Transmission Control Protocol

Transmission Control Protocol (TCP) supports the network at the transport layer. Transmission Control
Protocol (TCP) provides a reliable connection oriented service. Connection oriented means both the
client and server must open the connection before data is sent. TCP is defined by RFC 793 and 1122.
TCP provides:

• End to end reliability.
• Data packet re sequencing.
• Flow control.

TCP relies on the IP service at the network layer to deliver data to the host. Since IP is not reliable with regard to message quality or delivery, TCP must make provisions to be sure messages are delivered on time and correctly (Federal Express?).

TCP Message Format

The format of the TCP header is as follows:
 

1. Source port number (16 bits)
 

2. Destination port number (16 bits)
 

3. Sequence number (32 bits) - The byte in the data stream that the first byte of this packet
represents.
 

4. Acknowledgement number (32 bits) - Contains the next sequence number that the sender of the
acknowledgement expects to receive which is the sequence number plus 1 (plus the number of
bytes received in the last message?). This number is used only if the ACK flag is on.
 

5. Header length (4 bits) - The length of the header in 32 bit words, required since the options field
is variable in length.
 

6. Reserved (6 bits)
 

7. URG (1 bit) - The urgent pointer is valid.
 

8. ACK (1 bit) - Makes the acknowledgement number valid.
 

9. PSH (1 bit) - High priority data for the application.
 

10. RST (1 bit) - Reset the connection.
 

11. SYN (1 bit) - Turned on when a connection is being established and the sequence number field
will contain the initial sequence number chosen by this host for this connection.
 

12. FIN (1 bit) - The sender is done sending data.
 

13. Window size (16 bits) - The maximum number of bytes that the receiver will to accept.
 

14. TCP checksum (16 bits) - Calculated over the TCP header, data, and TCP pseudo header.
 

15. Urgent pointer (16 bits) - It is only valid if the URG bit is set. The urgent mode is a way to
transmit emergency data to the other side of the connection. It must be added to the sequence
number field of the segment to generate the sequence number of the last byte of urgent data.

16. Options (variable length)
The header is followed by data. TCP data is full duplex.

Internet Protocol

Internet Protocol (IP) provides support at the network layer of the OSI model. All transport protocol data packets such as UDP or TCP are encapsulated in IP data packets to be carried from one host to another. IP is a connection-less unreliable service meaning there is no guarantee that the data will reach the intended host. The datagrams may be damaged upon arrival, out of order, or not arrive at all (Sounds like some mail services, doesn't it?). Therefore the layers above IP such as TCP are responsible for being sure correct data is delivered. IP provides for:

●     Addressing.
●     Type of service specification.
●     Fragmentation and re-assembly.
●     Security.

IP Message Format

IP is defined by RFC 791.

1.  Version (4 bits) - The IP protocol version, currently 4 or 6. 

2.  Header length (4 bits) - The number of 32 bit words in the header 

3.  Type of service (TOS) (8 bits) - Only 4 bits are used which are minimize delay, maximize throughput, maximize reliability, and minimize monetary cost. Only one of these bits can be on. If all bits are off, the service is normal. Some networks allow a set precedences to control priority of messages the bits are as follows:

❍     Bits 0-2 - Precedence.

  ■     111 - Network Control 

  ■     110 - Internetwork Control 

  ■     101 - CRITIC/ECP 

  ■     100 - Flash Override 

  ■     011 - Flash 

  ■     010 - Immediate 

  ■     001 - Priority 

  ■     000 - Routine 

❍     Bit 3 - A value of 0 means normal delay. A value of 1 means low delay. 

❍     Bit 4 - Sets throughput. A value of 0 means normal and a 1 means high throughput. 

❍     Bit 5 - A value of 0 means normal reliability and a 1 means high reliability. 

❍     Bit 6-7 are reserved for future use.

4.  Total length of the IP data message in bytes (16 bits) 

5.  Identification (16 bits) - Uniquely identifies each datagram. This is used to re-assemble the datagram. Each fragment of the datagram contains this same unique number. 

