TCP-IP Detailed Explanation Volume 1: Protocol

"TCP/IP Detailed Explanation, Volume 1: Protocol" is a complete and detailed guide to the TCP/IP protocol. The individual protocols belonging to each layer and how they operate in different operating systems are described. The author used the Lawrence Berkeley Laboratory's tcpdump program to capture different packets transmitted between different operating systems and TCP/IP implementations. Studying tcpdump output can help understand how different protocols work. This book is suitable as a textbook for computer major students learning about networks and a reference book for teachers. Also suitable for technicians studying networks.

Table of Contents Translator’s Preface Chapter 1 Overview 1
1.1 Introduction 1
1.2 Stratification 1
1.3 TCP/IP layering 4
1.4 Internet addresses 5
1.5 Domain Name System 6
1.6 Packaging 6
1.7 points with 8
1.8 Client-Server Model 8
1.9 Port number 9
1.10 Standardization process 10
1.11 RFC 10
1.12 Standard Simple Service 11
1.13 Internet 12
1.14 Implementation 12
1.15 Application Programming Interface 12
1.16 Test network 13
1.17 Summary 13
Chapter 2 Link Layer 15
2.1 Introduction 15
2.2 Ethernet and IEEE 802 encapsulation 15
2.3 Tail packaging 17
2.4 SLIP: Serial Line IP 17
2.5 Compressed SLIP 18
2.6 PPP: Point-to-Point Protocol 18
2.7 Loopback interface 20
2.8 Maximum transmission unit MTU 21
2.9 Path MTU 21
2.10 Serial line throughput calculation 21
2.11 Summary 22
Chapter 3 IP: Internet Protocol 24
3.1 Introduction 24
3.2 IP header 24
3.3 IP routing 27
3.4 Subnet addressing 30
3.5 Subnet mask 32
3.6 IP addresses for special situations 33
3.7 Example of a subnet 33
3.8 ifconfig command 35
3.9 netstat command 36
3.10 The future of IP 36
3.11 Summary 37
Chapter 4 ARP: Address Resolution Protocol 38
4.1 Introduction 38
4.2 An example 38
4.3 ARP cache 40
4.4 ARP grouping format 40
4.5 ARP example 41
4.5.1 General example 41
4.5.2 ARP request for non-existent host 42
4.5.3 ARP cache timeout setting 43
4.6 ARP proxy 43
4.7 Free ARP 45
4.8 arp command 45
4.9 Summary 46
Chapter 5 RARP: Reverse Address Resolution Protocol 47
5.1 Introduction 47
5.2 RARP grouping format 47
5.3 RARP example 47
5.4 Design of RARP server 48
5.4.1 RARP server as user process 49
5.4.2 Multiple RARP servers per network 49
5.5 Summary 49
Chapter 6 ICMP: Internet Control Message Protocol 50
6.1 Introduction 50
6.2 Types of ICMP messages 50
6.3 ICMP address mask request and response 52
6.4 ICMP timestamp request and response 53
6.4.1 Example 54
6.4.2 Another approach 55
6.5 ICMP port unreachable error 56
6.6 4.4BSD processing of ICMP messages 59
6.7 Summary 60
Chapter 7 Ping Program 61
7.1 Introduction 61
7.2 Ping program 61
7.2.1 LAN output 62
7.2.2 WAN output 63
7.2.3 Line SLIP link 64
7.2.4 Dial-up SLIP link 65
7.3 IP record routing options 65
7.3.1 Common examples 66
7.3.2 Exception output 68
7.4 IP timestamp options 69
7.5 Summary 70
Chapter 8 Traceroute Program 71
8.1 Introduction 71
8.2 Operation of the Traceroute program 71
8.3 LAN output 72
8.4 WAN output 75
8.5 IP origin routing options 76
8.5.1 Traceroute for relaxed origin routing
Program Example 78
8.5.2 Traceroute for strict origin site routing
Program Example 79
8.5.3 Loose source site routing traceroute program
Round trip route 80
8.6 Summary 81
Chapter 9 IP Routing 83
9.1 Introduction 83
9.2 Principles of routing 84
9.2.1 Simple routing table 84
