
`
`238
`
`14.6 Beyond The Core Architecture To Peer Backbones
`14.7 Automatic Route Propagation
`240
`14.8 Vector Distance (Bellman-Ford) Routing
`14.9 Gateway-To-Gateway Protocol (GGP)
`14.10 GGP Message Formats
`243
`14.11 Link-State (SPF) Routing
`245
`14.12 SPF Protocols
`246
`14.13 Summary
`246
`
`240
`242
`
`Chapier 15 Routing: Autonomous Systems (EGP)
`
`15.1
`
`Introduction
`
`249
`
`15.2. Adding Complexity To The Architectural Model
`15.3
`A Fundamental Idea: Extra Hops
`250
`
`249
`
`9
`
`
`
`Contents
`
`Contents
`
`xiii
`
`254
`
`256
`257
`
`252
`154 Autonomous System Concept
`15.5
`Exterior Gateway Protocol (EGP)
`15.6
`EGP Message Header
`255
`15.7 EGP Neighbor Acquisition Messages
`158
`EGP Neighbor Reachability Messages
`15.9
`EGP Poll Request Messages
`258
`15.10 EGP Routing Update Messages
`259
`15.11 Measuring From The Receiver’s Perspective
`15.12 The Key Restriction Of EGP
`262
`15.13 Technical Problems
`264
`15.14 Decentralization Of Internet Architecture
`15.15 Beyond Autonomous Systems
`264
`15.16 Summary
`265
`
`261
`
`264
`
`Chapter 16 Routing: In An Autonomous System (RIP, OSPF, HELLO)
`
`267
`
`16.1
`
`Introduction
`
`267
`
`Static Vs. Dynamic Interior Routes
`16.2.
`16.3. Routing Information Protocol (RIP)
`16.4
`The Hello Protocol
`276
`
`267
`270
`
`Combining RIP, Hello, And EGP
`16.5
`The Open SPF Protocol (OSPF)
`16.6
`16.7 Routing With Partial Information
`16.8
`Summary
`286
`
`278
`279
`286
`
`Chapter 17 Internet Multicasting (IGMP)
`
`289
`
`289
`290
`
`292
`
`289
`Introduction
`17.1
`17.2. Hardware Broadcast
`17.3. Hardware Multicast
`174
`IP Multicast
`291
`291
`17.5
`IP Multicast Addresses
`17.6 Mapping IP Multicast To Ethernet Multicast
`17.7
`Extending IP To Handle Multicasting
`293
`17.8
`Internet Group Management Protocol
`294
`17.9
`IGMP Implementation
`294
`17.10 Group Membership State Transitions
`17.11 IGMP Message Format
`296
`297
`17.12 Multicast Address Assignment
`1713 Propagating Routing Information
`17.14 The Mrouted Program 298
`1715 Summary
`300
`
`295
`
`297
`
`231
`
`249
`
`
`
`10
`
`10
`
`
`
`Chapter 18 TCP/IP Over ATM Networks
`
`305
`306
`
`Contents
`
`303
`
`311
`
`318
`
`320
`
`303
`Introduction
`304
`ATM Hardware
`304
`Large ATM Networks
`The Logical View Of An ATM Network
`The Two ATM Connection Paradigms
`Paths, Circuits, And Identifiers
`307
`ATM Cell Transport
`308
`308
`ATM Adaptation Layers
`AALS Convergence, Segmentation, And Reassembly
`Datagram Encapsulation And IP MTUSize 311
`Packet Type And Multiplexing
`312
`IP Address Binding In An ATM Network
`Logical IP Subnet Concept
`314
`Connection Management
`315
`Address Binding Within An LIS
`ATMARPPacket Format
`316
`Using ATMARP Packets To Determine An Address
`Obtaining Entries For A Server Database
`320
`320
`Timing Out ATMARPInformation In A Server
`Timing Out ATMARPInformation In A Host Or Router
`Summary
`321
`
`337
`
`
`18.1
`18.2
`18.3
`184
`18.5
`18.6
`18.7
`18.8
`18.9
`18.10
`18.11
`18.12
`18.13
`18.14
`18.15
`18.16
`18.17
`18.18
`18.19
`18.20
`18.21
`
`313
`
`316
`
`Chapter 19 Client-Server Model Of Interaction
`
`325
`Introduction
`19]
`19.2
`325
`The Client-Server Model
`19.3
`A Simple Example: UDP Echo Server
`19.4
`Time And Date Service
`328
`19.5
`The Complexity of Servers
