TCP/IP Explained

PHILIP MILLER

DIGITAL PRESS Boston Oxford Johannesburg Melbourne New Delhi Singapore Table of Contents Preface xvii Chapter 1 - Introduction 1 1.1 What is TCP/IP? 1 1.1.1 A Brief History of TCP/IP 2 1.1.2 The Internet Protocol Suite 3 1.2 The Internet 5 1.2.1 The Growth of the Internet 6 1.3 Summary 9 Chapter 2 - Standardization 11 2.1 The Internet Architecture Board 11 2.1.1 The Internet Engineering Task Force 12 2.1.2 The Internet Research Task Force 13 2.2 Internet Protocol Standards 13 2.2.1 Protocol States 14 2.2.2 Protocol Status 16 2.2.3 The Request For Comments (RFC) 16 2.3 Internet Protocol Architecture 17 2.3.1 The Open Systems Interconnection (OSI) Model 18 2.3.2 The OSI Model and LANs 20 2.3.3 The Internet Protocol Suite Model 23 2.4 A Comparison of Major Architectures 25 2.5 Summary 26

Chapter 3 - An Overview of Network Technologies and Relay Systems 27 3.1 Ethernet and IEEE 802.3 27 3.1.1 802.3 Specifications 27 3.1.2 Ethernet/802.3 Frame Structure 30 3.1.3 Ethernet/802.3 Operation 32 3.2 Token Ring 33 3.2.1 802.5 Specifications 34 3.2.2 802.5 Frame Structure 36 3.2.3 802.5 Operation 38 3.3 Fibre Distributed Data Interface (FDDI) 39 3.3.1 FDDI Specifications 41 3.3.2 FDDI Frame Structure 42 3.3.3 FDDI Operation 43 3.4 Relay Systems 43 3.4.1 Repeaters 44 3.4.2 Bridges 45 3.5 WAN Links 50 3.6 Summary 51 Chapter 4 - Internet Addressing 53 4.1 The Need for an Addressing Scheme 53 4.2 Internet Addressing 54 4.2.1 Dotted Decimal Notation 55 4.2.2 Identifying IP Addresses and Rules 56 4.2.3 Choosing the Right Addressing Scheme 57 4.2.4 Free Addresses 58 4.3 Routing Fundamentals 59 4.4 The Resolution of MAC Addresses 60 4.4.1 The Address Resolution Protocol (ARP) 61 4.4.2 The ARP Protocol Format 62 4.4.3 Problems with Address Resolution 65 4.4.4 Address Resolution for Non-Broadcast Networks 65 4.5 The Reverse Address Resolution Protocol (RARP) 65 4.6 Subnetting 68 4.6.1 Natural Subnet Masks 69 4.6.2 Obtaining Subnet Masks 70 4.6.3 Guidelines for Implementing Subnet Masks 70 4.7 Multi-Homing 71 4.8 Assigning Multiple IP Addresses to a Single Physical Connection 71 4.9 The Future of The Internet Addressing Scheme 72 4.10 Summary 73 Chapter 5 - The Internet Protocol (IP) 75 5.1 The IP Datagram 76 5.2 IP Datagram Options 81 5.2.1 End of Option List 82 5.2.2 No Operation 83 5.2.3 Security 83 5.2.4 Loose and Strict Source Routing 83 5.2.5 Record Route 84 5.2.6 Internet Timestamp 84 5.3 Datagram Fragmentation 86 5.4 Summary 89 Chapter 6 - The Internet Control Message Protocol (ICMP) 91 6.1 ICMP Message Types 92 6.1.1 Destination Unreachable 93 6.1.2 Time Exceeded 95 6.1.3 Parameter Problem 95 6.1.4 Source Quench 96 6.1.5 Redirect 97 6.1.6 Echo Request/Reply 98 6.1.7 Timestamp Request/Reply 100 6.1.8 Information Request/Reply 101 6.1.9 Address Mask Request/Reply 102 6.2 ICMP Extentsions 102 6.2.1 Router Discovery 103 6.3 Summary 104 Chapter 7 - The Transmission Control Protocol (TCP) ....107 7.1 TCP Operation 108 7.1.1 Basic Data Transfer 108 7.1.2 Reliability 108 7.1.3 Flow Control Ill 7.1.4 Multiplexing 113 7.1.5 Connections 113 7.2 TCP Segment Header 114 7.3 TCP Options 117 7.4 Connection Management 118 7.4.1 Connection Establishment 118 7.4.2 Connection Maintenance 123 7.4.3 Connection Termination 124 7.4.4 The TCP Finite State Machine 126 7.5 Summary 130 Chapter 8 - The User Datagram Protocol (UDP) 133 8.1 UDP Multiplexing 134 8.2 UDP Datagram Header 134 8.2.1 UDP and ICMP 138 8.3 Summary 138 Chapter 9 - Routing Principles 139 9.1 Direct and Indirect