2.1 Internet Protocol
When a message is sent using IP, the following steps occur: 1) IP will attempt to establish a connection with the destination host by IP address:
- The subnet mask of the host is applied to the source IP address to determine the network address of the source host. - The subnet mask of the host is applied to the destination IP address to determine the network address of the destination host.
The network ID portion of an IP address is revealed by "ANDing" the subnet mask to the IP address. The rules for a logical AND are shown in the table:
1 AND 1 = 1 1 AND 0 = 0 0 AND 1 = 0 0 AND 0 = 0 This table shows that when two ones are ANDed together the result is a one while any other combination produces a zero.
The following steps outline the procedures for verifying a computer's configuration and for testing router connections: 1)
1) Ping the loopback address (ping 127.0.0.1) to verify TCP/IP is installed and loaded correctly. The loopback address is a reserved IP address used for testing purposes.
The following steps outline the procedures for verifying a computer's configuration and for testing router connections(2):
2)Ping the IP address of your workstation to verify it added correctly and to check for possible duplicate IP addresses.
The following steps outline the procedures for verifying a computer's configuration and for testing router connections(3):
3) Ping the IP address of the default gateway to verify it is up and running and that you can communicate with a host on the local network.
The following steps outline the procedures for verifying a computer's configuration and for testing router connections(4):
4) Ping the IP address of a remote host to verify you can communicate through the router.
When a message is sent using IP, the following steps occur (Continued): 4) IP then calculates a checksum (to use for error detection) and sends the packet. A data link protocol (such as Ethernet) encapsulates this into one or more frames and transmits them over the network.
5) If the datagram has been routed, at the gateway, the Time to Live (TTL) is decreases by at least one. This could be greater if the router is congested. When the TTL is zero, the packet is discarded. This prevents badly addressed packets from permanently circulating the network.
Checksum
A field used to verify the datagram's integrity upon arrival at the destination.
From the Advanced Property page you can specify:
Additional IP addresses for the adapter Alternate default gateways. DNS servers and DNS domain suffix information. NetBIOS over TCP/IP information, including WINS servers and LMHOSTS integration. You can also disable NetBIOS over TCP/IP.
Options
Additional fields can be specified, though this is not often the case in practice. The best known are the use of source routing (to predetermine the route a packet should take through the internetwork) and recording through which gateways the datagram passes
ICMP Header
An ICMP message is encapsulated within a single IP datagram. It contains a few fields, some of which are optional (that is, they only appear in particular types of message).
Configuring Static TCP/IP Parameters If you wish to configure the protocol, from the Local Area Connection property sheet, double-click the installed protocol and enter the appropriate IP configuration information.
An adapter configured to obtain an address automatically can also be given an Alternate Configuration. This static address configuration is used in place of APIPA when no DHCP server can be contacted.
Time to Live The number of seconds a datagram is allowed to stay on the network before being discarded; otherwise packets could endlessly loop around an internet.
While TTL is defined as a unit of time (seconds), in practice, it is interpreted as the number of hops allowed. A router will decrease the TTL by at least 1 when it handles the packet.
In the original IP addressing scheme, network addresses were divided into classes: A, B, C, D, and E,
While this system is now obolete, it remains a useful way to understand how IP addressing works.
ping can be used with a number of switches.
You can adjust the TTL (-i) and timeout (-w) and fource the use of IPv4 (-4) or IPv6 (-6) when pinging by host name. With IPv4, you can also use loose (-j) or strict (-k) source routing (sending packets via a predetermined route). The -a switch performs name resolution. Also, -t continues to ping host until interrupted (Ctrl+C).
When a message is sent using IP, the following steps occur (Continued): 2a) The destination network address is compared with that of the source:
a) If the two hosts are on the same network TCP/IP uses ARP messaging to locate the destination machine. The response to this broadcast includes the network card (MAC) address of the destination machine and the message can then be sent.
