Types of network protocols protocol tcp ip. What is TCP-IP protocol

The operation of the global Internet is based on a set (stack) of TCP/IP protocols. But these terms seem complex only at first glance. In fact TCP/IP protocol stack is a simple set of rules for exchanging information, and these rules are actually well known to you, although you probably are not aware of it. Yes, that’s exactly how it is; essentially, there is nothing new in the principles underlying the TCP/IP protocols: everything new is well-forgotten old.

A person can learn in two ways:

Through stupid formal memorization of formulaic methods for solving standard problems (which is what is now mostly taught in school). Such training is ineffective. Surely you have seen the panic and complete helplessness of an accountant when changing the version office software- at the slightest change in the sequence of mouse clicks required to perform habitual actions. Or have you ever seen a person fall into a stupor when changing the desktop interface?
Through understanding the essence of problems, phenomena, patterns. Through understanding principles building this or that system. In this case, having encyclopedic knowledge does not play a big role - the missing information is easy to find. The main thing is to know what to look for. And this requires not formal knowledge of the subject, but an understanding of the essence.

In this article, I propose to take the second path, since understanding the principles underlying the Internet will give you the opportunity to feel confident and free on the Internet - quickly solve problems that arise, correctly formulate problems and confidently communicate with technical support.

So, let's begin.

The principles of operation of the TCP/IP Internet protocols are inherently very simple and strongly resemble the work of our Soviet postal service.

Remember how our regular mail works. First, you write a letter on a piece of paper, then put it in an envelope, seal it, back side Write the addresses of the sender and recipient on the envelope, and then take it to the nearest post office. Next, the letter passes through a chain of post offices to the nearest post office of the recipient, from where it is delivered by the postman to the specified address recipient and dropped into his mailbox (with his apartment number) or delivered personally. That's it, the letter has reached the recipient. When the recipient of the letter wants to answer you, he will swap the addresses of the recipient and the sender in his response letter, and the letter will be sent to you along the same chain, but in the opposite direction.

The envelope of the letter will read something like this:

Sender's address: From whom: Ivanov Ivan Ivanovich Where: Ivanteevka, st. Bolshaya, 8, apt. 25 Address of the recipient: To whom: Petrov Petr Petrovich Where: Moscow, Usachevsky lane, 105, apt. 110

Now we are ready to consider the interaction of computers and applications on the Internet (and in local network Same). Please note that the analogy with regular mail will be almost complete.

Each computer (aka: node, host) on the Internet also has a unique address, which is called an IP address ( Internet Protocol Address), for example: 195.34.32.116. An IP address consists of four decimal numbers(from 0 to 255), separated by a dot. But knowing only the IP address of the computer is not enough, because... Ultimately, it is not the computers themselves that exchange information, but the applications running on them. And several applications can run simultaneously on a computer (for example, a mail server, a web server, etc.). To deliver a regular paper letter, it is not enough to know only the address of the house - you also need to know the apartment number. Also every software application has a similar number called the port number. Majority server applications have standard numbers, for example: Post service bound to port number 25 (they also say: “listens” to the port, receives messages on it), the web service is bound to port 80, FTP to port 21, and so on.

Thus, we have the following almost complete analogy with our usual postal address:

"house address" = "computer IP" "apartment number" = "port number"

IN computer networks operating via TCP/IP protocols, an analogue of a paper letter in an envelope is plastic bag, which contains the actual transmitted data and address information - the sender’s address and the recipient’s address, for example:

Source address: IP: 82.146.49.55 Port: 2049 Recipient address (Destination address): IP: 195.34.32.116 Port: 53 Package details: ...

Of course, the packages also include service information, but for understanding the essence this is not important.

Please note the combination: "IP address and port number" - called "socket".

In our example, we send a packet from socket 82.146.49.55:2049 to socket 195.34.32.116:53, i.e. the packet will go to a computer with an IP address of 195.34.32.116, to port 53. And port 53 corresponds to a name recognition server (DNS server), which will receive this packet. Knowing the sender's address, this server will be able, after processing our request, to generate a response packet that will go in the opposite direction to the sender socket 82.146.49.55:2049, which for the DNS server will be the recipient socket.

As a rule, interaction is carried out according to the “client-server” scheme: the “client” requests some information (for example, a website page), the server accepts the request, processes it and sends the result. The port numbers of server applications are well known, for example: the SMTP mail server “listens” on port 25, the POP3 server that allows reading mail from your mailboxes “listens” on port 110, the web server listens on port 80, etc.

Most programs on home computer are clients - for example mail client Outlook, web browsers IE, FireFox, etc.

The port numbers on the client are not fixed like those on the server, but are assigned dynamically by the operating system. Fixed server ports usually have numbers up to 1024 (but there are exceptions), and client ports start after 1024.

Repetition is the mother of teaching: IP is the address of a computer (node, host) on the network, and port is the number of a specific application running on this computer.

However, it is difficult for a person to remember digital IP addresses - it is much more convenient to work with alphabetic names. After all, it is much easier to remember a word than a set of numbers. This is done - any digital IP address can be associated with an alphanumeric name. As a result, for example, instead of 82.146.49.55, you can use the name And the domain name service (DNS) (Domain Name System) handles the conversion of the domain name to a digital IP address.

