The TCP/IP Architecture

EE534
Sonali Chouhan
Dept of EEE
IITG
 Why Internetworking?
 To build a “network of networks” or internet
 operating over multiple, coexisting, different network
technologies
 providing ubiquitous connectivity through IP packet transfer

 achieving huge economies of scale

Net51 G Net53
Net
Net
G
G
G
Net55
Net
H G G
Net52
Net Net54
Net
H
 Why Internetworking?
 To provide universal communication services
 independent of underlying network technologies
 providing common interface to user applications

Reliable Stream Service

H
Net53
Net
Net51
Net G
G
G
G
Net55
Net
H G G
Net52
Net Net54
Net
H
User Datagram Service
 Why Internetworking?
 To provide distributed applications
 Any application designed to operate based on Internet
communication services immediately operates across the entire
Internet
 Rapid deployment of new applications
 Email, WWW, Peer-to-peer
 Applications independent of network technology
 New networks can be introduced below
 Old network technologies can be retired
 Internet Protocol Approach
 IP packets transfer information across Internet
Host A IP → router→ router…→ router→ Host B IP
 IP layer in each router determines next hop (router)
 Network interfaces transfer IP packets across networks

Host A Router Host B

Router
Transport Internet Transport
Layer Layer Internet Layer
Layer
Internet Network Internet
Interface
Net51
Net Network
Layer Layer
Interface
Router Network
Network
Interface Internet Interface
Layer
Net54
Net Network Net53
Net52
Net Net
Interface
 TCP/IP Protocol Suite
HTTP SMTP DNS RTP
Distributed
applications User
Reliable
stream TCP UDP datagram
service service

Best-effort
IP (ICMP, ARP)
connectionless
packet transfer

Network Network Network

Interface 1 Interface 2 Interface 3
Diverse network technologies
 Internet Names & Addresses
Internet Names Internet Addresses
 Each host has a unique name  Each host has globally unique logical
 Independent of physical 32 bit IP address
location  Separate address for each physical
 Facilitate memorization by connection to a network
humans  Routing decision is done based on
 Domain Name
destination IP address
 Organization under single  IP address has two parts:
administrative unit  netid and hostid
 Host Name
 netid unique
 Name given to host computer
 netid facilitates routing
 User Name
 Name assigned to user  Dotted Decimal Notation:

int1.int2.int3.int4
leongarcia@comm.utoronto.ca (intj = jth octet)
128.100.10.13

DNS resolves IP name to IP address

 Physical Addresses
 LANs (and other networks) assign physical addresses to
the physical attachment to the network
 The network uses its own address to transfer packets or
frames to the appropriate destination
 IP address needs to be resolved to physical address at each
IP network interface
 Example: Ethernet uses 48-bit addresses
 Each Ethernet network interface card (NIC) has globally unique
Medium Access Control (MAC) or physical address
 First 24 bits identify NIC manufacturer; second 24 bits are serial
number
 00:90:27:96:68:07 12 hex numbers

Intel
 Encapsulation
TCP Header contains
source & destination HTTP Request
port numbers

IP Header contains
source and destination TCP
header HTTP Request
IP addresses;
transport protocol type

Ethernet Header contains

IP TCP
source & destination MAC header header HTTP Request
addresses;
network protocol type
Ethernet IP TCP
HTTP Request FCS
header header header
The Internet Protocol
 Internet Protocol
 Provides best effort, connectionless packet delivery
 motivated by need to keep routers simple and by
adaptibility to failure of network elements
 packets may be lost, out of order, or even duplicated

 higher layer protocols must deal with these, if necessary

 RFCs 791, 950, 919, 922, and 2474.

 IP is part of Internet STD number 5, which also
includes:
 Internet Control Message Protocol (ICMP), RFC 792
 Internet Group Management Protocol (IGMP), RFC 1112
 IP Packet Header
0 4 8 16 19 24 31

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source IP Address

Destination IP Address

Options Padding

 Minimum 20 bytes
 Up to 40 bytes in options fields
 IP Packet Header
0 4 8 16 19 24 31

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source IP Address

Destination IP Address

Options Padding

Version: current IP version is 4.

