TCP/IP (Transmission Control Protocol Internet Protocol)
IP Addressing
·
IPv4
·
IP Address Classes
·
Subnet Mask Assignment
·
Default Gateways
·
IPv6 Addressing
·
Sub-netting
·
Identifying the Differences Between Public and
Private Networks
·
Private Address Ranges
·
Assigning IP Addresses
·
Static Addressing
·
Dynamic Addressing
·
DHCP-Dependent and Independent
·
APIPA
·
TCP/IP Protocols
·
Internet Protocol (IP)
·
Transmission Control Protocol (TCP)
·
User Datagram Protocol (UDP)
·
File Transfer Protocol (FTP)
·
FTP Security Concerns
·
Secure File Transfer Protocol (SFTP)
·
Trivial File Transfer Protocol (TFTP)
·
Simple Mail Transfer Protocol (SMTP)
·
Hypertext Transfer Protocol (HTTP)
·
Hypertext Transfer Protocol Secure (HTTPS)
·
Post Office Protocol version 3 (POP3) and
Internet Message Access Protocol version 4 (IMAP4)
·
Telnet
·
Secure Shell (SSH)
·
Internet Control Message Protocol (ICMP)
·
Address Resolution Protocol/Reverse Address
Resolution Protocol (ARP/RARP)
·
Network Time Protocol (NTP)
·
Network News Transport Protocol (NNTP)
·
Secure Copy Protocol (SCP)
·
Lightweight Directory Access Protocol (LDAP)
·
Internet Group Management Protocol (IGMP)
·
Line Printer Remote (LPR)
·
TCP/IP Protocol Suite Summary
·
TCP/UDP Port Functions
·
Network Services
·
Domain Name Service (DNS)
·
Network Address Translation (NAT) and Internet
Connection Sharing (ICS)
·
NAT
·
ICS
·
Windows Internet Name Service (WINS)
·
Simple Network Management Protocol (SNMP)
·
Network File System (NFS)
·
Zero Configuration (Zero conf)
·
Server Message Block (SMB)
·
Apple File Protocol (AFP)
·
Line Printer Daemon (LPD)
·
TCP/IP (Transmission Control
Protocol/Internet Protocol)
Without question, the TCP/IP protocol suite is the most widely
implemented protocol on networks today.
This tutorial deals with the individual protocols within the
protocol suite. The tutorial-looks at the function of the individual protocols
and their purposes. It starts by discussing 76one of the more complex facets of
TCP/IP-addressing.
IP Addressing
IP addressing is one of the most challenging aspects of TCP/IP and
one that can leave even the most seasoned network administrators scratching
their heads. The following sections look at how IP addressing works for both
IPv4 and the newest version of the IP, IPV6.
To communicate on a network using the TCP/IP protocol, each system
has to be assigned a unique address. The address defines both the number of the
network to which the device is attached and the number of the node on that
network. In other words, the IP address provides two pieces of information.
It's a bit like a street name and a house number of a person's home address.
Each device on a logical network segment must have the same
network address as all the other devices on the segment. All the devices on
that network segment must then have different node addresses.
In IP addressing, another set of numbers, called a subnet mask, is
used to define which portion of the IP address refers to the network address
and which refers to the node address.
IP addressing is different in IPv4 and IPv6. We'll begin our
discussion by looking at IPv4, as IPv6 networks are still few and far between.
IPv4
An IPv4 address is composed of four sets of 8 binary bits, which
are referred to as octets. The result is that IP addresses are 32 bits in
length. Each bit in each octet is assigned a decimal value. The leftmost bit
has a value of 128, followed by 64, 32, 16, 8, 4, 2, and 1, left to right.
Each bit in the octet can be either a 1 or a 0. If the value is 1,
it is counted as its decimal value, and if it is 0, it is ignored. If all the
bits are 0, the value of the octet is 0. If all the bits in the octet are 1,
the value is 255, which is 128+64+32+16+8+4+2+1.
By using the set of 8 bits and manipulating the 1s and 0s, you can
obtain any value between 0 and 255 for each octet.
Table 1 shows some examples of decimal-to-binary value
conversions.
Table
1 Decimal-to-Binary Value Conversions
|
||
Decimal Value
|
Binary Value
|
Decimal Calculation
|
10
|
00001010
|
8+2=10
|
192
|
11000000
|
128+64=192
|
205
|
11001101
|
128+64+8+4+1=205
|
223
|
11011111
|
128+64+16+8+4+2+1=223
|
IP Address Classes
IP addresses are grouped into logical divisions called classes. In
the IPv4 address space, there are five address classes (A through E), although
only three (A, B, C) are used for assigning addresses to clients. Class D is
reserved for multicast addressing, and Class E is reserved for future
development.
Of the three classes available for address assignments, each uses
a fixed-length subnet mask to define the separation between the network and the
node address. A Class A address uses only the first octet to represent the
network portion, a Class B address uses two octets, and a Class C address uses
the first three octets. The upshot of this system is that Class A has a small
number of network addresses, but each class A address has a very large number
of possible host addresses. Class B has a larger number of networks, but each
class B address has a smaller number of hosts. Class C has an even larger
number of networks, but each Class C address has an even smaller number of
hosts. The exact numbers are provided in Table 2.
