Introduction To Networks (by Dr. Robert Stafford) 1. Computers are typically connected by communication channels that provide "speed of light" communication between computers attached to the channel. Communication channels differ in: a. The number of computers attached to the channel. A point-to-point link connects two computers. Local area networks (LANs) may have tens or hundred of computers attached to the same cable (like a party line telephone). b. The speed of the channel. For example: 1. modems - 9,600 to 28,800 b/s (bits per second) 2. ISDN - typically 64,000 or 128,000 b/s 3. Leased communication lines such as a "T1" or "DS-1" line at 1.544 Mb/s (millions of bits per second) or a T3" or "DS-3" line at 44 Mb/s. 4. LAN's - Local Area Networks such as IBM token ring (4 or 16 Mb/s), Ethernet (10 Mb/s), or FDDI or high speed Ethernet (100 Mb/s) or gigabit Ethernet (1000 Mb/s = 1Gb/s). 5. SONET (Synchounous Optical NETwork) fiber links at 155 or 622 Mb/s 2. Physical layer protocols (standards) specify the way that a computer sends a single bit to another computer attached to the same communications channel. 3. Link layer protocols (standards) specify the way that a computer sends a block of bits (called a frame) to another computer attached to the same communications channel. Link layer protocols include: a. Protocols for point-to-point links, such as SDLC, HDLC, LAP-B, and PPP. b. Protocols for LAN's such as Ethernet, Token Ring, and FDDI. c. Protocols for networks which simulate a set of point-to-point links such as frame relay and ATM (Asynchronous Transfer Mode). 4. Instead of being directly connected, computers (called hosts or stations) my be "indirectly" connected to each using special computers (called routers) that function like a post office. When a router receives a packet, it forwards the packet to the "next" router to get the packet closer to its ultimate destination (which might be across the city, across the country, or around the world). Ten to twenty "hops" are common. 5. Network layer protocols specify the behavior of the routers and the attached computers. The Internet Protocol (the IP in TCP/IP) is one example. IPX (Novell) and X.25 are other examples. 6. Transport layer protocols (like Transmission Control Protocol - the TCP in TCP/IP) make up for any deficiency in the service provided by the Network layer. For example, IP provides "datagram" service (also called connection- less service) which is like the post office delivering letters or postcards. (Letters may be lost or arrive out of order). TCP builds on the IP service to provide guaranteed, in order, delivery of information (called virtual circuit or connection-oriented service). 7. Application layer protocols use the transport layer service to accomplish something useful. For example: a. File Transfer Protocol (FTP) transfers files between computers. b. Simple Mail Transfer Protocol (SMTP) delivers E-Mail. c. The Telnet protocol provides remote login service. d. HyperText Transfer Protocol (HTTP) transfers World-Wide-Web (WWW) pages. 8. The Internet is a world-wide collection of millions of computers that can exchange information in real time using the TCP/IP protocols. Most academic computers at Temple University are connected to the Internet. a. Computers on a floor within a building at Temple are typically connected together by an Ethernet LAN. b. The Ethernets on each floor in a building are connected together by an IP router that might be located in the basement of the building. c. The routers are connected together by an FDDI network (which will probably become an ATM network) to form the main campus network. d. One router at the main campus is connected to PREPNet (Pennsylvania Research and Economic Partnership Network) which is a network of IP routers scattered around Pennsylvania connected by high speed (1.544 Mb/s and above) links. e. One PREPNet router is connected MCI Net, which has IP routers scattered around North America connected by DS-3 (44 Mb/s) or faster SONET links. f. Some of MCI's routers are located in special "interchange rooms" (in Washington, Chicago, and San Francisco for example) to exchange packets with routers from other Internet service providers (e.g. ANS, SPRINT). 