Routing 139 9.1.1 Routing Protocols 140 9.1.2 Static and Default Routes 141 9.2 Routing and Subnet Masks 142 9.2.1 Variable Length Subnet Masks 143 9.3 ARP and Subnetted Environments 145 9.3.1 Proxy ARP 145 9.4 Summary 147 Chapter 10 - The Routing Information Protocol (RIP) ....149 10.1 Gauging Route Quality 149 10.2 Protocol Operation 151 10.2.1 Handling Topology Changes 153 10.2.2 Split Horizon 156 10.2.3 Poison Reverse 156 10.2.4 Triggered Updates 158 10.2.5 Route States and Timers 158 10.3 RIP Protocol Format and Operation 159 10.3.1 RIP Datagram Processing 161 10.3.2 Router Operation at Start-up 166 10.4 The Arguments Surrounding RIP 166 10.4.1 RIP Limitations 166 10.4.2 RIP Strengths 168 10.5 RIP II 168 10.5.1 RIP II Protocol Format 168 10.5.2 RIP II Authentication 170 10.5.3 RIP II and Multicasting 171 10.5.4 Compatibility with RIP I 171 10.6 Summary 172 Chapter 11 - The Open Shortest Path First Protocol (OSPF) 173 11.1 Metrics 174 11.1.1 Type of Service Routing 175 11.1.2 Equal Cost Paths 176 11.2 An Overview of OSPF 176 11.2.1 OSPF Terminology 177 11.2.2 Network and Area Types 179 11.2.3 Designated and Backup Designated Routers 180 11.2.4 Router Adjacency and Network Types 182 11.3 Protocol Operation 182 11.3.1 The Hello Protocol 185 11.3.2 Exchanging Database Information and Creating Adjacencies 190 11.3.3 Exchanging Database Description Packets 191 11.3.4 Requesting Additional Information Through Link State Requests (LSRs) 194 11.3.5 Link State Updates 196 11.3.6 Link State Advertisements 196 11.4 Creating the Shortest Path Tree 205 11.4.1 The Routing Table 206 11.5 Using Areas 207 11.5.1 The Backbone Area 208 11.5.2 Virtual Links 208 11.5.3 Intra-Area and Inter-Area Routing 210 11.6 Joining Autonomous Systems Together 215 11.7 Summary 216 Chapter 12 - The Exterior Gateway Protocol (EGP) 217 12.1 The EGP Protocol Format and Operation 219 12.1.1 EGP Message Header 220 12.1.2 Neighbor Acquisition/Cease 221 12.1.3 Neighbor Reachability 224 12.1.4 Poll Command 225 12.1.5 Update Response/Indication Messages 226 12.1.6 Error Response/Indication 228 12.2 EGP Metrics 230 12.3 The EGP Finite State Machine 230 12.4 EGP, an Example 231 12.5 Summary 235 Chapter 13 - The Border Gateway Protocol (BGP) 237 13.1 BGP Operation 238 13.2 BGP Message Formats 239 13.2.1 The BGP Message Header 239 13.2.2 Open Messages 240 13.2.3 Update Messages 243 13.2.4 KeepAlive Messages 247 13.2.5 Notification Messages 247 13.3 A Simple BGP Example 250 13.4 Summary 254 Chapter 14 - Broadcasting and Multicasting with IP 255 14.1 Broadcasting 255 14.1.1 Broadcasting in the Presence of Subnets 258 14.2 Multicasting 259 14.2.1 Host Group Addresses 260 14.2.2 Mapping IP Multicasts to Local Network Multicasts 260 14.3 The Internet Group Management Protocol (IGMP) 262 14.3.1 IGMP Operation 262 14.3.2 The Allocation of Transient Host Group Addresses 264 14.4 The Propagation of Multicast Routing Information 265 14.5 The Distance Vector Multicast Routing Protocol (DVMRP) 265 14.5.1 DVMRP in Operation 268 14.6 Multicast OSPF 269 14.6.1 MOSPF Operation 271 14.6.2 Pruned Shortest Path Trees 274 14.7 Summary 275 Chapter 15 - The Domain Name System (DNS) 277 15.1 The Domain Name Space 278 15.1.1 Aliases 279 15.1.2 The Internet Mail System and DNS 280 15.2 Resource Records 280 15.2.1 The A (Address) Type Resource Record 282 15.2.2 The CName (Canonical Name) Type Resource Record 282 15.2.3 The HInfo (Host Information) Type Resource Record 282 15.2.4 The MB, MD, MF, MG, MInfo, MR, and MX (Mail) Type Resource Records 