Table
2 IPv4 Address Classes and the Number of Available Network/Host Addresses
|
||||
Address Class
|
Range
|
Number of Networks
|
Number of Hosts per Network
|
Binary Value of First Octet
|
A
|
1126
|
126
|
16,777,214
|
0xxxxxxx
|
B
|
128191
|
16384
|
65,534
|
10xxxxxx
|
C
|
192223
|
2,097,152
|
254
|
110xxxxx
|
D
|
224239
|
NA
|
NA
|
1110xxxx
|
E
|
240255
|
NA
|
NA
|
1111xxxx
|
Subnet Mask Assignment
Like an IP address, a subnet mask is most commonly expressed in a
32-bit dotted-decimal format. Unlike an IP address, though, a subnet mask
performs just one function: It defines which parts of the IP address refer to
the network address and which refer to the node address. Each of the classes of
IP address used for address assignment has a standard subnet mask associated
with it. The default subnet masks are listed in Table 3.
Table
3 Default Subnet Masks Associated with IP Address Classes
|
|
Address Class
|
Default Subnet Mask
|
A
|
255.0.0.0
|
B
|
255.255.0.0
|
C
|
255.255.255.0
|
Default Gateways
Default gateways are the means by which a device can access hosts on
other networks for which it does not have a specifically configured route. Most
workstation configurations actually just use a default gateway rather than
having any static routes configured. Such a configuration is practical because
workstations are typically only connected to one network, and thus have only
one way off that network.
When a system wants to communicate with another device, it first
determines whether the host is on the local network or a remote network. If the
host is on a remote network, the system looks in the routing table to determine
whether it has an entry for the network that the remote host is on. If it does,
it uses that route. If it does not, the data is sent to the default gateway.
In essence, the default gateway is simply the path out of the
network for a given device.
IPv6 Addressing
Although IPv4 has served us well for a number of years, it is
finally starting to reach its end. The main problem with IPv4 is simply that
the demand for IP addresses outweighs what IPv4 is capable of providing. That
is where IPv6 comes in.
By far, the most significant aspect of IPv6 is its addressing
capability. The address range of IPv4 is nearly depleted, and it is widely
acknowledged that we are just at the beginning of the digital era. Therefore,
we need an addressing scheme that offers more addresses than can possibly be
used in the foreseeable future. IPv6 delivers exactly that. Whereas IPv4 uses a
32-bit address, IPv6 uses a 128-bit address that yields a staggering
340,282,366,920,938,463,463,374,607,431,768,211,456 possible addresses!
IPv6 addresses are expressed in a different format from those used
in IPv4. An IPv6 address is composed of eight octet pairs expressed in
hexadecimal, separated by colons. The following is an example of an IPv6
address:
42DE:7E55:63F2:21AA:CBD4:D773:CC21:554F
Sub-netting
Now that you have looked at how IP addresses are used, you can
learn the process of sub-netting. Sub-netting is a process by which the node
portions of an IP address are used to create more networks than you would have
if you used the default subnet mask.
To illustrate sub-netting, let's use an example. Suppose that you
have been assigned the Class B address 150.150.0.0. Using this address and
the default subnet mask, you could have a single network (150.150) and use the rest of the address as node
addresses. This would give you a large number of possible node addresses, which
in reality is probably not very useful. With sub-netting, you use bits from the
node portion of the address to create more network addresses. This reduces the
number of nodes per network, but chances are, you will still have more than
enough.
There are two main reasons for sub-netting. First, it allows you
to use IP address ranges more effectively. Second, it provides increased
security and manageability to IP networking by providing a mechanism to create
multiple networks rather than having just one. Using multiple networks confines
traffic to only the network that it needs to be on, which reduces overall
network traffic levels. Multiple subnets also create more broadcast domains,
which in turn reduces network wide broadcast traffic.
Identifying the Differences
Between Public and Private Networks
IP addressing involves many considerations, not least important of
which are public and private networks. A public network is a network to which
anyone can connect. The best, and perhaps only pure, example of such a network
is the Internet. A private network is any network to which access is
restricted. A corporate network or a network in a school are examples of
private networks.
The main difference between public and private networks, apart
from the fact that access to a private network is tightly controlled and access
to a public network is not, is that the addressing of devices on a public
network must be considered carefully, whereas addressing on a private network
has a little more latitude.
As already discussed, in order for hosts on a network to
communicate by using TCP/IP, they must have unique addresses. This number defines
the logical network each host belongs to and the host's address on that
network. On a private network with, say, three logical networks and 100 nodes
on each network, addressing is not a particularly complex task. On a network on
the scale of the Internet, however, addressing is very complex.
If you are connecting a system to the Internet, you need to get a
valid registered IP address. Most commonly, you would obtain this address from
your ISP. Alternatively, for example, if you wanted a large number of
addresses, you could contact the organization responsible for address
assignment in your geographical area. You can determine who the regional
numbers authority for your area is by visiting the IANA website.