Internet header length (IHL): length of the header in 32-bit words.
Type of service (TOS): traditionally priority of packet at each router.
Recent Differentiated Services redefines TOS field to include other services
besides best effort.
 IP Packet Header
0 4 8 16 19 24 31

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source IP Address

Destination IP Address

Options Padding

Total length: number of bytes of the IP packet including header and data,
maximum length is 65535 bytes.
Identification, Flags, and Fragment Offset: used for fragmentation and
reassembly (More on this shortly).
 0 4
IP Packet Header
8 16 19 24 31

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source IP Address

Destination IP Address

Options Padding

Time to live (TTL): number of hops packet is allowed to traverse in the

network.
• Each router along the path to the destination decrements this value by
one.
• If the value reaches zero before the packet reaches the destination, the
router discards the packet and sends an error message back to the source.
 0 4
IP Packet Header
8 16 19 24 31

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source IP Address

Destination IP Address

Options Padding

Protocol: specifies upper-layer protocol that is to receive IP data at the

destination. Examples include TCP (protocol = 6), UDP (protocol = 17), and
ICMP (protocol = 1).
Header checksum: verifies the integrity of the IP header.
Source IP address and destination IP address: contain the addresses of
the source and destination hosts.
 IP Packet Header
0 4 8 16 19 24 31

Version IHL Type of Service Total Length

Identification Flags Fragment Offset

Time to Live Protocol Header Checksum

Source IP Address

Destination IP Address

Options Padding

Options: Variable length field, allows packet to request special features

such as security level, route to be taken by the packet, and timestamp at
each router. Detailed descriptions of these options can be found in [RFC
791].
Padding: This field is used to make the header a multiple of 32-bit words.
 Header Checksum
 IP header uses check bits to detect errors in the
header
 A checksum is calculated for header contents

 Checksum recalculated at every router, so algorithm

selected for ease of implementation in software
 Let header consist of L, 16-bit words,

b0, b1, b2, ..., bL-1

 The algorithm appends a 16-bit checksum bL
 IP Header Processing
1. Compute header checksum for correctness
and check that fields in header (e.g. version
and total length) contain valid values
2. Consult routing table to determine next hop
3. Change fields that require updating (TTL,
header checksum)
 IP Addressing
 RFC 1166
 Each host on Internet has unique 32 bit IP address
 Each address has two parts: netid and hostid
 netid unique & administered by
 American Registry for Internet Numbers (ARIN)
 Reseaux IP Europeens (RIPE)
 Asia Pacific Network Information Centre (APNIC)
 Facilitates routing
 A separate address is required for each physical connection of a
host to a network; “multi-homed” hosts
 Dotted-Decimal Notation:

int1.int2.int3.int4 where intj = integer value of jth octet

IP address of 10000000 10000111 01000100 00000101
is 128.135.68.5 in dotted-decimal notation
 Classful Addresses
Class A 7 bits 24 bits
0 netid hostid

• 126 networks with up to 16 million hosts 1.0.0.0 to

127.255.255.255

Class B
14 bits 16 bits
1 0 netid hostid

• 16,382 networks with up to 64,000 hosts 128.0.0.0 to

191.255.255.255

Class C 22 bits 8 bits

1 1 0 netid hostid

• 2 million networks with up to 254 hosts 192.0.0.0 to

223.255.255.255
Class D 28 bits
1 1 1 0 multicast address
224.0.0.0 to
239.255.255.255

 Up to 250 million multicast groups at the same time

 Permanent group addresses
 All systems in LAN; All routers in LAN;
 All OSPF routers on LAN; All designated OSPF routers on a
LAN, etc.
 Temporary groups addresses created as needed
 Special multicast routers
Class E Addresses

If the first octet of an IP address

begins with 1111, the address is a
Class E address.