9. Counting systems. base 10 - 345 (base 10) = 3**10*10 + 4*10 + 5*1 = 345 (bawe 10) base 20 - 47 (base 20) = forescore and seven = 4*20 + 7 = 87 (base 10) base 12 - 2 gross, 3 dozen and 4 means 2*144 + 3+12 + 4*1 = 328 234 (base 12) = 328 (base 10) base 60 - 2 hours, 3 minutes, and 4 seconds = 2*3600 + 3*60 + 4*1 = 7384 seconds. 234 (base 60) = 7384 (base 10). 10. Binary counting system. Two symbols - 0 and 1. Each BInary digiT is called a BIT (i.e. a 0 or a 1). In binary, 1+1 = 10. To count in binary, just count normally and throw out any number that contains a 2, 3, 4, 5, 6, 7, 8, or 9. 0, 1, 10, 11, 100, 101, 110, 111, 1000, 1001, 1010, 1011, 1100, ... 111000 (base 2) = 1*32 + 1*16 + 1*8 + 0*4 + 0*2 + 0*1 = 56 (base 10) Computers use the binary system because it simplifies hardware. 11. Hexadecimal (base 16) counting system. 16 symbols (0 to 9 and A to F). Count 0 1 2 3 4 5 6 7 8 9 A B C D E F 10 11 12 13 14 15 16 17 18 19 1A ... Note that 1 + 9 = A, 1 + F = 10, 1 + 1F = 20, 1 + 1FF = 200, and 1 + FFF = 1000. AF3 (base 16) = 10*256 + 15*16 + 1*3 = 2803 (base 10) 12. Decimal, Binary, and Hexadecimal counting decimal binary hex decimal binary hex decimal binary hex 0 0000 0 8 1000 8 16 10000 10 1 0001 1 9 1001 9 17 10001 11 2 0010 2 10 1010 A 18 10010 12 3 0011 3 11 1011 B 19 10011 13 4 0100 4 12 1100 C 20 10100 14 5 0101 5 13 1101 D 21 10101 15 6 0110 6 14 1110 E 22 10110 16 7 0111 7 15 1111 F 23 10111 17 The number 23 (base 10) equals 10111 (base 2) equals 17 (base 16). 13. IP Host Names and Addresses a. Internet name - (shirley.cis.temple.edu) Unique worldwide. Used by people but translated to IP address before communication takes place. b. IP address - (129.32.1.64) Unique worldwide. 32 bits represented as 4 decimal numbers between 0 to 255. decimal 129 32 01 64 hex 81 20 01 40 binary 1000 0001 0010 0000 0000 0001 0100 0000 In the address above, the first 16 bits identify the network (129.32 was Temple University's's main network) and the last 16 bits (1.64) identify a particular host (shirley). Temple's 155.147 network is "subnetted". In the address 155.147.xxx.yyy, 155.147.xxx identify a departmental network (a particular Ethernet) and yyy identifies a host on the network. c. Ethernet address - (00:00:0f:00:7e:d9) Unique worldwide. 48 bits represented as 12 hexadecimal bytes. hex 0 0 0 0 0 f 0 0 7 e d 9 binary 0000 0000 0000 0000 0000 1111 0000 0000 0111 1110 1110 1001 First 24 bits (00:00:of) identify the manufacturer of the Ethernet board (Next) who assigns the last 24 bits (00:7e:d9) so there are no duplicates. Only used to send information between computers that are connected to the same "wire". 14. Packets and Protocols - Envelopes inside of envelopes. Example - Assume I am in my office using my unix computer (shirley) and that I want a directory listing from the computer cs.orst.edu in the state of Oregon. Shirley would send an FTP packet inside a TCP packet inside an IP packet inside an Ethernet packet to our router, prepnet.temple.edu. The prepnet router would then forward the packet toward Oregon. shirley prepnet cs.orst.edu IP address 129.32.1.64 129.32.16.1 128.193.32.1 Ethernet address 00:00:0f:00:7e:d9 00:00:93:e0:70:55 Ethernet packet header to - 00:00:93:e0:70:55 (prepnet's ethernet address) from - 00:00:0f:00:7e:d9 (shirley's ethernet address) type - 0800 (contains an IP packet) Ethernet packet content - the IP packet below IP packet header to - 128.193.32.1 (cs.orst.edu's IP address) from - 129.32.1.64 (shirley's IP address) protocol - 06 (contains a TCP packet) IP content - the TCP packet below 14. Packets and Protocols - Envelopes inside of envelopes, continued TCP packet header to port - 21 (All FTP servers listen on "port" 21) from port - 2590 (I was assigned port 2590 on shirley) sequence # - a2a4c24c (Contains bytes starting with # a2a4c24c) ack # - 02916eca (I expect byte # 02916eca