Because of the nature of their business, ISPs have large blocks of
IP addresses that they can assign to their clients. If you need a registered IP
address, getting one from an ISP will almost certainly be a simpler process
than going through a regional numbers authority. Some ISPs' plans actually include
blocks of registered IP addresses, working on the principle that businesses are
going to want some kind of permanent presence on the Internet. Of course, if
you discontinue your service with the ISP, you will no longer be able to use
the IP address they provided.
Private Address Ranges
To provide flexibility in addressing and to prevent an incorrectly
configured network from polluting the Internet, certain address ranges are set
aside for private use. These address ranges are called private ranges because
they are designated for use only on private networks. These addresses are
special because Internet routers are configured to ignore any packets they see
that use these addresses. This means that if a private network
"leaks" onto the Internet, it won't make it any farther than the
first router it encounters.
Three ranges are defined in RFC 1918one each from Classes A, B,
and C. You can use whichever range you want, although the Class A and Class B
address ranges offer more addressing options than does Class C. The address
ranges are defined in Table 4.
Table
4 Private Address Ranges
|
||
Class
|
Address Range
|
Default Subnet Mask
|
A
|
10.0.0.010.255.255.255
|
255.0.0.0
|
B
|
172.16.0.0172.31.255.255
|
255.255.0.0
|
C
|
192.168.0.0192.168.255.255
|
255.255.255.0
|
Assigning IP Addresses
Having established the need for each system on a TCP/IP based
network to have a unique address, we can now go on to look at how those systems
receive their addresses.
Static Addressing
Static addressing refers to the manual assignment of IP addresses
to a system. There are two main problems with this approach. Statically
configuring one system with the correct address is simple, but in the course of
configuring, say, a few hundred systems, mistakes are likely to be made. If the
IP addresses are entered incorrectly, the system will most likely not be
capable of connecting to other systems on the network. Another drawback of
static addressing is reconfiguration. If the IP addressing scheme for the
organization changes, each system must again be manually reconfigured. In a
large organization with hundreds or thousands of systems, such a
reconfiguration could take a considerable amount of time. These drawbacks to
static addressing are so significant that nearly all networks use dynamic IP
addressing.
Dynamic Addressing
Dynamic addressing refers to the assignment of IP addresses
automatically. On modern networks the mechanism used to do this is the Dynamic
Host Configuration Protocol (DHCP). DHCP is a protocol, part of the TCP/IP
protocol suite, which enables a central system to provide client systems with
IP addresses. Assigning addresses automatically with DHCP alleviates the burden
of address configuration and reconfiguration that occurs with static IP
addressing.
The basic function of the DHCP service is to automatically assign
IP addresses to client systems. To do this, ranges of IP addresses, known as
scopes, are defined on a system that is running a DHCP server application. When
another system configured as a DHCP client is initialized, it asks the server
for an address. If all things are as they should be, the server assigns an
address to the client for a predetermined amount of time, which is known as the
lease, from the scope.
A DHCP server can typically be configured to assign more than just
IP addresses; they are often used to assign the subnet mask, the default
gateway, and Domain Name Service (DNS) information.
Using DHCP means that administrators do not have to manually
configure each client system with a TCP/IP address. This removes the common
problems associated with statically assigned addresses such as human error. The
potential problem of assigning duplicate IP addresses is also eliminated. DHCP
also removes the need to reconfigure systems if they move from one subnet to
another, or if you decide to make a wholesale change of the IP addressing
structure.
DHCP-Dependent and Independent
DHCP is a protocol-dependant service, not a platform dependent
service. This means that you can use, for example, a Linux DHCP server for a
network with Windows clients or a Novell DHCP server with Linux clients.
Like DHCP, BOOTP is a broadcast-based system. Therefore, routers
must be configured to forward BOOTP broadcasts. Today, it is far more likely
that DHCP, rather than BOOTP, is used.
APIPA
Automatic Private IP addressing (APIPA) is a feature introduced
with Windows 98, and has been included in all subsequent Windows versions. The
function of APIPA is that a system is capable of providing itself with an IP
address in the event that it is incapable of receiving an address dynamically
from a DHCP server. In such an event, APIPA assigns the system an address from
the 169.254.0.0address
range and configures an appropriate subnet mask (255.255.0.0). However, it doesn't configure the system with a default gateway
address. As a result, communication is limited to the local network.
The idea behind APIPA is that systems on a segment can communicate
with each other in the event of DHCP server failure. In reality, the limited
usability of APIPA makes it little more than a last resort measure. For
example, imagine that a system is powered on while the DHCP server is
operational and receives an IP address of 192.168.100.2. Then the DHCP server fails. Now, if the other
systems on the segment are powered on and are unable to get an address from the
DHCP server because it is down, they would self-assign addresses in the 169.254.0.0 address range via APIPA. The systems with APIPA addresses
would be able to talk to each other, but they couldn't talk to a system that
received an address from the DHCP server. Likewise, any system that received an
IP address via DHCP would be unable to talk to systems with APIPA assigned
addresses. This, and the absence of a default gateway, is why APIPA is of
limited use in real-world environments.