6.  flags (3 bits) - One bit is the more fragments bit

•  Bit 0 - reserved. 
•  Bit 1 - The fragment bit. A value of 0 means the packet may be fragmented while a 1 means it cannot be fragmented. If this value is set and the packet needs further fragmentation, an ICMP error message is generated. 
• Bit 2 - This value is set on all fragments except the last one since a value of 0 means this is the last fragment.

7.  Fragment offset (13 bits) - The offset in 8 byte units of this fragment from the beginning of the original datagram. 

8.  Time to live (TTL) (8 bits) - Limits the number of routers the datagram can pass through. Usually set to 32 or 64. Every time the datagram passes through a router this value is decremented by a value of one or more. This is to keep the datagram from circulating in an infinite loop forever. 

9.  Protocol (8 bits) - It identifies which protocol is encapsulated in the next data area. This is may be one or more of TCP(6), UDP(17), ICMP(1), IGMP(2), or OSPF(89). A list of these protocols and  their associated numbers may be found in the /etc/protocols file on Unix or Linux systems. 

10.  Header checksum (16 bits) - For the IP header, not including the options and data. 

11.  Source IP address (32 bits) - The IP address of the card sending the data. 

12.  Destination IP address (32 bits) - The IP address of the network card the data is intended for. 

13.  Options - Options are: 

❍     Security and handling restrictions

❍     Record route - Each router records its IP address 

❍     Time stamp - Each router records its IP address and time 

❍     Loose source routing - Specifies a set of IP addresses the datagram must go through. 

❍     Strict source routing - The datagram can go through only the IP addresses specified. 

14.  Data - Encapsulated hardware data such as ethernet data.
 

The message order of bits transmitted is 0-7, then 8-15, in network byte order. Fragmentation is handled at the IP network layer and the messages are reassembled when they reach their final destination. If one fragment of a datagram is lost, the entire datagram must be retransmitted. This is why fragmentation is avoided by TCP. The data on the last line, item 14, is ethernet data, or data depending on the type of physical network.

Network Addressing

IP addresses are broken into 4 octets (IPv4) separated by dots called dotted decimal notation. An octet is a byte consisting of 8 bits. The IPv4 addresses are in the following form:

192.168.10.1

There are two parts of an IP address:
●     Network ID
●     Host ID 

The various classes of networks specify additional or fewer octets to designate the network ID versus the host ID.





When a network is set up, a netmask is also specified. The netmask determines the class of the network as shown below, except for CIDR. When the netmask is setup, it specifies some number of most significant bits with a 1's value and the rest have values of 0. The most significant part of the netmask with bits set to 1's specifies the network address, and the lower part of the address will specify the host address. When setting addresses on a network, remember there can be no host address of 0 (no host address bits set), and there can be no host address with all bits set.

Class A-E networks

The addressing scheme for class A through E networks is shown below. Note: We use the 'x' character here to denote don't care situations which includes all possible numbers at the location. It is many times used to denote networks. 

Network Type Address Range                    Normal Netmask Comments

Class      A 001.x.x.x to 126.x.x.x            255.0.0.0              For very large networks 

Class      B 128.1.x.x to 191.254.x.x        255.255.0.0          For medium size networks 

Class      C 192.0.1.x to 223.255.254.x    255.255.255.0      For small networks

Class      D 224.x.x.x to 239.255.255.255                             Used to support multicasting 

Class      E 240.x.x.x to 247.255.255.255

RFCs 1518 and 1519 define a system called Classless Inter-Domain Routing (CIDR) which is used to allocate IP addresses more efficiently. This may be used with subnet masks to establish networks rather than the class system shown above. A class C subnet may be 8 bits but using CIDR, it may be 12 bits.
 

There are some network addresses reserved for private use by the Internet Assigned Numbers Authority (IANA) which can be hidden behind a computer which uses IP masquerading to connect the private network to the internet. There are three sets of addresses reserved. These address are shown below:

●     10.x.x.x 

●     172.16.x.x - 172.31.x.x 

●     192.168.x.x
 

Other reserved or commonly used addresses:
●     127.0.0.1 - The loopback interface address. All 127.x.x.x addresses are used by the loopback 

       interface which copies data from the transmit buffer to the receive buffer of the NIC when used. 

