protocoale
-
Upload
nicoleta-branzea -
Category
Documents
-
view
32 -
download
1
description
Transcript of protocoale
Reteaua, ce inseamna si cum se construieste?
Ce inseamna de fapt o retea? Ce inseamna un router? Ce este un switch, o placa de retea? Dar RJ45,
Mbps, ADSL, WiFi si multe alte denumiri de care ne lovim destul de des? Ce este acela un IP sau un MAC
(nu, aici nu vorbim despre produse Apple ). Acestea sunt intrebari la care vom incerca sa le dam un
raspuns pe parcursul acestui articol.
In primul rand, pentru un utilizator obisnuit este necesar sa stie cateva lucruri inainte de a incepe sa isi
construiasca o retea acasa sau la birou. Pentru un numar de 4-5 calculatoare un router sau un switch cu
un pret pana in 200 de lei este suficient. Ce se intampla daca avem mai multe PC-uri ce trebuiesc
interconectate si care trebuie sa aiba acces la informatie rapid si eficient?
Switch-ul este capabil sa gestioneze traficul in cadrul unei retele interne, aici ne referim mai mult la
switch-urile pentru folosinta casnica. Acestea pot avea 4, 5 sau 8 porturi cu o viteza de 10/100/1000
Mbps.
Switch-urile performante pot gestiona accesul la retea al computerelor conectate, cele simple
functioneaza doar ca legatura intre PC-uri. Atentie, a nu se confunda switch-ul cu un HUB, un termen care
ati face bine sa il uitati pentru ca va iesi din curand din vocabularul administratorilor de retea. Spre
deosebire de un HUB, switch-ul tine minte adresele PC-urilor conectate si tipurile de informatii trimise la
si de la acestea. Astfel, acorda prioritate dinamica unor PC-uri cu flux mai mare de date in detrimentul
altora. HUB-ul a fost predecesorul switch-ului si, spre deosebire de acesta, cand primea o informatie din
retea incerca fiecare port in parte pentru a afla la care dintre ele trebuie sa ajunga informatia, un proces
foarte lent care pierdea o mare parte din timpul de transfer al datelor in retea.
Router-ul este un dispozitiv ce interconecteaza PC-urile dar ofera pe langa acest lucru si acces la
internet prin intermediul unui port aditional la care se conecteaza un modem. Acesta poate gestiona, de
asemenea, traficul sistemelor pe internet, poate oferi limitari la internet, sau la anumite site-uri. Aceasta
este, in principal, diferenta dintre router si switch, aici discutand bineinteles de echipamente mai ieftine,
cu un grad redus de cunostinte necesare pentru instalarea acestora. Routerul este principalul punct de
interes pentru un utilizator casnic si trebuie sa fie bine ales pentru a nu cauza apoi probleme legate de
disponibilitatea serviciului de internet (este binecunoscut ca exista anumite modele de routere pe piata
ce au diverse probleme cu tipul de semnal oferit de catre ISP – Internet Service Provider).
Modem-ul este device-ul ce face transformarea semnalului de internet pentru ca un computer sa il
poata intelege. In prezent la noi in tara se folosesc 3 tipuri de modem-uri:
Modemul de cablu (utilizatorii mai vechi de RDS stiu despre ce vorbesc, este acel dispozitiv in care
intra cablul coaxial, acela foarte asemanator cu cel pentru semnalul TV, iar pe alt port iese un cablu ce se
conecteaza la PC. Pentru utilizatorii ce locuiesc la bloc acesta a fost inlocuit direct cu cablul de retea ce
intra in PC. Pentru cei care sunt la distante mari unii de altii, de exemplu rezidentii de la case sau de la
marginea orasului, acest sistem s-a pastrat, fiind unul dintre cele mai ieftine si mai potrivite pentru a
transmite semnalul la o distanta mai mare. Cablul de retea permite transportul semnalului pe un maxim
de 100 metri teoretic, distanta care asigura functionarea optima a acestuia, atat din punct de vedere al
sigurantei datelor cat si din punct de vedere al vitezei de transfer.
Modemul ADSL (Asynchronous Digital Subscriber Line) folosit pentru conectarea abonatilor
Romtelecom ClickNet la Internet. Acesta primeste semnalul de internet direct prin linia telefonica fixa, da
cele 2 fire de telefon, si il converteste intr-un semnal compatibil cu computerul. Acest tip de sistem de
conectare la internet este unul mai nou si permite folosirea cu succes a liniilor telefonice gata instalate in
multe dintre casele utillizatorilor. Este, de asemenea, un procedeu de instalare foarte simplu, utilizatorul
cerand activarea la unul din sediile Romtelecom, iar echipamentul ii este livrat acasa unde instalarea nu
dureaza mai mult de 10 minute si este foarte usoara.
Modemul 3G este folosit pentru accesul la internet prin intermediul operatorului de telefonie mobila,
cred ca stiti stickurile acelea la care se face reclama de mai mult de 10 ori pe zi la TV, fiecare operator de
telefonie mobila are cate unul care mai de care mai scump si mai destept. Modelele difera de la an la an,
la fel si viteza acestora, care este in continua crestere la toti operatorii de telefonie mobila pe masura ce
sunt adoptate noi si noi standare de comunicatie de catre acestia.
Modem-ul CDMA apartine Cosmote-ului si Romtelecomului, ZAPP-ul dupa cum stiti a trecut sub
patronajul primei companii mentionate. Acestea folosesc banda de 450 MHz pentru a comunica, avantajul
acestora fiind aria de acoperire mai mare si implicit un nivel de semnal mai ridicat chiar si acolo unde
Vodafone si Orange nu ajunge cu antena. Unicul dezavantaj este viteza poate putin mai redusa decat
tehnologia 3G, cu un maxim de 2.4 Mbps download, un aspect mai putin semnificativ, pus in balanta cu
existenta semnalului atat in vai cat si pe varful muntelui. 3G, pe de alta parte, este promovat de
Vodafone, Orange si, mai nou, RDS. Tehnologia 3G se bazeaza pe o frecventa de lucru de 1900 MHz, mai
exact frecventa telefoanelor mobile de la noi din tara. Are o viteza de pana la 7.2 Mbps download, viteza
teoretica bineinteles care este atinsa rareori si doar in interiorul oraselor mari sau la margine acestora.
Odata ce ai iesit din oras telefonul sau modemul comuta pe EDGE care ofera aproximativ 384 Kbps
transfer, destul de putin fata de CDMA nu?. Traficul este relativ, in functie de cat de mult sunteti dispusi
sa platiti lunar, pleaca de la 1-2GB in cazul modemului gratuit oferit de RDS si poate ajunge si la 10-20
GB cu un cost de cel putin 20-30 de euro lunar pe abonament.
OK, am facut o prezentare demna de reclama operatorilor GSM asa ca voi trece mai departe la subiectul
principal al articolului
Suntem in anul 2010, deci nu mai aducem in discutie o serie de termeni folositi cand s-a descoperit
cuprul, de asemenea nici acele tipuri de produse care acum stau si se prafuiesc in depozite.