`329
`RARP Server
`330
`19.6
`19.7
`331
`Alternatives To The Client-Server Model
`19.8
`Summary—332
`
`326
`
`Chapter 20 The SocketInterface
`
`20.1
`20.2
`20.3
`20.4
`
`335
`Introduction
`The UNIX I/O Paradigm And Network 110
`Adding Network I/O to UNIX 336
`The Socket Abstraction
`
`336
`
`11
`
`11
`
`
`
`303
`
`338
`
`340
`
`Contents
` Contents
`20.5
`20.6
`20.7
`20.8
`20.9
`20.10
`20.11
`20.12
`20.13
`20.14
`20.15
`20.16
`20.17
`20.18
`20.19
`20.20
`20.21
`20.22
`20.23
`20.24
`20.25
`20.26
`20.27
`20.28
`
`337
`Creating A Socket
`Socket Inheritance And Termination
`Specifying A Local Address
`339
`Connecting Sockets To Destination Addresses
`Sending Data Through A Socket
`341
`Receiving Data Through A Socket
`343
`Obtaining Local And Remote Socket Addresses
`Obtaining And Setting Socket Options
`345
`Specifying A Queue Length For A Server
`346
`HowA Server Accepts Connections
`346
`Servers That Handle Multiple Services
`347
`Obtaining And Setting Host Names
`348
`Obtaining And Setting The Internal Host Domain
`BSD UNIX Network Library Calls
`349
`Network Byte Order Conversion Routines
`IP Address Manipulation Routines
`351
`Accessing The Domain Name System 352
`Obtaining Information About Hosts
`354
`355
`Obtaining Information About Networks
`355
`Obtaining Information About Protocols
`Obtaining Information About Network Services
`An Example Client
`357
`An Example Server
`359
`Summary
`362
`
`344
`
`349
`
`356
`
`350
`
`325
`
`Chapter 21 Bootstrap And Autoconfiguration (BOOTP, DHCP)
`
`365
`
`369
`
`370
`
`365
`Introduction
`366
`The Need For An Alternative To RARP
`366
`Using IP To Determine An IP Address
`The BOOTP Retransmission Policy
`367
`The BOOTP Message Format
`368
`The Two-Step Bootstrap Procedure
`Vendor-Specific Field
`370
`The Need For Dynamic Configuration
`Dynamic Host Configuration
`372
`372
`Dynamic IP Address Assignment
`373
`Obtaining Multiple Addresses
`Address Acquisition States
`374
`Early Lease Termination
`374
`Lease Renewal States
`376
`DHCP Message Format
`377
`DHCPOptions And Message Type
`
`211
`21.2
`213
`214
`215
`21.6
`21.7
`21.8
`21.9
`21.10
`21.11
`2142
`21.13
`21.14
`21.15
`21.16
`
`335
`
`378
`
`
`
`12
`
`12
`
`
`
`379
`21.17 Option Overload
`21.18 DHCP And Domain Names
`21.19 Summary
`380
`
`379
`
`Chapter 22 The Domain Name System (DNS)
`
`384
`
`386
`
`395
`396
`
`399
`
`Contents
`
`401
`
`383
`Introduction
`22.1
`22.2. Names For Machines
`22.3.
`Flat Namespace
`384
`385
`22.4 Hierarchical Names
`22.5 Delegation OfAuthority For Names
`22.6
`Subset Authority
`386
`387
`22.7.
`TCPIIP Internet Domain Names
`22.8 Official And Unofficial Internet Domain Names
`22.9
`Items Named And Syntax Of Names
`390
`22.10 Mapping Domain Names To Addresses
`391
`22.11 Domain Name Resolution
`393
`22.12 Efficient Translation
`394
`22.13 Caching: The Key To Efficiency
`22.14 Domain Server Message Format
`22.15 Compressed Name Format
`399
`22.16 Abbreviation Of Domain Names
`22.17 Inverse Mappings
`400
`22.18 Pointer Queries
`401
`22.19 Object Types And Resource Record Contents
`22.20 Obtaining Authority For A Subdomain
`402
`22.21 Summary
`403
`
`
`
`Chapter 23 Applications: Remote Login (TELNET, Rlogin)
`
`407
`
`407
`Introduction
`23.1
`Remote Interactive Computing
`23.2.