Therefore, the first octet range for

Class E addresses is 11110000 to
1111111, or 240 to 255.

Class E addresses are reserved for

experimental purposes and should
not be used to address hosts or
multicast groups.
 Reserved Host IDs (all 0s & 1s)

Internet address used to refer to network has hostid set to all 0s

this host
0 0 0 0 0 0 (used when
booting up)

a host
0 0 0 host in this
network

Broadcast address has hostid set to all 1s

broadcast on
1 1 1 1 1 1 local network

broadcast on
netid 1 1 1 1 1 1 1 distant
network
 Private IP Addresses
 Specific ranges of IP addresses set aside for
use in private networks (RFC 1918)
 Use restricted to private internets; routers in
public Internet discard packets with these
addresses
 Range 1: 10.0.0.0 to 10.255.255.255
 Range 2: 172.16.0.0 to 172.31.255.255
 Range 3: 192.168.0.0 to 192.168.255.255
 Network Address Translation (NAT) used to
convert between private & global IP addresses
 Example of IP Addressing
128.135.40.1 128.140.5.40

H Interface Interface H
Address is Address is
128.135.10.2 128.140.5.35

Network Network
R
128.135.0.0 128.140.0.0

H H
H
128.135.10.20 128.135.10.21
128.140.5.36

Address with host ID=all 0s refers to the network

R = router
Address with host ID=all 1s refers to a broadcast packet
H = host
 Subnet Addressing
 Subnet addressing introduces another hierarchical level
 Transparent to remote networks
 Simplifies management of multiplicity of LANs
 Masking used to find subnet number

Original
1 0 Net ID Host ID
address

Subnetted
address 1 0 Net ID Subnet ID Host ID
 Subnetting Example
 Organization has Class B address (16 host ID bits) with
network ID: 150.100.0.0
 Create subnets with up to 100 hosts each
 7 bits sufficient for each subnet
 16-7=9 bits for subnet ID
 Apply subnet mask to IP addresses to find corresponding
subnet
 Example: Find subnet for 150.100.12.176
 IP add = 10010110 01100100 00001100 10110000
 Mask = 11111111 11111111 11111111 10000000
 AND = 10010110 01100100 00001100 10000000
 Subnet = 150.100.12.128
 Subnet address used by routers within organization
 Subnet Example

H1 H2
150.100.12.154 150.100.12.176
150.100.12.128
150.100.12.129
150.100.0.1
R1
To the rest of H3 H4
the Internet 150.100.12.4
150.100.12.24 150.100.12.55

150.100.12.0
150.100.12.1
R2 H5
150.100.15.54 150.100.15.11

150.100.15.0
 Routing with Subnetworks
 IP layer in hosts and routers maintain a routing table
 Originating host: To send an IP packet, consult
routing table
 If destination host is in same network, send packet directly
using appropriate network interface
 Otherwise, send packet indirectly; typically, routing table
indicates a default router
 Router: Examine IP destination address in arriving
packet
 If dest IP address not own, router consults routing table to
determine next-hop and associated network interface &
forwards packet
 Routing Table

 Each row in routing table

 Routing table search order
contains: & action
 Destination IP address
 Complete destination
address; send as per next-
 IP address of next-hop router
hop & G flag
 Physical address  Destination network ID;
 Statistics information send as per next-hop & G
 Flags flag
 H=1 (0) indicates route is to a  Default router entry; send
host (network)
as per next-hop
 G=1 (0) indicates route is to a
router (directly connected  Declare packet
destination) undeliverable; send ICMP
“host unreachable error”
packet to originating host
 Example: Host H5 sends packet to host H2
H1 H2
150.100.12.154 150.100.12.176
150.100.12.128
150.100.12.129
150.100.0.1
R1
To the rest of H3 H4
the Internet 150.100.12.4
150.100.12.24 150.100.12.55

