Tcp ip red book latest edition

1. Front coverTCP/IP Tutorial andTechnical OverviewUnderstand networking fundamentalsof the TCP/IP protocol suiteIntroduces advanced conceptsand new technologiesIncludes the latestTCP/IP protocols Lydia ParzialeDavid T. BrittChuck Davis Jason ForresterWei Liu Carolyn MatthewsNicolas Rosselotibm.com/redbooks

2. International Technical Support OrganizationTCP/IP Tutorial and Technical OverviewDecember 2006 GG24-3376-07 3. Note: Before using this information and the product it supports, read the information in Notices on page xvii.Eighth Edition (December 2006) Copyright International Business Machines Corporation 1989-2006. All rights reserved.Note to U.S. Government Users Restricted Rights -- Use, duplication or disclosure restricted by GSA ADPSchedule Contract with IBM Corp. 4. Contents Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix The team that wrote this redbook. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx Become a published author . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii Comments welcome. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiiiPart 1. Core TCP/IP protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Chapter 1. Architecture, history, standards, and trends . . . . . . . . . . . . . . . 3 1.1 TCP/IP architectural model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.1.1 Internetworking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.1.2 The TCP/IP protocol layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61.1.3 TCP/IP applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 1.2 The roots of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121.2.1 ARPANET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141.2.2 NSFNET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151.2.3 Commercial use of the Internet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161.2.4 Internet2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181.2.5 The Open Systems Interconnection (OSI) Reference Model . . . . . . 20 1.3 TCP/IP standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211.3.1 Request for Comments (RFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221.3.2 Internet standards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 1.4 Future of the Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261.4.1 Multimedia applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261.4.2 Commercial use . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261.4.3 The wireless Internet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 1.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Chapter 2. Network interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 2.1 Ethernet and IEEE 802 local area networks (LANs) . . . . . . . . . . . . . . . . . 302.1.1 Gigabit Ethernet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 2.2 Fiber Distributed Data Interface (FDDI). . . . . . . . . . . . . . . . . . . . . . . . . . . 33 2.3 Serial Line IP (SLIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34 2.4 Point-to-Point Protocol (PPP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352.4.1 Point-to-point encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 2.5 Integrated Services Digital Network (ISDN) . . . . . . . . . . . . . . . . . . . . . . . 38 2.6 X.25 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Copyright IBM Corp. 1989-2006. All rights reserved.iii 5. 2.7 Frame relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.7.1 Frame format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 2.7.2 Interconnect issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 2.7.3 Data link layer parameter negotiation . . . . . . . . . . . . . . . . . . . . . . . . 43 2.7.4 IP over frame relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442.8 PPP over SONET and SDH circuits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45 2.8.1 Physical layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462.9 Multi-Path Channel+ (MPC+) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462.10 Asynchronous transfer mode (ATM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 2.10.1 Address resolution (ATMARP and InATMARP) . . . . . . . . . . . . . . . 47 2.10.2 Classical IP over ATM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 2.10.3 ATM LAN emulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 2.10.4 Classical IP over ATM versus LAN emulation. . . . . . . . . . . . . . . . . 592.11 Multiprotocol over ATM (MPOA) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 2.11.1 Benefits of MPOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 2.11.2 MPOA logical components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 2.11.3 MPOA functional components. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 2.11.4 MPOA operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632.12 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64Chapter 3. Internetworking protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673.1 Internet Protocol (IP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 3.1.1 IP addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68 3.1.2 IP subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 3.1.3 IP routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77 3.1.4 Methods of delivery: Unicast, broadcast, multicast, and anycast . . . 84 3.1.5 The IP address exhaustion problem . . . . . . . . . . . . . . . . . . . . . . . . . 86 3.1.6 Intranets: Private IP addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 3.1.7 Network Address Translation (NAT) . . . . . . . . . . . . . . . . . . . . . . . . . 89 3.1.8 Classless Inter-Domain Routing (CIDR) . . . . . . . . . . . . . . . . . . . . . . 95 3.1.9 IP datagram. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 983.2 Internet Control Message Protocol (ICMP) . . . . . . . . . . . . . . . . . . . . . . . 