TCP/IP Network Administration By Craig Hunt; ISBN 1-56592-322-7, 630 pages Second Edition, December 1997 (See the catalog page for this book.) Search the text of TCP/IP Network Administration Index Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z Table of Contents Preface Chapter 1: Overview of TCP/IP Chapter 2: Delivering the Data Chapter 3: Network Services Chapter 4: Getting Started Chapter 5: Basic Configuration Chapter 6: Configuring the Interface Chapter 7: Configuring Routing Chapter 8: Configuring DNS Name Service Chapter 9: Configuring Network Servers Chapter 10: sendmail Chapter 11: Troubleshooting TCP/IP Chapter 12: Network Security Chapter 13: Internet Information Resources Appendix A: PPP Tools Appendix B: A gated Reference Appendix C: A named Reference Appendix D: A dhcpd Reference Appendix E: A sendmail Reference Appendix F: Selected TCP/IP Headers file:///C|/mynapster/Downloads/warez/tcpip/index.htm (1 of 2) [2001-10-15 09:17:12] TCP/IP Network Administration The Networking CD Bookshelf Navigation Copyright © 1999 O'Reilly & Associates All Rights Reserved file:///C|/mynapster/Downloads/warez/tcpip/index.htm (2 of 2) [2001-10-15 09:17:12] Index Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z Index: Symbols and Numbers 6-bit serial lines, running over : 5.2 Linux Kernel Configuration 7bit encoding type : 3.4.3 Multipurpose Internet Mail Extensions 8bit encoding type : 3.4.3 Multipurpose Internet Mail Extensions '' (apostrophes) (expect nothing) : 6.3.3 chat apostrophes ('') (expect nothing) : A.3 chat * (asterisk) meaning interface not enabled : 6.1.1 Determining the Interface Name in name field, indicating wildcard character : C.3.1 Standard Resource Records @ (at sign) for current origin : C.3.1 Standard Resource Records excluding an individual parameter : 9.4 A BOOTP Server referencing current domain : 8.3.5 The Reverse Domain File \ (backslash) escaping newline characters 9.2.1 The printcap File A.3 chat C.3.1 Standard Resource Records : (colon) beginning and ending fields 9.2.1 The printcap File 9.2.2 Solaris Line Printer Service separating parameters : 9.4 A BOOTP Server {} (curly braces) configuration statements 7.7.1.1 A host configuration B.2 The gated Configuration Language D.3 The dhcpd.conf Configuration File long variable names : 10.5 sendmail Configuration macro names : 10.5.2 The Define Macro Command (dots) for domain name : C.3.1 Standard Resource Records - (minus) (non-equivalent host) : 12.2.5 Secure the r Commands -> (arrow), for copying files : 9.6.1 rdist () (parentheses), for continuation characters : C.3.1 Standard Resource Records ; (semicolon) file:///C|/mynapster/Downloads/warez/tcpip/index/idx_0.htm (1 of 2) [2001-10-15 09:17:14] Index comment character : C.3.1 Standard Resource Records ending gated configuration statements 7.7.1.1 A host configuration B.2 The gated Configuration Language # (sharp sign) for comments 3.2 The Host Table 5.4 The Internet Daemon 7.7.1.1 A host configuration 9.1.4 NFS Automounter 9.2.1 The printcap File 9.4 A BOOTP Server A.1.1 The dip Script File D.3 The dhcpd.conf Configuration File Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z Copyright © 1999 O'Reilly & Associates, Inc All Rights Reserved [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/index/idx_0.htm (2 of 2) [2001-10-15 09:17:14] Index Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z Index: A ABORT keyword : A.3 chat Abstract Syntax Notation One (ASN.1) : 11.9 Simple Network Management Protocol access control : 12.5 Access Control levels of : 9.1.2.1 The share command services to place under, listed : 12.5.1 wrapper software for : 12.5 Access Control ACKD command, in POP : 3.4.2 Post Office Protocol Acknowledgment (ACK) bit set : 1.6.2 Transmission Control Protocol Acknowledgment Number field : 1.6.2 Transmission Control Protocol adaptive protocol value : 6.4.1 slattach Address Resolution Protocol : (see ARP) addresses 1.1.1 TCP/IP Features 1.7 Application Layer 2.1 Addressing, Routing, and Multiplexing (see also IP addresses) (see also leases on addresses) allocating dynamically : 3.6.1 Dynamic Host Configuration Protocol manually : 3.6.1 Dynamic Host Configuration Protocol assigning in blocks : 4.2.1.1 Assigning host addresses in contiguous blocks 2.2.2 Classless IP Addresses B.11 The Aggregate Statements in DHCP : 3.6.1 Dynamic Host Configuration Protocol broadcast 2.2.2.1 Final notes on IP addresses 2.6 Address Resolution Getting Started 6.1 The ifconfig Command 6.1.2 Checking the Interface with ifconfig limited : 3.6 Bootstrap Protocol file:///C|/mynapster/Downloads/warez/tcpip/index/idx_a.htm (1 of 6) [2001-10-15 09:17:15] Index setting : 6.1.4 Setting the Broadcast Address specifying : 4.2.2 Defining the Subnet Mask classes of 1.7 Application Layer 2.2.1 Address Classes 4.2.1 Obtaining an IP Address class rules : 7.4.1.1 Running RIP with routed converting : 10.6.3 The Set Ruleset Command email processing : 10.6.3 The Set Ruleset Command simplified : 10.5.3 The Define Class Command gateway : (see gateway) getting in pppd : 6.3.2 Dial-Up PPP host : 2.2.1 Address Classes assigning : 4.2.1.1 Assigning host addresses Internet-style : 10.7.1 Modifying Local Information mask, written in hexadecimal : 6.1.2 Checking the Interface with ifconfig mixtures of in DHCP : 3.6.1 Dynamic Host Configuration Protocol multiple : 8.2.1 The Resolver Configuration File numeric : 3.1 Names and Addresses processing by several rewrite rules : 10.6.2 Transforming the Address verifying : 10.8 Testing sendmail.cf recipient : 10.6.3 The Set Ruleset Command records of : C.3.1.3 Address record reserved 2.2.1 Address Classes 2.2.2.1 Final notes on IP addresses resolution of : 2.6 Address Resolution sender 10.6.3 The Set Ruleset Command 10.8.1 Testing Rewrite Rules spoofing 4.2.1 Obtaining an IP Address 5.2 Linux Kernel Configuration timing out : 3.6.1 Dynamic Host Configuration Protocol translating : 5.2 Linux Kernel Configuration admin alias : 10.3 sendmail Aliases administration : (see network, administration) admintool 9.2.2 Solaris Line Printer Service 12.2.1 The Shadow Password File file:///C|/mynapster/Downloads/warez/tcpip/index/idx_a.htm (2 of 6) [2001-10-15 09:17:15] Index adventurous users, supporting : 9.7.2 IMAP Server aggregate statements (in gated) : B.11 The Aggregate Statements alarms provided by monitors : 11.9 Simple Network Management Protocol algorithms back-off : 9.4 A BOOTP Server Dijkstra Shortest Path First (SPF) : 7.4.3 Open Shortest Path First distance-vector : 7.4 Interior Routing Protocols aliases : 2.7.2 Port Numbers file : 10.3 sendmail Aliases processing addresses against : 10.6.3 The Set Ruleset Command for hostnames : 8.3.6 The named.hosts File in sendmail : 10.1 sendmail's Function aliases file 3.4.1 Simple Mail Transfer Protocol 9.3 Network Information Service AliasFile option : 10.5.4 The Set Option Command allmulti parameter : 6.1.5.5 Point-to-point alternative multipart subtype : 3.4.3 Multipurpose Internet Mail Extensions America Online (AOL) : 4.1 Connected and Non-Connected Networks Andrew File System : 3.7.1 File Sharing anonymous FTP : 13.2 Anonymous FTP ANY query : 11.6 Checking Name Service apostrophes ('') (expect nothing) 6.3.3 chat A.3 chat Application Layer : 1.2 A Data Communications Model in TCP/IP : 1.7 Application Layer applications content type : 3.4.3 Multipurpose Internet Mail Extensions protocols for : 2.7.2 Port Numbers widely implemented : 1.7 Application Layer security issues concerning : 12.3 Application Security archie : 13.3.1 archie client software : 13.3.1.1 archie client software servers : 13.3.1 archie archie.internic.net : 13.3.1 archie ARCnet interface : 5.2 Linux Kernel Configuration area border routers : 7.4.3 Open Shortest Path First ARP (Address Resolution Protocol) 2.6 Address Resolution 2.8 Summary 3.5.1 Reverse Address Resolution Protocol file:///C|/mynapster/Downloads/warez/tcpip/index/idx_a.htm (3 of 6) [2001-10-15 09:17:15] Index command 2.6 Address Resolution 5.3.1.1 Options in troubleshooting : 11.4.2 Troubleshooting with the arp Command in troubleshooting : 11.2 Diagnostic Tools enabling : 6.1.5.2 ARP and trailers proxy server for : 5.3.1.1 Options support in BSD : 5.3.1.2 Pseudo-device table : A.1.1 The dip Script File viewing contents of : 11.4.2 Troubleshooting with the arp Command ARPA Internet Text Messages : 3.4.3 Multipurpose Internet Mail Extensions ARPANET 1.1 TCP/IP and the Internet 1.5.1.1 The datagram 2.4 Internet Routing Architecture 6.2 TCP/IP Over a Serial Line arrow (->), for copying files : 9.6.1 rdist AS path operators, listed : B.10 Control Statements vector : B.10 Control Statements ASCII data (US) : 3.4.3 Multipurpose Internet Mail Extensions aspppd.cf file : 6.3.6 Solaris PPP Assigned Numbers RFC 2.7 Protocols, Ports, and Sockets C.3.1.7 Host Information record assumptions, making 11.1.1 Troubleshooting Hints 11.8 Protocol Case Study asterisk (*) meaning interface not enabled : 6.1.1 Determining the Interface Name in name field, indicating wildcard character : C.3.1 Standard Resource Records asynchronous modems : (see modems) Asynchronous PPP Daemon (aspppd) : 6.3.6 Solaris PPP at sign (@) for current origin : C.3.1 Standard Resource Records excluding an individual