150.100.12.0
150.100.12.1
R2 H5
150.100.15.54 150.100.15.11
Routing Table at H5
150.100.15.0
Destination Next-Hop Flags Net I/F
127.0.0.1 127.0.0.1 H lo0 150.100.12.176

default 150.100.15.54 G emd0

150.100.15.0 150.100.15.11 emd0
 Example: Host H5 sends packet to host H2
H1 H2
150.100.12.154 150.100.12.176
150.100.12.128
150.100.12.129
150.100.0.1
R1
To the rest of H3 H4
the Internet 150.100.12.4
150.100.12.24 150.100.12.55

150.100.12.0
150.100.12.1
150.100.12.176
R2 H5
Routing Table at R2
150.100.15.54 150.100.15.11
Destination Next-Hop Flags Net I/F
150.100.15.0
127.0.0.1 127.0.0.1 H lo0
default 150.100.12.4 G emd0
150.100.15.0 150.100.15.54 emd1
150.100.12.0 150.100.12.1 emd0
 Example: Host H5 sends packet to host H2
H1 H2
150.100.12.154 150.100.12.176
150.100.12.128
150.100.12.129 150.100.12.176
150.100.0.1
R1
To the rest of H3 H4
the Internet 150.100.12.4
150.100.12.24 150.100.12.55

150.100.12.0
150.100.12.1
R2 H5
Routing Table at R1
150.100.15.54 150.100.15.11
Destination Next-Hop Flags Net I/F
150.100.15.0
127.0.0.1 127.0.0.1 H lo0
150.100.12.176 150.100.12.176 emd0
150.100.12.0 150.100.12.4 emd1
150.100.15.0 150.100.12.1 G emd1
 IP Address Problems
 In the 1990, two problems became apparent
 IP addresses were being exhausted
 IP routing tables were growing very large
 IP Address Exhaustion
 Class A, B, and C address structure inefficient
 Class B too large for most organizations, but future proof
 Class C too small
 Rate of class B allocation implied exhaustion by 1994
 IP routing table size
 Growth in number of networks in Internet reflected in # of table entries
 From 1991 to 1995, routing tables doubled in size every 10 months
 Stress on router processing power and memory allocation
 Short-term solution:
 Classless Interdomain Routing (CIDR), RFC 1518
 New allocation policy (RFC 2050)
 Private IP Addresses set aside for intranets
 Long-term solution: IPv6 with much bigger address space
 Supernetting
Classes A and B are almost depleted.
Class C addresses are still available.
What if a company needs a network larger than
254 hosts?
Give the company several consecutive blocks of
C addresses and treat these as a single
supernetwork
(Supernetting applies only to the class C
addresses)
 Supernetting
• Assign an organization a block of plentiful
addresses (class C) rather than a single scarce
(class B) address
• Example:
• An organization wants to connect to the Internet
• The organization would prefer a class B address
• Plans to subnet its various physical networks using the
third octet of the IP address to represent the subnet
• This would allow the organization to have 254 physical networks
with up to 254 hosts per network
 Supernetting (cont)
• Example (cont):
• Instead of getting a class B address, the organization is
given 256 contiguous class C addresses
• E.g. 192.17.0.0 – 192.17.255.0
• Then:
• The organization can have up to 256 physical networks (each with
its own class C network address)
• Each physical network can have up to 254 hosts
• Result: a block of plentiful addresses (class C)
substituted for a single scarce (class B) address
 New Address Allocation Policy