109 3.2.1 ICMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 3.2.2 ICMP applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1173.3 Internet Group Management Protocol (IGMP) . . . . . . . . . . . . . . . . . . . . 1193.4 Address Resolution Protocol (ARP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 3.4.1 ARP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 3.4.2 ARP detailed concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120 3.4.3 ARP and subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123 3.4.4 Proxy-ARP or transparent subnetting . . . . . . . . . . . . . . . . . . . . . . . 1233.5 Reverse Address Resolution Protocol (RARP) . . . . . . . . . . . . . . . . . . . . 124 3.5.1 RARP concept. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1253.6 Bootstrap Protocol (BOOTP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 125iv TCP/IP Tutorial and Technical Overview 6. 3.6.1 BOOTP forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 3.6.2 BOOTP considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1303.7 Dynamic Host Configuration Protocol (DHCP) . . . . . . . . . . . . . . . . . . . . 130 3.7.1 The DHCP message format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 3.7.2 DHCP message types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 3.7.3 Allocating a new network address. . . . . . . . . . . . . . . . . . . . . . . . . . 134 3.7.4 DHCP lease renewal process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 3.7.5 Reusing a previously allocated network address . . . . . . . . . . . . . . 138 3.7.6 Configuration parameters repository . . . . . . . . . . . . . . . . . . . . . . . . 139 3.7.7 DHCP considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 3.7.8 BOOTP and DHCP interoperability . . . . . . . . . . . . . . . . . . . . . . . . . 1403.8 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Chapter 4. Transport layer protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1434.1 Ports and sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 4.1.1 Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 4.1.2 Sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1454.2 User Datagram Protocol (UDP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146 4.2.1 UDP datagram format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147 4.2.2 UDP application programming interface . . . . . . . . . . . . . . . . . . . . . 1494.3 Transmission Control Protocol (TCP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 4.3.1 TCP concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 4.3.2 TCP application programming interface . . . . . . . . . . . . . . . . . . . . . 164 4.3.3 TCP congestion control algorithms . . . . . . . . . . . . . . . . . . . . . . . . . 1654.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Chapter 5. Routing protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1715.1 Autonomous systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1735.2 Types of IP routing and IP routing algorithms . . . . . . . . . . . . . . . . . . . . . 174 5.2.1 Static routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 5.2.2 Distance vector routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 5.2.3 Link state routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 5.2.4 Path vector routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 5.2.5 Hybrid routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1805.3 Routing Information Protocol (RIP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.3.1 RIP packet types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 5.3.2 RIP packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 5.3.3 RIP modes of operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 5.3.4 Calculating distance vectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 5.3.5 Convergence and counting to infinity . . . . . . . . . . . . . . . . . . . . . . . 185 5.3.6 RIP limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1895.4 Routing Information Protocol Version 2 (RIP-2) . . . . . . . . . . . . . . . . . . . 189 5.4.1 RIP-2 packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190Contentsv 7. 5.4.2 RIP-2 limitations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1925.5 RIPng for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192 5.5.1 Differences between RIPng and RIP-2 . . . . . . . . . . . . . . . . . . . . . . 193 5.5.2 RIPng packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1935.6 Open Shortest Path First (OSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 5.6.1 OSPF terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 5.6.2 Neighbor communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205 5.6.3 OSPF neighbor state machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 5.6.4 OSPF route redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 5.6.5 OSPF stub areas. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 5.6.6 OSPF route summarization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2115.7 Enhanced Interior Gateway Routing Protocol (EIGRP). . . . . . . . . . . . . . 212 5.7.1 Features of EIGRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 5.7.2 EIGRP packet types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2145.8 Exterior Gateway Protocol (EGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2155.9 Border Gateway Protocol (BGP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 5.9.1 BGP concepts and terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . 216 5.9.2 IBGP and EBGP communication . . . . . . . . . . . . . . . . . . . . . . . . . . 218 5.9.3 Protocol description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220 5.9.4 Path selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 5.9.5 BGP synchronization. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 5.9.6 BGP aggregation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 5.9.7 BGP confederations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 5.9.8 BGP route reflectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2315.10 Routing protocol selection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2335.11 Additional functions performed by the router. . . . . . . . . . . . . . . . . . . . . 2345.12 Routing processes in UNIX-based systems . . . . . . . . . . . . . . . . . . . . . 2355.13 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235Chapter 6. IP multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2376.1 Multicast addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238 6.1.1 Multicasting on a single physical network . . . . . . . . . . . . . . . . . . . . 238 6.1.2 Multicasting between network segments . . . . . . . . . . . . . . . . . . . . 2406.2 Internet Group Management Protocol (IGMP) . . . . . . . . . . . . . . . . . . . . 241 6.2.1 IGMP messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 6.2.2 IGMP operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2476.3 Multicast delivery tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2506.4 Multicast forwarding algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252 6.4.1 Reverse path forwarding algorithm . . . . . . . . . . . . . . . . . . . . . . . . . 252 6.4.2 Center-based tree algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 6.4.3 Multicast routing protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2546.5 Distance Vector Multicast Routing Protocol (DVMRP) . . . . . . . . . . . . . . 254 6.5.1 Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254vi TCP/IP Tutorial and Technical Overview 8. 6.5.2 Building and maintaining multicast delivery trees . . . . . . . . . . . . . . 256 6.5.3 DVMRP tunnels. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2586.6 Multicast OSPF (MOSPF) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 6.6.1 Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 6.6.2 MOSPF and multiple OSPF areas . . . . . . . . . . . . . . . . . . . . . . . . . 260 6.6.3 MOSPF and multiple autonomous systems . . . . . . . . . . . . . . . . . . 260 6.6.4 MOSPF interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2616.7 Protocol Independent Multicast (PIM) . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 6.7.1 PIM dense mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 6.7.2 PIM sparse mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2636.8 Interconnecting multicast domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 6.8.1 Multicast Source Discovery Protocol (MSDP) . . . . . . . . . . . . . . . . . 266 6.8.2 Border Gateway Multicast Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 2696.9 The multicast backbone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 6.9.1 MBONE routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 6.9.2 Multicast applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2716.10 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272Chapter 7. Mobile IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2757.1 Mobile IP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 7.1.1 Mobile IP operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 7.1.2 Mobility agent advertisement extensions . . . . . . . . . . . . . . . . . . . . 2787.2 Mobile IP registration process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280 7.2.1 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.2 Broadcast datagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.3 Move detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284 7.2.4 Returning home. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 7.2.5 ARP considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 7.2.6 Mobile IP security considerations . . . . . . . . . . . . . . . . . . . . . . . . . . 2867.3 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286Chapter 8. Quality of service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2878.1 Why QoS? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2888.2 Integrated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 8.2.1 Service classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 8.2.2 Controlled Load Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294 8.2.3 Guaranteed Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 8.2.4 The Resource Reservation Protocol (RSVP) . . . . . . . . . . . . . . . . . 296 8.2.5 Integrated Services outlook. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3088.3 Differentiated Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 8.3.1 Differentiated Services architecture . . . . . . . . . . . . . . . . . . . . . . . . 310 8.3.2 Organization of the DSCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313 8.3.3 Configuration and administration of DS with LDAP. . . . . . . . . . . . . 322Contents vii 9. 8.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325Chapter 9. IP version 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3279.1 IPv6 introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 9.1.1 IP growth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 328 9.1.2 IPv6 feature overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3309.2 The IPv6 header format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 9.2.1 Extension headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333 9.2.2 IPv6 addressing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 9.2.3 Traffic class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 9.2.4 Flow labels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 9.2.5 IPv6 security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 9.2.6 Packet sizes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3509.3 Internet Control Message Protocol Version 6 (ICMPv6) . . . . . . . . . . . . . 352 9.3.1 Neighbor discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 9.3.2 Multicast Listener Discovery (MLD) . . . . . . . . . . . . . . . . . . . . . . . . 