TCP/IP Protocols
The TCP/IP protocol suite is made up of many different protocols,
each of which performs a specific task or function. The following sections look
at the functions of these protocols and their purposes.
Internet Protocol (IP)
The IP protocol is a network layer protocol responsible for
transporting data between network devices and for handling IP addressing. IP is
a connectionless protocol, meaning that data delivery is not guaranteed; it
takes the best-effort approach.
Transmission Control Protocol (TCP)
TCP functions at the transport layer of the OSI model and is a
connection-oriented protocol that uses IP as its network protocol. Being
connection-oriented means that TCP establishes a mutually acknowledged session
between two hosts before communication takes place. TCP provides reliability to
IP communications. Specifically, TCP adds features such as flow control,
sequencing, and error detection and correction. For this reason, higher-level
applications that need guaranteed delivery use TCP rather than its lightweight
and connectionless brethren, the User Datagram Protocol (UDP).
User Datagram Protocol (UDP)
UDP operates at the transport layer of the OSI model and performs
functions similar to that of TCP, with one notable difference; UDP is a
connectionless protocol and does not guarantee data delivery. Both TCP and UDP
use IP as its transport protocol.
Because UDP does not need to guarantee data delivery it is much
more efficient than TCP, so for applications that don't need the added features
of TCP, UDP is much more economical in terms of bandwidth and processing
effort. A good example of UDP is an online radio station that sends data but
does not confirm data delivery.
File Transfer Protocol (FTP)
The FTP protocol is an application layer protocol that provides a
method for uploading and downloading files from a remote system running FTP
server software. FTP uses the TCP transport protocol to guarantee the delivery
of data packets.
FTP has some basic security capabilities, such as a capability to
authenticate users. However, rather than create a user account for every user,
you can configure FTP server software to accept anonymous logons. When you do
this, the username is anonymous, and the password is normally the user's email
address. Most FTP servers that offer files to the general public operate in
this way.
FTP is popular for distributing files over the Internet but is
also used within organizations that need to frequently exchange large files
with other people or organizations that find it impractical to use regular
email.
FTP Security Concerns
One significant issue with FTP is that usernames and passwords are
communicated between client and host in clear text. This is a potential
security concern. For this reason, secure methods of copying files such as
SFTP, discussed later, are becoming more commonly used.
FTP is platform independent, meaning that all the common network
operating systems offer FTP server capabilities. In addition, all commonly used
client operating systems offer FTP client functionality. Alternatively,
third-party utilities such as Smart-FTP and Cute-FTP are often used.
There are several commands that can be used with FTP. Table 5
lists the commands that are used with the FTP protocol.
Table
5 FTP Commands
|
|
Command
|
Purpose
|
ls
|
Lists the files in the current
directory on the remote system.
|
cd
|
Changes the working directory on
the remote host.
|
lcd
|
Changes the working directory on
the local host.
|
put
|
Uploads a single file to the
remote host.
|
get
|
Downloads a single file from the
remote host.
|
m-put
|
Uploads multiple files to the
remote host.
|
m-get
|
Downloads multiple files from the
remote host.
|
binary
|
Switches transfers into binary
mode.
|
ascii
|
Switches transfers into ASCII mode
(the default).
|
Secure File Transfer Protocol (SFTP)
One of the big problems associated with FTP is that it transmits
data between sender and receiver in an unencrypted format. The solution is the
Secure File Transfer Protocol, which is based on Secure Shell (SSH) technology.
SSH provides robust authentication between sender and receiver, in addition to
encryption capabilities.
SFTP is implemented through client and server software that is
available for all commonly used computing platforms.
Trivial File Transfer Protocol (TFTP)
A variation on FTP is TFTP, which is also a file transfer
mechanism. FTP and TFTP are both application layer protocols; however, TFTP
does not have the rudimentary security capability or the level of functionality
that FTP has. TFTP uses only UDP as a transport protocol, making it a
connectionless protocol. As such, it has a lower overhead than FTP.
Another feature that TFTP does not offer is directory navigation.
In FTP, commands can be executed to navigate around and manage the file system;
TFTP offers no such capability. TFTP requires that you request not only exactly
what you want, but also from what specific location.
Simple Mail Transfer Protocol (SMTP)
The SMTP protocol defines how mail messages are sent between
hosts. SMTP is a connection-oriented protocol; it uses TCP connections to
guarantee error-free delivery of messages. SMTP is not overly sophisticated and
requires that the destination host always be available.
For this reason, mail systems spool incoming mail so that users
can read it at a later time. How the user then reads the mail depends on how
the client accesses the SMTP server. SMTP is an application layer protocol.
Today, SMTP is often used to send email between
servers, whereas another protocol such as POP3 or IMAP4 is used to download the
email from the server to a client system.