9.2.2 Initialize routing table 86
9.2.3 More complex routing tables 87
9.2.4 No route to destination 87
9.3 ICMP host and network unreachable errors 88
9.4 To forward or not to forward 89
9.5 ICMP Redirect Error 89
9.5.1 An example 90
9.5.2 More details 91
9.6 ICMP Router Discovery Message 92
9.6.1 Router operation 93
9.6.2 Host operation 93
9.6.3 Implementation 93
9.7 Summary 94
Chapter 10 Dynamic Routing Protocol 95
10.1 Introduction 95
10.2 Dynamic routing 95
10.3 Unix Routing Daemon 96
10.4 RIP: Routing Information Protocol 96
10.4.1 Message format 96
10.4.2 Normal operation 97
10.4.3 Metrics 98
10.4.4 Question 98
10.4.5 Example 98
10.4.6 Another example 100
10.5 RIP version 2 102
10.6 OSPF: Open Shortest Path First 102
10.7 BGP: Border Gateway Protocol 103
10.8 CIDR: Typeless Inter-Domain Routing 104
10.9 Summary 105
Chapter 11 UDP: User Datagram Protocol 107
11.1 Introduction 107
11.2 UDP header 107
11.3 UDP checksum 108
11.3.1 tcpdump output 109
11.3.2 Some statistical results 109
11.4 A simple example 110
11.5 IP fragmentation 111
11.6 ICMP unreachable error (requires fragmentation) 113
11.7 Use Traceroute to determine path MTU 114
11.8 Path MTU discovery using UDP 116
11.9 Interaction between UDP and ARP 118
11.10 Maximum UDP datagram length 119
11.11 ICMP source station suppression error 120
11.12 Design of UDP server 122
11.12.1 Customer IP address and port number 122
11.12.2 Destination IP Address 122
11.12.3 UDP input queue 122
11.12.4 Restricting local IP addresses 124
11.12.5 Restricting remote IP addresses 125
11.12.6 Multiple receivers per port 125
11.13 Summary 126
Chapter 12 Broadcasting and Multicasting 128
12.1 Introduction 128
12.2 Broadcasting 129
12.2.1 Restricted broadcast 129
12.2.2 Broadcasts to the network 129
12.2.3 Broadcasts to subnets 129
12.2.4 Broadcast to all subnets 130
12.3 Broadcasting example 130
12.4 Multicast 132
12.4.1 Multicast group address 133
12.4.2 Multicast group address to Ethernet address conversion 133
12.4.3 Multicast in FDDI and Token Ring Networks 134
12.5 Summary 134
Chapter 13 IGMP: Internet Group Management Protocol 136
13.1 Introduction 136
13.2 IGMP messages 136
13.3 IGMP protocol 136
13.3.1 Joining a multicast group 136
13.3.2 IGMP reports and queries 137
13.3.3 Implementation details 137
13.3.4 Time-to-live field 138
13.3.5 All host groups 138
13.4 An example 138
13.5 Summary 141
Chapter 14 DNS: Domain Name System 142
14.1 Introduction 142
14.2 DNS basics 142
14.3 DNS message format 144
14.3.1 Problem parts in DNS query messages 146
14.3.2 Resource record part in DNS response message 147
14.4 A simple example 147
14.5 Pointer query 150
14.5.1 Example 151
14.5.2 Hostname checking 151
14.6 Resource Records 152
14.7 Caching 153
14.8 UDP or TCP 156
14.9 Another example 156
14.10 Summary 157
Chapter 15 TFTP: Simple File Transfer Protocol 159
15.1 Introduction 159
15.2 Agreement 159
15.3 An example 160
15.4 Security 161
15.5 Summary 162
Chapter 16 BOOTP: Bootstrap Protocol 163
16.1 Introduction 163
16.2 BOOTP packet format 163
16.3 An example 164
16.4 Design of BOOTP server 165
16.5 BOOTP Traversal Router 167
16.6 Vendor-specific information 167
16.7 Summary 168
Chapter 17 TCP: Transmission Control Protocol 170
17.1 Introduction 170
17.2 TCP services 170
17.3 TCP header 171
17.4 Summary 173
Chapter 18 Establishment and Termination of TCP Connection 174
18.1 Introduction 174
18.2 Connection establishment and termination 174