 Class A & B assigned only Address Address

for clearly demonstrated Requirement Allocation
need
< 256 1 Class C
 Consecutive blocks of class
C assigned (up to 64 blocks) 256<,<512 2 Class C
 All IP addresses in the range have
a common prefix, and every 512<,<1024 4 Class C
address with that prefix is within
the range 1024<,<2048 8 Class C
 Arbitrary prefix length for network
ID improves efficiency 2048<,<4096 16 Class C
4096<,<8192 32 Class C
8192<,<16384 64 Class C
 Extending Supernetting
• A few large commercial Internet Service
Providers (ISPs) provide Internet connectivity
• ISPs are assigned a large chunk of contiguous
network addresses
• Organizations contract with an ISP and are
assigned one or more network address(es)
 Effect of Supernetting on Routing
• Problem:
• Recall: Routers (potentially) have an entry in their
routing table for each unique network
• Assigning an organization 256 class C addresses might
require 256 routing table entries
• Assigning an organization 1 class B address would
require 1 routing table entry
• The information that Internet routers must store
and exchange increases dramatically
 Effect of Supernetting on Routing (cont)

• Solution: Classless Inter-Domain Routing

(CIDR)
• Collapse a block of contiguous network
addresses into a single pair
• Example: (192.5.48.0, 3) specifies three network
addresses:
• 192.5.48.0
• 192.5.49.0
• 192.5.50.0
 CIDR Notation
• CIDR Notation (or slash notation) is a
shorthand for representing both the starting
address and mask
• Example: 128.211.168.0/21
• Specifies the starting address (128.211.168.0)
• Specifies the number of bits in the prefix (21)
• Specifies the suffix (32-21 = last 11 bits)
 CIDR
 Summarize a contiguous group of class C addresses using
variable-length mask
 Example: 150.158.16.0/20
 IP Address (150.158.16.0) & mask length (20)
 IP add = 10010110 10011110 00010000 00000000
 Mask = 11111111 11111111 11110000 00000000
 Contains 16 Class C blocks:
 From 10010110 10011110 00010000 00000000
 i.e. 150.158.16.0
 Up to 10010110 10011110 00011111 00000000
 i.e. 150.158.31.0
 Classless Inter-Domain Routing
 CIDR deals with Routing Table Explosion Problem
 Networks represented by prefix and mask
 Pre-CIDR: Network with range of 16 contiguous class C blocks requires
16 entries
 Post-CIDR: Network with range of 16 contiguous class C blocks
requires 1 entry
 Solution: Route according to prefix of address, not class
 Routing table entry has <IP address, network mask>
 Example: 192.32.136.0/21
 11000000 00100000 10001000 00000001 min address
 11111111 11111111 11111--- -------- mask
 11000000 00100000 10001--- -------- IP prefix
 11000000 00100000 10001111 11111110 max address
 11111111 11111111 11111--- -------- mask
 11000000 00100000 10001--- -------- same IP prefix
 Longest Prefix Match
 CIDR impacts routing & forwarding
 Routing tables and routing protocols must carry IP
address and mask
 Multiple entries may match a given IP destination address
 Example: Routing table may contain
 205.100.0.0/22 which corresponds to a given supernet
 205.100.0.0/20 which results from aggregation of a larger
number of destinations into a supernet
 Packet must be routed using the more specific route, that is, the
longest prefix match
 Several fast longest-prefix matching algorithms are
available
 Address Resolution Protocol
Although IP address identifies a host, the packet is physically
delivered by an underlying network (e.g., Ethernet) which uses its own
physical address (MAC address in Ethernet). How to map an IP address
to a physical address?

H1 wants to learn physical address of H3 -> broadcasts an ARP request

H1 H2 H3 H4

150.100.76.20 150.100.76.21 150.100.76.22 150.100.76.23

ARP request (what is the MAC address of 150.100.76.22?)