Hypertext Transfer Protocol
(HTTP)
In practical uses, HTTP is the protocol that allows text,
graphics, multimedia, and other material to be downloaded from an HTTP server
(commonly called a Web server). HTTP defines which actions clients can request
and how servers should answer those requests. HTTP uses TCP as a transport
protocol, making it a connection-oriented protocol. However, it can also use
UDP for certain functions.
HTTP uses a uniform resource locator (URL) to determine which page
should be downloaded from the remote server. The URL contains the type of
request (for example, http ://), the name of the server being contacted (for
example, www.novell.com), and optionally the page being requested (for example,
/support). The result is the syntax that Internet-savvy people are familiar with:
http. HTTP functions at the application layer of the OSI model.
Hypertext Transfer Protocol
Secure (HTTPS)
Normal HTTP requests are sent in clear text, and for some Internet
transactions such as online banking or e-commerce, this poses a significant
security problem. The solution for such applications is to use the HTTPS
protocol. HTTPS uses a security technology known as Secure Sockets Layer (SSL),
which encrypts the information sent between the client and the host. You can
tell when you are accessing a page with HTTPS because the URL will have an
HTTPS:// address as opposed to 'plain' HTTP, which uses an address of HTTP://.
An example of an HTTPS URL address ishttps://www.nationalonlinebank.com.
Like HTTP, HTTPS uses the TCP transport protocol and operates at
the application layer of the OSI model.
Post Office Protocol version 3
(POP3) and Internet Message Access Protocol version 4 (IMAP4)
Both POP3 and IMAP4 are mechanisms for downloading, or pulling,
email from a mail server. They are necessary because, although the mail is
transported around the network via SMTP, users cannot always read it immediately
so it must be stored in a central location. From this location, it must then be
downloaded, which is what POP3 and IMAP4 allow you to do.
One of the problems with POP3 is that the password used to access
a mailbox is transmitted across the network in clear text. That means if
someone wanted to, he could determine your POP3 password with relative ease.
This is an area in which IMAP4 offers an advantage over POP3. It uses a more
sophisticated authentication system, which makes it harder for someone to determine
a password.
Telnet
The function of Telnet is to allow the establishment of sessions
on a remote host. A user can then execute commands on that remote host as if he
were physically sitting at the system. Telnet is widely used to access UNIX and
Linux systems, as well as to administer some managed networking equipment such
as switches or routers. Telnet uses TCP as a transport layer protocol and
functions at the application layer of the OSI model.
Secure Shell (SSH)
Secure Shell (SSH) is a secure alternative to Telnet. SSH provides
security by encrypting data as it travels between systems. It also provides
more robust authentication systems than Telnet.
Although SSH, like Telnet, is primarily associated with UNIX and
Linux systems, implementations of SSH are available for all commonly used
computing platforms including Windows and Macintosh. As discussed earlier, SSH
is the foundational technology for the Secure File Transfer Protocol (SFTP).
Internet Control Message Protocol
(ICMP)
ICMP is a protocol that works with IP to provide error checking
and reporting functionality. In effect, ICMP is a tool that IP uses in its
quest to provide best-effort delivery. ICMP functions at the network layer of
the OSI model.
ICMP can be used for a number of functions. Its most common is
probably the widely used and incredibly useful ping utility. Ping-sends a stream of ICMP echo requests to a remote host. If the host
is able to respond, it does so by sending echo reply messages back to the
sending host. In that one simple process, ICMP enables the verification of the
protocol suite configuration of both the sending and receiving nodes and any
intermediate networking devices.
Address Resolution
Protocol/Reverse Address Resolution Protocol (ARP/RARP)
The basic function of the ARP protocol is to resolve IP addresses
to Media Access Control (MAC) addresses. When a system attempts to contact
another host, IP first determines whether the other host is on the same network
it is on by looking at the IP address. If IP determines that the destination is
on the local network, it consults the ARP cache to determine whether it has a
corresponding entry.
If there is not an entry for the host in the ARP cache, IP sends a
broadcast on the local network, asking the host with the target IP address to
send back its MAC address. The communication is sent as a broadcast because
without the target system's MAC address, the source system is unable to
communicate directly with the target system.
The Reverse Address Resolution Protocol (RARP) performs the same
function as ARP, but in reverse. In other words, it resolves MAC addresses to
IP addresses. RARP makes it possible for applications or systems to learn their
own IP address from a router or DNS server. Such a resolution comes in handy for
tasks such as performing reverse lookups in DNS.
Network Time Protocol (NTP)
NTP uses the TCP transport protocol and is the protocol that
facilitates the communication of time information between systems. The idea is
that one system configured as a time provider transmits time information to
other systems that can be both the time receivers and the time providers to
other systems.
Network News Transport Protocol (NNTP)
The Network News Transfer Protocol (NNTP) is a protocol associated
with posting and retrieving messages from newsgroups. A newsgroup is the name
given to a discussion forum that is hosted on a remote system. By using NNTP
client software, similar to that included with many common email clients, users
can post, reply, and retrieve messages.
NNTP is an application layer protocol that uses TCP as its
transport mechanism.
Secure Copy Protocol (SCP)
The Secure Copy Protocol (SCP) is another protocol based on Secure
Shell (SSH) technology.