Schema principala a unei retele este cea de tip stea. Adica in centrul retelei se afla un switch sau un
router, care interconecteaza PC-urile intre ele si, in unele cazuri, le ofera si acces la internet. Routerul
poate sa aiba inclus unul dintre cele trei modemuri prezentate mai sus. Cele mai cautate sunt cele pentru
retea direct si cele ADSL. Sunt cateva lucruri pe care trebuie sa le stiti in achizitionarea unui router. In
primul rand, trebuie sa fiti atenti la cate PC-uri aveti acasa sau la birou si care este modalitatea de
conectare a acestora, cu fir sau wireless. 99.90% din sistemele existente detin un port de retea RJ45
pentru conectarea la un router. Wireless-ul este prezent pe toate laptopurile sau netbook-urile
momentului, de asemenea si pe o mare parte din telefoanele mobile, asa ca de ce sa renuntam la el in
favoarea unei economii de 30 de lei? Viteza de transfer pe cablu este de 10/100/1000 Mbps. Adica un
maxim teoretic intre doua sisteme cu acelasi tip de conexiune de 100 MB/s. Viteza in retea si pe internet
se exprima in Megabiti (Mbps) pe secunda sau Kilobiti (Kbps) pe secunda. Multa lume face confuzia
intre aceasta si viteza de transfer a unui sitck USB sau a unui HDD. Pentru a intelege mai bine acest lucru
aveti mai jos un tabel cu informatiile care se invata la orice curs de computere sau in scoala/liceu cei care
sunteti dintr-o generatie mai noua.bit b 0 or 1byte B 8 bitskilobit kb 1000 bitskilobyte (binary) KB 1024 byteskilobyte (decimal) KB 1000 bytesMegabit Mb 1000 kilobitsMegabyte (binary) MB 1024 KilobytesMegabyte (decimal) MB 1000 KilobytesGigabit Gb 1000 MegabitsGigabyte (binary) GB 1024 MegabytesGigabyte (decimal) GB 1000 Megabytes
Sistemul de conexiune wireless este prezent pe aproape toate laptopurile si netbook-urile, cat si pe o
multime de sisteme desktop sau home theater, de asemenea si pe media playerele externe si, nu in
ultimul rand, pe o multime de modele de telefoane mobile. Acesta este un sistem de conectare la o retea
ce foloseste banda de 2.4 GHz in principal. O alta frecventa folosita mai nou este cea de 5 GHz si este
benefica mai ales spatiilor aglomerate, urbane, unde o simpla scanare a retelor wireless ofera chiar si 10-
15 rezultate. In blocuri sau sedii de firme folosirea unei frecvente de 5 GHz ofera o securitate sporita si,
nu in ultimul rand, o viteza de transfer mai buna, neexistand interferente de la alte retele pe aceeasi
frecventa. O alta interferenta negativa este cea a telefoanelor fixe fara fir care folosesc o frecventa
asemanatoare celei de 2.4 GHz. In astfel de locuri cu multe retele wireless semnalul este mai dificil de
procesat, astfel eficienta unui transfer scade, putand fi cu mult redus fata de performantele specificate
de producator.
Poate ati auzit de denumiri gen 802.11b, 802.11g sau 802.11n, acestea reprezinta standarde de viteza
care au fost concepute pentru retelele wireless. Primul 802.11b are o viteza de transfer maxim teoretica
de 11Mbps, 802.11g o viteza de 54 sau 108 Mbps, aceasta din urma fiind una dintre cele mai folosite
pana de curand, iar 802.11n cea mai noua si cea mai rapida poate atinge chiar si 300Mbps, in mod
teoretic desigur. 802.11n a avut o perioada de testare de aproximativ 7 ani, pana anul trecut, cand
standardul a fost finalizat, probabil ca ati vazut pe multe routere sau dispozitive wireless pentru PC fiind
inscriptionata notatia N-Draft. Mai exista si 802.11a, care a fost prezent de multa vreme pe piata si care
este de fapt inceputul wireless-ului pe frecventa de 5 GHz.
Exista echipamente capabile sa lucreze in ambele benzi de frecventa sau doar intr-una din ele. Primul tip
de echipamente este cel mai recomandat, acesta putand avea 2 retele wireless simultan, una pe fiecare
frecventa, pe cea de 2.4 GHz putandu-se face conectarea unor sisteme de calcul ce au nevoie de o viteza
mai redusa de transfer, iar pe cea de-a doua alte laptopuri sau desktopuri cu cerinte mai mari de la retea,
de exemplu un media player extern care va fi ferit astfel de interferentele din jur si va permite o viteza
maxima de transfer a continutului HD de pe PC catre un televizor. De asemenea, se pot folosi intr-o
companie doua tipuri de securizari diferite. Pe una din frecvente se poate face comunicarea interna a PC-
urilor, iar pe cealalta se pot conecta echipamente wireless venita din afara, adica o retea de tip Guest.
Pentru un router wireless este bine sa stiti aceste lucruri inainte de achizitionarea unuia. De asemenea,
dupa ce ati facut acest lucru, pozitionarea acestuia este cruciala pentru calitatea semnalului si implicit
viteza maxima de transfer obtinuta. Routerul este bine sa se afle in centrul spatiului de lucru sau al celui
de locuit, cat si in centrul incaperii in care este pozitionat, asta inseamna la o inaltime de 1-1.5 metri de
sol, si cat mai aproape de centrul camerei, lucru mai putin posibil de multe ori. De evitat pozitionarea
acestuia pe dulap sau sub biroul PC-ului si, de asemenea, la o distanta de preferat semnificativa de
obiecte metalice de mari dimensiuni. Distanta dintre un computer si Acces Point nu trebuie sa fie mai
mica de 1,5 metri, pentru a evita problemele de conectare la reteaua wireless precum si cele de transfer.
OK, acum ca am discutat despre o multime de tipuri de conectare este vremea sa incheiem acest articol
cu promisiunea ca vor urma altele mai detaliate ce vor trata multe dintre aceste aspecte, pentru aceia ce
doresc sa isi configureze o retea acasa fara nici un fel de ajutor.
Hub
Lucreaza pe psyhical layer. Este un fel de repetor. Cand primeste semnal pe unul din porturi amplifica
semnalul si il repeta pe celelalte porturi. Dezavantaj: cand unul din calculatoare transmite, toate celelalte
trebuie sa asculte, altfel se produce o "coliziune". In termneni "stiintifico-fantastici" se spune ca toate
dispozitivele conectate la un hub sunt in acelasi "domeniu de coliziune".
2. Switch
Lucreaza la un nivel mai inalt, nivelul "data link". Switch-ul nu repeta pur si simplu ceea ce primeste pe un
port ci "intelege" datele la nivel de frame. Un mic exemplu: sa presupunem ca avem conectate la un switch
trei calculatoare A, B, C si D, conectate la porturile 1, 2, 3 si respectiv 4. Prima data cand A transmite ceva, in
"mintea" switch-ului se aprinde un beculet. Are deja o bucatica de informatie: A este conectat pe portul 1. De
acum inainte, cand primeste date pentru calculatorul A, nu o sa repete semnaul pe toate porturile ci o sa il
trimita direct pe portul 1. Swith-ul invata ce calculatoare (identificate prin adresele MAC are interfetelor) sunt
pe ce porturi, si in felul asta, A si B pot comunica in timp ce D comunica cu C, fara sa apara coliziuni. Tabela
in care tine MAC-urile si porturile se numeste "filter table" .Exista totusi cazuri, cand switch-ul este "nevoit"
sa repete pe toate porturile a) cand nu stie la ce port este conectat calculatorul destinatie (asta ar trebui sa
stii deja daca ai urmarit cu atentie explicatia) si B) cand calculatorul sursa vrea sa trimita date catre adresa
MAC FF-FF-FF-FF-FF-FF (numita adresa "broadcast"). Mai multe protocoale trimit astfel de mesaje, unul din
exemplele clasice fiind ARP (Address Resolution Protocol). ARP se foloseste pentru a afla adresa MAC a
calculatorului din retea cand se stie adresa IP. Ex: tu esti pe 192.168.0.1 si vrei sa trimiti un mesaj catre
192.168.0.3. Ai nevoie de adresa MAC ca sa poti trimite via Ethernet. Ce faci? Trimiti un pachet ARP catre
toate calculatoarelele (deci catre FF-FF-FF-FF-FF-FF) de forma "Cine are adresa 192.168.0.3? Raspundeti
catre 192.168.0.1". Calculatorul care are IP-ul 192.168.0.3 o sa iti raspunda cu adresa lui MAC. Se spune ca
dispozitivele conectate la un switch sunt in domenii de coliziune diferite, dar sunt in acelasi domeniu
broadcast. Imbunatatirea fata de hub-uri este evidenta.