Let's take a closer look at how this works. Your provider is clearly (on paper, for manual settings connections) or implicitly (via automatic setup connection) provides you with the IP address of the name server (DNS). On a computer with this IP address there is an application (name server) running that knows all the domain names on the Internet and their corresponding digital IP addresses. The DNS server “listens” to port 53, accepts requests to it and issues responses, for example:

Request from our computer: "What IP address corresponds to the name www.site?" Server response: "82.146.49.55."

Now let's look at what happens when you type the domain name (URL) of this site () in your browser and click , in response from the web server you receive a page of this site.

For example:

IP address of our computer: 91.76.65.216 Browser: Internet Explorer(IE), DNS server (stream): 195.34.32.116 (yours may be different), The page we want to open: www.site.

Recruiting at address bar browser domain name and click . Next, the operating system performs approximately the following actions:

A request (more precisely, a packet with a request) is sent to the DNS server on socket 195.34.32.116:53. As discussed above, port 53 corresponds to the DNS server, an application that resolves names. And the DNS server, having processed our request, returns the IP address that matches the entered name.

The dialogue goes something like this:

What IP address corresponds to the name www.site? - 82.146.49.55 .

Next, our computer establishes a connection to the port 80 computer 82.146.49.55 and sends a request (request packet) to receive the page. Port 80 corresponds to the web server. Port 80 is usually not written in the address bar of the browser, because... is used by default, but it can also be specified explicitly after the colon - .

Having received a request from us, the web server processes it and sends us a page in several packets. HTML language- a text markup language that the browser understands.

Our browser, having received the page, displays it. As a result, we see the main page of this site on the screen.

Why do we need to understand these principles?

For example, you noticed strange behavior of your computer - strange network activity, slowdowns, etc. What to do? Open the console (click the “Start” button - “Run” - type cmd - “Ok”). In the console we type the command netstat -an and click . This utility will display a list of established connections between the sockets of our computer and the sockets of remote hosts. If we see some foreign IP addresses in the “External Address” column, and the 25th port after the colon, what could this mean? (Remember that port 25 corresponds to the mail server?) This means that your computer has established a connection with some mail server(servers) and sends some letters through it. And if your email client (Outlook for example) is not running at this time, and if there are still a lot of such connections on port 25, then there is probably a virus on your computer that sends spam on your behalf or forwards your credit card numbers together with passwords to attackers.

Also, an understanding of how the Internet works is necessary for correct settings firewall (in other words, firewall :)). This program (which often comes with an antivirus) is designed to filter packets - “friends” and “enemies”. Let your own people through, don’t let strangers in. For example, if your firewall tells you that someone wants to establish a connection to some port on your computer. Allow or deny?

And most importantly, this knowledge is extremely useful when communicating with technical support.

Finally, here is a list of ports that you are likely to encounter:

135-139 - these ports are used by Windows to access shared resources computer - folders, printers. Do not open these ports to the outside, i.e. to the regional local network and the Internet. They should be closed with a firewall. Also, if on the local network you do not see anything in the network environment or you are not visible, then this is probably due to the fact that the firewall has blocked these ports. Thus, these ports must be open for the local network, but closed for the Internet. 21 - port FTP server. 25 - postal port SMTP server. Your email client sends letters through it. The IP address of the SMTP server and its port (25th) should be specified in the settings of your mail client. 110 - port POP3 server. Through it, your mail client picks up letters from your mailbox. The IP address of the POP3 server and its port (110th) should also be specified in the settings of your mail client. 80 - port WEB-servers. 3128, 8080 - proxy servers (configured in the browser settings).

Several special IP addresses:

127.0.0.1 is the localhost address local system, i.e. local address your computer. 0.0.0.0 - this is how all IP addresses are designated. 192.168.xxx.xxx - addresses that can be used arbitrarily on local networks; they are not used on the global Internet. They are unique only within the local network. You can use addresses from this range at your discretion, for example, to build a home or office network.

What is the subnet mask and default gateway (router, router)?

(These parameters are set in the settings network connections).

It's simple. Computers are connected into local networks. On a local network, computers directly “see” only each other. Local networks are connected to each other through gateways (routers, routers). The subnet mask is designed to determine whether the recipient computer belongs to the same local network or not. If the receiving computer belongs to the same network as the sending computer, then the packet is sent to it directly, otherwise the packet is sent to the default gateway, which then, using routes known to it, transmits the packet to another network, i.e. to another post office (by analogy with the Soviet post office).

Finally, let’s look at what these unclear terms mean:

TCP/IP- this is the name of the set network protocols. In fact, the transmitted packet goes through several layers. (Like in the post office: first you write a letter, then you put it in an addressed envelope, then the post office puts a stamp on it, etc.).

IP The protocol is a so-called network layer protocol. The task of this level is to deliver IP packets from the sender's computer to the recipient's computer. In addition to the data itself, packets at this level have a source IP address and a recipient IP address. Port numbers are not used at the network level. Which port, i.e. the application is addressed to this packet, whether this packet was delivered or was lost is unknown at this level - this is not its task, this is the task of the transport layer.

TCP and UDP These are protocols of the so-called transport layer. The transport layer sits above the network layer. At this level, a source port and a destination port are added to the packet.

TCP is a connection-oriented protocol with guaranteed packet delivery. First, special packets are exchanged to establish a connection, something like a handshake occurs (-Hello. -Hello. -Shall we chat? -Come on.). Then packets are sent back and forth over this connection (a conversation is in progress), and it is checked whether the packet has reached the recipient. If the packet is not received, it is sent again (“repeat, I didn’t hear”).

