TCP/IP

Internet Security - Farkas 1

CSCE 790CSCE 790Internet SecurityInternet Security

Lecture 2Lecture 2

TCP/IPTCP/IP


Reading AssignmentReading Assignment

Reading assignments for January 17:Required:

– Oppliger: Ch 1. Terminology, Ch 2. TCP/IP Networking– Max. Sec.: Part II, Ch 4: A brief primer on TCP/IP

Additional:– Internet Society (ISOC) homepage (http://www.isoc.org )– Some of my slides originated from lecture notes of Ion Stoica (

http://www.cs.berkeley.edu/~istoica/cs268/ ) and lecture notes of Charles Severance (http://www.netfact.com/crs/school/cps291int/techtcp/ ) on networking and TCP/IP

Reading assignments for January 22:Required:

– Oppliger: Ch 3. Attacks


Before InternetBefore Internet Isolated, local packet-switching networks

– only nodes on the same network could communicate Each network is autonomous:

– different services

– different interfaces

– different protocols


Before Internet (cont)Before Internet (cont)ARPANET: sponsored by Defense Advanced Research Projects Agency (DARPA):• 1969: interconnected 4 hosts• 1970: host-to-host protocol: Network Control Protocol (NCP)• 1972: first application: e-mail

Univ. of California at LA (UCLA)

Stanford Research Institute (SRI)

Univ. of California at Santa Barbara (UCSB)

Univ. of Utah


InternetInternetConnect Existing Networks: ARPANET, Packet Radio, and Packet Satellite NCP not sufficient Develop new protocol 1970s: Transmission Control Protocol (Kahn and Vinton)

– Based on packet switching technology– Good for file transfer and remote terminal access

Divide TCP into 2 protocols– Internet Protocol (IP): addressing and forwarding of packets– Transmission Control Protocol (TCP): sophisticated services, e.g. flow control, recovery

1980: TCP/IP adopted as a DoD standard 1983: ARPANET protocol officially changed from NCP to TCP/IP 1985: Existing Internet technology 1995: U.S. Federal Networking Council (FNC) define the term Internet


Goals (Clark’88)Goals (Clark’88)0 Connect existing networks

1. Survivability

2. Support multiple types of services

3. Must accommodate a variety of networks

4. Allow distributed management

5. Allow host attachment with a low level of effort

6. Be cost effective

7. Allow resource accountability


Internet ChallengeInternet Challenge Interconnected networks differ (protocols,

interfaces, services, etc.) Solutions:

1. Reengineer and develop one global packet switching network standard: not economically feasible

2. Have every host implement the protocols of any network it wants to communicate with: too complex, very high engineering cost

3. Add an extra layer: internetworking layer Hosts: one higher-level protocol Network connecting use the same protocol Interface between the new protocol and network


LayeringLayering

Organize a network system into logically distinct entities– the service provided by one entity is based only

on the service provided by the lower level entity


Without LayeringWithout Layering

Each application has to be implemented for every network technology!

SMTP FTP HTTP

Coaxial cable

Fiberoptic

Application

TransmissionMedia


With LayeringWith LayeringIntermediate layer provides a unique abstraction

for various network technologies

SMTP FTP

Coaxial cable

Fiberoptic

Application

TransmissionMedia

HTTP

Intermediate layer


LayeringLayering

Advantages– Modularity – protocols easier to manage and maintain– Abstract functionality –lower layers can be changed

without affecting the upper layers– Reuse – upper layers can reuse the functionality

provided by lower layers

Disadvantages– Information hiding – inefficient implementations


ISO OSI Reference ModelISO OSI Reference Model

ISO – International Standard OrganizationOSI – Open System InterconnectionGoal: a general open standard

– allow vendors to enter the market by using their own implementation and protocols


ISO OSI Reference ModelISO OSI Reference Model Seven layers

– Lower three layers are peer-to-peer– Next four layers are end-to-end

Application

Presentation

Session

Transport

Network

Datalink

Physical

Application

Presentation

Session

Transport

Network

Datalink

Physical

Network

Datalink

Physical

Physical medium


Data TransmissionData Transmission A layer can use only the service provided by the layer

immediate below it Each layer may change and add a header to data packet

Data

Data

Data

Data

Data

Data

Data

Data

Data

Data

Data

Data

Data

Data


OSI Model ConceptsOSI Model ConceptsService – says what a layer doesInterface – says how to access the service Protocol – says how is the service

implemented– a set of rules and formats that govern the

communication between two peers


Physical Layer (1)Physical Layer (1)

Service: move the information between two systems connected by a physical link

Interface: specifies how to send a bit Protocol: coding scheme used to represent a

bit, voltage levels, duration of a bit

Examples: coaxial cable, optical fiber links; transmitters, receivers


Datalink Layer (2)Datalink Layer (2) Service:

– framing, i.e., attach frames separator – send data frames between peers– others:

arbitrate the access to common physical media ensure reliable transmission provide flow control

Interface: send a data unit (packet) to a machine connected to same physical media

Protocol: layer addresses, implement Medium Access Control (MAC) (e.g., CSMA/CD)…


Network Layer (3)Network Layer (3)

Service: – deliver a packet to specified destination– perform segmentation/reassemble– others:

packet scheduling buffer management

Interface: send a packet to a specified destination Protocol: define global unique addresses;

construct routing tables


Transport Layer (4)Transport Layer (4) Service:

– provide an error-free and flow-controlled end-to-end connection

– multiplex multiple transport connections to one network connection

– split one transport connection in multiple network connections

Interface: send a packet to specify destination Protocol: implement reliability and flow control Examples: TCP and UDP