283 15.2.5 The NS (Name Server) Type Resource Record 284 15.2.6 The PTR (Pointer) Type Resource Record 284 15.2.7 The SOA (Start of Authority) Type Resource Record 284 15.2.8 The TXT (Text) Type Resource Record 285 15.2.9 The WKS (Well Known Service) Type Resource Record 285 15.2.10 The NULL Type Resource Record 286 15.3 DNS Operation 286 15.3.1 Name Server Operation 287 15.4 DNS Protocol Format 289 15.4.1 The Header Section 290 15.4.2 The Question Section 291 15.4.3 The Answer, Authority, and Additional Information Sections 292 15.4.4 Message Compression 292 15.5 Inverse Queries 293 15.6 Looking up DNS Information 294 15.7 A DNS Example 295 15.8 Summary 297 Chapter 16 - Telnet and Rlogin 299 16.1 The Telnet Protocol 299 16.1.1 Option Command/Responses 300 16.1.2 Telnet Control Functions 301 16.1.3 Standard NVT Characters 303 16.1.4 Telnet Commands and Options 303 16.1.5 RFCs Related to Telnet Options 304 16.1.6 A Sample Telnet Session 307 16.2 Rlogin 310 16.2.1 Rlogin Commands 311 16.2.2 Rlogin Security Considerations 311 16.3 Summary 312 Chapter 17 - The File Transfer Protocol (FTP) 313 17.1 FTP Basic Operation 313 17.2 Data Transfer Functions 314 17.2.1 Data Types 315 17.2.2 Data Structures 316 17.3 FTP Transmission Modes 317 17.3.1 Stream Mode 317 17.3.2 Block Mode 317 17.3.3 Compressed Mode 318 17.4 File Transfer Functions 319 17.4.1 Access Control Commands 319 17.4.2 Transfer Parameters 320 17.4.3 FTP Service Commands 321 17.5 FTP Responses 322 17.6 A Complete FTP Example 324 17.7 Summary 333 Chapter 18 - The Simple Mail Transfer Protocol (SMTP) ..335 18.1 Defining Senders and Recipients 336 18.2 Sending Mail Messages 336 18.2.1 Verifying and Expanding 338 18.3 SMTP Commands and Responses 338 18.3.1 SMTP Commands 338 18.3.2 SMTP Replies 340 18.3.3 Returning Mail to the Sender 340 18.4 Message Header Format 341 18.5 Summary 341 Chapter 19 - Booting Internet Hosts with BootP andTFTP 343 19.1 The Bootstrap Protocol (BootP) 344 19.1.1 BootP Basic Operation 344 19.1.2 BootP Protocol Format 345 19.1.3 Constructing the BootP Request 348 19.1.4 Using BootP with Routers 348 19.1.5 BootP Configuration 349 19.1.6 Re-Transmitting BootP Requests 349 19.2 TFTP 350 19.2.1 TFTP Operation 351 19.2.2 TFTP Protocol Format 351 19.2.3 The Determination of UDP Port Numbers 354 19.2.4 Security and TFTP 354 19.2.5 Sample TFTP Traces 355 19.2.6 Directed TFTP 359 19.3 Summary 359 Chapter 20 - The Simple Network Management Protocol (SNMP) 361 20.1 The Management Task and SNMP 361 20.2 SNMP Architecture 363 20.3 The Structure of Management Information (SMI) 364 20.4 The Management Information Base (MIB) 365 20.4.1 RFCs Relating to Other MIBs 367 20.5 The Simple Network Management Protocol (SNMP) 368 20.5.1 Authentication 369 20.5.2 The SNMP Protocol Format 370 20.6 SNMP Examples 376 20.7 The Remote Monitoring MIB (RMON) 378 20.8 The Future of SNMP 379 20.9 Summary 379 Chapter 21 - Miscellaneous Protocols 381 21.1 Echo Protocol 381 21.2 Discard Protocol 381 21.3 Time Protocol (Time) 382 21.4 Daytime Protocol 383 21.5 Network Time Protocol (NTP) 383 21.6 Line Printer Daemon Protocol (LPD) 384 21.7SYSLOG 388 21.8 Finger 389 21.9 WHOIS/nickname 391 21.10 Character Generator Protocol (CHARGEN) 394 21.11 Quote of the Day (Quote) 395 21.12 Users 395 21.13 Summary 396 Chapter 22 - Communications Over Wide Area Links 397 22.1 Serial Line IP (SLIP) 398 22.1.1 SLIP Encapsulation 398 22.1.2 SLIP Packet Size 399 22.2 Compression 399 22.2.1 Van Jacobson Compression 400 22.3 The Point-to-Point Protocol (PPP) 