SCP provides a secure means to copy files between systems on a
network. By using SSH technology, it encrypts data as it travels across the
network, thereby securing it from eavesdropping.
It is intended as a more secure substitute for the Remote Copy
Protocol (RCP). SCP is most commonly associated with UNIX or Linux platforms,
though it is available as a command-line utility or as part of application
software for most commonly used computing platforms. SCP operates at the
application layer of the OSI model.
Lightweight Directory Access
Protocol (LDAP)
The Lightweight Directory Access Protocol (LDAP) is a protocol
that provides a mechanism to access and query directory services systems. These
directory services systems are most likely to be Novell Directory Services
(NDS) and Microsoft's Active Directory.
Although LDAP supports command-line queries that are executed
directly against the directory database, most LDAP interactions will be via
utilities such as an authentication program (network logon) or locating a
resource in the directory through a search utility. LDAP operates at the
application layer of the OSI model.
Internet Group Management
Protocol (IGMP)
The Internet Group Management Protocol (IGMP) protocol is
associated with the process of multicasting. Multicasting is a mechanism by
which groups of network devices can send and receive data between the members
of the group at one time, rather than separately sending messages to each
device in the group.
The IGMP protocol is used to register devices into a multicast
group, as well as to discover what other devices on the network are members of
the same multicast group. Common applications for multicasting include groups
of routers on an internetwork and videoconferencing clients. IGMP operates at
the network layer of the OSI model.
Line Printer Remote (LPR)
The Line Printer Remote (LPR) protocol provides a means to connect
to print servers on a network. It is a generic printing protocol supported by
all commonly used operating systems including UNIX, Windows, and Linux.
To make use of LPR, client software is installed on a system. When
a file is sent to print, it is channeled over the network by LPR to a print
server or printer. That server or printer runs a print server program, normally
the Line Printer Daemon (LPD), which accepts the LPR information and adds that
job to the print queue. LPR operates at the application layer of the OSI model.
TCP/IP Protocol Suite Summary
The details of each of the protocols discussed in the preceding
sections are summarized in Table 6.
Table
6 TCP/IP Protocol Suite Summary
|
|||
Protocol
|
Full Name
|
Description
|
OSI Layer
|
IP
|
Internet Protocol
|
Connectionless protocol used for
moving data around a network.
|
Network
|
TCP
|
Transmission Control Protocol
|
Connection-oriented protocol that
offers flow control, sequencing, and retransmission of dropped packets.
|
Transport
|
UDP
|
User Datagram Protocol
|
Connectionless alternative to TCP
that is used for applications that do not require the functions offered by
TCP.
|
Transport
|
FTP
|
File Transfer Protocol
|
Protocol for uploading and
down-loading files to and from a remote host; also accommodates basic
file-management tasks.
|
Application
|
SFTP
|
Secure File Transfer Protocol
|
Protocol that performs a similar
function to FTP, but provides more secure authentication and encryption
mechanisms.
|
Application
|
TFTP
|
Trivial File Transfer Protocol
|
File transfer protocol that does
not have the security or error-checking capabilities of FTP; uses UDP as a
transport protocol and is therefore connectionless.
|
Application
|
SMTP
|
Simple Mail Transfer Protocol
|
Mechanism for transporting email
across networks.
|
Application
|
HTTP
|
Hypertext Transfer Protocol
|
Protocol for retrieving files from
a Web server.
|
Application
|
HTTPS
|
Hypertext Transfer Protocol Secure
|
Secure protocol for retrieving
files from a Web server.
|
Application
|
POP3/IMAP4
|
Post Office Protocol version
3/Internet Message Access Protocol version 4
|
Used for retrieving email from a
server on which the mail is stored.
|
Application
|
Telnet
|
Telnet
|
Allows sessions to be opened on a
remote host.
|
Application
|
SSH
|
Secure Shell
|
Like Telnet, allows sessions to be
opened on a remote host, but provides authentication and encryption
capabilities.
|
Application
|
ICMP
|
Internet Control Message Protocol
|
Used for error reporting, flow
control, and route testing.
|
Network
|
ARP
|
Address Resolution Protocol
|
Resolves IP addresses to MAC
addresses, to enable communication between devices.
|
Network
|
RARP
|
Reverse Address Resolution
Protocol
|
Resolves MAC addresses to IP
addresses.
|
Network
|
NTP
|
Network Time Protocol
|
Used to communicate time synchronization
information between devices.
|
Application
|
NNTP
|
Network News Transport Protocol
|
Protocol used for accessing and
downloading messages from Internet-based newsgroups.
|
Application
|
SCP
|
Secure Copy Protocol
|
Protocol that uses Secure Shell
(SSH) technology to provide a safe way to copy files between systems.
|
Application
|
LDAP
|
Lightweight Directory Access
Protocol
|
Provides a mechanism to access
directory services systems
|
Application
|
IGMP
|
Internet Group Management Protocol
|
Protocol used for communication
between devices in a multicast group.
|
Network
|
LPR
|
Line Printer Remote
|
Provides a mechanism to send
printing tasks to a print server.
|
Application
|
TCP/UDP Port Functions
Each TCP/IP protocol or application has a port associated with it.
