52-20-30 DATA COMMUNICATIONS MANAGEMENT UNDERSTANDING THE INTERNET PROTOCOL: THE IP IN TCP/IP Gilbert Held INSIDE The Internet Protocol; Datagrams and Segments; Datagrams and Datagram Transmission; Routing; The IP Header INTRODUCTION This two-part article focuses on the first layer of the TCP/IP protocol suite. While the Internet Protocol (IP) is the primary protocol most peo- ple associate with the network layer, there are two related protocols that must be considered when discussing the TCP/IP protocol suite. Those protocols are the Address Resolution Protocol (ARP) and the Internet Control Message Protocol (ICMP). This article focuses on what this author commonly refers to as the Net- work Layer Troika of the TCP/IP protocol suite: IP, ARP, and ICMP. In ex- amining the Internet Protocol, particular attention is paid to the structure of the IP header and its fields, which are examined by routers as a mech- anism for making forwarding decisions. A second related article (52-20-31) focuses on another specific IP area, addressing, as the composition of IP addresses determines how data- PAYOFF IDEA grams are routed from source to des- The Internet Protocol (IP) represents the network tination, as well as the number of layer of the TCP/IP protocol suite. It was devel- hosts that can be connected to a spe- oped as a mechanism to interconnect packet- cific type of network. The second ar- switched TCP/IP networks. Since the initial devel- opment of TCP/IP, its modular architecture has ticle examines IP addressing in terms enabled literally hundreds of applications to be of several little-known areas of IP developed that use the protocol suite as a trans- that, having knowledge about, can port for communications. By developing an un- provide network design and opera- derstanding of these important technologies, the network manager will be better positioned to tion flexibility. Two examples of make effective decisions regarding the ongoing such topics are the assignment of support and evolution of networks under his or her purview. Auerbach Publications © 2001 CRC Press LLC DATA COMMUNICATIONS MANAGEMENT multiple network addresses to an interface and the use of a zero subnet. The filtering of IP datagrams by routers and firewalls can occur, based on IP addresses, as well as ICMP message types and control field values. The initial focus in this article is on IP, to include its use for routing datagrams across a network and between interconnected networks. In doing so, the author examines, in detail, the composition of the IP head- er and the use of different fields in the header. Once accomplished, attention is directed to the role and operation of the Address Resolution Protocol (ARP), which includes examining the ra- tionale for a little-known ARP technique that can considerably facilitate the operation of delay-sensitive transmissions such as Voice over IP. In concluding the second article (52-20-31), the author focuses on the Inter- net Control Message Protocol (ICMP). THE INTERNET PROTOCOL The Internet Protocol (IP) represents the network layer of the TCP/IP protocol suite. IP was developed as a mechanism to interconnect packet- switched TCP/IP-based networks to form an internet. Here, the term “in- ternet” with a lowercase “i” is used to represent the connection of two or more TCP/IP-based networks. Datagrams and Segments IP transmits blocks of data referred to as datagrams, and receives upper layer protocol data containing either a TCP or UDP header, referred to as a TCP segment or UDP datagram. The prefix of an IP header to the TCP segment or UDP datagram results in the formation of an IP datagram. This datagram contains a destination IP address that is used for routing purposes. Datagrams and Datagram Transmission To alleviate potential confusion between datagrams and an obsolete transmission method referred to as datagram transmission, a few words are in order. When the ARPAnet evolved, it experimented with two meth- ods of packet transmission. One method was referred to as datagram transmission and avoided the use of routers to perform table lookups. Under datagram transmission, each node in a network transmits a re- ceived datagram onto all ports other than the port on which the datagram was received. While this technique avoids the need for routing table lookup operations, it can result in duplicate datagrams being received at certain points within a network. This results in the necessity to develop software to discard duplicate datagrams, adding an additional level of complexity to networking. Thus, datagram transmission was soon dis- carded in favor of the creation of virtual circuits that represent a tempo- Auerbach Publications © 2001 CRC Press LLC UNDERSTANDING THE INTERNET