UDP is a connectionless protocol with non-guaranteed packet delivery. (Like: you shouted something, but whether they heard you or not didn’t matter).

Above the transport level is application layer. At this level, protocols such as http, ftp etc. For example, HTTP and FTP use the reliable TCP protocol, and the DNS server works through the unreliable UDP protocol.

How to view current connections?

Current connections can be viewed using the command

Netstat -an

(the n parameter specifies to display IP addresses instead of domain names).

This command runs like this:

“Start” - “Run” - type cmd - “Ok”. In the console that appears (black window), type the command netstat -an and click . The result will be a list of established connections between the sockets of our computer and remote nodes.

For example we get:

Active connections

Name	Local address	External address	State
TCP	0.0.0.0:135	0.0.0.0:0	LISTENING
TCP	91.76.65.216:139	0.0.0.0:0	LISTENING
TCP	91.76.65.216:1719	212.58.226.20:80	ESTABLISHED
TCP	91.76.65.216:1720	212.58.226.20:80	ESTABLISHED
TCP	91.76.65.216:1723	212.58.227.138:80	CLOSE_WAIT
TCP	91.76.65.216:1724	212.58.226.8:80	ESTABLISHED

...

In this example, 0.0.0.0:135 means that our computer listens (LISTENING) to port 135 at all its IP addresses and is ready to accept connections from anyone on it (0.0.0.0:0) via the TCP protocol.

91.76.65.216:139 - our computer listens to port 139 on its IP address 91.76.65.216.

The third line means that the connection is now established (ESTABLISHED) between our machine (91.76.65.216:1719) and the remote one (212.58.226.20:80). Port 80 means that our machine made a request to the web server (I actually have pages open in the browser).

In future articles we will look at how to apply this knowledge, e.g.

Interaction between computers on the Internet is carried out through network protocols, which are an agreed upon set of specific rules, according to which different devices data transmissions exchange information. There are protocols for error control formats and other types of protocols. Most commonly used in global internetworking TCP-IP protocol.

What kind of technology is this? The name TCP-IP comes from two network protocols: TCP and IP. Of course, the construction of networks is not limited to these two protocols, but they are basic as far as the organization of data transmission is concerned. In fact, TCP-IP is a set of protocols that allows individual networks to come together to form

The TCP-IP protocol, which cannot be described only by the definitions of IP and TCP, also includes the protocols UDP, SMTP, ICMP, FTP, telnet, and more. These and other TCP-IP protocols provide the most complete operation of the Internet.

Below we provide a detailed description of each protocol included in general concept TCP-IP.

. Internet protocol(IP) is responsible for the direct transmission of information on the network. The information is divided into parts (in other words, packets) and transmitted to the recipient from the sender. For accurate addressing, you need to specify the exact address or coordinates of the recipient. Such addresses consist of four bytes, which are separated from each other by dots. Each computer's address is unique.

However, using the IP protocol alone may not be enough for correct data transmission, since the volume of most of the transmitted information is more than 1500 characters, which no longer fits into one packet, and some packets may be lost during transmission or sent in the wrong order, what is needed.

. Transmission Control Protocol(TCP) is used at a higher level than the previous one. Based on the IP protocol's ability to carry information from one host to another, the TCP protocol allows large amounts of information to be sent. TCP is also responsible for separation transmitted information into separate parts - packages - and proper recovery data from packets received after transmission. Wherein this protocol automatically retransmits packets that contain errors.

Management of the organization of data transfer in large volumes can be carried out using a number of protocols that have special functional purposes. In particular, there are the following types of TCP protocols.

1. FTP (File Transfer Protocol) organizes file transfer and is used to transfer information between two Internet nodes using TCP connections in the form of a binary or simple text file, as a named area in computer memory. In this case, it does not matter where these nodes are located and how they are connected to each other.

2. User Datagram Protocol, or User Datagram Protocol, is connection independent and transmits data in packets called UDP datagrams. However, this protocol is not as reliable as TCP because the sender does not know whether the packet was actually received.

3. ICMP(Internet Control Message Protocol) exists to transmit error messages that occur during data exchange on the Internet. However, the ICMP protocol only reports errors, but does not eliminate the reasons that led to these errors.

4. Telnet- which is used to implement a text interface on a network using the TCP transport.

5. SMTP(Simple Mail Transfer Protocol) is a special electronic message that defines the format of messages that are sent from one computer, called an SMTP client, to another computer running an SMTP server. In this case, this transfer can be delayed for some time until the work of both the client and the server is activated.

Data transmission scheme via TCP-IP protocol

1. The TCP protocol breaks the entire amount of data into packets and numbers them, packing them into TCP envelopes, which allows you to restore the order in which parts of information are received. When data is placed in such an envelope, a checksum is calculated, which is then written into the TCP header.

3. TCP then checks to see if all packets have been received. If, during reception, the newly calculated one does not coincide with that indicated on the envelope, this indicates that some of the information was lost or distorted during transmission, the TCP-IP protocol again requests the forwarding of this packet. Confirmation of the receipt of data from the recipient is also required.

4. After confirming the receipt of all packets, the TCP protocol orders them accordingly and reassembles them into a single whole.

The TCP protocol uses repeated data transmissions and waiting periods (or timeouts) to ensure reliable delivery of information. Packets can be transmitted in two directions simultaneously.

Thus, TCP-IP eliminates the need for retransmissions and waits for application processes (such as Telnet and FTP).