`TELNETProtocol
`408
`23.3.
`410
`23.4 Accommodating Heterogeneity
`23.5
`Passing Commands That Control The Remote Side
`23.6
`Forcing The Server To Read A Control Function
`23.7.
`TELNET Options
`414
`23.8
`TELNET Option Negotiation
`23.9
` Rlogin (BSD UNIX)
`416
`23.10 Summary
`417
`
`415
`
`412
`414
`
`13
`
`13
`
`
`
`Contents xvii
`
`Contents
`
`Chapter 24 Applications: File Transfer And Access (FTP, TFTP, NFS)
`
`419
`
`383
`
`407
`
`24.1
`24.2
`24.3
`24.4
`24.5
`24.6
`24.7
`24.8
`24.9
`24.10
`24.11
`24.12
`24.13
`24.14
`24,15
`
`419
`Introduction
`419
`File Access And Transfer
`420
`On-line Shared Access
`421
`Sharing By File Transfer
`FTP: The Major TCP/IP File Transfer Protocol
`FTP:Features
`422
`422
`FTP Process Model
`TCP Port NumberAssignment
`The User’s View Of FTP
`424
`An Example Anonymous FTP Session
`TFTP
`427
`i
`NFS
`429
`429
`NFS Implementation
`Remote Procedure Call (RPC)
`Summary
`431
`
`424
`
`430
`
`421
`
`426
`
`Chapter 25 Applications: Electronic Mail (822, SMTP, MIME)
`
`433
`
`25.1
`22
`25.3
`25.4
`25.5
`25.6
`25.7
`25.8
`25.9
`25,10
`25.11
`25.12
`
`433
`Introduction
`Electronic Mail
`433
`435
`Mailbox Names And Aliases
`435
`Alias Expansion And Mail Forwarding
`The Relationship Of Internetworking And Mail
`TCPHP Standards For Electronic Mail Service
`Electronic Mail Addresses
`438
`Pseudo Domain Addresses
`440
`440
`Simple Mail Transfer Protocol (SMTP)
`The MIME Extension For Non-ASCII Data
`MIME Multipart Messages
`444
`Summary
`445
`
`443
`
`436
`438
`
`Chapter 26 Applications: Internet Management (SNMP, SNMPv2)
`
`447
`
`26.1
`26.2
`26.3
`26.4
`26.5
`26.6
`
`Introduction
`
`447
`
`The Level Of Management Protocols
`Architectural Model
`448
`Protocol Architecture
`450
`451
`Examples of MIB Variables.
`The Structure Of Management Information
`
`447
`
`452
`
`
`
`14
`
`14
`
`
`
`xviii
`453
`Formal Definitions Using ASN.1
`26.7.
`Structure And Representation Of MIB Object Names
`26.8
`Simple Network Management Protocol
`458
`26.9
`26.10 SNMP Message Format
`460
`26.11 Example Encoded SNMP Message
`462
`26.12 Summary
`463
`
`Contents
`
`Chapter 27. Summary Of Protocol Dependencies
`
`465
`Introduction
`27.1
`465
`Protocol Dependencies
`27.2
`27.3 Application Program Access
`27.4
`Summary
`468
`
`467
`
`Chapter 28 Internet Security And Firewall Design
`
`474
`
`478
`
`481
`
`
`
`471
`Introduction
`28.1
`472
`Protecting Resources
`28.2
`472
`The Need For An Information Policy
`28.3
`Communication, Cooperation, And Mutual Mistrust
`28.4
`28.5 Mechanisms For Internet Security
`475
`28.6
`Firewalls And Internet Access
`476
`477
`28.7 Multiple Connections And Weakest Links
`28.8
`Firewall Implementation And High-Speed Hardware
`28.9
` Packet-Level Filters
`479
`28.10 Security And Packet Filter Specification
`480
`28.11 The Consequence Of Restricted Access For Clients
`28.12 Accessing Services Through A Firewall
`481
`28.13. The Details Of Firewall Architecture
`483
`28.14 Stub Network
`484
`28.15 An Alternative Firewall Implementation
`484
`28.16 Monitoring And Logging
`485
`28.17 Summary
`486
`
`Chapter 29 The Future Of TCP/IP (IPng, IPv6)
`
`29.1
`Introduction
`489
`29.2 Why Change TCP/IP And The Internet?