3. Routere
Evident, ARP nu functioneaza decat daca sursa si destinatia sunt in acelasi segment de retea. Ce se intampla
in momentul in care vrei sa trimiti ceva catre un IP extern? Fiecare device are configurat un asa-numit
"default gateway". In momentul in care (folosind netmask-ul propriu) iti dai seama ca IP-ul catre care vrei sa
trimiti nu se afla pe acelasi segment de retea cu tine, trimiti datele catre default gateway. Asta este un router.
Un router lucreaza pe un nivel si mai inalt ("network layer") si din punctul lui de vedere, el nu conecteaza
calculatoare, cu retele. De exemplu. Sa zicem ca tu esti in reteaua 192.168.0.0/24 si vrei sa trimiti un pachet
catre 193.231.237.2. Evident, IP-ul ala nu are cum sa se afle in acelasi segment de retea, asa ca nu are nici un
sens sa te chinui cu ARP. Trimiti pachetul catre router (evident, MAC-ul router-ului in afli cu ARP, pentru ca
router-ul este la tine in retea -- de fapt, un port al router-ului este la tine in retea). Router-ul foloseste intern o
asa numita "tabela de routare". Princpiul este asemanator cu cel de "filter table" de la switch-uri, dar la un
nivel mai inalt. De exemplu, in cazul nostru, el stie ca reteaua 192.168.0.0/24 este conectata la (sa zicem)
portul 1, iar reteaua 193.231.237.0/24 este conectata la portul 2. Cand primeste de la tine pachetul pentru
193.231.237.2 (care face parte din blocul 193.231.237.0/24) stie catre ce port sa le trimita. Abia acum urmeaza
partea frumoasa. Rutele alea (combinatiile retea-port) pot fi statice (introduse de administrator) sau dinamice
(aflate din vecini). Routerele comunica cu alte routere din vecinatate pentru a afla rute noi. De exemplu, daca
router-ul A afla ca router-ul B stie ruta catre o anumita retea, el adauga aceasta informatie in tabela lui de
rutare, si o foloseste pe viitor (pe viitor, daca i se cere sa trimita informatii catre reteaua aia apeleaza la
router-ul B). La un moment dat este posibil ca o anumita retea sa fie disponibila folosind mai multe routere
(cu alte cuvinte este posibil sa existe mai multe rute catre aceeasi destinatie). Router-ele ataseaza la fiecare
ruta din tabel o valoare care reprezinta costul (metric-ul) rutei respective. Cu cat ruta este mai lunga cu atat
metric-ul creste. Rutele cele mai bune sunt alese pentru a trimite datele. Pentru a schimba intre ele
informatiile astea despre rute, folosesc diverse protocoale perecum RIP, OSPF, IGRP, BGP, etc.
Application layerFrom Wikipedia, the free encyclopedia
In computer network programming, the application layer is an abstraction layer reserved for communications protocols and
methods designed for process-to-process communications across an Internet Protocol (IP) computer network. Application layer
protocols use the underlying transport layer protocols to establish host-to-host connections.
In the OSI model, the definition of its application layer is narrower in scope. The OSI model defines the application layer as being
the user interface. The OSI application layer is responsible for displaying data and images to the user in a human-recognizable
format and to interface with the presentation layer below it.[1]
It separates functionality above the transport layer at two additional levels, the session layer and the presentation layer. OSI
specifies strict modular separation of functionality at these layers and provides protocol implementations for each layer.
The OSI model
7 Application layer
6 Presentation layer
5 Session layer
4 Transport layer
3 Network layer
2 Data link layer
LLC sublayer
MAC sublayer
1 Physical layer
Contents
1 TCP/IP protocols
2 Other protocol examples
3 References
4 External links
[edit]TCP/IP protocols
The following protocols are explicitly mentioned in RFC 1123 (1989), describing the application layer of the Internet protocol suite.[2]
Remote login category
Telnet
File transfer category
FTP
TFTP
Electronic mail category
SMTP
IMAP
POP
Support services category
DNS
RARP
BOOTP
SNMP
CMOT
Remote login category
Telnet is a network protocol used on the Internet or local area networks to provide a bidirectional interactive text-oriented
communication facility using a virtualterminal connection. User data is interspersed in-band with Telnet control information in an 8-
bit byte oriented data connection over the Transmission Control Protocol(TCP).
Telnet was developed in 1969 beginning with RFC 15, extended in RFC 854, and standardized as Internet Engineering
Task Force (IETF) Internet Standard STD 8, one of the first Internet standards.
Historically, Telnet provided access to a command-line interface (usually, of an operating system) on a remote host. Most
network equipment and operating systemswith a TCP/IP stack support a Telnet service for remote configuration (including
systems based on Windows NT). However, because of serious security issues when using Telnet over an open network
such as the Internet, its use for this purpose has waned significantly[citation needed] in favor of SSH.
The term telnet may also refer to the software that implements the client part of the protocol. Telnet client applications are
available for virtually all computer platforms.Telnet is also used as a verb. To telnet means to establish a connection with
the Telnet protocol, either with command line client or with a programmatic interface. For example, a common directive
might be: "To change your password, telnet to the server, log in and run the passwd command." Most often, a user will
be telnetting to aUnix-like server system or a network device (such as a router) and obtain a login prompt to a command
line text interface or a character-based full-screen manager.
History and standards
Telnet is a client-server protocol, based on a reliable connection-oriented transport. Typically this protocol is used to establish a
connection to Transmission Control Protocol (TCP) port number 23, where a Telnet server application (telnetd) is listening. Telnet,
however, predates TCP/IP and was originally run over Network Control Program (NCP) protocols.
Before March 5, 1973, Telnet was an ad-hoc protocol with no official definition.[1] Essentially, it used an 8-bit channel to exchange 7-
bit ASCII data. Any byte with the high bit set was a special Telnet character. On March 5, 1973, a Telnet protocol standard was
defined at UCLA [2] with the publication of two NIC documents: Telnet Protocol Specification, NIC #15372, and Telnet Option
Specifications, NIC #15373.
Because of negotiable options protocol architecture, many extensions were made for it, some of which have been adopted
as Internet standards, IETF documents STD 27 through STD 32. Some extensions have been widely implemented and others are
proposed standards on the IETF standards track (see below)
[edit]Security
This section does not cite any references or sources. Please help improve this section by adding
citations to reliable sources. Unsourced material may be challenged and removed. (April 2010)
When Telnet was initially developed in 1969, most users of networked computers were in the computer departments of academic
institutions, or at large private and government research facilities. In this environment, security was not nearly as much a concern as
it became after the bandwidth explosion of the 1990s. The rise in the number of people with access to the Internet, and by extension
the number of people attempting to hack other people's servers, made encrypted alternatives much more necessary.
Experts in computer security, such as SANS Institute, recommend that the use of Telnet for remote logins should be discontinued
under all normal circumstances, for the following reasons:
Telnet, by default, does not encrypt any data sent over the connection (including passwords), and so it is often practical to
eavesdrop on the communications and use the password later for malicious purposes; anybody who has access to
a router, switch, hub or gateway located on the network between the two hosts where Telnet is being used can intercept the
packets passing by and obtain login, password and whatever else is typed with a packet analyzer.
Most implementations of Telnet have no authentication that would ensure communication is carried out between the two
desired hosts and not intercepted in the middle.
Several vulnerabilities have been discovered over the years in commonly used Telnet daemons.
These security-related shortcomings have seen the usage of the Telnet protocol drop rapidly[citation needed], especially on the
public Internet, in favor of the Secure Shell (SSH) protocol, first released in 1995. SSH provides much of the functionality of telnet,
with the addition of strong encryption to prevent sensitive data such as passwords from being intercepted, and public
key authentication, to ensure that the remote computer is actually who it claims to be. As has happened with other early Internet
protocols, extensions to the Telnet protocol provide Transport Layer Security (TLS) security and Simple Authentication and Security
Layer (SASL) authentication that address the above issues. However, most Telnet implementations do not support these
extensions; and there has been relatively little interest in implementing these as SSH is adequate for most purposes.