IN modern world information spreads in seconds. The news has just appeared, and a second later it is already available on some website on the Internet. The Internet is considered one of the most useful developments of the human mind. To enjoy all the benefits that the Internet provides, you need to connect to this network.

Few people know that the simple process of visiting web pages involves invisible to the user, complex system actions. Each click on a link activates hundreds of different computational operations at the heart of the computer. These include sending requests, receiving responses, and much more. The so-called TCP/IP protocols are responsible for every action on the network. What are they?

Any Internet protocol TCP/IP operates at its own level. In other words, everyone does their own thing. The entire TCP/IP protocol family does a tremendous amount of work simultaneously. And the user at this time sees only bright pictures and long lines of text.

Concept of a protocol stack

The TCP/IP protocol stack is an organized set of basic network protocols, which is hierarchically divided into four levels and is a system for transport distribution of packets over a computer network.

TCP/IP is the most famous network protocol stack used in this moment. The principles of the TCP/IP stack apply to both local and wide area networks.

Principles of using addresses in the protocol stack

The TCP/IP network protocol stack describes the paths and directions in which packets are sent. This is the main task of the entire stack, performed at four levels that interact with each other using a logged algorithm. To ensure that the packet is sent correctly and delivered exactly to the point that requested it, IP addressing was introduced and standardized. This was due to the following tasks:

Addresses various types, must be agreed upon. For example, converting a website domain to a server's IP address and back, or converting a host name to an address and back. In this way, it becomes possible to access the point not only using the IP address, but also by its intuitive name.
Addresses must be unique. This is because in some special cases the packet must reach only one specific point.
The need to configure local area networks.

In small networks where several dozen nodes are used, all these tasks are performed simply, using the simplest solutions: compiling a table describing the ownership of the machine and its corresponding IP address, or you can manually distribute IP addresses to all network adapters. However for large networks for a thousand or two thousand machines, the task of manually issuing addresses does not seem so feasible.

That is why a special approach was invented for TCP/IP networks, which became a distinctive feature of the protocol stack. The concept of scalability was introduced.

Layers of the TCP/IP protocol stack

There is a certain hierarchy here. The TCP/IP protocol stack has four layers, each of which handles its own set of protocols:

Application layer: created to enable the user to interact with the network. At this level, everything that the user sees and does is processed. The level allows the user to access various network services, for example: access to databases, the ability to read a list of files and open them, send electronic message or open a web page. Along with user data and actions, service information is transmitted at this level.

Transport layer: This is a pure packet transmission mechanism. At this level, neither the contents of the package nor its affiliation with any action matter at all. At this level, only the address of the node from which the packet is sent and the address of the node to which the packet should be delivered matters. As a rule, the size of fragments transmitted using different protocols can change, therefore, at this level, blocks of information can be split up at the output and assembled into a single whole at the destination. This causes possible data loss if, at the time of transmission of the next fragment, a short-term connection break occurs.

The transport layer includes many protocols, which are divided into classes, from the simplest ones, which simply transmit data, to complex ones, which are equipped with the functionality of acknowledging receipt, or re-requesting a missing block of data.

This level provides the higher (application) level with two types of services:

Provides guaranteed delivery using the TCP protocol.
Delivers via UDP whenever possible .

To ensure guaranteed delivery, a connection is established according to the TCP protocol, which allows packets to be numbered at the output and confirmed at the input. The numbering of packets and confirmation of reception is the so-called service information. This protocol supports transmission in "Duplex" mode. In addition, thanks to the well-thought-out regulations of the protocol, it is considered very reliable.

The UDP protocol is intended for moments when it is impossible to configure transmission via the TCP protocol, or you have to save on the network data transmission segment. Also, the UDP protocol can interact with higher-level protocols to increase the reliability of packet transmission.

Network layer or "Internet layer": a basic level of for the entire TCP/IP model. The main functionality of this layer is identical to the layer of the same name in the OSI model and describes the movement of packets in a composite network consisting of several smaller subnets. It links adjacent layers of the TCP/IP protocol.

The network layer is the connecting layer between the higher transport layer and the lower layer network interfaces. The network layer uses protocols that receive a request from the transport layer, and through regulated addressing, transmit the processed request to the network interface protocol, indicating to which address to send the data.

The following TCP/IP network protocols are used at this level: ICMP, IP, RIP, OSPF. The main and most popular at the network level is, of course, the IP (Internet Protocol). Its main task is to transmit packets from one router to another until a unit of data reaches the network interface of the destination node. The IP protocol is deployed not only on hosts, but also on network equipment: routers and managed switches. The IP protocol operates on the principle of best-effort, non-guaranteed delivery. That is, there is no need to establish a connection in advance to send a packet. This option leads to saving traffic and time on the movement of unnecessary service packets. The packet is routed towards its destination, and it is possible that the node remains unreachable. In this case, an error message is returned.

Network interface level: is responsible for ensuring that subnetworks with different technologies can interact with each other and transmit information in the same mode. This is accomplished in two simple steps:

Encoding a packet into an intermediate network data unit.
Converts the destination information into the required subnet standards and sends the data unit.

This approach allows us to constantly expand the number of supported networking technologies. As soon as it appears new technology, it immediately fits into the TCP/IP protocol stack and allows networks with older technologies to transfer data to networks built using more modern standards and methods.