PROTOCOL: THE IP IN TCP/IP rary path established between source and destination. As such, datagram transmission will actually be referencing the transmission of datagrams via a virtual circuit created between source and destination. Routing The actual routing of an IP datagram occurs on a best-effort or connec- tionless delivery mechanism. This is because IP by itself does not estab- lish a session between the source and destination before it transports datagrams. When IP transports a TCP segment, the TCP header results in a connection-oriented session between two Layer 4 nodes transported by IP as a Layer 3 network protocol. The importance of IP can be noted by the fact that routing between networks is based on IP addresses. As discussed later in this article, the device that routes data between different IP addressed networks is known as a router. Because it would be extremely difficult — if not im- possible — to statically configure every router in a large network to know the route to other routers and networks connected to different routers, routing protocols are indispensable to the operation of a dynam- ic series of interconnected IP networks. The best way to obtain an appre- ciation for the operation of IP is through an examination of the fields in its header. The IP Header The current version of IP is version 4, resulting in IP commonly referred to as IPv4. The next generation of IP is IPv6. This section focuses atten- tion on IPv4. Exhibit 1 illustrates the fields contained in the IPv4 header. In examin- ing this header, note that the header consists of a minimum of 20 bytes of data, with the width of each field shown with respect to a 32-bit (4-byte) word. Bytes versus Octets. In this article, the term “byte” refers to a sequence of eight bits used in a common manner. During the development of the TCP/IP protocol suite and continuing today, most standards documents use the term “octet” to reference a collection of eight bits. The use of the term “octet” is due to differences in the composition of a byte during the 1960s. During the early development of computer systems, differences in computer architecture resulted in the use of groupings of five to ten bits to represent a computer byte. Thus, the term “byte” at that time was am- biguous, and standards-making bodies decided to use the term “octet” to reference a grouping of 8 bits. Because all modern computers use 8-bit bytes, the term “byte” is no longer ambiguous. Thus, the term “byte” is used throughout this article as well as (52-20-31). Auerbach Publications © 2001 CRC Press LLC DATA COMMUNICATIONS MANAGEMENT EXHIBIT 1 — The Ipv4 Header To obtain an appreciation for the operation of IP, one can examine the functions of the fields in the header. In doing so, and when appropriate, relation of certain fields to routing and security is discussed. Vers Field. The Vers field is four bits in length and is used to identify the version of IP used to create an IP datagram. The current version of IP is v4, with the next generation of IP assigned as version 6 (v6). The four bits in the Vers field support 16 version numbers. Under RFC 1700, a listing of Internet version numbers can be obtained and a sum- mary of that listing is included in Exhibit 2. In examining Exhibit 2, note that the reason the next-generation Internet Protocol is IPv6, instead of IPv5, relates to the fact that Version 5 was previously assigned to an ex- perimental protocol referred to as the Streams 2 Protocol. Hlen Field. The length of the IP header can vary due to its ability to support options. To allow a receiving device to correctly interpret the contents of the header from the remainder of an IP datagram requires the receiving device to know where the header ends. This function is per- formed by the Hlen field, the value of which indicates the length of the header. The Hlen field is four bits in length. In examining Exhibit 1, note that the IP header consists of 20 bytes of fixed information followed by op- tions. Because it is not possible to use a four-bit field to directly indicate the length of a header equal to or exceeding 320 bytes, the value in this field represents the number of 32-bit words in the header. As an exam- ple, the shortest IP header is 20 bytes, which represents 160 bits. When divided by 32 bits, this results in a value of 160/32 (or 5), which is the value set into the Hlen field when the IP header contains 20 bytes and no options. Auerbach Publications © 2001 CRC Press LLC UNDERSTANDING THE INTERNET PROTOCOL: THE IP IN TCP/IP EXHIBIT 2 — Assigned Internet Version Numbers Numbers Assignment 0 Reserved 1–3 Unassigned 4IP 5 Streams 6 IPv6 7 TP/IX 8 P Internet Protocol (PIP) 9 TUBA 10–14 Unassigned 15 Reserved Service Type Field.