[edit]Telnet 5250
IBM 5250 or 3270 workstation emulation is supported via custom telnet clients, TN5250/TN3270, and IBM servers. Clients and
servers designed to pass IBM 5250data streams over Telnet generally do support SSL encryption, as SSH does not include 5250
emulation. Under OS/400, port 992 is the default port for secured telnet.[citation needed]
[edit]Telnet data
All data octets except \377 are transmitted over the TCP transport as is. Therefore, a Telnet client application may also be used to
establish an interactive raw TCP session, and it is commonly believed that such session which does not use the IAC (\377
character, or 255 in decimal) is functionally identical.[citation needed] This is not the case, however, because there are other network
virtual terminal (NVT) rules, such as the requirement for a bare carriage return character (CR, ASCII 13) to be followed by a NULL
(ASCII 0) character, that distinguish the telnet protocol from raw TCP sessions.[clarification needed] On the other hand, many systems now
possess true raw TCP clients, such as netcat or socat on UNIX and PuTTY on Windows, which also can be used to manually "talk"
to other services without specialized client software. Nevertheless, Telnet is still sometimes used in debugging network services
such as SMTP, IRC, HTTP, FTP or POP3 servers, to issue commands to a server and examine the responses, but of all these
protocols only FTP really uses Telnet data format.
Another difference of Telnet from a raw TCP session is that Telnet is not 8-bit clean by default. 8-bit mode may be negotiated, but
high-bit-set octets may be garbled until this mode was requested, and it obviously will not be requested in non-Telnet connection.
The 8-bit mode (so named binary option) is intended to transmit binary data, not characters though. The standard suggests the
interpretation of codes \000–\176 as ASCII, but does not offer any meaning for high-bit-set data octets. There was an attempt to
introduce a switchable character encoding support like HTTP has,[3] but nothing is known about its actual software support.
File transfer category
File Transfer Protocol (FTP) is a standard network protocol used to transfer files from one host to another host over aTCP-based
network, such as the Internet.
FTP is built on a client-server architecture and uses separate control and data connections between the client and the server.[1] FTP
users may authenticate themselves using a clear-text sign-in protocol, normally in the form of a username and password, but can
connect anonymously if the server is configured to allow it. For secure transmission that hides (encrypts) the username and
password, and encrypts the content, FTP is often secured with SSL/TLS ("FTPS"). SSH File Transfer Protocol ("SFTP") is
sometimes also used instead, but is technologically different.
The first FTP client applications were command-line applications developed before operating systems had graphical user interfaces,
and are still shipped with most Windows, Unix, and Linux operating systems.[2][3] Dozens of FTP clients and automation utilities have
since been developed for desktops, servers, mobile devices, and hardware, and FTP has been incorporated into hundreds of
productivity applications, such as Web page editors.
Electronic mail category
Simple Mail Transfer Protocol (SMTP) is an Internet standard for electronic mail (e-mail) transmission across Internet Protocol (IP)
networks. SMTP was first defined by RFC 821 (1982, eventually declared STD 10),[1] and last updated byRFC 5321 (2008)[2] which
includes the Extended SMTP (ESMTP) additions, and is the protocol in widespread use today. SMTP uses TCP port 25. The
protocol for new submissions (MSA) is effectively the same as SMTP, but it uses port 587 instead. SMTP connections secured
by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol in its own right.
While electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages, user-level client mail
applications typically use SMTP only for sending messages to a mail server for relaying. For receiving messages, client applications
usually use either the Post Office Protocol (POP) or the Internet Message Access Protocol (IMAP) or a proprietary system (such
as Microsoft Exchange or Lotus Notes/Domino) to access their mail box accounts on a mail server.
Protocol overview
SMTP is a connection-oriented, text-based protocol in which a mail sender communicates with a mail receiver by issuing command
strings and supplying necessary data over a reliable ordered data stream channel, typically a Transmission Control Protocol (TCP)
connection. An SMTP session consists of commands originated by an SMTP client (the initiating agent, sender, or transmitter) and
corresponding responses from the SMTP server (the listening agent, or receiver) so that the session is opened, and session
parameters are exchanged. A session may include zero or more SMTP transactions. An SMTP transaction consists of three
command/reply sequences (see example below.) They are:
1. MAIL command, to establish the return address, a.k.a. Return-Path,[citation needed], mfrom, or envelope sender. This is the
address for bounce messages.
2. RCPT command, to establish a recipient of this message. This command can be issued multiple times, one for each
recipient. These addresses are also part of the envelope.
3. DATA to send the message text. This is the content of the message, as opposed to its envelope. It consists of a message
header and a message bodyseparated by an empty line. DATA is actually a group of commands, and the server replies
twice: once to the DATA command proper, to acknowledge that it is ready to receive the text, and the second time after
the end-of-data sequence, to either accept or reject the entire message.
Besides the intermediate reply for DATA, each server's reply can be either positive (2xx reply codes) or negative. Negative replies
can be permanent (5xx codes) or transient (4xx codes). A reject is a permanent failure by an SMTP server; in this case the SMTP
client should send a bounce message. A drop is a positive response followed by message discard rather than delivery.
The initiating host, the SMTP client, can be either an end-user's email client, functionally identified as a mail user agent (MUA), or a
relay server's mail transfer agent(MTA), that is an SMTP server acting as an SMTP client, in the relevant session, in order to relay
mail. Fully capable SMTP servers maintain queues of messages for retrying message transmissions that resulted in transient
failures.
A MUA knows the outgoing mail SMTP server from its configuration. An SMTP server acting as client, i.e. relaying, typically
determines which SMTP server to connect to by looking up the MX (Mail eXchange) DNS resource record for each
recipient's domain name. Conformant MTAs (not all) fall back to a simple A record in case no MX record can be found. Relaying
servers can also be configured to use a smart host.
An SMTP server acting as client initiates a TCP connection to the server on the "well-known port" designated for SMTP: port 25.
MUAs should use port 587 to connect to an MSA. The main difference between an MTA and an MSA is that SMTP Authentication is
mandatory for the latter only.
• Support services category
The Domain Name System (DNS) is a hierarchical distributed naming system for computers, services, or any resource connected
to the Internet or a private network. It associates various information with domain names assigned to each of the participating
entities. Most prominently, it translates easily memorised domain names to the numerical IP addressesneeded for the purpose of
locating computer services and devices worldwide. By providing a worldwide, distributedkeyword-based redirection service, the
Domain Name System is an essential component of the functionality of theInternet.
An often-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating
human-friendly computer hostnames into IP addresses. For example, the domain name www.example.comtranslates to the
addresses 192.0.43.10 (IPv4) and 2001:500:88:200::10 (IPv6). Unlike a phone book, the DNS can be quickly updated, allowing a
service's location on the network to change without affecting the end users, who continue to use the same host name. Users take
advantage of this when they use meaningful Uniform Resource Locators (URLs) and e-mail addresses without having to know how
the computer actually locates the services.
The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by
designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their
particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the
DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and
updated. Additionally, the responsibility for maintaining and updating the master record for the domains is spread among
many domain name registrars, who compete for the end-user's (the domain-owner's) business. Domains can be moved from
registrar to registrar at any time.
The Domain Name System also specifies the technical functionality of this database service. It defines the DNS protocol, a detailed
specification of the data structures and data communication exchanges used in DNS, as part of the Internet Protocol Suite.
The Internet maintains two principal namespaces, the domain name hierarchy[1] and the Internet Protocol (IP) address spaces.[2] The
Domain Name System maintains the domain name hierarchy and provides translation services between it and the address spaces.