Units of data transferred

During the existence of such a phenomenon as the TCP/IP protocols, standard terms in terms of units of transmitted data. Data during transmission can be fragmented in different ways, depending on the technologies used by the destination network.

To have an idea of what is happening with the data and at what point in time, it was necessary to come up with the following terminology:

Data stream- data that arrives at the transport layer from protocols of a higher application layer.
A segment is a fragment of data into which a stream is divided according to TCP protocol standards.
Datagram(especially illiterate people pronounce it as “Datagram”) - units of data that are obtained by splitting a stream using connectionless protocols (UDP).
Plastic bag- a unit of data produced via the IP protocol.
The TCP/IP protocols package IP packets into blocks of data transmitted over composite networks, called personnel or frames.

Types of TCP/IP protocol stack addresses

Any TCP/IP data transfer protocol uses one of following types addresses:

Local (hardware) addresses.
Network addresses (IP addresses).
Domain names.

Local addresses (MAC addresses) - used in most local area network technologies to identify network interfaces. When talking about TCP/IP, the word local means an interface that operates not in a composite network, but within a separate subnet. For example, the subnet of an interface connected to the Internet will be local, and the Internet network will be composite. A local network can be built on any technology, and regardless of this, from the point of view of a composite network, a machine located in a separately dedicated subnet will be called local. Thus, when a packet enters the local network, its IP address is then associated with the local address, and the packet is sent to the MAC address of the network interface.

Network addresses (IP addresses). TCP/IP technology provides its own global addressing of nodes to solve a simple problem - combining networks with different technologies into one large data transmission structure. IP addressing is completely independent of the technology used on the local network, but an IP address allows a network interface to represent a machine on a composite network.

As a result, a system was developed in which hosts are assigned an IP address and a subnet mask. The subnet mask shows how many bits are allocated to the network number, and how many to the host number. An IP address consists of 32 bits, divided into blocks of 8 bits.

When a packet is transmitted, it is assigned information about the network number and the node number to which the packet should be sent. First, the router forwards the packet to the desired subnet, and then a host is selected that is waiting for it. This process is carried out by the Address Resolution Protocol (ARP).

Domain addresses on TCP/IP networks are managed by a specially designed Domain Name System (DNS). To do this, there are servers that match the domain name, presented as a string of text, with the IP address, and send the packet in accordance with global addressing. There is no correspondence between a computer name and an IP address, so in order to convert a domain name to an IP address, the sending device must access the routing table that is created on the DNS server. For example, we write the site address in the browser, the DNS server matches it with the IP address of the server on which the site is located, and the browser reads the information, receiving a response.

In addition to the Internet, it is possible to issue domain names to computers. Thus, the process of working on a local network is simplified. There is no need to remember all IP addresses. Instead, you can give each computer any name and use it.

IP address. Format. Components. Subnet mask

An IP address is a 32-bit number, which in traditional representation is written as numbers from 1 to 255, separated by dots.

Type of IP address in various recording formats:

Decimal IP address: 192.168.0.10.
Binary form of the same IP address: 11000000.10101000.00000000.00001010.
Recording an address in hexadecimal system notation: C0.A8.00.0A.

There is no separator between the network ID and the point number in the entry, but the computer is able to separate them. There are three ways to do this:

Fixed border. With this method, the entire address is conditionally divided into two parts of a fixed length, byte by byte. Thus, if we give one byte for the network number, then we will get 2 8 networks of 2 24 nodes each. If the border is moved another byte to the right, then there will be more networks - 2 16, and fewer nodes - 2 16. Today, the approach is considered obsolete and is not used.
Subnet mask. The mask is paired with an IP address. The mask has a sequence of values "1" in those bits that are allocated to the network number, and a certain amount of zeros in those places of the IP address that are allocated to the node number. The boundary between ones and zeros in the mask is the boundary between the network ID and the host ID in the IP address.
Address classes method. Compromise method. When using it, network sizes cannot be selected by the user, however, there are five classes - A, B, C, D, E. Three classes - A, B and C - are intended for various networks, and D and E are reserved for special-purpose networks. In a class system, each class has its own boundary of network number and node ID.

IP Address Classes

TO class A These include networks in which the network is identified by the first byte, and the remaining three are the node number. All IP addresses that have a first byte value from 1 to 126 in their range are class A networks. There are very few class A networks in quantity, but each of them can have up to 2 24 points.

Class B- networks in which the two highest bits are equal to 10. In them, 16 bits are allocated for the network number and point identifier. As a result, it turns out that the number of class B networks is quantitatively different from the number of class A networks, but they have a smaller number of nodes - up to 65,536 (2 16) units.

On networks class C- there are very few nodes - 2 8 in each, but the number of networks is huge, due to the fact that the network identifier in such structures takes up three bytes.

Networks class D- already belong to special networks. It starts with the sequence 1110 and is called a multicast address. Interfaces with class A, B and C addresses can be part of a group and receive, in addition to the individual address, a group address.

Addresses class E- in reserve for the future. Such addresses begin with the sequence 11110. Most likely, these addresses will be used as group addresses when there is a shortage of IP addresses on the global network.

Setting up the TCP/IP protocol

Setting up the TCP/IP protocol is available on all operating systems. These are Linux, CentOS, Mac OS X, Free BSD, Windows 7. The TCP/IP protocol only requires a network adapter. Of course, server operating systems are capable of more. The TCP/IP protocol is very widely configured using server services. IP addresses in regular desktop computers are set in the network connection settings. There you configure the network address, the gateway - the IP address of the point that has access to the global network, and the addresses of the points where the DNS server is located.