402 22.3.1 PPP Encapsulation 403 22.3.2 PPP Link Operation 404 22.3.3 Link Control Protocol (LCP) Packets General Format 405 22.3.4 LCP Configure Request 406 22.3.5 LCP Configure Acknowledgement and Rejection 412 22.3.6 LCP Terminate Request and Terminate Ack 413 22.3.7 LCP Code Reject 414 22.3.8 LCP Protocol Reject 414 22.3.9 LCP Echo Request/Reply 414 22.3.10 LCP Discard Request 415 22.3.11 LCP Identification 415 22.3.12 LCP Time Remaining 416 22.3.13 Sample PPP Configuration Examples 416 22.4 PPP Authentication Protocols 418 22.4.1 The Password Authentication Protocol (PAP) 418 22.4.2 The Challenge Handshake Authentication Protocol (CHAP) 422 22.5 PPP Link Quality Monitoring (LQM) 424 22.5.1 LQM Configuration Option 424 22.5.2 Link Quality Report 425 22.5.3 Gauging Link Quality 426 22.6 Multi-Link Operation 426 22.6.1 Multi-Link Operation 427 22.7 The Internet Protocol Control Protocol (IPCP) 429 22.7.1 IPCP Configuration Options 429 22.7.2 Van Jacobson Compression over PPP 430 22.8 PPP Framing over Serial Links 431 22.8.1 Preserving Data Transparency 432 22.8.2 PPP Example using HDLC-Like Framing 432 22.9 Summary 434 Chapter 23 - Creating a Secure Internet Environment ..435 23.1 Internet Protocols 436 23.1.1 Data-Link Layer Protocols 436 23.1.2 Transport Protocols 437 23.1.3 Management and Informational Protocols 437 23.1.4 Routing Protocols 439 23.1.5 Application Protocols 440 23.2 Designing Secure Filters 441 23.2.1 Telnet Filters 442 23.2.2 SMTP Filtering 443 23.2.3 FTP Filtering 443 23.2.4 DNS Filtering 447 23.2.5 ICMP Filtering 448 23.2.6 SNMP Filtering and Management 449 23.3 Filters Types 450 23.3.1 IP Fragmentation and the SYN Flag 451 23.4 Other Considerations 451 23.4.1 Unauthorized Routers 452 23.4.2 Dial In Access 452 23.5 Summary 453 Chapter 24 - IP Version 6 455 24.1 IP Version 6 Enhancements 455 24.2 IPv6 Addressing 456 24.2.1 Representing Version 6 Addresses 456 24.2.2 Unicast Addresses 458 24.2.3 Version 6 Addresses with Embedded Version 4 Addresses 459 24.2.4 Provider Based Global Unicast Addresses 459 24.2.5 Local Use IPv6 Unicast Addresses 460 24.2.6 The Anycast Address 460 24.2.7 Multicast Addresses 460 24.3 IP Version 6 Header Format 461 24.4 Extension Headers 462 24.4.1 Options 463 24.4.2 Hop-by-Hop Options Header 464 24.4.3 Routing Header 465 24.4.4 Fragment Header 466 24.4.5 Destination Options Header 467 24.4.6 No Next Header 467 24.5 IP Version 6 and ICMP 467 24.5.1 Destination Unreachable 468 24.5.2 Packet Too Big Message 468 24.5.3 Time Exceeded Message 469 24.5.4 Parameter Problem Message 469 24.5.5 Echo Request/Reply Messages 469 24.5.6 Group Membership Messages 470 24.6 Summary 470 Appendix A - A Glossary of Networking Terms 471 Networking Terms 471 Appendix B - Official Internet Protocol Standards (RFC 1800) 487 B.l Standard Protocols 487 B.2 Network Specific Standard Protocols 488 B.3 Draft Standard Protocols 488 B.4 Proposed Standard Protocols 489 B.5 Experimental Protocols 492 B.6 Informational Protocols 493 B.7 Historic Protocols 494 Appendix C - Management Information Base MIB II (RFC 1213) 497 C.l System Group 498 C.2 Interfaces Group 498 C.2.1 The if Table 498 C.3 AT Group 500 C.4 IP Group 500 C.4.1 IP Address Table 501 C.4.2 IP Routing Table 502 C.4.3 IP Address Translation Table 502 C.5 ICMP Group 503 C.6 TCP Group 504 C.6.1 TCP Connection Table 504 C.7UDP Group 505 C.7.1 UDP Listener Table 505 C.8EGP Group 505 C.8.1 EGP Neighbor Table 506 C.9 Transmission Group 507 C. 10 SNMP Group 507 Appendix D - Bibliography 509 Index 513