Internet name servers and a communication protocolimplement the Domain Name System.[3] A DNS name server is a server that
stores the DNS records for a domain name, such as address (A or AAAA) records, name server (NS) records, and mail exchanger
(MX) records (see also list of DNS record types); a DNS name server responds with answers to queries against its database.
Structure
[edit]Domain name space
The domain name space consists of a tree of domain names. Each node or leaf in the tree has zero or more resource records,
which hold information associated with the domain name. The tree sub-divides into zones beginning at the root zone. A DNS
zone may consist of only one domain, or may consist of many domains and sub-domains, depending on the administrative authority
delegated to the manager.
The hierarchical Domain Name System, organized into zones, each served by a name server
Administrative responsibility over any zone may be divided by creating additional zones. Authority is said to be delegated for a
portion of the old space, usually in the form of sub-domains, to another name server and administrative entity. The old zone ceases
to be authoritative for the new zone.
[edit]Domain name syntax
The definitive descriptions of the rules for forming domain names appear in RFC 1035,RFC 1123, and RFC 2181. A domain
name consists of one or more parts, technically called labels, that are conventionally concatenated, and delimited by dots, such
asexample.com.
The right-most label conveys the top-level domain; for example, the domain namewww.example.com belongs to the top-level
domain com.
The hierarchy of domains descends from right to left; each label to the left specifies a subdivision, or subdomain of the domain
to the right. For example: the label examplespecifies a subdomain of the com domain, and www is a sub domain
of example.com. This tree of subdivisions may have up to 127 levels.
Each label may contain up to 63 characters. The full domain name may not exceed the length of 253 characters in its textual
representation.[1] In the internal binary representation of the DNS the maximum length requires 255 octets of storage, since it
also stores the length of the name.[3] In practice, some domain registries may have shorter limits.[citation needed]
DNS names may technically consist of any character representable in an octet. However, the allowed formulation of domain
names in the DNS root zone, and most other sub domains, uses a preferred format and character set. The characters allowed
in a label are a subset of the ASCII character set, and includes the characters a through z, A through Z, digits 0 through 9, and
the hyphen. This rule is known as the LDH rule (letters, digits, hyphen). Domain names are interpreted in case-independent
manner.[8] Labels may not start or end with a hyphen.[9] There is an additional rule that essentially requires that top-level
domain names not be all-numeric.[10]
A hostname is a domain name that has at least one IP address associated. For example, the domain
names www.example.com and example.com are also hostnames, whereas the com domain is not.
[edit]Internationalized domain names
The permitted character set of the DNS prevented the representation of names and words of many languages in their native
alphabets or scripts. ICANN has approved the Internationalizing Domain Names in Applications (IDNA) system, which
maps Unicode strings into the valid DNS character set using Punycode. In 2009 ICANN approved the installation of IDN country
code top-level domains. In addition, many registries of the existing top level domain names (TLD)s have adopted IDNA.
[edit]Name servers
Main article: Name server
The Domain Name System is maintained by a distributed database system, which uses the client-server model. The nodes of this
database are the name servers. Each domain has at least one authoritative DNS server that publishes information about that
domain and the name servers of any domains subordinate to it. The top of the hierarchy is served by the root name servers, the
servers to query when looking up (resolving) a TLD.
[edit]Authoritative name server
An authoritative name server is a name server that gives answers that have been configured by an original source, for example, the
domain administrator or by dynamic DNS methods, in contrast to answers that were obtained via a regular DNS query to another
name server. An authoritative-only name server only returns answers to queries about domain names that have been specifically
configured by the administrator.
An authoritative name server can either be a master server or a slave server. A master server is a server that stores the original
(master) copies of all zone records. A slave server uses an automatic updating mechanism of the DNS protocol in communication
with its master to maintain an identical copy of the master records.
A set of authoritative name servers has to be assigned for every DNS zone. An NS record about addresses of that set must be
stored in the parent zone and servers themselves (as self-reference).
When domain names are registered with a domain name registrar, their installation at the domain registry of a top level
domain requires the assignment of a primaryname server and at least one secondary name server. The requirement of multiple
name servers aims to make the domain still functional even if one name server becomes inaccessible or inoperable.[11] The
designation of a primary name server is solely determined by the priority given to the domain name registrar. For this purpose,
generally only the fully qualified domain name of the name server is required, unless the servers are contained in the registered
domain, in which case the corresponding IP address is needed as well.
Primary name servers are often master name servers, while secondary name servers may be implemented as slave servers.
An authoritative server indicates its status of supplying definitive answers, deemed authoritative, by setting a software flag (a
protocol structure bit), called theAuthoritative Answer (AA) bit in its responses.[3] This flag is usually reproduced prominently in the
output of DNS administration query tools (such as dig) to indicatethat the responding name server is an authority for the domain
name in question.[3]
The Reverse Address Resolution Protocol (RARP) is an obsolete computer networking protocol used by a host computer to
request its Internet Protocol (IPv4) address from an administrative host, when it has available its Link Layer or hardware address,
such as a MAC address.
RARP is described in Internet Engineering Task Force (IETF) publication RFC 903.[1] It has been rendered obsolete by theBootstrap
Protocol (BOOTP) and the modern Dynamic Host Configuration Protocol (DHCP), which both support a much greater feature set
than RARP.
RARP requires one or more server hosts to maintain a database of mappings of Link Layer addresses to their respective protocol
addresses. Media Access Control (MAC) addresses needed to be individually configured on the servers by an administrator. RARP
was limited to serving only IP addresses.
Reverse ARP differs from the Inverse Address Resolution Protocol (InARP) described in RFC 2390, which is designed to obtain the
IP address associated with a local Frame Relay data link connection identifier. InARP is not used in Ethernet.
Transport layerFrom Wikipedia, the free encyclopedia
In computer networking, the transport layer or layer 4 provides end-to-end communication services for applications[1] within a
layered architecture of network components and protocols. The transport layer provides convenient services such as connection-
oriented data stream support, reliability, flow control, and multiplexing.
Transport layers are contained in both the TCP/IP model (RFC 1122),[2] which is the foundation of the Internet, and the Open
Systems Interconnection (OSI) model of general networking. The definitions of the transport layer are slightly different in these two
models. This article primarily refers to the TCP/IP model, in which TCP is largely for a convenient application programming
interface to internet hosts, as opposed to the OSI-model definition of the transport layer.
The most well-known transport protocol is the Transmission Control Protocol (TCP). It lent its name to the title of the entire Internet
Protocol Suite, TCP/IP. It is used for connection-oriented transmissions, whereas the connectionless User Datagram Protocol (UDP)
is used for simpler messaging transmissions. TCP is the more complex protocol, due to its stateful design incorporating reliable
transmission and data stream services. Other prominent protocols in this group are the Datagram Congestion Control
Protocol (DCCP) and the Stream Control Transmission Protocol (SCTP).
Contents
[hide]
1 Services
2 Analysis
3 Protocols
4 Comparison of transport-layer protocols
5 Comparison of OSI transport protocols
6 References
[edit]Services
There are many services that can be optionally provided by a transport-layer protocol, and different protocols may or may not
implement them.
Connection-oriented communication : It is normally easier for an application to interpret a connection as a data streamrather
than having to deal with the underlying connection-less models, such as the datagram model of the User Datagram
Protocol (UDP) and of the Internet Protocol (IP).
Byte orientation : Rather than processing the messages in the underlying communication system format, it is often easier for an
application to process the data stream as a sequence of bytes. This simplification helps applications work with various
underlying message formats.
Same order delivery: The network layer doesn't generally guarantee that packets of data will arrive in the same order that they
were sent, but often this is a desirable feature. This is usually done through the use of segment numbering, with the receiver
passing them to the application in order. This can cause head-of-line blocking.