parameter : 9.4 A BOOTP Server referencing current domain : 8.3.5 The Reverse Domain File at, files run by, in security checks : 12.4.2 Looking for Trouble audio data content : 3.4.3 Multipurpose Internet Mail Extensions authentication 1.7 Application Layer 4.2.1 Obtaining an IP Address file:///C|/mynapster/Downloads/warez/tcpip/index/idx_a.htm (4 of 6) [2001-10-15 09:17:15] Index 9.3.2 NIS+ 12.2 User Authentication (see also packet) (see also user authentication) DES-encrypted : 9.3.2 NIS+ in pppd 6.3.4 PPP Daemon Security A.2 The PPP Daemon server : 9.1.5 NFS Authentication Server authoritative servers 1.7 Application Layer 3.3 Domain Name Service 3.3.4 BIND, resolver, and named (see also non-authoritative servers) auto_direct file : 9.1.4 NFS Automounter auto_home file : 9.1.4 NFS Automounter auto_master file : 9.1.4 NFS Automounter auto-revarp parameter : 6.1.5.5 Point-to-point autofs script : 9.1.4 NFS Automounter Automatic Call Unit (ACU) : 6.3.6 Solaris PPP automount : 9.1.4 NFS Automounter command : 9.1.4 NFS Automounter configuration files (maps) for : 9.1.4 NFS Automounter filesystem (autofs), defining : 9.1.4 NFS Automounter automounter daemon (automountd) : 9.1.4 NFS Automounter autonomous systems (AS) 2.4 Internet Routing Architecture 7.4 Interior Routing Protocols defined : 7.5 Exterior Routing Protocols external (ASE) routes 7.7.1.3 Exterior gateway configuration B.8.1 The ospf Statement B.10.1 The import Statement types of : B.10.2 The export Statement listing of : B.10 Control Statements number (ASN) 4.3.1 Obtaining an autonomous system number B.7 Definition Statements B.8.5 The bgp Statement subdividing : 7.4.3 Open Shortest Path First file:///C|/mynapster/Downloads/warez/tcpip/index/idx_a.htm (5 of 6) [2001-10-15 09:17:15] Index Search | Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z Copyright © 1999 O'Reilly & Associates, Inc All Rights Reserved [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/index/idx_a.htm (6 of 6) [2001-10-15 09:17:15] [Appendix E] E.4 More sendmail.cf Previous: E.3 m4 sendmail Macros E.3 m4 sendmail Macros TCP/IP Network Administration Book Index Next: E.5 Sample Configurations E.5 Sample Configurations [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/appe_04.htm (16 of 16) [2001-10-15 09:19:34] [Appendix E] E.5 Sample Configurations Previous: E.4 More sendmail.cf Appendix E A sendmail Reference Next: F Selected TCP/IP Headers E.5 Sample Configurations In Chapter 10 we develop a sendmail configuration The configuration has these characteristics: ● ● ● It runs on a Linux system The hostname of the sending system is rewritten to the domain name on all out-bound mail The hostname is rewritten in the message headers and the envelope headers The sender's username on all outgoing mail is rewritten to the user's first name and last name We use two approaches to produce this configuration First, we use the sample m4 source files that come with sendmail to create a custom macro configuration file Next, we created the same configuration by directly modifying the sample sendmail.cf file that comes with Slackware 96 Linux In this section we recap both sample configurations To many system administrators, the simpliest way to create the configuration is to use the m4 macro source files The macro source files are very short, and many people feel they are easier to read than the sendmail.cf file If you download and compile sendmail, it is a good idea to use the macro files because the features in those files will match the downloaded sendmail release We name the macro file we create in Chapter 10 linux.mc The file contains these macros: VERSIONID('@(#)tcpproto.mc OSTYPE(linux) DOMAIN(nuts.com) FEATURE(nouucp) MAILER(local) MAILER(smtp) 8.5 (Berkeley) 3/23/96') It is identical to the tcpproto.mc file delivered with sendmail, with two modifications First, we change the OSTYPE macro to define Linux as the operating system Next we add a DOMAIN(nuts.com) line to invoke a "domain-specific" macro file we create and name nuts.com.m4 The nuts.com.m4 file contains the following lines: MASQUERADE_AS(nuts.com) FEATURE(masquerade_envelope) FEATURE(genericstable) These three lines peform all of the functions we required of our configuration The MASQUERADE_AS statement rewrites the hostname to the domain name The FEATURE(masquerade_envelope) statement ensures that the hostname is rewritten in the envelope headers as well as the message headers The FEATURE(generictable) statement causes the username to be processed through the genericstable, which is the database we use to convert it to the user's first and last name All of the