18.2.1 tcpdump output 174
18.2.2 Time series 175
18.2.3 Establishing a connection agreement 175
18.2.4 Connection termination protocol 177
18.2.5 Normal tcpdump output 177
18.3 Timeout for connection establishment 178
18.3.1 First timeout period 178
18.3.2 Service type field 179
18.4 Maximum segment length 179
18.5 TCP Half-Close 180
18.6 TCP state transition diagram 182
18.6.1 2MSL wait state 183
18.6.2 The concept of quiet time 186
18.6.3 FIN_WAIT_2 status 186
18.7 Reset segment 186
18.7.1 Connection request to a non-existent port 187
18.7.2 Abnormal termination of a connection 187
18.7.3 Detecting half-open connections 188
18.8 Open simultaneously 189
18.9 Simultaneous closure 191
18.10 TCP Options 191
18.11 Design of TCP server 192
18.11.1 TCP server port number 193
18.11.2 Qualified local IP addresses 194
18.11.3 Restricted remote IP address 195
18.11.4 Incoming connection request queue 195
18.12 Summary 197
Chapter 19 TCP interactive data flow 200
19.1 Introduction 200
19.2 Interactive input 200
19.3 Acknowledgment withstanding delays 201
19.4 Nagle’s algorithm 203
19.4.1 Turn off the Nagle algorithm 204
19.4.2 An example 205
19.5 Window size notification 207
19.6 Summary 208
Chapter 20 TCP Chunked Data Stream 209
20.1 Introduction 209
20.2 Normal data flow 209
20.3 Sliding windows 212
20.4 Window size 214
20.5 PUSH logo 215
20.6 Slow start 216
20.7 Chunked Data Throughput 218
20.7.1 Bandwidth-delay product 220
20.7.2 Congestion 220
20.8 Emergency mode 221
20.9 Summary 224
Chapter 21 TCP Timeout and Retransmission 226
21.1 Introduction 226
21.2 Simple example of timeout and retransmission 226
21.3 Round trip time measurement 227
21.4 Round trip time RTT example 229
21.4.1 Measurement of round trip time RTT 229
21.4.2 Calculation of RTT estimator 231
21.4.3 Slow start 233
21.5 Congestion Example 233
21.6 Congestion avoidance algorithm 235
21.7 Fast retransmission and fast recovery algorithm 236
21.8 Congestion Example (continued) 237
21.9 Metrics per route 240
21.10 ICMP Errors 240
21.11 Regrouping 243
21.12 Summary 243
Chapter 22 TCP persistence timer 245
22.1 Introduction 245
22.2 An example 245
22.3 Confused Window Syndrome 246
22.4 Summary 250
Chapter 23 TCP keep-alive timer 251
23.1 Introduction 251
23.2 Description 252
23.3 Keep-alive example 253
23.3.1 Crash on the other side 253
23.3.2 The other end crashes and restarts 254
23.3.3 The other end is unreachable 254
23.4 Summary 255
Chapter 24 The Future and Performance of TCP 256
24.1 Introduction 256
24.2 Path MTU discovery 256
24.2.1 An example 257
24.2.2 Large grouping or small grouping 258
24.3 Long fat pipeline 259
24.4 Window expansion options 262
24.5 Timestamp options 263
24.6 PAWS: Serial number to prevent wraparound 265
24.7 T/TCP: TCP extensions for transactions 265
24.8 TCP Performance 267
24.9 Summary 268
Chapter 25 SNMP: Simple Network Management Protocol 270
25.1 Introduction 270
25.2 Agreement 270
25.3 Management information structure 272
25.4 Object identifiers 274
25.5 Introduction to Management Information Base 274
25.6 Instance Identification 276
25.6.1 Simple variables 276
25.6.2 Table 276
25.6.3 Dictionary sort 277
25.7 Some simple examples 277
25.7.1 Simple variables 278
25.7.2 get-next operation 278
25.7.3 Table access 279
25.8 Management Information Base (continued) 279
25.8.1 system group 279
25.8.2 interface group 280
25.8.3 at group 281
25.8.4 ip group 282