Reliability : Packets may be lost during transport due to network congestion and errors. By means of an error detection code,
such as a checksum, the transport protocol may check that the data is not corrupted, and verify correct receipt by sending
an ACK or NACK message to the sender. Automatic repeat requestschemes may be used to retransmit lost or corrupted data.
Flow control : The rate of data transmission between two nodes must sometimes be managed to prevent a fast sender from
transmitting more data than can be supported by the receiving data buffer, causing a buffer overrun. This can also be used to
improve efficiency by reducing buffer underrun.
Congestion avoidance : Congestion control can control traffic entry into a telecommunications network, so as to
avoid congestive collapse by attempting to avoid oversubscription of any of the processing or link capabilities of the
intermediate nodes and networks and taking resource reducing steps, such as reducing the rate of sending packets. For
example, automatic repeat requests may keep the network in a congested state; this situation can be avoided by adding
congestion avoidance to the flow control, including slow-start. This keeps the bandwidth consumption at a low level in the
beginning of the transmission, or after packet retransmission.
Multiplexing : Ports can provide multiple endpoints on a single node. For example, the name on a postal address is a kind of
multiplexing, and distinguishes between different recipients of the same location. Computer applications will each listen for
information on their own ports, which enables the use of more than onenetwork service at the same time. It is part of the
transport layer in the TCP/IP model, but of the session layer in the OSI model.
[edit]Analysis
The transport layer is responsible for delivering data to the appropriate application process on the host computers. This
involves statistical multiplexing of data from different application processes, i.e. forming data packets, and adding source and
destination port numbers in the header of each transport-layer data packet. Together with the source and destination IP address, the
port numbers constitutes a network socket, i.e. an identification address of the process-to-process communication. In the OSI
model, this function is supported by the session layer.
Some transport-layer protocols, for example TCP, but not UDP, support virtual circuits, i.e. provide connection
oriented communication over an underlying packet oriented datagram network. A byte-stream is delivered while hiding the packet
mode communication for the application processes. This involves connection establishment, dividing of the data stream into packets
called segments, segment numbering and reordering of out-of order data.
Finally, some transport-layer protocols, for example TCP, but not UDP, provide end-to-end reliable communication, i.e. error
recovery by means of error detecting codeand automatic repeat request (ARQ) protocol. The ARQ protocol also provides flow
control, which may be combined with congestion avoidance.
UDP is a very simple protocol, and does not provide virtual circuits, nor reliable communication, delegating these functions to
the application program. UDP packets are called datagrams, rather than segments.
TCP is used for many protocols, including HTTP web browsing and email transfer. UDP may be used
for multicasting and broadcasting, since retransmissions are not possible to a large amount of hosts. UDP typically gives
higher throughput and shorter latency, and is therefore often used for real-time multimedia communication where packet loss
occasionally can be accepted, for example IP-TV and IP-telephony, and for online computer games.
In many non-IP-based networks, for example X.25, Frame Relay and ATM, the connection oriented communication is implemented
at network layer or data link layer rather than the transport layer. In X.25, in telephone network modems and in wireless
communication systems, reliable node-to-node communication is implemented at lower protocol layers.
The OSI connection-mode transport layer protocol specification defines five classes of transport protocols: TP0, providing the least
error recovery, to TP4, which is designed for less reliable networks.
[edit]Protocols
The exact definition of what qualifies as a transport-layer protocol is not firm. The following is a short list:
ATP, AppleTalk Transaction Protocol
CUDP, Cyclic UDP
DCCP, Datagram Congestion Control Protocol
FCP, Fiber Channel Protocol
IL, IL Protocol
NBF, NetBIOS Frames protocol
RDP, Reliable Datagram Protocol
RUDP, Reliable User Datagram Protocol
SCTP, Stream Control Transmission Protocol
SPX, Sequenced Packet Exchange
SST, Structured Stream Transport
TCP, Transmission Control Protocol
UDP, User Datagram Protocol
UDP Lite
µTP, Micro Transport Protocol
[edit]Comparison of transport-layer protocols
Feature Name UDP UDP Lite TCP SCTP DCCP RUDP
Packet header size 8 bytes 8 bytes 20–60 bytes 12 bytes 12 or 16 bytes
Transport-layer packet entity DatagramDatagram
SegmentDatagram
DatagramDatagram
Connection oriented No No Yes Yes Yes Yes
Reliable transport No No Yes Yes No Yes
Unreliable transport Yes Yes No Yes Yes Yes
Preserve message boundary Yes Yes No Yes Yes Yes
Ordered delivery No No Yes Yes No Yes
Unordered delivery Yes Yes No Yes Yes Yes
Data checksum Optional Yes Yes Yes Yes Unsure
Checksum size (bits) 16 16 16 32 16 Unsure
Partial checksum No Yes No No Yes No
Path MTU No No Yes Yes Yes Unsure
Flow control No No Yes Yes No Yes
Congestion control No No Yes Yes Yes Unsure
ECN support No No Yes Yes Yes
Multiple streams No No No Yes No No
Multi-homing support No No No Yes No No
Bundling / Nagle No No Yes Yes No Unsure
NAT friendly[3] Yes Yes Yes Yes[4] Yes Yes
[edit]Comparison of OSI transport protocols
ISO/IEC 8073/ITU-T Recommendation X.224, "Information Technology - Open Systems Interconnection - Protocol for providing the
connection-mode transport service", defines five classes of connection-mode transport protocols designated class 0 (TP0) to class 4
(TP4). Class 0 contains no error recovery, and was designed for use on network layers that provide error-free connections. Class 4
is closest to TCP, although TCP contains functions, such as the graceful close, which OSI assigns to the session layer. All OSI
connection-mode protocol classes provide expedited data and preservation of record boundaries. Detailed characteristics of the
classes are shown in the following table:[5]
ServiceTP0
TP1 TP2TP3
TP4
Connection oriented network Yes Yes Yes Yes Yes
Connectionless network No No No No Yes
Concatenation and separation No Yes Yes Yes Yes
Segmentation and reassembly Yes Yes Yes Yes Yes
Error Recovery No Yes No Yes Yes
Reinitiate connection (if an excessive number of PDUs are unacknowledged) No Yes No Yes No
multiplexing and demultiplexing over a single virtual circuit No No Yes Yes Yes
Explicit flow control No No Yes Yes Yes
Retransmission on timeout No No No No Yes
Reliable Transport Service No Yes No Yes Yes
Link layerFrom Wikipedia, the free encyclopedia
In computer networking, the link layer is the lowest layer in the Internet Protocol Suite (commonly known as "TCP/IP"), the
networking architecture of the Internet(RFC 1122, RFC 1123). It is the group of methods or protocols that only operate on a host's
link. The link is the physical and logical network component used to interconnect hosts or nodes in the network and a link protocol is
a suite of methods and standards that operate only between adjacent network nodes of a Local area network segment or a wide
area network connection.
Despite the different semantics of layering in TCP/IP and OSI, the link layer is often described as a combination of the data link
layer (layer 2) and the physical layer(layer 1) in the Open Systems Interconnection (OSI) protocol stack. However, TCP/IP's layers
are descriptions of operating scopes (application, host-to-host, network, link) and not detailed prescriptions of operating procedures,
data semantics, or networking technologies.
RFC 1122 exemplifies that local area network protocols such as Ethernet and IEEE 802, and framing protocols such as Point-to-
Point Protocol (PPP) belong to the link layer.