functions we require of our configuration are accomplished in five lines Modifying the sendmail.cf file directly requires much more effort However, the the m4 source files can only be used if they match the version of sendmail For this reason, m4 is most often used by administrators who download and install sendmail themselves Most administrators who use the sendmail that comes with their system also use the sendmail.cf file that comes with the system In Chapter 10, we use the linux.smtp.cf file that comes with the Slackware 96 version of Linux 2.0 The detailed modifications of the file are explained in file:///C|/mynapster/Downloads/warez/tcpip/appe_05.htm (1 of 5) [2001-10-15 09:19:35] [Appendix E] E.5 Sample Configurations Chapter 10 Excerpts from the modified file are listed in this appendix and are heavily commented to make the modifications more understandable A full listing of the sendmail.cf file would consume 15 pages Compare that to the listing of the m4 files shown above The linux.smtp.cf file is not identical to the configuration file produced by m4, even when you follow the example in the "Building a sendmail.cf with m4 Macros" section of Chapter 10 The configurations are similar but not identical Use this text as a general guide to the structure and function of configuration file Don't expect the details to match your file exactly This excerpt shows the entire local information section because it is discussed extensively in Chapter 10: #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # The V command defines the configuration syntax version level # Level was supported by sendmail-8.7.5, which was the release # of sendmail that came with Slackware 96 Linux 2.0 The vendor # name Berkeley means that the standard syntax of the Berkeley # distribution is supported #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # level config file format V6/Berkeley #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #Like most sendmail configuration files, the first sections of the file #contain the data that is most likely to require custom configuration #In this file, the section is titled "Local info" Note that we moved #things around in this section to bring related items together They #don't really occur in this sequence in the linux.smtp.cf file #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ################## # local info # ################## #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #If your host is known by more than one hostname, the multiple host #names are defined in class "w", which contains all of the names for #which your host will accept mail #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Cwlocalhost #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ The j macro is correctly define by the system No need to set it here #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # my official domain name # define this only if sendmail cannot automatically determine # your domain #Dj$w.Foo.COM #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #Class P is used to store pseudo domains It is only used in this #file to store a dot (.) used to identify canonical names The dot #(.) class, which is supposed to be used to identify canonical names, #is not referenced anywhere else in the file #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ CP # a class with just dot (for identifying canonical names) C file:///C|/mynapster/Downloads/warez/tcpip/appe_05.htm (2 of 5) [2001-10-15 09:19:35] [Appendix E] E.5 Sample Configurations #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #Several different mail relay servers can be defined We don't use any #in this sample configuration The L macro and the L class are only #significant if relay servers are defined for handling "local" mail #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # "Smart" relay host (may be null) DS # who I send unqualified names to (null means deliver locally) DR # who gets all local email traffic ($R has precedence for unqualified names) DH # place to which unknown users should be forwarded #Kuser user -m -a #DLname_of_luser_relay # class L: names that should be delivered locally, even if we have a relay #CL root #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #Sample K commands are included in the linux.smtp.cf file Of these, #only the dequote database is active The others are commented out by #default The purpose of each of these databases is explained earlier #in this appendix #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # Mailer table (overriding domains) #Kmailertable dbm /etc/mailertable # Domain table (adding