Internet protocol TCP/IP can be configured in manual mode. Although this is not always necessary. You can receive TCP/IP protocol parameters from the server's dynamic distribution address automatically. This method is used in large corporate networks. On DHCP server you can map a local address to a network address, and as soon as a machine with a given IP address appears on the network, the server will immediately give it a pre-prepared IP address. This process is called reservation.

TCP/IP Address Resolution Protocol

The only way to establish a relationship between a MAC address and an IP address is by maintaining a table. If there is a routing table, each network interface is aware of its addresses (local and network), but the question arises of how to properly organize the exchange of packets between nodes using the TCP/IP 4 protocol.

Why was Address Resolution Protocol (ARP) invented? In order to link the TCP/IP family of protocols and other addressing systems. An ARP mapping table is created on each node and is populated by polling the entire network. This happens every time the computer is turned off.

ARP table

This is what an example of a compiled ARP table looks like.

StackTCP/ IP.

The TCP/IP stack is a set of hierarchically ordered network protocols. The stack is named after two important protocols – TCP (Transmission Control Protocol) and IP (Internet Protocol). In addition to them, the stack includes several dozen more different protocols. Currently, TCP/IP protocols are the main ones for the Internet, as well as for most corporate and local networks.

In the Microsoft Windows Server 2003 operating system, the TCP/IP stack is selected as the main one, although other protocols are also supported (for example, the IPX/SPX stack, the NetBIOS protocol).

The TCP/IP protocol stack has two important properties:

platform independence, i.e. its implementation is possible on a wide variety of operating systems and processors;

openness, i.e. the standards by which the TCP/IP stack is built are available to anyone.

History of creationTCP/ IP.

In 1967, the Advanced Research Projects Agency of the US Department of Defense (ARPA - Advanced Research Projects Agency) initiated the development of a computer network that was supposed to connect a number of universities and research centers that carried out orders from the Agency. The project was called ARPANET. By 1972, the network connected 30 nodes.

As part of the ARPANET project, the main protocols of the TCP/IP stack - IP, TCP and UDP - were developed and published in 1980–1981. An important factor in the spread of TCP/IP was the implementation of this stack in the UNIX 4.2 BSD operating system (1983).

By the end of the 1980s, the greatly expanded ARPANET became known as the Internet (Interconnected networks). connected networks) and united universities and scientific centers USA, Canada and Europe.

In 1992 appeared new service Internet – WWW (World Wide Web), based on the HTTP protocol. Largely thanks to WWW, the Internet, and with it the TCP/IP protocols, received rapid development in the 90s.

At the beginning of the 21st century, the TCP/IP stack is acquiring a leading role in the means of communication not only of global, but also local networks.

ModelOSI.

The Open Systems Interconnection (OSI) model was developed by the International Organization for Standardization (ISO) to provide a consistent approach to building and interconnecting networks. Development of the OSI model began in 1977 and ended in 1984 with the approval of the standard. Since then, the model has been the reference for the development, description and comparison of various protocol stacks.

Let's briefly look at the functions of each level.

The OSI model includes seven layers: physical, data link, network, transport, session, presentation, and application.

The physical layer describes the principles signal transmission, transmission speed, communication channel specifications. The level is implemented in hardware ( network adapter, hub port, network cable).

The data link layer solves two main tasks: it checks the availability of the transmission medium (the transmission medium is most often divided between several network nodes), and also detects and corrects errors that occur during the transmission process.

The implementation of the level is hardware and software (for example, a network adapter and its driver). The network layer provides network interconnection , working on different protocols of the data link and physical layers, into a composite network. In this case, each of the networks included in a single network is called subnet (subnet). At the network level, two main problems have to be solved: routing(routing, choosing the optimal path for transmitting a message) and addressing(addressing, each node in a composite network must have a unique name). Typically, network layer functions are implemented by a special device -

router

(router) and its software. The transport layer solves the problem of reliably transmitting messages in a composite network by confirming delivery and resending packets. This level and all the following are implemented in software. communication session and, if the connection is broken, resume the session from this state.

The presentation layer ensures the conversion of transmitted information from one encoding to another (for example, from ASCII to EBCDIC).

The application layer implements the interface between the other layers of the model and user applications.

StructureTCP/ IP. The TCP/IP structure is not based on the OSI model, but on its own model, called DARPA (Defense ARPA - the new name of the Advanced Research Projects Agency) or DoD (Department of Defense - US Department of Defense). This model has only four levels. The correspondence of the OSI model to the DARPA model, as well as the main protocols of the TCP/IP stack, is shown in Fig. 2.2.

It should be noted that the lower level of the DARPA model - the network interface level - strictly speaking, does not perform the functions of the data link and physical layers, but only provides communication (interface) upper levels DARPA with composite network technologies (eg, Ethernet, FDDI, ATM).

All protocols included in the TCP/IP stack are standardized in RFC documents.

DocumentationRFC.

Approved official Internet and TCP/IP standards are published as RFC (Request for Comments) documents. Standards are developed by the entire ISOC community (Internet Society, an international public organization). Any ISOC member may submit a document for consideration for publication in an RFC. The document is then reviewed by technical experts, development teams and the RFC editor and goes through the following stages, called maturity levels, in accordance with RFC 2026:

draft(Internet Draft) – at this stage, experts familiarize themselves with the document, additions and changes are made;

proposed standard(Proposed Standard) - the document is assigned an RFC number, experts have confirmed the viability of the proposed solutions, the document is considered promising, it is desirable that it be tested in practice;

draft standard(Draft Standard) - a document becomes a draft standard if at least two independent developers have implemented and successfully applied the proposed specifications.