Session Layer (5)Session Layer (5)Service:

– full-duplex– access management, e.g., token control– synchronization, e.g., provide check points for

long transfers Interface: depends on serviceProtocols: token management; insert

checkpoints, implement roll-back functions


Presentation Layer (6)Presentation Layer (6)

Service: convert data between various representations

Interface: depends on serviceProtocol: define data formats, and rules to

convert from one format to another


Application Layer (7)Application Layer (7)

Service: any service provided to the end user

Interface: depends on the applicationProtocol: depends on the application

Examples: FTP, Telnet, WWW browser


TCP/IP Networking ModelTCP/IP Networking ModelTCP/IP has a different layered model

Network Access LayerPhysical ConnectionLAN Connection

Internetwork Layer (IP)WAN ConnectivityUnreliable Datagram Service

Transport Layer (TCP)Error CorrectionReliable Connection

Application Layer


Network Access LayerNetwork Access Layer Responsible for physical connection

– Shape– Size– Voltages

Responsible for rules of how to put bits on the “wire” These are the building blocks for the network The goal of the physical layer is to move information

across one “hop”


Internet LayerInternet Layer Transports data from one end-user system to another

end-user systems by hopping across as many physical connections as necessary

Provides a mechanism to connect many LANs together effectively

Connectionless and unreliable datagram protocol Protocols:

– Internet Protocol– Routing Protocol– Supporting Protocol


IP HeaderIP Header

Comments– HLen – header length only in 32-bit words (5 <= HLen <= 15)– TOS (Type of Service): now split in

Differentiated Service Field (6 bits) remaining two bits used by ECN (Early Congestion Notification)

– Length – the length of the entire datagram/segment; header + data– Flags: Don’t Fragment (DF) and More Fragments (MF)– Fragment offset – all fragments excepting last one contain multiples of 8 bytes– Header checksum - uses 1’s complement

Version HLen TOS Length

Identification Fragment offsetFlags

Source address

Destination address

TTL Protocol Header checksum

0 4 8 16 19 31

Options (variable)

20 bytes


IP AddressesIP Addresses IP provides logical address space and a corresponding

addressing schema IP address is a globally unique or private number

associated with a host network interface Every system which will send packets directly out

across the Internet must have a unique IP address IP addresses are based on where station is connected IP addresses are controlled by a single organization -

address ranges are assigned They are running out of space!


Routing ProtocolsRouting Protocols

• Enable routing decisions to be made• Manage and periodically update routing tables, stored at each router • Autonomous collection of routers:

•Under single administration•Use same routing protocol: Interior Gateway Protocol (IGP)•Use Exterior Gateway Protocol (EGP) to communicate other systems

• Router : “which way” to send the packet closer. (Keep routing table small and allow to handle unlimited number of systems.)• Protocol types:

•Reachability•Distance vector


Supporting ProtocolsSupporting Protocols

Handle specific tasks– Address Resolution Protocol (ARP)– Reverse Address Resolution Protocol (RARP)– Internet Control Message Protocol (ICMP)– Internet Group Management Protocol (IGMP)


The Domain Name SystemThe Domain Name System Each system connected to the Internet also has one or

more logical addresses. Unlike IP addresses, the domain address have no

routing information - they are organized based on administrative units

There are no limitations on the mapping from domain addresses to IP addresses


Domain Name ResolutionDomain Name Resolution Domain Name Resolution: looking up a logical name

and finding a physical IP address There is a hierarchy of domain name servers Each client system uses one domain name server

which in turn queries up and down the hierarchy to find the address

If your server does not know the address, it goes up the hierarchy possibly to the top and works its way back down


Transport Layer (TCP)Transport Layer (TCP) Present a reliable end-to-end pipe to the application Data either arrives in the proper order or the

connection is closed Keeps buffers in the sending and destination system to

keep data which has arrived out of order or to retransmit if necessary

Provides individual connections between applications


TCP HeaderTCP Header

Sequence number, acknowledgement, and advertised window – used by sliding-window based flow control

Flags:– SYN, FIN – establishing/terminating a TCP connection– ACK – set when Acknowledgement field is valid– URG – urgent data; Urgent Pointer says where non-urgent data starts– PUSH – don’t wait to fill segment– RESET – abort connection

Source port Destination port

Options (variable)

Sequence number

Acknowledgement

Advertised window

Checksum Urgent pointerFlagsHdrLen

0 4 10 16 31


TCP Header (Cont)TCP Header (Cont) Checksum – 1’s complement and is computed over

– TCP header– TCP data– Pseudo-header (from IP header)

Note: breaks the layering!

Source address

Destination address

TCP Segment length0 Protocol (TCP)


TCP Connection EstablishmentTCP Connection Establishment Three-way handshake

– Goal: agree on a set of parameters: the start sequence number for each side

Client (initiator) Server

SYN, SeqNum = x

SYN and ACK, SeqNum = y and Ack = x + 1

ACK, Ack = y + 1


Application LayerApplication Layer Uses the reliable TCP connections to accomplish

useful work over the network– client-server applications– standard applications

telnet (port 23) mail (port 25) finger (port 79) ftp (port 21)

Each application uses a “port” and a protocol Each port can have many connections


OSI vs. TCP/IPOSI vs. TCP/IP OSI: conceptually define: service, interface, protocol Internet: provide a successful implementation

Application

Presentation

Session

Transport

Network

Datalink

Physical

Internet

Host-to-network

Transport

Application

IP

LAN Packetradio

TCP UDP

Telnet FTP DNS

TCP/IP

Documents

Transcript of TCP/IP