Contents
[hide]
1 Definition in standards and text books
2 Link-layer protocols
3 Relation to OSI model
4 Examples of functions supported
5 RFC references
6 See also
7 References
8 External links
[edit]Definition in standards and text books
LAN standards such as Ethernet and IEEE 802 specifications use terminology from the seven-layer OSI model rather than the
TCP/IP reference model. The TCP/IP model in general does not consider physical specifications, rather it assumes a working
network infrastructure that can deliver media level frames on the link. Therefore RFC 1122 and RFC 1123, the definition of the
TCP/IP model, do not discuss hardware issues and physical data transmission and set no standards for those aspects, other than
broadly including them as link-layer components. Some textbook authors[1][2]have supported the interpretation that physical data
transmission aspects are part of the link layer. That position will be held in the rest of this article. Others [3][4]assumed that physical
data transmission standards are not considered as communication protocols, and are not part of the TCP/IP model. These authors
assume a hardware layer or physical layer below the link layer, and several of them adopt the OSI term data link layer instead of link
layer in a modified description of layering. In the predecessor to the TCP/IP model, the Arpanet Reference Model (RFC 908, 1982),
aspects of the link layer are referred to by several poorly defined terms, such as network-access layer, network-access protocol, as
well as network layer, while the next higher layer is called internetwork layer. In some modern text books,network-interface
layer, host-to-network layer and network-access layer occur as synonyms either to the link layer or the data link layer, often
including the physical layer.
[edit]Link-layer protocols
The core protocols specified by the Internet Engineering Task Force to be placed into this layer are the Address Resolution
Protocol (ARP), its cousin, the Reverse Address Resolution Protocol (RARP), and the Neighbor Discovery Protocol (NDP), which is
a facility delivering similar functionality as ARP for IPv6. Since the advent of IPv6, Open Shortest Path First (OSPF) can be
considered to operate on the link level as well, although the IPv4 version of the protocol was considered at theInternet layer.
IS-IS (RFC 1142) is another link-state routing protocol that fits into this layer when considering TCP/IP model, however it was
developed within the OSI reference stack (where it is a layer-3 protocol). It is not an Internet standard.
The link layer also contains all hardware specific interface methods, such as Ethernet and other IEEE 802 encapsulation schemes
(see References).
[edit]Relation to OSI model
The link layer of the TCP/IP model is often compared directly with the combination of the data link layer and the physical layer in
the Open Systems Interconnection (OSI) protocol stack. Although they are congruent to some degree in technical coverage of
protocols, they are not identical. The link layer in TCP/IP is still wider in scope and in principle a different concept and terminology of
classification. This may be observed when certain protocols, such as the Address Resolution Protocol(ARP), which is confined to
the link layer in the TCP/IP model, is often said to fit between OSI's data link layer and the network layer. In general, direct or strict
comparisons should be avoided, because the layering in TCP/IP is not a principal design criterion and in general is considered to be
"harmful" (RFC 3439).
Another term sometimes encountered, "network-access layer", tries to suggest the closeness of this layer to the physical network.
However, this use is misleading and non-standard, since the link layer implies functions that are wider in scope than just network
access. Important link-layer protocols are used to probe the topology of the local network, discover routers and neighboring hosts,
i.e. functions that go well beyond network access.
[edit]Examples of functions supported
The link layer includes the following functionality:
Logical link-local networking methods
Encapsulation of IP packets into frames
Frame synchronization
Error detection with removal of erroneous packets (Used in LANs and point-to-point fiber optical cables)
Logical link control (LLC) sublayer: (Used in modem protocols and wireless protocols)
Node-to-node error detection and automatic repeat request of erroneous packets
Node-to-node flow control
Forward error correction (however much more common at the physical layer)
Media access control (MAC) sublayer:
Multiple access protocols , for example with collision detection or avoidance
Physical addressing (MAC addressing)
LAN switching (packet switching) including MAC filtering and spanning tree protocol
Store-and-forward switching or cut-through switching
Data packet queueing or scheduling algorithms
Help protocols not encapsulated in IP packets:
Some routing protocols
IP address to/from physical address resolution protocols
Physical networking aspects: (It is disputable if and to which extent these are included)
Bit-by-bit or symbol-by-symbol delivery
Net bit rate
Digital modulation
Line coding
Carrier sense and collision detection utilized by some level 2 multiple-access protocols
Circuit switching , establishing circuit switched connections
Multiplexing
Forward error correction codes
Serial or parallel communication
Bit synchronization
Start-stop signalling and flow control in asynchronous serial communication
Signal strength (voltage and power levels), impedance
Forward error correction , bit-interleaving and other channel coding
Equalization filtering, training sequences, pulse shaping and other signal processing of physical signals
Mechanical specification of electrical connectors and cables, for example maximum cable length
Electrical specification of transmission line signal level and impedance
Radio interface, including electromagnetic spectrum frequency allocation and specification of signal strength,
analog bandwidth, etc.
Specifications for IR over optical fiber or a wireless IR communication link
Address Resolution ProtocolFrom Wikipedia, the free encyclopedia
Address Resolution Protocol (ARP) is a telecommunications protocol used for resolution of network layer addresses into link
layer addresses, a critical function in multiple-access networks. ARP was defined by RFC 826 in 1982.[1] It is Internet Standard STD
37. It is also the name of the program for manipulating these addresses in most operating systems.
ARP has been implemented in many combinations of network and overlaying internetwork technologies, such
as IPv4, Chaosnet, DECnet and Xerox PARC Universal Packet (PUP) using IEEE 802 standards, FDDI, X.25, Frame
Relay and Asynchronous Transfer Mode (ATM), IPv4 over IEEE 802.3 and IEEE 802.11 being the most common cases.
In Internet Protocol Version 6 (IPv6) networks, the functionality of ARP is provided by the Neighbor Discovery Protocol (NDP).
Contents
[hide]
1 Operating scope
2 Packet structure
3 Example
4 ARP probe
5 ARP announcements
6 ARP mediation
7 Inverse ARP and Reverse ARP
8 ARP spoofing and Proxy ARP
9 Alternatives to ARP
10 ARP Stuffing
11 See also
12 References
13 External links
[edit]Operating scope
The Address Resolution Protocol is a request and reply protocol that runs encapsulated by the line protocol. It is communicated
within the boundaries of a single network, never routed across internetwork nodes. This property places ARP into the Link Layer of
the Internet Protocol Suite,[2] while in the Open Systems Interconnection (OSI) model, it is often described as residing between
Layers 2 and 3, being encapsulated by Layer 2 protocols. However, ARP was not developed in the OSI framework.
[edit]Packet structure
The Address Resolution Protocol uses a simple message format that contains one address resolution request or response. The size
of the ARP message depends on the upper layer and lower layer address sizes, which are given by the type of networking protocol
(usually IPv4) in use and the type of hardware or virtual link layer that the upper layer protocol is running on. The message header
specifies these types, as
well as the size of
addresses of each. The
message header is
completed with the
operation code for request
(1) and reply (2). The
payload of the packet
consists of four addresses,
the hardware and protocol
address of the sender and
receiver hosts.
The principal packet
structure of ARP packets is
shown in the following table
which illustrates the case of
IPv4 networks running on
Ethernet. In this scenario,
the packet has 48-bit fields
for the sender hardware
address (SHA) and target
hardware address (THA), and 32-bit fields for the corresponding sender and target protocol addresses (SPA and TPA). Thus, the
ARP packet size in this case is 28 bytes. The EtherType for ARP is 0x0806.
Hardware type (HTYPE)
This field specifies the network protocol type. Example: Ethernet is 1.
Protocol type (PTYPE)
This field specifies the internetwork protocol for which the ARP request is intended. For IPv4, this has the value 0x0800.
The permitted PTYPE values share a numbering space with those for EtherType.[3][4][5]
Hardware length (HLEN)
Length (in octets) of a hardware address. Ethernet addresses size is 6.
Protocol length (PLEN)
Length (in octets) of addresses used in the upper layer protocol. (The upper layer protocol specified in PTYPE.) IPv4
address size is 4.