`29.3 Motivation For Changing IPv4
`491
`30.4
`The Road To A NewVersion Of IP
`492
`29.5
`The Name Of The Next IP
`492
`
`490
`
`15
`
`15
`
`
`
`Contents
`
`Contents
`
`xix
`
`493
`Features Of IPv6
`29.6
`29.7 General Form Of An IPv6 Datagram 494
`29.8
`IPv6 Base Header Format
`494
`29.9
` IPv6 Extension Headers
`496
`29.10 Parsing AnIPv6 Datagram 497
`498
`29.11 IPv6 Fragmentation And Reassembly
`29.12 The Consequence Of End-To-End Fragmentation
`29,13 LPv6 Source Routing
`500
`29.14 IPv6 Options
`500
`502
`29.15 Size Of The IPv6 Address Space
`502
`29.16 IPv6 Colon Hexadecimal Notation
`503
`29.17 Three Basic IPv6 Address Types
`504
`29.18 The Duality Of Broadcast And Multicast
`29.19 An Engineering Choice And Simulated Broadcast
`29.20 Proposed IPv6 Address Space Assignment
`504
`29.21 IPv4 Address Encoding And Transition
`506
`29.22 Providers, Subscribers, And Address Hierarchy
`29.23 Additional Hierarchy
`507
`29.24 Summary
`508
`
`498
`
`504
`
`506
`
`Appendix 1 A Guide To RFCs
`
`Appendix 2 Glossary Of Internetworking Terms And Abbreviations
`
`Bibliography
`
`Index
`
`511
`
`557
`
`591°
`
`599
`
`465
`
`471
`
`489
`
`
`
`16
`
`16
`
`
`
`
`
`Introduction And Overview
`
`1.1 The Motivation For Internetworking
`
`Data communication has become a fundamental part of computing. World-wide
`networks gather data about such diverse subjects as atmospheric conditions, crop pro-
`duction, andairline traffic. Groups establish electronic mailing lists so they can share
`information of commoninterest. Hobbyists exchange programs for their home comput-
`ers.
`In the scientific world, data networks are essential because they allow scientists to
`send programs and data to remote supercomputersfor processing, to retrieve the results,
`and to exchange information with colleagues.
`Unfortunately, most networks are independent entities, established to serve the
`needs of a single group. The users choose a hardware technology appropriate to their
`communication problems. More important, it is impossible to build a universal network
`from a single hardware technology because no single network suffices for all uses.
`Someusers need a high-speed network to connect machines, but such networks cannot
`be expandedto span large distances. Otherssettle for a slower speed network that con-
`nects machines thousands of miles apart.
`In the past 15 years, a new technology has evolved that makes it possible to inter-
`connect many disparate physical networks and make them function as a coordinated
`unit. The technology, called internetworking, accommodates multiple, diverse underly-
`ing hardware technologies by providing a way to interconnect heterogeneous networks
`and a set of communication conventions. The internet technology hides the details of
`network hardware and permits computers to communicate independentof their physical
`network connections.
`The internet technology described in this book is an example of open systeminter-
`connection.
`It is called an open system because, unlike proprietary communication sys-
`tems available from one specific vendor, the specifications are publicly available. Thus,
`1
`
`
`
`17
`
`17
`
`
`
`2
`
`Introduction And Overview
`
`Chap. 1
`
`Internet, and use lowercase to refer to private internets that use TCP/IP.
`
`
`U.S. government agencies have realized the importance and potential of internet
`technology for many years and have been funding research that has made possible a
`global internet. This book discusses principles and ideas underlying the internet tech-
`nology that has resulted from research funded by the Advanced Research Projects Agen-
`cy (ARPA)}. The ARPA technology includes a set of network standards that specify the
`details of how computers communicate, as well as a set of conventions for interconnect-
`ing networks and routing traffic. Officially named the TCP/IP Internet Protocol Suite
`and commonly referred to as TCP/IP (after the names of its two main standards), it can
`be used to communicate across any set of interconnected networks. For example, some
`corporations use TCP/IP to interconnect all networks within their corporation, even
`though the corporation has no connection to outside networks. Other groups use
`TCP/IP for communication among geographically distant sites.