When a message is sent using IP, the following steps occur (Continued): 2b) The destination network address is compared with that of the source:
b) If the two machines are on different subnets, TCP/IP uses ARP messaging to locate the default gateway. This machine responds with its MAC address and the message is then sent to the gateway (router).
ipconfig / flushdns
clears the DNS resolver cache.
ipconfig /all
displays all of the TCP/IP configuration parameters for each adapter to which TCP/IP is bound, including whether or not DHCP is enabled for the card.
ipconfig / displaydns
displays the DNS resolver cache.
To use ping, open a command prompt and enter the command ping followed by
either the HostName or IPAddress of the remote computer.
ipconfig / renew Interface
forces a DHCP client to renew the lease it has for an IP address.
An IP address is 32 bits long and is used within an IP packet to define the source and destination of the packet.
in its raw form it appears as: 11000110001010010001000000001001
ICMP messages are generated uner error conditions
in most types of unicast traffic but not for broadcast or multicast packets.
ipconfig includes the following oprions;
ipconfig ipconfig /all ipconfig / renew Interface ipconfig / release Interface ipconfig / displaydns ipconfig / flushdns ipconfig / registerdns
ipconfig / registerdns
registers the host with a Domain Name Server (if it supports dynamic updates).
ipconfig / release Interface
releases the IP address obtained from a DHCP Server, so that the network adpater(s) will no longer have an IP address.
No reply (Request timed out)
the host is unavailable or cannot route a reply back to your computer. If the host is running, try using tracert.
If you cannot ping the loopback address,
the protocol is not correctly installed on the local system.
If you can successfully perform all tests, but cannot ping by computer name,
then this suggests a name resolution problem.
The network number (network ID)
this number is common to all hosts on the same network.
The host number (host ID)
this unique number identifies a host on a particular network.
The trick with ping is understanding the messages that you receive
when there is a problem.
UNIX and Linux hosts provide a command called ifconfig
which provides similar output to Windows' ipconfig program.
ipconfig
without any switches will display the IP addres, subnet mask, and default gateway (router) for all network adapters to which TCP/IP is bound.
The IP address provides two pieces of information:
The network number (network ID) The host number (host ID)
ping
The ping program sends a configurable number and size of packets to a destination host. The packets contain ICMP data. The utility can be used to provide essential information when troubleshooting a TCP/IP network.
Header / Total Length
The size of the header (typically 20 bytes) and total length of the datagram; the maximum theoretical size is 65,535 bytes but actual packets would typically be much smaller.
IP Routing Basics
The subnet mask is used by IP to identify whether the source and destination machines are on the same network or subnet. If the destination computer is on another subnet, the message must be sent via one or more routers.
Version
The version of IP used (v4 or v6)
Echo Request / Reply
There are used for testing a connection with the ping utility. If a request message reaches the destination host, it generates a reply and sends it back to the source. If the request message does not reach its destination, an appropriate error message is generated.
Destination Unreachable
This class of message indicates that a local host or a host on a remote network (or a protocol or port on a host) cannot be contacted. This might be caused by some sort of configuration error or by a host or router not being available.
DiffServ
This field provides a basic Class of Service mechanism.
IP addresses All networks must have a wway of uniquely identifying individual computers.
This identifier may be in the form of a name or number. At the TCP/IP internet layer (the OSI network layer), a unique number, known as the IP address, is used to identify each host.
Routes to other subnets can be manually configured or leaned by a routing protocol. Discovered routes are held in a routing table. The more sophisticated routers can share information about known subnets and possible paths to them.
This information allows them to choose the best routes to any given destination and select alternate routes if one of these is unavailable. The ability to learn routes provides the robust system described earlier.
The dotted decimal notation of the IP address and subnet mask must be converted to binary notation and then the two numbers are ANDed. The result can be converted back to decimal notation to provide the network ID.