Every host receives the request, but only H3 reply with its physical address
H1 H2 H3 H4

ARP response (my MAC address is 08:00:5a:3b:94)

 Fragmentation and Reassembly
• Identification identifies a particular packet
• Flags = (unused, don’t fragment/DF, more fragment/MF)
• Fragment offset identifies the location of a fragment within a packet

Reassemble
at destination
Source Router Destination
Fragment
at source Fragment
IP IP
at router

Network Network
 Internet Control Message Protocol (ICMP)
 Encapsulated in IP packet (protocl type = 1)
 Handles error and control messages
 If router cannot deliver or forward a packet, it sends an
ICMP “host unreachable” message to the source
 If router receives packet that should have been sent to
another router, it sends an ICMP “redirect” message to
the sender; Sender modifies its routing table
 ICMP “router discovery” messages allow host to learn
about routers in its network and to initialize and update
its routing tables
 ICMP echo request and reply facilitate diagnostic and
used in “ping”
 ICMP Basic Error Message Format
0 8 16 31

Type Code Checksum

Unused

IP header and 64 bits of original datagram

 Type of message: 0- Echo Reply, 3- Destination unreachable, 5-

redirect…
 Code: purpose of message
 Code: Type 3- Destination Unreachable Codes
0 Network Unreachable; 3 Port Unreachable
1 Host Unreachable 4 Fragmentation needed
2 Protocol Unreachable 5 Source route failed
 Type 11- Time-exceeded, code=0 if TTL exceeded
 IP header & 64 bits of original datagram
 To match ICMP message with original data in IP packet
 Echo Request & Echo Reply Message
0
Format 8 16 31

Type Code Checksum

Identifier Sequence number

Data

 Echo request: type=8; Echo reply: type=0

 Destination replies with echo reply by copying data in
request onto reply message
 Sequence number to match reply to request
 ID to distinguish between different sessions using
echo services
 Used in PING
IPv6
 IPv6
 Longer address field:
 128 bits can support up to 3.4 x 1038 hosts
 Simplified header format:
 Simpler format to speed up processing of each header
 All fields are of fixed size
 IPv4 vs IPv6 fields:
 Same: Version
 Dropped: Header length, ID/flags/frag offset, header checksum
 Replaced:
 Datagram length by Payload length
 Protocol type by Next header
 TTL by Hop limit
 TOS by traffic class
 New: Flow label
 Other IPv6 Features
 Flexible support for options: more efficient and
flexible options encoded in optional extension headers
 Flow label capability: “flow label” to identify a packet
flow that requires a certain QoS
 Security: built-in authentication and confidentiality
 Large packets: supports payloads that are longer than
64 K bytes, called jumbo payloads.
 Fragmentation at source only: source should check
the minimum MTU along the path
 No checksum field: removed to reduce packet
processing time in a router
 IPv6 Header Format
0 4 12 16 24 31
Version Traffic Class Flow Label
Payload Length Next Header Hop Limit

Source Address

Destination Address

 Version field same size, same location

 Traffic class to support differentiated services
 Flow: sequence of packets from particular source to particular
destination for which source requires special handling
 0 4
IPv6 Header Format
12 16 24 31
Version Traffic Class Flow Label
Payload Length Next Header Hop Limit

Source Address

Destination Address

 Payload length: length of data excluding header, up to 65535 B

 Next header: type of extension header that follows basic header
 Hop limit: # hops packet can travel before being dropped by a router
 IPv6 Addressing
 Address Categories
 Unicast: single network interface
 Multicast: group of network interfaces, typically at different
locations. Packet sent to all.
 Anycast: group of network interfaces. Packet sent to only one
interface in group, e.g. nearest.
 Hexadecimal notation
 Groups of 16 bits represented by 4 hex digits
 Separated by colons
 4BF5:AA12:0216:FEBC:BA5F:039A:BE9A:2176
 Shortened forms:
 4BF5:0000:0000:0000:BA5F:039A:000A:2176
 To 4BF5:0:0:0:BA5F:39A:A:2176
 To 4BF5::BA5F:39A:A:2176
 Mixed notation:
 ::FFFF:128.155.12.198
 Extension Headers
Daisy chains of extension headers

Basic header
Next header = TCP segment
TCP

Basic header Routing header Fragment header Authentication header

Next header = Next header = Next header = Next header = TCP segment
routing fragment authentication TCP

 Extension
headers processed in order of
appearance