from you next) TCP packet content - the ftp packet below FTP packet content - "LIST" (ftp command requesting directory listing from remote computer) 15. Example of an Ethernet frame containing an IP packet containing a TCP packet containing the FTP command "LIST". Receive time: 100.960 packet length: 60 received length: 60 Ethernet: (00000f007ed9 -> Prote e07055) type: IP(0x0800) Internet: 129.32.1.64 -> 128.193.32.1 hl: 5 ver: 4 tos: 0 len: 46 id: 0x114d fragoff: 0 flags: 00 ttl: 30 prot: TCP(6) xsum: 0x5b68 TCP: 2590 -> ftp(21) seq: a2a4c24c ack: 02916eca win: 4096 hl: 5 xsum: 0x7cef urg: 0 flags: data (6/6): LIST byte hex contents of 16 bytes ASCII contents 0000: 00 00 93 e0 70 55 00 00 - 0f 00 7e d9 08 00 45 00 | pU ~ E | 0010: 00 2e 11 4d 00 00 1e 06 - 68 5b 81 20 01 40 80 c1 | . M h[ @ | 0020: 20 01 0a 1e 00 15 a2 a4 - c2 4c 02 91 6e ca 50 18 | L n P | 0030: 10 00 ef 7c 00 00 4c 49 - 53 54 0d 0a | | LIST | 16. What is inside of what and protocol layers application -----> DNS SMTP FTP TELNET HTTP | | | | | | | | | | | | | | | | ---------------------------- | | | | transport -------> UDP TCP | | | ICMP | | | | -------------------------------- | | network ---------> IP<--------------| | | ARP | | | | | ---------------| | | | link ---------> Ethernet PPP | | | | physical -------> Ethernet modem 17. Brief description of several protocols Ethernet - Delivers ARP, IP, LAT (or 50 other types) to computer on local LAN. Broadcast address ff:ff:ff:ff:ff:ff delivers to all computer on LAN. PPP - Point to Point Protocol - Transports IP or other network layer packets over a point-to-point link such as a "T1" dedicated line or a modem with a dial-up telephone connection. ARP - Address Resolution Protocol - Use by computers on a LAN to "discover" Ethernet address of a computer on the same LAN. Example - To Ethernet address ff:ff:ff:ff:ff:ff, will the computer with IP address 129.32.1.3 please send me their Ethernet address. IP - Internet Protocol - Based on the IP address, delivers packet to any of the millions of computers on the Internet. Provides "datagram" service (like a post card). When sending a packet to a distant computer, the IP address will be the address of the distant computer, but the Ethernet address will be the address of Temples router. ICMP - Internet Control Message Protocol - Used by IP routers and hosts to send error and information messages (ping uses ICMP). UDP - User Datagram Protocol - Transports "datagrams" (like a post office letter) between any two computers connected to the internet. Unreliable in that datagrams can be lost, duplicated (multiple copies arrive), or datagrams may arrive out of order. Contains "port number" field to distinguish between a computers current conversations. TCP - Transmission Control Protocol - Provides reliable "virtual circuit" service (like a registered letter) between any two computers attached to the internet. Contains "port number" to distinguish between a computers current conversations. DNS - Domain Name Service - Your computer sends a name to a name server (e.g. shirley.cis.temple.edu) and the server returns the IP address (e.g. 129.32.1.64). SMTP - Simple Mail Transfer Protocol - for electronic mail. FTP - File Transfer Protocol TELNET - For Remote Login. Also used by terminal servers. HTTP - Hyper Text Transfer Protocol - Used to transfer WWW (World Wide Web) pages. Protocol Descriptions 1. Ethernet a. 48 bit (6 bytes or 12 hex digits) "TO" address (00:00:93:e0:70:55) b. 48 bit (6 bytes or 12 hex digits) "From" address (00:00:0f:00:7e:d9) c. 16 bit (2 bytes) "Type" field - 0806 for ARP, 0800 for IP d. 48 to 1500 bytes of data e. 32-bit (4 byte) CRC (check digits) Ethernet hardware addresses (48 bits, expressed as 12 hexadecimal digits) 00-00-0F-??-??-?? NeXT 08-00-20-??-??-?? Sun 08-00-5A-??-??