●     0.0.0.0 - This is reserved for hosts that don't know their address and use BOOTP or DHCP     protocols to determine their addresses. 

●     255 - The value of 255 is never used as an address for any part of the IP address. It is reserved for broadcast addressing. Please remember, this is exclusive of CIDR. When using CIDR, all bits of the address can never be all ones.
 

To further illustrate, a few examples of valid and invalid addresses are listed below:
 

1.  Valid addresses: 

❍     10.1.0.1 through 10.1.0.254 

❍     10.0.0.1 through 10.0.0.254 

❍     10.0.1.1 through 10.0.1.254 2.  

2.Invalid addresses: 

❍     10.1.0.0 - Host IP can't be 0.

❍     10.1.0.255 - Host IP can't be 255. 

❍     10.123.255.4 - No network or subnet can have a value of 255. 

❍     0.12.16.89 - No Class A network can have an address of 0. 

❍     255.9.56.45 - No network address can be 255. 

❍     10.34.255.1 - No network address can be 255.

Network/Netmask specification

Sometimes you may see a network interface card (NIC) IP address specified in the following manner:
 

192.168.1.1/24
 

The first part indicates the IP address of the NIC which is "192.168.1.1" in this case. The second part "/24" indicates the netmask value meaning in this case that the first 24 bits of the netmask are set. This makes the netmask value 255.255.255.0. If the last part of the line above were "/16", the netmask would be 255.255.0.0.

Subnet masks

Subnetting is the process of breaking down a main class A, B, or C network into subnets for routing purposes. A subnet mask is the same basic thing as a netmask with the only real difference being that you are breaking a larger organizational network into smaller parts, and each smaller section will use a different set of address numbers. This will allow network packets to be routed between subnetworks. When doing subnetting, the number of bits in the subnet mask determine the number of available subnets. Two to the power of the number of bits minus two is the number of available subnets. When setting up subnets the following must be determined:
 

●     Number of segments 

●     Hosts per segment
 

Subnetting provides the following advantages:
 

●     Network traffic isolation - There is less network traffic on each subnet. 

●     Simplified Administration - Networks may be managed independently. 

●     Improved security - Subnets can isolate internal networks so they are not visible from 

        external  networks.

A 14 bit subnet mask on a class B network only allows 2 node addresses for WAN links. A routing algorithm like OSPF or EIGRP must be used for this approach. These protocols allow the variable length subnet masks (VLSM). RIP and IGRP don't support this. Subnet mask information must be transmitted on the update packets for dynamic routing protocols for this to work. The router subnet mask is different than the WAN interface subnet mask.
 

One network ID is required by each of:
 

●     Subnet

●     WAN connection
 

 One host ID is required by each of:
 

●     Each NIC on each host. 

●     Each router interface.
 

Types of subnet masks:
 

●     Default - Fits into a Class A, B, or C network category 

●     Custom - Used to break a default network such as a Class A, B, or C network into subnets.

IPv6

IPv6 is 128 bits. It has eight octet pairs, each with 16 bits and written in hexadecimal as follows:
 

2b63:1478:1ac5:37ef:4e8c:75df:14cd:93f2
 

Extension headers can be added to IPv6 for new features.

Supernetting

Supernetting is used to help make up for some of the shortage if IP addresses for the internet. It uses Classless Inter-Domain Routing (CIDR). If a business needs a specific number of IP addresses such as 1500, rather than allocating a class B set of addresses with the subnet mask of 255.255.0.0, a subnet mask of 255.255.248.0 may be allocated. Therefore the equivalent of eight class C addresses have been allocated. With supernetting, the value of 2 is not subtracted from the possible number of subnets since the router knows that these are contiguous networks. 8 times 254 = 2032.

What section of this document to read next

At this point the reader should have enough fundamental knowledge to grasp routing, so the reader may continue on or skip to the section entitled, "simple routing". The reader may at this time read all the sections in the "Functions" group of sections, then continue back at the section after this one where you left off.