When a communication is received, the target port number is checked to
determine which protocol or service it is destined for. The request is then
forwarded to that protocol or service. Take, for example, HTTP, whose assigned
port number is 80. When a
Web browser forms a request for a web page, the request is sent to port 80 on the target system. When the target system receives the
request, it examines the port number and when it sees that the port is 80, it forwards the request to the Web server application.
TCP/IP has 65,535 ports available with 0 to 1023 being
labeled as the well-known ports. It is important to understand the numbers of
some of the well-known ports, as administration often requires you to specify
port assignments when working with applications and configuring services. Table
7 shows some of the most common port assignments.
Table
7 TCP/IP Port Assignments for Commonly Used Protocols
|
|
Protocol
|
Port Assignment
|
FTP
|
20
|
FTP
|
21
|
SSH
|
22
|
Telnet
|
23
|
SMTP
|
25
|
DNS
|
53
|
TFTP
|
69
|
HTTP
|
80
|
POP3
|
110
|
NNTP
|
119
|
NTP
|
123
|
IMAP4
|
143
|
HTTPS
|
443
|
Domain Name Service (DNS)
The function of the DNS service is to resolve hostnames, such as
server1.xyz.com, to IP addresses. Such a resolution system makes it possible
for people to remember the names of, and refer to frequently used hosts, using
the easy-to-remember hostnames rather than the hard-to-remember IP addresses.
Similar to other TCP/IP-based services, DNS is a
platform-independent protocol. Therefore, it can be used on Linux, UNIX,
Windows, NetWare, and almost every other platform.
On networks where there is no DNS server, it is possible to
resolve hostnames to IP address using the HOSTS file; however, such
environments are becoming increasingly rare. All common network operating
systems now include DNS server application software.
The HOSTS file is a text file, found on almost all PC operating
systems, in which you can place hostname-to-IP-address resolution information.
When HOSTS files are used, it's up to the administrator to manually make
changes to the file if needed.
This factor alone is sufficient to make the installation of a DNS
server an obvious choice.
Network Address Translation (NAT) and
Internet Connection Sharing (ICS)
NAT and ICS are two strategies that enable networks to access the
Internet through a single connection. Having a single access point for the
network enables an organization to have Internet access with a single IP
address.
NAT
The basic principle of NAT is that many computers can
"hide" behind a single registered IP address or a group of registered
IP addresses. Using NAT means that, in its most basic implementation, only one
registered IP address is needed on the external interface of the system that is
acting as the gateway between an internal private network and an external public
network such as the Internet.
A system performing the NAT service funnels the requests that are
given to it to the external network. For instance, a client requests a website,
and the request goes through the NAT server to the Internet. To the remote system,
the request looks like it is originating from a single address, that of the NAT
server, and not the individual client systems making the request. The system
that is performing the NAT function keeps track of who asked for what and makes
sure that when the data is returned, it is directed to the correct system.
Servers that provide NAT functionality do so in different ways.
For example, it is possible to statically map a single internal IP address to a
single external one so that outgoing requests are always tagged with the same
IP address. Alternatively, if you have a group of public IP addresses, you can
have the NAT system assign addresses to devices on a first-come, first-serve
basis. Either way, the basic function of NAT is the same.
ICS
Although ICS is discussed separately from NAT, it is nothing more
than an implementation of NAT on Windows platforms since Windows Me. ICS makes
it very simple to share an Internet connection with multiple systems on the
network.
Because ICS was intended as a simple mechanism for a small office
network or a home network to share a single Internet connection, configuration
is simple. However, simplicity is also the potential downfall of ICS. ICS
provides no security, and the system providing the shared connection is not
secure against outside attacks. For that reason, ICS should be used only when
no other facilities are available or in conjunction with a firewall
application, which later versions of Microsoft Windows, such as XP, now
include.
Windows Internet Name Service
(WINS)
On Windows networks, a system called WINS enables Network Basic
Input /Output System (NetBIOS) names to be resolved to IP addresses. NetBIOS
name resolution is necessary on Windows networks so that systems can locate and
access each other by using the NetBIOS computer name rather than the IP
address. It's a lot easier for a person to remember a computer called secretary
than to remember its IP address, 192.168.2.34. The NetBIOS name needs
to be resolved to an IP address and subsequently to a MAC address (by ARP).
NetBIOS name resolution can be performed three ways on a network.
The simplest way is to use a WINS server on the network that will automatically
perform the NetBIOS name resolution. If a WINS server is not available, the
NetBIOS name resolution can be performed statically using a LMHOSTS file. Using
a LMHOSTS file requires that you manually configure at least one text file with
the entries. As you can imagine, this can be a time-consuming process,
particularly if the systems on the network change frequently. The third method,
and the default, is that systems will resolve NetBIOS names using broadcasts.
There are two problems with this approach. First, the broadcasts create
additional network traffic, and second, the broadcasts cannot traverse routers
unless the router is configured to forward them. This means that resolutions
between network segments are not possible.
