Ch. 4 Network Protocols and Routing
Fields in a TCP Segment
- Source port (16 bits) - Destination port (16 bits) - Sequence number (32 bits) - Acknowledgement number (32 bits) - Header length: number of 32 bit words in header (4 bytes) - reserved: Set to 0 (3 bits) - control bits: contains 9 1-bit fields which are often referred to as a flag - window: number of octets that the device is willing to accept (16 bits) - checksum (calculated checksum of header and data fields) - urgent 16 bits - options - data (upper-layer protocol data
Options
0-32 bits - Specifies special options such as max segment size a network can handle
TCP three-way handshake process
1. The client sends a SYN (synchronize) flagged packet to the server 2. The server responds with a SYN/ACK (synchronize and acknowledge) flagged packet back to the client 3. The client responds with an ACK (acknowledge) flagged packet back to the server
Checksum
16 bits - A value to let the receiver test the integrity of received data.
Urgent pointer
16-bit - indicates a location in the data field where urgent data resides
Destination port
16-bit - indicates the port at the destination node
Source port
16-bit - indicates the port at the source node
Sliding-Window size
16-bits - Indicates how many bytes sender can issue to a receiver before acknowledgement is received. This field performs flow control, preventing the receiver's buffer from being deluged with bytes
Acknowledgement number
32-bit - Confirms receipt of data via a a return message to the sender
Sequence number
32-bit - Identifies the data segment's position in the stream of data segments being sent
TCP header length
4-Bit - Indicates the length of TCP header in bytes. Header can be min of 20 to max of 60 bytes. Aka Data offset field
Flags
6-Bit - Identifies collection of six 1-bit fields or flags that signal special conditions
Reserved
6-Bit - Indicates field reserved for later use
ICMP Packet
A packet type used for testing network connections using the ping program
Static ARP table entry
A record in an ARP table that someone has manually entered using the ARP Utility (accessed via arp command on Windows
Jumbo frame
A single non-standard Ethernet frame that allows for larger maximum payload size, in which MTU can be as high as 9198 bytes
three-way handshake
A three-step process in which Transport layer protocols establish a connection between nodes. TCP is connection oriented
Ethernet II Frame
Adds both header and trailer to payload inherited from layer above.
sequencing
Attaching a chronological sequence number to each checksum segment so destination host can reorder if necessary
Dynamic ARP table entry
Created when a client makes an ARP request for information that could not be satisfied by data already in the ARP table
ARP Table
Database of IP-to-MAC address mappings
IPv4 Packet
Fields:
IPv6 Packet
Fields:
ACK
Flag: Acknowledgement field
PSH
Flag: Data should be sent to an application without buffering
FIN
Flag: Segment is the last in a sequence and the connection should be closed
SYN
Flag: Sender is requesting a sync of the sequence numbers between the two nodes. Indicates that no payload is included in segment and acknowledgement number should be increased by 1 in response
RST
Flag: Sender is requesting that connection be reset
URG
Flag: Urgent pointer field
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
MAC method used by nodes for arbitration on network Carrier sense: refers to NIC listening and waiting until no other nodes are transmitting data Multiple Access: refers to several nodes accessing the same network media Collision Detection: refers to event when two nodes attempt a transmission at the same time
Collision domain
Portion of network in which a collision (two nodes transmissions' interferes with one another) can occur
Fragmentation
Process of dividing packets that too large for a network's hardware into smaller packets. Fragmentation slows down networks so ideally MTUs are set at a level that works for all devices along message's path. TCP helps avoid fragmentation by negotiating maximum segment size(MSS), which defines max size of Transport layer PDU at beginning of session
flow control
Process of gauging the appropriate rate of transmission based on how quickly the recipient can accept data
MTU (maximum transmission unit)
The largest IP packet size in bytes allowable by routers in a path without fragmentation and excluding the frame size. This defines the maximum payload size that a Layer 2 frame can encapsulate (i.e. Ethernet: 1500 bytes). Ethernet frames on a VLAN can have an extra 4-byte field between the Source address field and the Type field
Internetwork
To traverse more than one LAN segment and more than one type of network through a router
Data
Variable bits - Contains data sent by source host. Data field not part of TCP header; it is encapsulated by TCP header
Padding
Variable bits - Contains filler bits to ensure size of TCP header is a multiple of 32 bits
Ethernet
[Data Link Layer] Most important data link layer standard capable of running on a variety of media. Most popular network technology used on Modern LANs
ARP (Address Resolution Protocol)
[Data Link Layer] Works in conjunction with IPv4 to discover the MAC Address of a node on the local network and to maintain a database that maps local IP addresses to MAC addresses
ICMP
[Network Layer] Protocol that reports on the success or failure of data delivery. Messages are generated automatically by network devices and by utilities
IP (Internet Protocol)
[Network Layer] Specifies where data should be delivered, identifying the data's source and destination IP addresses
UDP (User Datagram Protocol)
[Transport Layer] connectionless protocol that does not require a connection to send a packet and does not guarantee that the packet arrives at its destination
TCP (Transmission Control Protocol)
[Transport Layer] provides reliable, ordered, and error-checked delivery of a stream of packets on the internet. TCP is tightly linked with IP and usually seen as TCP/IP in writing.
Ethernet II
the current Ethernet standard, developed by DEC, Intel, and Xerox, before the IEEE began to standardize Ethernet.