`Although the TCP/IP technology is noteworthy byitself, it is especially interesting
`because its viability has been demonstrated on a large scale.
`It forms the base technolo-
`gy for a global internet that connects homes, university campuses and other schools,
`corporations, and government labs in 61 countries.
`In the U.S., The National Science
`Foundation (NSF),
`the Department of Energy (DOE),
`the Department of Defense
`(DOD), the Health and Human Services Agency, (HHS) and the National Aeronautics
`and Space Administration (NASA) have all participated in funding the Internet, and use
`TCP/IP to connect many of their research sites. Known as the ARPA/NSF Internet, the
`TCPIIP Internet, the global Internet, or just the Internett, the resulting internet allows
`researchers at connectedinstitutions to share information with colleagues around the
`world as easily as they share it with researchers in the next room. An outstanding suc-
`cess, the Internet demonstrates the viability of the TCP/IP technology and shows how it
`can accommodate a widevariety of underlying network technologies.
`Most of the material in this book applies to any internet that uses TCP/IP, but
`some chapters refer specifically to the global Internet. Readers interested only in the
`technology should be careful to watch for the distinction between the Internet architec-
`ture as it exists and general TCP/IP internets as they might exist.
`It would be a mis-
`ee
`+ARPA wascalled the Defense Advanced Research Projects Agency for several years during the 1980s.
`£Wewill follow the usual convention of capitalizing Internet when referring specifically to the global
`
`anyone can build the software needed to communicate across an internet. More impor-
`tant,
`the entire technology has been designed to foster communication between
`machines with diverse hardware architectures, to use almost any packet switched net-
`work hardware, and to accommodate multiple computer operating systems.
`To appreciate internet technology, think of how it affects a professional group.
`Consider, for example, the effect of interconnecting the computers used by scientists.
`Any scientist can exchange data resulting from an experiment with any other scientist.
`National centers can collect data from natural phenomena and make the data available
`to all scientists. Computer services and programs available at one location can be used
`by scientists at other locations. As a result, the speed with which scientific investiga-
`tions proceed increases; the changes are dramatic.
`!
`
`1.2 The TCP/IP Internet
`
`18
`
`18
`
`
`
`rview
`
`Chap. 1
`
`. More impor-
`ation between
`t switched net-
`5.
`
`sssional group.
`d by scientists.
`other scientist.
`: data available
`on can be used
`atific investiga-
`
`otial of internet
`nade possible a
`1e internet tech-
`1 Projects Agen-
`. that specify the
`for interconnect-
`st Protocol Suite
`standards), it can
`r example, some
`orporation, even
`ther groups use
`
`cially interesting
`ye base technolo-
`id other schools,
`National Science
`ment of Defense
`onal Aeronautics
`Internet, and use
`NSF Internet, the
`ig internet allows
`agues around the
`1 outstanding suc-
`and shows howit
`
`uses TCP/IP, but
`rested only in the
`Internet architec-
`t would be a mis-
`
`ars during the 1980s.
`ecifically to the global
`
`Sec. 1.2
`
`The TCP/IP Internet
`
`3
`
`take, however, to ignore completely sections of the text that describe the global Internet
`— many corporate networks are already more complex than the global Internet of ten
`years ago, and many of the problems they face have already been solved in the global
`Internet.
`
`1.3 Internet Services
`
`One cannot appreciate the technical details underlying TCP/IP without understand-
`ing the services it provides. This section reviews internet services briefly, highlighting
`the services most users access, and leaves to later chapters the discussion of how com-
`puters connect to a TCP/IP internet and how the functionality is implemented.
`Much of our discussion of services will focus on standards called protocols. Proto-
`cols like TCP and IP provide the rules for communication. They contain the details of
`message formats, describe how a computer responds when a messagearrives, and speci-
`fy how a computer handles errors or other abnormal conditions. Most important, they ~
`allow us to discuss computer communication independent of any particular vendor’s
`network hardware.