domains) #Kdomaintable dbm /etc/domaintable # dequoting map Kdequote dequote #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #Several lines relate to address "masquerading" Macro M defines the #hostname that should be used in place of the system's real hostname #on outgoing mail The M class defines other hostnames that should be #converted to the macro M hostname Class E defines usernames for which #the hostname should not be converted to $M #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # class E: names that should be exposed as from this host, even if # we masquerade CE root # class M: domains that should be converted to $M #CM # who I masquerade as (null for no masquerading) (see also $=M) DMnuts.com #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #We added this K command to define a database that we created that converts #username to the user's real first and last names #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # define a database to map login names to firstname.lastname Krealnames dbm /tmp/realnames file:///C|/mynapster/Downloads/warez/tcpip/appe_05.htm (3 of 5) [2001-10-15 09:19:35] [Appendix E] E.5 Sample Configurations # operators that cannot be in local usernames (i.e., network indicators) CO @ % # my name for error messages DnMAILER-DAEMON #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #Macro Z contains the configuration file's version number Modify it #every time the file is updated Keep a record of your modifications #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # R1.0 - modified for peanut by Craig # - cleaned up the comments in the local info section # R1.1 - modified macro M to use nuts.com instead of the # hostname in outgoing mail # R2.0 - added rule a to S11 & S31 to rewrite to first.last format DZ8.7.3R2.0 In Chapter 10 we modified ruleset 94 to enable masquerading for envelope addresses ################################################################### ### Ruleset 94 convert envelope names to masqueraded form ### ################################################################### #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #To enable "envelop" address masquerading we "uncommented" the first line #in this ruleset so that it now calls ruleset 93 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ S94 R$+ $@ $>93 $1 R$* < @ *LOCAL* > $* $: $1 < @ $j > $2 The mailers not usually require modification However, in Chapter 10, we made some changes to the S rulesets of the "smtp" mailer We made changes to both ruleset 11 and ruleset 31 #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #In Chapter 10 we added a single rule to the end of this ruleset to lookup #the username in the "realnames" database we created and return the #user's real first and last names #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # # envelope sender rewriting # S11 R$+ $: $>51 $1 sender/recipient common R$* :; $@ list:; special case R$* $: $>61 $1 qualify unqual'ed names R$+ $: $>94 $1 masquerading # when masquerading convert login name to firstname.lastname R$- < @ $M > $* $: $(realnames $1 $) < @ $M > $2 user=>first.last # # envelope recipient rewriting # also header recipient if not # S21 R$+ $: $>51 R$+ $: $>61 -masquerading recipients $1 $1 file:///C|/mynapster/Downloads/warez/tcpip/appe_05.htm (4 of 5) [2001-10-15 09:19:35] sender/recipient common qualify unqual'ed names [Appendix E] E.5 Sample Configurations #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #In Chapter 10 we added a single rule to the end of this ruleset to look up #the username name in the "realnames" database we created and return the #user's real first and last names This is the same modification made #above Often more than one ruleset is modified to add a single new #feature #++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ # # header sender and masquerading header recipient rewriting # S31 R$+ $: $>51 $1 sender/recipient common R:; $@ list:; special case # special header rewriting R$* $* $@ $1 $2 pass null host through R< @ $* > $* $@ < @ $1 > $2 pass route-addr through R$* $: $>61 $1 qualify unqual'ed names R$+ $: $>93 $1 masquerading # when masquerading convert login name to firstname.lastname R$- < @ $M > $* $: $(realnames $1 $) < @ $M > $2 user=>first.last Previous: E.4 More sendmail.cf E.4 More sendmail.cf TCP/IP Network Administration Book Index Next: F Selected TCP/IP Headers F Selected TCP/IP Headers [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/appe_05.htm (5 of 5) [2001-10-15 09:19:35] [Appendix F] Selected TCP/IP Headers Previous: E.5 Sample Configurations Appendix F Next: F.2 TCP Segment Header