Operation
Internet Protocol (IPv4) over Ethernet ARP packet
bit offset
0 – 7 8 – 15
0 Hardware type (HTYPE)
16 Protocol type (PTYPE)
32 Hardware address length (HLEN) Protocol address length (PLEN)
48 Operation (OPER)
64 Sender hardware address (SHA) (first 16 bits)
80 (next 16 bits)
96 (last 16 bits)
112 Sender protocol address (SPA) (first 16 bits)
128 (last 16 bits)
144 Target hardware address (THA) (first 16 bits)
160 (next 16 bits)
176 (last 16 bits)
192 Target protocol address (TPA) (first 16 bits)
208 (last 16 bits)
Specifies the operation that the sender is performing: 1 for request, 2 for reply.
Sender hardware address (SHA)
media address of the sender.
Sender protocol address (SPA)
internetwork address of the sender.
Target hardware address (THA)
media address of the intended receiver. This field is ignored in requests.
Target protocol address (TPA)
internetwork address of the intended receiver.
ARP protocol parameter values have been standardized and are maintained by
the Internet Assigned Numbers Authority (IANA).[6]
[edit]Example
For example, the computers Matterhorn and Washington are in an office,
connected to each other on the office local area network by Ethernet cables
and network switches, with no intervening gateways or routers. Matterhorn wants
to send a packet to Washington. Through other means, it determines that
Washington's IP address is 192.168.0.55. In order to send the message, it also
needs to know Washington's MAC address. First, Matterhorn uses a cached ARP
table to look up 192.168.0.55 for any existing records of Washington's MAC
address (00:eb:24:b2:05:ac). If the MAC address is found, it sends the IP packet
on the link layer to address 00:eb:24:b2:05:ac via the local network cabling. If the
cache did not produce a result for 192.168.0.55, Matterhorn has to send a
broadcast ARP message (destination FF:FF:FF:FF:FF:FF) requesting an answer
for 192.168.0.55. Washington responds with its MAC address (00:eb:24:b2:05:ac).
Washington may insert an entry for Matterhorn into its own ARP table for future
use. The response information is cached in Matterhorn's ARP table and the
message can now be sent.[7]
[edit]ARP probe
An ARP probe is an ARP request constructed with an all-zero sender IP address.
The term is used in the IPv4 Address Conflict Detection specification (RFC 5227).
Before beginning to use an IPv4 address (whether received from manual
configuration, DHCP, or some other means), a host implementing this specification
must test to see if the address is already in use, by broadcasting ARP probe
packets.[8]
[edit]ARP announcements
ARP may also be used as a simple announcement protocol. This is useful for
updating other hosts' mapping of a hardware address when the sender's IP
address or MAC address has changed. Such an announcement, also called
a gratuitous ARP message, is usually broadcast as an ARP request containing the
sender's protocol address (SPA) in the target field (TPA=SPA), with the target
hardware address (THA) set to zero. An alternative is to broadcast an ARP reply
with the sender's hardware and protocol addresses (SHA and SPA) duplicated in
the target fields (TPA=SPA, THA=SHA).
An ARP announcement is not intended to solicit a reply; instead it updates any
cached entries in the ARP tables of other hosts that receive the packet. The
operation code may indicate a request or a reply because the ARP standard
specifies that the opcode is only processed after the ARP table has been updated
from the address fields.[9][10][11]
Many operating systems perform gratuitous ARP during startup. That helps to
resolve problems which would otherwise occur if, for example, a network card was
recently changed (changing the IP-address-to-MAC-address mapping) and other
hosts still have the old mapping in their ARP caches.
Gratuitous ARP is also used by some interface drivers to provide load balancing for
incoming traffic. In a team of network cards, it is used to announce a different MAC
address within the team that should receive incoming packets.
ARP announcements can be used to defend link-local IP addresses in
the Zeroconf protocol (RFC 3927), and for IP address takeover within high-
availability clusters.
[edit]ARP mediation
ARP mediation refers to the process of resolving Layer 2 addresses through
a Virtual Private Wire Service (VPWS) when different resolution protocols are used
on the connected circuits, e.g., Ethernet on one end and Frame Relay on the other.
In IPv4, each Provider Edge (PE) device discovers the IP address of the locally
attached Customer Edge (CE) device and distributes that IP address to the
corresponding remote PE device. Then each PE device responds to local ARP
requests using the IP address of the remote CE device and the hardware address
of the local PE device. In IPv6, each PE device discovers the IP address of both
local and remote CE devices and then intercepts local Neighbor Discovery (ND)
and Inverse Neighbor Discovery (IND) packets and forwards them to the remote
PE device.[12]
[edit]Inverse ARP and Reverse ARP
Inverse Address Resolution Protocol (Inverse ARP or InARP) is used to
obtain Network Layer addresses (for example, IP addresses) of other nodes
from Data Link Layer (Layer 2) addresses. It is primarily used in Frame
Relay (DLCI) and ATM networks, in which Layer 2 addresses of virtual circuits are
sometimes obtained from Layer 2 signaling, and the corresponding Layer 3
addresses must be available before those virtual circuits can be used.[13]
Since ARP translates Layer 3 addresses to Layer 2 addresses, InARP may be
described as its inverse. In addition, InARP is implemented as a protocol extension
to ARP: it uses the same packet format as ARP, but different operation codes.
The Reverse Address Resolution Protocol (Reverse ARP or RARP), like InARP,
translates Layer 2 addresses to Layer 3 addresses. However, in InARP the
requesting station queries the Layer 3 address of another node, whereas RARP is
used to obtain the Layer 3 address of the requesting station itself for address
configuration purposes. RARP is obsolete; it was replaced by BOOTP, which was
later superseded by the Dynamic Host Configuration Protocol (DHCP).[14]
[edit]ARP spoofing and Proxy ARP
A successful ARP spoofing attack allows an attacker to perform a man-in-the-middle attack.
Main article: ARP spoofing
Main article: Proxy ARP
Because ARP does not provide methods for authenticating ARP replies on a
network, ARP replies can come from systems other than the one with the required
Layer 2 address. An ARP proxy is a system which answers the ARP request on
behalf of another system for which it will forward traffic, normally as a part of the
network's design, such as for a dialup internet service. By contrast, in
ARP spoofing the answering system, or spoofer, replies to a request for another
system's address with the aim of intercepting data bound for that system. A
malicious user may use ARP spoofing to perform a man-in-the-middle or denial-of-
service attack on other users on the network. Various software exists to both detect
and perform ARP spoofing attacks, though ARP itself does not provide any
methods of protection from such attacks.[15]
[edit]Alternatives to ARP
Each computer maintains its own table of the mapping from Layer 3 addresses
(e.g. IP addresses) to Layer 2 addresses (e.g.ethernet MAC addresses). In a
modern computer this is maintained almost entirely by ARP packets on the local
network and it thus often called the 'ARP cache' as opposed to 'Layer 2 address
table'. In older computers, where broadcast packets were considered an expensive
resource, other methods were used to maintain this table, such as static
configuration files,[16] or centrally maintained lists. Since at least the
1980s[17] networked computers have had a command called arp for interrogating or
manipulating this table, and practically all modern personal computers have a
variant of this.[18][19][20][21]
[edit]ARP Stuffing
Embedded systems such as networked cameras[22] and networked power
distribution devices,[23] which lack a user interface, can use so-called ARP
stuffing to make an initial network connection, although this is a misnomer as there
is no ARP protocol involved. This is a solution to an issue in network management
of consumer devices, specifically the allocation of IP addresses of ethernet devices
where 1) the user doesn't have the ability to control DHCP or similar address
allocation protocols, 2) the device doesn't have a user interface to configure it, and
3) the user's computer can't communicate with it because it has no suitable IP
address.
The solution adopted is as follows: the user's computer has an IP
address stuffed manually into its address table (normally with the arp command
with the MAC address taken from a label on the device) and then sends special
packets to the device, typically a ping packet with a non-default size. The device
then adopts this IP address, and the user then communicates with it
by telnet or web protocols to complete the configuration. Such devices typically
have a method to disable this process once the device is operating normally, as it
is open to Denial of Service attack.