At this stage, minor corrections and improvements are still allowed;(Internet Standard) - the highest stage of approval of the standard, the document specifications have become widespread and have proven themselves in practice. A list of Internet standards is given in RFC 3700. Of the thousands of RFCs, only a few dozen are documents with the status of “Internet standard”.

In addition to standards, RFCs can also be descriptions of new networking concepts and ideas, guidelines, results of experimental studies presented for information, etc. Such RFCs can be assigned one of the following statuses:

experimental(Experimental) - a document containing information about scientific research and development that may be of interest to ISOC members;

informational(Informational) - a document published to provide information and does not require approval by the ISOC community;

best modern experience(Best Current Practice) - a document intended to convey experience from specific developments, such as protocol implementations.

The status is indicated in the header of the RFC document after the word Category (Category). For documents in the status of standards (Proposed Standard, Draft Standard, Internet Standard), the name is indicated Standards Track, since the level of readiness may vary.

RFC numbers are assigned sequentially and are never reissued. The original RFC is never updated. The updated version is published under a new number. An obsolete and superseded RFC becomes historical(Historic).

All existing RFC documents can be viewed, for example, on the website www.rfc-editor.org . There were over 5,000 in August 2007. The RFCs referenced in this course are listed in Appendix I.

Overview of the main protocols.

Protocol IP (Internet Protocol) – This is the main network layer protocol responsible for addressing in composite networks and packet transmission between networks. The IP protocol is datagram protocol, i.e. it does not guarantee delivery of packets to the destination node. The transport layer protocol TCP provides guarantees.

Protocols R.I.P. (Routing Information Protocol – routing information protocol ) AndOSPF (Open Shortest Path First – « The shortest routes open first" ) – routing protocols in IP networks.

Protocol ICMP (Internet Control Message Protocol – Control Message Protocol in Composite Networks) is designed to exchange error information between network routers and the source node of the packet. Using special packets, it reports the impossibility of delivering a package, the duration of assembling a package from fragments, anomalous parameter values, changes in the forwarding route and type of service, the state of the system, etc.

Protocol ARP (Address Resolution Protocol – Address Translation Protocol) converts IP addresses into hardware addresses of local networks. The reverse conversion is carried out using the protocol RAPR (Reverse ARP).

TCP (Transmission Control Protocol – transmission control protocol) ensures reliable transmission of messages between remote network nodes through the formation of logical connections. TCP allows you to deliver a byte stream generated on one computer without errors to any other computer included in the composite network. TCP divides the byte stream into parts - segments and passes them on to the network layer. Once these segments are delivered to their destination, TCP reassembles them into a continuous stream of bytes.

UDP (User Datagram Protocol – User Datagram Protocol) provides data transmission in a datagram manner.

HTTP (HyperText Transfer Protocol – hypertext transfer protocol) – web document delivery protocol, the main protocol of the WWW service.

FTP (File Transfer Protocol – file transfer protocol) – a protocol for transferring information stored in files.

POP 3 (Post Office Protocol version 3 – post office protocol) and SMTP (Simple Mail Transfer Protocol – Simple Mail Forwarding Protocol) – protocols for delivering incoming email (POP3) and sending outgoing email (SMTP).

Telnet – terminal emulation protocol 1, allowing the user to connect to other remote stations and work with them from their machine, as if it were their remote terminal.

SNMP (Simple Network Management Protocol – simple network management protocol) is designed to diagnose the performance of various network devices.

UNIX, which contributed to the growing popularity of the protocol, as manufacturers included TCP/IP in the set software every UNIX computer. TCP/IP finds its mapping in reference model OSI, as shown in Figure 3.1.

You can see that TCP/IP is located at layers three and four of the OSI model. The point of this is to leave the LAN technology to the developers. The purpose of TCP/IP is message transmission in local networks of any type and establishing communication using any network application.

The TCP/IP protocol works because it is connected to OSI model at the two lowest layers - the data layer and the physical layer. This allows TCP/IP to find mutual language with virtually any network technology and, as a result, with any computer platform. TCP/IP includes four abstract layers, listed below.

Rice. 3.1.

Network interface. Allows TCP/IP to actively interact with all modern network technologies, based on the OSI model.
Internetwork. Defines how IP controls forwarding messages through routers of a network space such as the Internet.
Transport. Defines a mechanism for exchanging information between computers.
Applied. Specifies network applications for performing tasks, such as forwarding, email, and others.

Due to its widespread use, TCP/IP has become the de facto Internet standard. The computer on which it is implemented network technology, based on the OSI model (Ethernet or Token Ring), has the ability to communicate with other devices. In "Networking Fundamentals" we looked at layers 1 and 2 when discussing LAN technologies. Now we'll move on to the OSI stack and look at how a computer communicates over the Internet or private network. This section discusses the TCP/IP protocol and its configurations.

What is TCP/IP

The fact that computers can communicate with each other is itself a miracle. After all, these are computers from different manufacturers working with various operating systems and protocols. In the absence of some common basis such devices would not be able to exchange information. When sent over a network, data must be in a format that is understandable to both the sending device and the receiving device.