This process is an internal process performed by the IP protocol. (See Graph in Textbook)
This representation of an IP address makes human memorizing of the numbers almost impossible (much less entering it correctly into configuration dialogs).
To make IP addresses easier to use, they are usually displayed in dotted decimal notation. This notation requires each octet to be converted to a decimal value. The decimal numbers are separated using a period. Converting the above number to this notation gives: 193.41.16.9
Although you enter the mask in decimal, the computer thinks in binary terms.
Until you are totally comfortable working with subnet masks, try to think in binary terms, switching the number to decimal only at the last moment to enter into the configuration dialog.
The most important of these fields are
Version Header / Total Length DiffServ DiffServ Time to Live Protocol Checksum Source IP address Destination IP address Options Data
Subnet Masks An IP address consists of a Network ID and a Host ID. The subnet mask is used to distinguish these two components within a single IP address. It is used to "mask" the host ID portion of the IP address and thereby reveal the network ID portion.
Where there is a binary 1 in the mask, the corresponding binary digit in the IP address is part of the network ID. The relative sizes of the network and host portion determines the number of networks and hosts per network a particular addressing scheme can support
Destination unreachable there is no routing information (that is, the local computer does not know how to get to that IP address).
If the host is on the same network, check physical cabling, infrastructure devices such as the switch, and TCP/IP configuration. If the host is on another network, check the TCP/IP configuration and router.
Source Quench
If a host or router's buffer memory is being overloaded with packets, it can generate a "back off" message. The source system should then slow down the rate at which it transmits messages until the ICMP source quench messages cease.
If the previous tests are successful, but a remote IP address cannot be contacted, check the default gateway parameter on the local host.
If correct, utilize the tracert program to investigate the route being taken. Also, consider manually adding the route using the route command.
When two computers attempt to communicate, TCP/IP compares the IP address of the local and destination machines against the subnet mask.
If the masked portion of the IP address matches, then it assumes the machine is on the same network. If the masked portion does not match, TCP/IP assumes the message must be routed to another network.
When a message is sent using IP, the following steps occur (Continued): 6) The router then determines what to do with the datagram by repeating the steps described from the second step on.
If the message is destined for yet another network, the process is repeated to take it to the next stage and so on.
Redirect Most hosts channel all remote communications through the default gateway.
If there are in fact multiple routers and a more efficient route can be identified, the default gateway can send a redirect message to the host to update its routing table. Note that the router still delivers the original message.
Data
The datagram's payload, containing the packet from the transport layer.
ipconfig / ifconfig
The ipconfig program is used ro verify TCP/IP configuration on Windows based systems.
If ping is successful (as in the first attempt below), it responds with the message Reply from IPAddress and the time it takes for the server's response to arrive.
The millisecond measures of Round Trip Time (RTT) can be used to diagnose latency problems on a link.
Note that ping has different syntax when used under Linux.
By default, the command executes until manually halted, unless run with the number of packets appended at the end.
Configuring TCP/IP The minimum information required for the configuration of the TCP/IP protocol is an IP address that is unique on the internetwork to which the host is attached and a subnet mask.
If the host has more than one network interface, then each must be configured with a unique IP address and a subnet mask. A default gateway (router) address must be provided if the host is required to communicate with remote networks.
The default subnet masks for each of the main classes of IP address are shown in the table below:
Class A 255.0.0.0 Class B 255.255.0.0 Class C 255.255.255.0
If ping is unsuccessful(as shown in the second attempt), one of the two messages are commonly received:
Destination unreachable No reply (Request timed out)
ICMP Error Types ICMP messages are categorized into various types. The most commonly encountered are described below.
Echo Request / Reply Destination Unreachable Time Exceeded Source Quench Redirect
ID/ Flag/ Fragment Offset
Fields to indicate whether the datagram has been fragmented for transport over the underlying data link protocol
The 1s in the mask are always contiguous.
For example, a mask 11111111 11110000 00000000 00000000 is valid but 11111111 00000000 11110000 00000000 is not.