`In a sense, protocols are to communication what algorithms are to
`computation. An algorithm allows one to specify or understand a computation without
`knowing the details of a particular CPU instruction set. Similarly, a communication
`protocol allows one to specify or understand data communication without depending on
`detailed knowledge of a particular vendor’s network hardware.
`Hiding the low-level details of communication helps improve productivity in
`several ways. First, because programmers deal with higher-level protocol abstractions,
`they do not need to learn or remember as many details about a given hardware confi-
`guration. They can create new programs quickly. Second, because programs built us-
`ing higher-level abstractions are not restricted to a particular machine architecture or a
`particular network hardware, they do not need to be changed when machinesor net-
`works are reconfigured. Third, because application programs built using higher-level
`protocols are independent of the underlying hardware, they can provide direct communi-
`cation for an arbitrary pair of machines. Programmers do not need to build special ver-
`sions of application software to move and translate data between each possible pair of
`machine types.
`Wewill see that all network services are described by protocols. The next sections
`refer to protocols used to specify application-level services as well as those used to de-
`fine network-level services. Later chapters explain each of these protocols in more de-
`tail.
`
`1.3.1 Application Level Internet Services
`
`From the user’s point of view, a TCP/IP internet appears to bea set of application
`programs that use the network to carry out useful communication tasks. We use the
`term interoperability to refer to the ability of diverse computing systems to cooperate in
`solving computational problems.
`Internet application programs exhibit a high degree of
`
`
`
`19
`
`19
`
`
`
`electronic mail. At the network level, an internet provides two broad types of service
`
`
`Chap.1
`Introduction And Overview
`4
`interoperability. Most users that access the Internet do so merely by running application
`programs without understanding the TCP/IP technology, the structure of the underlying
`internet, or even the path the data travels to its destination; they rely on the application
`programs and the underlying network software to handle such details. Only program-
`mers who write network application programs need to view the internet as a network
`and need to understand some of the technology.
`The most popular and widespread Internet application services include:
`e Electronic mail. Electronic mail allows a user to compose memos and send them
`to individuals or groups. Another part of the mail application allows users to read
`memosthat they have received. Electronic mail has been so successful that many
`Internet users depend onit for normal business correspondence. Although many
`electronic mail systems exist, using TCP/IP makes mail delivery more reliable be-
`cause it does not rely on intermediate computers to relay mail messages. A
`TCP/IP mail delivery system operates by having the sender’s machine contact the
`receiver’s machine directly. Thus, the sender knowsthat once the message leaves
`the local machine, it has been successfully received at the destination site.
`File transfer. Although users sometimestransfer files using electronic mail, mail
`is designed primarily for short text messages. The TCP/IP protocols include a file
`transfer application program that allows users to send or receive arbitrarily large
`files of programsor data. For example, using the file transfer program, one can
`copy from one machine to another a large data base containing satellite images, a
`program written in Pascal or C++, or an English dictionary. The system provides
`a way to check for authorized users, or even to prevent all access. Like mail, file
`transfer across a TCP/IP internet is reliable because the two machines involved
`communicate directly, without relying on intermediate machines to make copies
`of the file along the way.
`Remote login. Remote login allows a user sitting at one computer to connect to a
`remote machine and establish an interactive login session. The remote login
`makes it appear that a window on the user’s screen connects directly to the remote
`machine by sending each keystroke from the user’s keyboard to the remote
`machine and displaying each character the remote computer prints in the user’s
`window. When the remote login session terminates, the application returns the
`user to the local system.
`We will return to these and other applicationsin later chapters to examine them in more
`detail. We will see exactly how they use the underlying TCP/IP protocols, and why
`having standards for application protocols has helped ensure that they are widespread.
`1.3.2 Network-LevelInternet Services
`A programmer who writes application programs that use TCP/IP protocols has an
`entirely different view of an internet than a user who merely executes applicationslike
`
`20
`
`20
`
`
`
`arview
`
`Chap.1
`
`iing application
`‘the underlying
`the application
`Only program-
`et as a network
`
`ide:
`
`Sec. 1.3
`
`Internet Services
`
`5
`
`that all application programs use. While