F Selected TCP/IP Headers Contents: IP Datagram Header TCP Segment Header ICMP Parameter Problem Message Header In Chapter 11, Troubleshooting TCP/IP , several references are made to specific TCP/IP headers Those headers are documented here This is not an exhaustive list of headers; only the headers used in the troubleshooting examples in Chapter 11 are covered: ● ● ● IP Datagram Header, as defined in RFC 791, Internet Protocol TCP Segment Header, as defined in RFC 793, Transmission Control Protocol ICMP Parameter Problem Message Header, as defined in RFC 792, Internet Control Message Protocol Each header is presented using an excerpt from the RFC that defines the header These are not exact quotes; the excerpts have been slightly edited to better fit this text However, we still want to emphasize the importance of using primary sources for troubleshooting protocol problems These headers are provided here to help you follow the examples in Chapter 11 For real troubleshooting, use the real RFCs You can obtain your own copies of the RFCs by following the instructions in Chapter 13, Internet Information Resources F.1 IP Datagram Header This description is taken from pages 11 to 15 of RFC 791, Internet Protocol, by Jon Postel, Information Sciences Institute, University of Southern California Internet Header Format 3 9 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ file:///C|/mynapster/Downloads/warez/tcpip/appf_01.htm (1 of 4) [2001-10-15 09:19:36] [Appendix F] Selected TCP/IP Headers | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Version: bits The Version field indicates the format of the internet header This document describes version IHL: bits Internet Header Length is the length of the internet header in 32 bit words The minimum value for a correct header is Type of Service: bits The Type of Service indication the quality of service desired The meaning of the bits is explained below Bits 0-2: Bit 3: Bits 4: Bits 5: Bit 6-7: Precedence = Normal Delay, = Low Delay = Normal Throughput, = High Throughput = Normal Reliability = High Reliability Reserved for Future Use + -+ -+ -+ -+ -+ -+ -+ -+ | | | | | | | | PRECEDENCE | D | T | R | | | | | | | | | | + -+ -+ -+ -+ -+ -+ -+ -+ Precedence 111 110 101 100 011 010 001 000 - Network Control Internetwork Control CRITIC/ECP Flash Override Flash Immediate Priority Routine Total Length: 16 bits Total Length is the length of the datagram, measured in octets (bytes), including internet header and data Identification: 16 bits file:///C|/mynapster/Downloads/warez/tcpip/appf_01.htm (2 of 4) [2001-10-15 09:19:36] [Appendix F] Selected TCP/IP Headers An identifying value assigned by the sender to aid in assembling the fragments of a datagram Flags: bits Various Control Flags The Flag bits are explained below: Bit 0: reserved, must be zero Bit 1: (DF) = May Fragment, = Don't Fragment Bit 2: (MF) = Last Fragment, = More Fragments + -+ -+ -+ | | D | M | | | F | F | + -+ -+ -+ Fragment Offset: 13 bits This field indicates where in the datagram this fragment belongs The fragment offset is measured in units of octets (64 bits) The first fragment has offset zero Time to Live: bits This field indicates the maximum time the datagram is allowed to remain in the internet system Protocol: bits This field indicates the Transport Layer protocol that the data portion of this datagram is passed to The values for various protocols are specified in the "Assigned Numbers" RFC Header Checksum: 16 bits A checksum on the header only Since some header fields change (e.g., time to live), this is recomputed and verified at each point that the internet header is processed The checksum algorithm is: The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header For purposes of computing the checksum, the value of the checksum field is zero Source Address: 32 bits The source IP address See Chapter 2, Delivering the Data, for a description of IP addresses Destination Address: 32 bits file:///C|/mynapster/Downloads/warez/tcpip/appf_01.htm (3 of 4) [2001-10-15 09:19:36] [Appendix F] Selected TCP/IP Headers The destination IP address addresses Options: See Chapter for a description of IP variable The options may or may not appear in datagrams, but they must be implemented by all IP modules (host and gateways) No options were used in any of the datagrams examined in Chapter 11 Previous: E.5 Sample Configurations E.5 Sample Configurations TCP/IP Network Administration Book Index Next: F.2 TCP Segment Header F.2 TCP Segment Header [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/appf_01.htm (4 of 4) [2001-10-15 09:19:36] [Appendix F] F.2 