-?? IBM FF-FF-FF-FF-FF-FF broadcast address to all stations 2. IP Packet (see file://ds.internic.net/rfc/rfc791.txt) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TCP header, then your data ...... | | | IHL - IP Header Length in 32 bit words (normally 5) Total Length so you can find the end of the IP packet. Identification and Fragment Offset for splitting long packets so that the receiver can reassemble them. Time to Live normally set to 32 and decreased by 1 each time the packet passes through an IP router. Traceroute sends packet with time to live of 1, then sends same packet with time to live of 2, then 3, etc. When IP router discards a packet because time to live is zero, is returns a message to the sender. Addresses are 32 bits long (e.g. 129.32.32.61) Header checksum for error checking (easy to perform in software). Protocol - The following table can be found in /etc/protocols ip 0 IP # internet protocol, pseudo protocol number icmp 1 ICMP # internet control message protocol tcp 6 TCP # transmission control protocol udp 17 UDP # user datagram protocol 3. TCP Packet (see file://ds.internic.net/rfc/rfc793.txt) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | your data ... next 500 octets | | ...... | Flags URG - Like typing control C, slip data up to urgent data. ACK - The acknowledgment number field is valid. PSH - The sender requested that the data be sent immediately. RST - Lets reset the connection and start over. SYN - This is my first sequence number. FIN - I would like to end this conversation. 4. UDP Packet3 (see file://ds.internic.net/rfc/rfc768.txt) +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | your data ... next 500 octets | | ...... | Source and Destination Ports (see ftp://ds.internic.net/rfc/rfc1700.txt) echo 7/tcp echo port ftp 21/tcp file transfer telnet 23/tcp remote login smtp 25/tcp E-mail domain 53/udp nameserver finger 79/tcp finger (find) compute user http 80/tcp WWW server On UNIX systems, ports below 1024 are "protected" while higher numbered ports are available just by asking. (Usually, the user program asks for a port and UNIX returns an unused port number for you to use.) 5. FTP File Transfer Protocol (see ftp://ds.internic.net/rfc/rfc959.txt) A. Some FTP (client) COMMANDS USER NAME (USER) USER anonymous PASSWORD (PASS) PASS stafford@shirley.cis.temple.edu CHANGE WORKING DIRECTORY (CWD) CWD pub LOGOUT (QUIT) DATA PORT (PORT) PORT h1,h2,h3,h4,p1,p2 REPRESENTATION TYPE (TYPE) TYPE I (for IMAGE) or TYPE A (for ASCII) RETRIEVE (RETR) RETR filename STORE (STOR) STOR filename DELETE (DELE) DELE filename PRINT WORKING DIRECTORY (PWD) PWD LIST (LIST) LIST SYSTEM (SYST) SYSTEM STATUS (STAT) STATUS HELP (HELP) HELP NOOP (NOOP) NOOP B. Some FTP (server) REPLIES. The reply codes fall into 5 classes: 1yz Positive Preliminary reply (but wait for 2yz message) 2yz Positive Completion reply 3yz Positive Intermediate reply (command sequences, send next) 4yz Transient Negative Completion reply 5yz Permanent Negative Completion reply 125 Data connection already open; transfer starting. 150 File status okay; about to open data connection. 200 Command okay. 211 System status, or system help reply. 212 Directory status. 213 File status. 214 Help message. 215 NAME system type. Where NAME is an official system name. 220 Service ready for new user. 221 Service closing control connection. Logged out if appropriate. 225 Data connection open; no transfer in progress. 226 Closing data connection. Requested file action successful. 227 Entering Passive Mode (h1,h2,h3,h4,p1,p2). 230 User logged in, proceed. 250 Requested file action okay, completed. 331 User name okay, need password. 332 Need account for login. 350 Requested file action pending further information. 421 Service not available, closing control connection. 425 Can't open data connection. 426 Connection closed; transfer aborted. 450 Requested file action not taken. File unavailable (e.g., busy). 500 Syntax error, command unrecognized. 501 Syntax error in parameters or arguments. 502 Command not implemented. 503 Bad sequence of commands. 504 Command not implemented for that parameter. 530 Not logged in. 532 Need account for storing files. 550 Requested action not taken. File unavailable (e.g., not found) 553 Requested action not taken. File name not allowed.