/TZXUJ[IZOUTZU:)6/6 protocol, the TCP component of TCP/IP, is the heart of the TCP/IP suite of applications. It provides a very reliable method of transferring data in byte (octet) format, between applications. This is described in RFC 793. :NKVXUIKYYGTJGVVROIGZOUTRG_KX This layer provides the user or application programs with interfaces to the TCP/IP stack. At this level there are many protocols used, some of the more common ones being: • File transfer protocol (FTP), which as the name implies, is used for the transfer of files between two hosts using TCP. It is described in RFC 959 • Trivial file transfer protocol (TFTP), which is an economic version of FTP and uses UDP instead of TCP for, reduced overhead. It is described in RFC 783 • Simple mail transfer protocol (SMTP), which is an example of an application, which provides access to the TCP and IP for programs sending e-mail. It is described in RFC 821 • TELNET (telecommunications network), which is used to emulate terminals and for remote access to servers. It can, for example, emulate a VT100 terminal across a network Other process/application layer protocols include POP3, RPC, RLOGIN, IMAP, Berbers, HTTP and NTP. Users can also develop their own application layer protocols by means of a developer’s kit such as Winsock. Figure 5.2 The TCP/IP protocol suite 6 /TZKXTKZRG_KXVXUZUIURY  5HPKIZO\KY When you have completed the study of this chapter, you should be able to: • Explain the basic operation of all Internet layer protocols including IP, ARP, RARP, and ICMP • Explain the purpose and application of the different fields in the IPv4 header • Invoke the following protocols, capture their headers with a protocol analyzer, and compare the headers with those in your notes: IPv4, ARP and ICMP. You should be able to interpret the fundamental operations taking place and verify the different fields in each header • Demonstrate the fragmentation capability of IPv4 using a protocol analyzer • Explain the differences between class A, B and C addresses, and the relationship between class numbers, network ID and host ID • Explain the concept of classless addressing and CIDR • Explain the concept of subnet masks and prefixes • Explain the concept of subnetting by means of an example • Explain, in very basic terms, the concept of supernetting • Set up hosts in terms of IP addresses, subnet masks and default gateways • Understand the principles of routing, the difference between interior and exterior gateway protocols, name some examples of both and explain, in very basic terms, their principles of operation • Explain the basic concepts of IPv6, the ‘new generation’ IP protocol  5\KX\OK] As pointed out in the previous chapter, the Internet layer is not populated by a single protocol, but rather by a collection of protocols. They include: /TZKXTKZRG_KXVXUZUIURY   • The Internet protocol (IP) • The Internet control message protocol (ICMP), • The address resolution protocol (ARP), • The reverse address resolution protocol (RARP), and • Routing protocols (such as RIP, OSPF, BGP-4, etc) Two particular protocols that are difficult to ‘map’ on the DOD model are the dynamic host configuration protocol (DHCP) and the boot protocol (BootP). DHCP was developed out of BootP and for that reason could be perceived as being resident at the same layer as BootP. BootP exhibits a dualistic behavior. On the one hand, it issues IP addresses and therefore seems to reside at the Internet Layer, as is the case with RARP. On the other hand, it allows a device to download the necessary boot file via TFTP and UDP, and in this way behaves like an application layer protocol. In the final analysis, the perceived location in the model framework is not that important, as long as the functionality is understood. In this manual both DHCP and BootP have been grouped under application layer protocols.  /TZKXTKZVXUZUIUR\KXYOUT/6\ The Internet protocol (IP) is at the core of the TCP/IP suite. It is primarily responsible for routing packets towards their destination, from router to router. This routing is performed on the basis of the IP addresses, embedded in the header attached to each packet forwarded by IP. The most prevalent version of IP in use today is version 4 (IPv4), which uses a 32-bit address. However, IPv4 is at the end of its lifetime and is being superseded by version 6 (IPv6 or IPng), which uses a 128-bit address. This chapter will focus primarily on version 4 as a vehicle of explaining the fundamental processes involved, but will also provide an introduction to version 6.  9U[XIKUL/6GJJXKYYKY The ultimate responsibility for the issuing of IP addresses is vested in the Internet Assigned Numbers Authority (IANA). This responsibility is, in turn, delegated to the three Regional Internet Registries (RIRs). They are: • APNIC Asia-Pacific Network Information Center (http://www.apnic.net) • ARIN American Registry for Internet Numbers (http://www.arin.net) • RIPE NCC Reseau IP Europeens (http://www.ripe.net) The Regional Internet Registries allocate blocks of IP addresses to Internet service providers (ISPs) under their jurisdiction, for subsequent issuing to users or sub-ISPs. The version of IP used this far, IPv4, is in the process of being superseded by IPv6. On July 14, 1999 IANA advised the Internet community that the RIRs have been authorized to commence world-wide deployment of IPv6 addresses. The use of ‘legitimate’ IP addresses is a prerequisite for connecting to the Internet. For systems NOT connected to the Internet, any IP addressing scheme may be used. It is,  6XGIZOIGR:)6/6GTJ+ZNKXTKZ4KZ]UXQOTM   however, recommended that so-called ‘private’ Internet addresses are used for this purpose, as outlined in this chapter.  :NKV[XVUYKULZNK/6GJJXKYY The MAC or hardware address (also called the media address or Ethernet address) discussed earlier is unique for each node, and has been allocated to that particular node e.g. network interface card at the time of its manufacture. The equivalent for a human being would be its ID or Social Security number. As with a human ID number, the MAC address belongs to that node and follows it wherever it goes. This number works fine for identifying hosts on a LAN where all nodes can ‘see’ (or rather, ‘hear’) each other. With human beings the problem arises when the intended recipient is living in another city, or worse, in another country. In this case the ID number is still relevant for final identification, but the message (e.g. a letter) first has to be routed to the destination by the postal system. For the postal system, a name on the envelope has little meaning. It requires a postal address. The TCP/IP equivalent of this postal address is the IP address. As with the human postal address, this IP address does not belong to the node, but rather indicates its place of residence. For example, if an employee has a fixed IP address at work and he resigns, he will leave his IP address behind and his successor will ‘inherit’ it. Since each host (which already has a MAC or hardware address) needs an IP address in order to communicate across the Internet, resolving host MAC addresses versus IP addressees is a mandatory function. This is performed by the address resolution protocol (ARP), which is to be discussed later on in this chapter.  /6\GJJXKYYTUZGZOUT The IPv4 address consists of 32 bits, e.g. 11000000011001000110010000000001 Since this number is fine for computers but a little difficult for human beings, it is divided into four octets, which for ease of reference could be called a,b,c,d or w,x,y,z. Each octet is converted to its decimal equivalent. Figure 6.1 IP address structure The result of the conversion is written as 192.100.100.1. This is known as the ‘dotted decimal’ or ‘dotted quad’ notation.  4KZ]UXQ/*GTJNUYZ/* Refer to the following postal address: • 4 Kingsville Street /TZKXTKZRG_KXVXUZUIURY   • Claremont 6010 • Perth WA • Australia The first part, viz. 4 Kingsville Street, enables the local postal deliveryman at the Australian post office in Claremont, Perth (zip code 6010) to deliver a letter to that specific residence. This assumes that the latter has already found its way to the local post office. The second part (lines 2–4) enables the International Postal System to route the letter towards its destination post office from anywhere in the world. In similar fashion, an IP address has two distinct parts. The first part, the network ID (‘NetID’) is a unique number identifying a specific network and allows the Internet routers to forward a packet towards its destination network from anywhere in the world. The second part, the host ID (‘HostID’) is a number allocated to a specific machine (host) on the destination network and allows the router servicing that host to deliver the packet directly to the host. For example, in IP address 192.100.100.5 the computer or HostID would be 5, and it would be connected to network or NetID number 192.100.100.0.  'JJXKYYIRGYYKY Originally, the intention was to allocate IP addresses in so-called address classes. Although the system proved to be problematic, and IP addresses are currently issued ‘classless’, the legacy of IP address classes remains and has to be understood. To provide for flexibility in assigning addresses to networks, the interpretation of the address field was coded to specify either: • A small number of networks with a large number of hosts (class A) • A moderate number of networks with a moderate number of hosts (class B), • A large number of networks with a small number of hosts (class C) In addition, there was provision for extended addressing modes: class D was intended for multicasting whilst E was reserved for possible future use. Figure 6.2 Address structure for IPv4 • For class A, the first bit is fixed as ‘0’ • For class B the first 2 bits are fixed as ‘10’ • For class C the first 3 bits are fixed as ‘110’ . A, B and C addresses, and the relationship between class numbers, network ID and host ID • Explain the concept of classless addressing and CIDR • Explain the concept of subnet masks and prefixes. addresses, subnet masks and default gateways • Understand the principles of routing, the difference between interior and exterior gateway protocols, name some examples of both and explain, in very. ARP, RARP, and ICMP • Explain the purpose and application of the different fields in the IPv4 header • Invoke the following protocols, capture their headers with a protocol analyzer, and compare