TCP Segment Header Appendix F Selected TCP/IP Headers Previous: F.1 IP Datagram Header Next: F.3 ICMP Parameter Problem Message Header F.2 TCP Segment Header This description is taken from pages 15 to 17 of RFC 793, Transmission Control Protocol, by Jon Postel, Information Sciences Institute, University of Southern California TCP Header Format 3 9 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Source Port: 16 bits The source port number Destination Port: 16 bits The destination port number Sequence Number: 32 bits The sequence number of the first data octet (byte) in this segment (except when SYN is present) If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1 file:///C|/mynapster/Downloads/warez/tcpip/appf_02.htm (1 of 3) [2001-10-15 09:19:36] [Appendix F] F.2 TCP Segment Header Acknowledgment Number: 32 bits If the ACK control bit is set, this field contains the value of the next sequence number the sender of the segment is expecting to receive Once a connection is established this is always sent Data Offset: bits The number of 32 bit words in the TCP Header This indicates where the data begins The TCP header (even one including options) is an integral number of 32 bits long Reserved: bits Reserved for future use Control Bits: URG: ACK: PSH: RST: SYN: FIN: Must be zero single-bit values (from left to right): Urgent Pointer field significant Acknowledgment field significant Push Function Reset the connection Synchronize sequence numbers No more data from sender Window: 16 bits The number of data octets (bytes) the sender of this segment is willing to accept Checksum: 16 bits The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit words in the header and text Urgent Pointer: 16 bits This field contains the current value of the urgent pointer as a positive offset from the sequence number in this segment The urgent pointer points to the sequence number of the octet following the urgent data This field is only be interpreted in segments with the URG control bit set Options: variable Options may occupy space at the end of the TCP header and are a multiple of bits in length Previous: F.1 IP Datagram Header TCP/IP Network Administration Next: F.3 ICMP Parameter Problem Message Header file:///C|/mynapster/Downloads/warez/tcpip/appf_02.htm (2 of 3) [2001-10-15 09:19:36] [Appendix F] F.2 TCP Segment Header F.1 IP Datagram Header Book Index F.3 ICMP Parameter Problem Message Header [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/appf_02.htm (3 of 3) [2001-10-15 09:19:36] [Appendix F] F.3 ICMP Parameter Problem Message Header Previous: F.2 TCP Segment Header Appendix F Selected TCP/IP Headers F.3 ICMP Parameter Problem Message Header This description is taken from pages and of RFC 792, Internet Control Message Protocol, by Jon Postel, Information Sciences Institute, University of Southern California Parameter Problem Message 3 9 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Code | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Pointer | unused | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Internet Header + 64 bits of Original Data Datagram | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Type 12 Code = pointer indicates the error Checksum The checksum is the 16-bit ones's complement of the one's complement sum of the ICMP message starting with the ICMP Type For computing the checksum , the checksum field should be zero Pointer If code = 0, identifies the octet where an error was detected Internet Header + 64 bits of Data Datagram The internet header plus the first 64 bits of the datagram that elicited this error response file:///C|/mynapster/Downloads/warez/tcpip/appf_03.htm (1 of 2) [2001-10-15 09:19:36] [Appendix F] F.3 ICMP Parameter Problem Message Header Previous: F.2 TCP Segment Header F.2 TCP Segment Header TCP/IP Network Administration Book Index [ Library Home | DNS & BIND | TCP/IP | sendmail | sendmail Reference | Firewalls | Practical Security ] file:///C|/mynapster/Downloads/warez/tcpip/appf_03.htm (2 of 2) [2001-10-15 09:19:36] ... (dial-up IP) 6.3.2 Dial-Up PPP 6.4.2 Dial-Up IP script file : A.1.1 The dip Script File sample : A.1.1.1 A sample dip script for SLIP : 6.4.2 Dial-Up IP tools reference : A.1 Dial-Up IP diphosts... script file : A.1.1 The dip Script File sample : A.1.1.1 A sample dip script for SLIP : 6.4.2 Dial-Up IP special variables, listed : A.1.1 The dip Script File tools reference : A.1 Dial-Up IP. .. IP (dip) file:///C|/mynapster/Downloads/warez/tcpip/index/idx_d.htm (3 of 6) [2001-10-15 09:17:18] file:///C|/mynapster/Downloads/warez/tcpip/index/idx_d.htm 6.3.2 Dial-Up PPP 6.4.2 Dial-Up IP