TCP/IP satisfies this condition through its internetworking layer. This layer directly matches the network layer of the OSI reference model and is based on a fixed message format called an IP datagram. A datagram is something like a basket in which all the information of a message is placed. For example, when you load a web page into your browser, what you see on the screen is delivered piecemeal by datagram.

It's easy to confuse datagrams with packets. Datagram is information item, while a packet is a physical message object (created on a third or more high levels), which is actually sent on the network. Although some consider these terms interchangeable, their distinction actually matters in a specific context - not here, of course. It is important to understand that the message is broken into fragments, transmitted over the network and reassembled at the receiving device.

The positive thing about this approach is that if a single packet is corrupted during transmission, then only that packet will need to be retransmitted, not the entire message. Another positive is that no host has to wait an indefinite amount of time for another host's transmission to finish before sending its own message.

TCP and UDP

When sending an IP message over a network, one of the transport protocols is used: TCP or UDP. TCP (Transmission Control Protocol) makes up the first half of the acronym TCP/IP. The User Datagram Protocol (UDP) is used instead of TCP to transport less important messages. Both protocols are used for the correct exchange of messages in TCP/IP networks. There is one significant difference between these protocols.

TCP is called a reliable protocol because it communicates with the recipient to verify that the message was received.

UDP is called an unreliable protocol because it does not even attempt to contact the recipient to verify delivery.

It is important to remember that only one protocol can be used to deliver a message. For example, when a web page is loaded, packet delivery is controlled by TCP without any UDP intervention. On the other hand, Trivial File Transfer Protocol (TFTP) downloads or sends messages under the control of the UDP protocol.

The transport method used depends on the application - it could be email, HTTP, the application responsible for networking work, and so on. Network developers use UDP wherever possible because it reduces overhead traffic. The TCP protocol is attached more effort for guaranteed delivery and transmits many more packets than UDP. Figure 3.2 provides a list of network applications and shows which applications use TCP and which use UDP. For example, FTP and TFTP do essentially the same thing. However, TFTP is mainly used for downloading and copying programs. network devices. TFTP can use UDP because if the message fails to be delivered, nothing bad happens because the message was not intended for the end user, but for the network administrator, whose priority level is much lower. Another example is a voice video session, in which ports for both TCP and UDP sessions can be used. Thus, a TCP session is initiated to exchange data when a telephone connection is established, while the telephone conversation itself is transmitted via UDP. This is due to the speed of voice and video streaming. If a packet is lost, there is no point in resending it, since it will no longer match the data flow.

Rice. 3.2.

IP Datagram Format

IP packets can be broken down into datagrams. The datagram format creates fields for the payload and for message transmission control data. Figure 3.3 shows the datagram diagram.

Note. Don't be fooled by the size of the data field in a datagram. The datagram is not overloaded with additional data. The data field is actually the largest field in the datagram.

Rice. 3.3.

It is important to remember that IP packets can have different lengths. In "Networking Fundamentals" it was said that information packets on an Ethernet network range in size from 64 to 1400 bytes. In the Token Ring network their length is 4000 bytes, in the ATM network - 53 bytes.

Note. The use of bytes in a datagram can be confusing, since data transfer is often associated with concepts such as megabits and gigabits per second. However, because computers prefer to work with data bytes, datagrams also use bytes.

If you look again at the datagram format in Figure 3.3, you'll notice that the leftmost margins are a constant value. This happens because CPU A person working with packets needs to know where each field begins. Without standardization of these fields, the final bits will be a jumble of ones and zeros. On the right side of the datagram are packets of variable length. The purpose of the various fields in a datagram is as follows.

VER. The version of the IP protocol used by the station where the original message appeared. Current version IP is version 4. This field ensures concurrent existence different versions in the internetwork space.
HLEN. The field informs the receiving device of the length of the header so that the CPU knows where the data field begins.
Service type. Code that tells the router the type of packet control in terms of service level (reliability, priority, deferment, etc.).
Length. The total number of bytes in the packet, including header fields and data fields.
ID, frags and frags offset. These fields tell the router how to fragment and reassemble the packet and how to compensate for differences in frame size that may occur as the packet traverses LAN segments with different network technologies (Ethernet, FDDI, etc.).
TTL. An abbreviation for Time to Live is a number that decreases by one each time a packet is sent. If life time becomes equal to zero, then the package ceases to exist. TTL prevents loops and lost packets from wandering endlessly across the Internet.
Protocol. The transport protocol to use to transmit the packet. The most common protocol specified in this field is TCP, but other protocols may be used.
Header checksum. A checksum is a number that is used to verify the integrity of a message. If checksums all message packets do not match correct value, this means that the message has been corrupted.
Source IP address. The 32-bit address of the host that sent the message (usually a personal computer or server).
Destination IP address. The 32-bit address of the host to which the message was sent (usually a personal computer or server).
IP options. Used for network testing or other special purposes.
Padding. Fills all unused (empty) bit positions so that the processor can correctly determine the position of the first bit in the data field.
Data. The payload of the sent message. For example, the package data field may contain the text of an email.

As mentioned earlier, the packet consists of two main components: data about message processing, located in the header, and the information itself. Information part located in the payload sector. You can imagine this sector as the cargo compartment of a spaceship. The header is all of the shuttle's onboard computers in the control cabin. It manages all the information needed by all the different routers and computers along the message path, and is used to maintain a certain order in assembling the message from individual packets.