25.8.5 icmp group 285
25.8.6 tcp group 285
25.9 Some other examples 288
25.9.1 Interface MTU 288
25.9.2 Routing table 288
25.10 trap 290
25.11 ASN.1 and BER 291
25.12 SNMPv2 292
25.13 Summary 292
Chapter 26 Telnet and Rlogin: remote login 293
26.1 Introduction 293
26.2 Rlogin protocol 294
26.2.1 Starting the application process 295
26.2.2 Flow control 295
26.2.3 Client interrupt key 296
26.2.4 Changing window size 296
26.2.5 Server-to-client commands 296
26.2.6 Client-to-server commands 297
26.2.7 Client escape characters 298
26.3 Rlogin example 298
26.3.1 Initial client-server protocol 298
26.3.2 Customer Interrupt Key 299
26.4 Telnet Protocol 302
26.4.1 NVT ASCII 302
26.4.2 Telnet command 302
26.4.3 Option negotiation 303
26.4.4 Sub-option negotiation 304
26.4.5 Half-duplex, one character at a time, once
One row or row mode 304
26.4.6 Synchronization signals 306
26.4.7 Client escape characters 306
26.5 Telnet example 306
26.5.1 Single character mode 306
26.5.2 Row mode 310
26.5.3 One row at a time (quasi-row mode) 312
26.5.4 Line Mode: Client Interrupt Key 313
26.6 Summary 314
Chapter 27 FTP: File Transfer Protocol 316
27.1 Introduction 316
27.2 FTP protocol 316
27.2.1 Data representation 316
27.2.2 FTP commands 318
27.2.3 FTP responses 319
27.2.4 Connection Management 320
27.3 FTP example 321
27.3.1 Connection Management: Temporary Data Ports 321
27.3.2 Connection management: Default data port 323
27.3.3 Text file transfer: NVT ASCII
Representation or image representation 325
27.3.4 Abnormal abort of a file transfer:
Telnet sync signal 326
27.3.5 Anonymous FTP 329
27.3.6 Anonymous FTP from an unknown IP address 330
27.4 Summary 331
Chapter 28 SMTP: Simple Mail Transfer Protocol 332
28.1 Introduction 332
28.2 SMTP protocol 332
28.2.1 Simple example 332
28.2.2 SMTP commands 334
28.2.3 Envelope, header and body 335
28.2.4 Relay Agents 335
28.2.5 NVT ASCII 337
28.2.6 Retry interval 337
28.3 SMTP Example 337
28.3.1 MX records: host not directly connected to
Internet 337
28.3.2 MX records: Host failure 339
28.3.3 VRFY and EXPN commands 340
28.4 The future of SMTP 340
28.4.1 Envelope changes: Extended SMTP 341
28.4.2 Header changes: non-ASCII characters 342
28.4.3 Text changes: General Internet Mail
Expansion 343
28.5 Summary 346
Chapter 29 Network File Systems 347
29.1 Introduction 347
29.2 Sun Remote Procedure Call 347
29.3 XDR: External Data Representation 349
29.4 Portmapper 349
29.5 NFS Protocol 351
29.5.1 File handles 353
29.5.2 Installation protocol 353
29.5.3 NFS process 354
29.5.4 UDP or TCP 355
29.5.5 NFS over TCP 355
29.6 NFS instances 356
29.6.1 Simple example: reading a file 356
29.6.2 Simple example: creating a directory 357
29.6.3 Stateless 358
29.6.4 Example: Server crash 358
29.6.5 Idempotent processes 360
29.7 Version 3 of NFS 360
29.8 Summary 361
Chapter 30 Other TCP/IP Applications 363
30.1 Introduction 363
30.2 Finger Protocol 363
30.3 Whois protocol 364
30.4 Archie, WAIS, Gopher, Veronica
and WWW 366
30.4.1 Archie 366
30.4.2 WAIS 366
30.4.3 Gopher 366
30.4.4 Veronica 366
30.4.5 World Wide Web WWW 367
30.5 X Window System 367
30.5.1 Xscope program 368
30.5.2 LBX: Low Bandwidth X 370
30.6 Summary 370
Appendix A tcpdump program 371
Appendix B Computer Clock 376
Appendix C sock program 378
Solutions to some exercises in Appendix D 381
Appendix E Configuration Options 395
Appendix F Freely available source code 406
References 409
Abbreviations 420