Field - Explanation Type - A category of message. Code - Identifies a specific message. Checksum - A field used to verify the datagram's integrity upon arrival at the destination.
ID / Sequence - Used for echo response. Address - An alternative routing address used with redirect messages. Data - Header of the datagram that generated the error.
If a local host cannot be pinged, then verify the sending host;s IP configuration -
IP address, subnet mask, and so on.
IP Datagram Structure
IP datagrams encapsulate data from the transport layer, adding a number of fields.
There are two versions of IP; version 4 is currently in widespread use and is the version discussed in the following few topics.
IPv6 introduces a much large address space and different means of configuring clients and is discussed elsewhere.
Destination IP address
Identifies the destination of the datagram by IP address.
Source IP address
Identifies the sender of the datagram by IP address
Automatic Address Configuration When installed, the protocol will be bound to the local adapter, and will default to obtaining an IP address dynamically; that is, from a DHCP server (if one is available).
If a DHCP server is not present, the workstation will use an IP address in the range 169.254.1.0 - 169.254.254.255. This is called Automatic Private IP Addressing (APIPA) or a link-local address.
When a message is sent using IP, the following steps occur (Continued): 3) It is possible that due to limitations in the underlying network, IP may fragment the packet into more manageable pieces (to fit within the Maximum Transmission Unit [MTU] of the data link protocol frame).
If this is the case, IP assigns a new header to each fragment containing: - A flag to indicate whether more fragments follow. - A fragment identifier to help group fragments together. - An offset to assist the destination host in reconstructing the fragments into the original packet.
Configuring TCP/IP Under Linux
In Linux you can either use a graphical utility to configure the adapter (YaST for instance), set the values in a conf(iguration) file, or use the command-line tool ifconfig. The default gateway and other routing information is set in a conf file or using the route command.
Protocol
Indicates whether the data should be passed to UDP or TCP at the destination host.
At the network layer, the Internet Protocol (IP) provides packet addressing and routing for all higher level protocols within the TCP/IP suite.
It provides best effort delivery of an unreliable and connectionless nature. Delivery is not guaranteed and a packet might be lost, delivered out of sequence, duplicated, or delayed.
The defaulr gateway is the IP address of a router on the same subnet as the host.
Messages destined for other subnets are sent to the default gateway address by the source host.
Configuring TCP/IP Under WIndows
On the latest versions of Windows, the TCP/IP protocol is always installed and cannot be uninstalled. On earlier versions of Windows (notable Windows 9x clients), it may be necessary to install the protocol.
Converting Between Binary and Decimal Format and Decimal to Binary Conversion
See Textbook Graph
The IP datagram also has an options field and some of the options available are to specify loose or strict source routing and to record the route taken.
Source routing means that the gateways to be used to deliver the datagram are self-specified. This can be used for troubleshooting (route tracing) or maliciously (to conceal the origin of a datagram or circumvent a security system).
ICMP and ping
The Internet Control Message Protocol (ICMP) is used to report errors and send messages about the delivery of a packet. it can also be used to test TCP/IP networks.
Time Exceeded This is used when the Time To Live (TTL) of a packet reaches zero. The TTL field in a packet has a maximum value of 255 and this value is reduced by one every time the packet crosses a router.
The TTL is eventually reduced to zero if the packet is looping (because of a corrupted routing table) or when congestion causes considerable delays. The router then discards the packet and a warning packet is sent back to the source host.
Note some differences between the Windows and Linux commands: ifconfig can also be used to bind an address to the adapter interface, set up communication parameters, and enable or disable the adapter.
The Windows switches for configuring the adapter with DHCP and DNS are not supported by ifconfig. The ifconfig command output does not show the default gateway (use route instead). It does show traffic statistics though.
The 32 bits are subdivided into four groups of 8 bits (1 byte) known as octets.
The above IP address could therefore be rearranged as: 110001100 00101001 00010000 00001001