Simple Network Management
Protocol (SNMP)
SNMP is a management protocol that enables network devices to
communicate information about their state to a central system. It also enables
the central system to pass configuration parameters to the devices.
In an SNMP configuration, a system known as a manager acts as the
central communication point for all the SNMP-enabled devices on the network. On
each device that is to be managed and monitored via SNMP, software called an
SNMP agent is set up and configured with the IP address of the manager.
Depending on the configuration, the SNMP manager is then capable of
communicating with and retrieving information from the devices running the SNMP
agent software. In addition, the agent is able to communicate the occurrence of
certain events to the SNMP manager as they happen. These messages are known as
traps.
An important part of SNMP is an SNMP management system, which is a
computer running a special piece of software called a Network Management System
(NMS). These software applications can be free, or they can cost thousands of
dollars. The difference between the free applications and those that cost a
great deal of money normally boils down to functionality and support. All NMS
systems, regardless of cost, offer the same basic functionality. Today, most
NMS applications use graphical maps of the network to locate a device and then
query it. The queries are built in to the application and are triggered by a
point and click. You can actually issue SNMP requests from a command-line
utility, but with so many tools available, it is simply not necessary.
An SNMP agent can be any device capable of running a small
software component that facilitates communication with an SNMP manager. SNMP
agent functionality is supported by almost any device designed to be connected
to a network.
Network File System (NFS)
The Network File System (NFS) is a protocol and network service
that allows you to access file systems on remote computers across the network.
NFS is most commonly associated with UNIX and Linux operating system platforms,
but versions of NFS are available for a wide range of server operating systems
including Microsoft Windows. From a client perspective, UNIX and Linux
implementations use NFS as the default file system access mechanism. However,
versions of NFS client software are also available for most commonly deployed
workstation operating systems.
Zero Configuration (Zero-conf)
Zero Configuration (Zero-conf) provides a means of networking
computer systems together without requiring specific network configuration.
This approach is becoming increasingly necessary as we use a larger number and
wider variety of computing devices in a networked scenario.
There are three basic requirements for a system to support Zero-conf.
First, the system must be capable of assigning itself an IP address without the
need for a DHCP server. Second, the system must be capable of resolving the
hostname of another system to an IP address without the use of a DNS server.
Finally, a system must be capable of locating or advertising services on the
network without a directory services system such as Microsoft's Active Directory
or Novell Directory Services. Currently, Zero Configuration is supported, with
additional software, by Mac and Windows operating systems, as well as by Linux
and UNIX.
Server Message Block (SMB)
Server Message Block (SMB) is an application and presentation
layer protocol that provides a mechanism to access shared network resources
such as files or printers on network servers. SMB is the default file access
method used on Windows networks. Today, SMB is more commonly referred to as the
Common Internet File System (CIFS), though the functionality remains the same.
On a network that uses Windows servers and clients, administrators access the
functionality of SMB through Windows Explorer and the command line NET utility.
Apple File Protocol (AFP)
The Apple File Protocol (AFP), more correctly called the AppleTalk
Filing Protocol, is to Apple systems what NFS is to Linux/UNIX systems, and SMB
or CIFS is to Windows Systems. It is a protocol through which the file system
on remote computers can be accessed. AFP is not widely used outside of Apple
networks, and unless you are working on networks that use Apple Macintosh
systems, you are unlikely to encounter AFP.
Line Printer Daemon (LPD)
The Line Printer Daemon (LPD) protocol provides print services on
both client and server systems. The most common use of LPD is as a print server
and client on UNIX and Linux systems. As well as providing the basic print
mechanisms, LPD supports a set of commands that enable the print queue to be
controlled. It also provides commands for controlling print jobs once they have
been placed in the print queue.
TCP/IP Service Summary
Table 8 helps you quickly identify the purpose and function of
each of the TCP/IP services covered in the previous sections.
Table
8 Summary of TCP/IP Services
|
|
Service
|
Purpose/Function
|
DNS
|
Resolves hostnames to IP
addresses.
|
NAT
|
Translates private network
addresses into public network addresses.
|
ICS
|
Enables a single Internet
connection to be shared among multiple systems on the network.
|
WINS
|
Resolves NetBIOS names to IP
addresses.
|
SNMP
|
Provides network management
facilities on TCP/IP-based networks.
|
NFS
|
Service that provides file sharing
between server and client. Typically associated with UNIX and Linux operating
systems, but versions are available for most commonly deployed operating
systems.
|
Zeroconf
|
Provides a system by which devices
can communicate with no network configuration or setup.
|
SMB
|
Application and presentation layer
protocol that provides access to file and print services on server platforms
that provide SMB access.
|
AFP
|
Provides remote file system access
on Apple networks.
|
LPD
|
Printing service that provides
both server and client printing functions.
|
http://whatismyipv4address.net When your website or blog goes live for the first time, it is exciting. That is until you realize no one but you and your.
ReplyDeleteThanks for appreciate me .I will do try to my level best.
ReplyDelete