3659.4 DNS in IPv6. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367 9.4.1 Format of IPv6 resource records. . . . . . . . . . . . . . . . . . . . . . . . . . . 3689.5 DHCP in IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 9.5.1 DHCPv6 messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3719.6 IPv6 mobility support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3729.7 IPv6 new opportunities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 9.7.1 New infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376 9.7.2 New services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377 9.7.3 New research and development platforms . . . . . . . . . . . . . . . . . . . 3789.8 Internet transition: Migrating from IPv4 to IPv6 . . . . . . . . . . . . . . . . . . . . 379 9.8.1 Dual IP stack implementation: The IPv6/IPv4 node . . . . . . . . . . . . 380 9.8.2 Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 9.8.3 Interoperability summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3889.9 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389Chapter 10. Wireless IP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39110.1 Wireless concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39210.2 Why wireless? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395 10.2.1 Deployment and cost effectiveness . . . . . . . . . . . . . . . . . . . . . . . 395 10.2.2 Reachability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 10.2.3 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 10.2.4 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 10.2.5 Connectivity and reliability. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39710.3 WiFi . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39710.4 WiMax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40010.5 Applications of wireless networking. . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.5.1 Last mile connectivity in broadband services . . . . . . . . . . . . . . . . 402viii TCP/IP Tutorial and Technical Overview 10. 10.5.2 Hotspots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40210.5.3 Mesh networking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402 10.6 IEEE standards relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . 403Part 2. TCP/IP application protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405 Chapter 11. Application structure and programming interfaces . . . . . . 407 11.1 Characteristics of applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40811.1.1 The client/server model. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 11.2 Application programming interfaces (APIs) . . . . . . . . . . . . . . . . . . . . . . 41011.2.1 The socket API . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41011.2.2 Remote Procedure Call (RPC) . . . . . . . . . . . . . . . . . . . . . . . . . . . 41511.2.3 The SNMP distributed programming interface (SNMP DPI) . . . . . 41911.2.4 REXX sockets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422 11.3 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423 Chapter 12. Directory and naming protocols . . . . . . . . . . . . . . . . . . . . . . 425 12.1 Domain Name System (DNS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42612.1.1 The hierarchical namespace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42612.1.2 Fully qualified domain names (FQDNs) . . . . . . . . . . . . . . . . . . . . 42812.1.3 Generic domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42812.1.4 Country domains . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42912.1.5 Mapping domain names to IP addresses . . . . . . . . . . . . . . . . . . . 42912.1.6 Mapping IP addresses to domain names: Pointer queries . . . . . . 43012.1.7 The distributed name space . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43012.1.8 Domain name resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43212.1.9 Domain Name System resource records . . . . . . . . . . . . . . . . . . . 43612.1.10 Domain Name System messages . . . . . . . . . . . . . . . . . . . . . . . . 43912.1.11 A simple scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44512.1.12 Extended scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44912.1.13 Transport. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45012.1.14 DNS applications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451 12.2 Dynamic Domain Name System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45312.2.1 Dynamic updates in the DDNS . . . . . . . . . . . . . . . . . . . . . . . . . . . 45412.2.2 Incremental zone transfers in DDNS. . . . . . . . . . . . . . . . . . . . . . . 45612.2.3 Prompt notification of zone transfer . . . . . . . . . . . . . . . . . . . . . . . 457 12.3 Network Information System (NIS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 12.4 Lightweight Directory Access Protocol (LDAP) . . . . . . . . . . . . . . . . . . . 45912.4.1 LDAP: Lightweight access to X.500 . . . . . . . . . . . . . . . . . . . . . . . 46012.4.2 The LDAP directory server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46112.4.3 Overview of LDAP architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . 46312.4.4 LDAP models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46412.4.5 LDAP security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47112.4.6 LDAP URLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474 Contentsix 11. 12.4.7 LDAP and DCE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47512.4.8 The Directory-Enabled Networks (DEN) initiative . . . . . . . . . . . . . 47712.4.9 Web-Based Enterprise Management (WBEM) . . . . . . . . . . . . . . . 478 12.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 Chapter 13. Remote execution and distributed computing. . . . . . . . . . . 483 13.1 Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48413.1.1 Telnet operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48413.1.2 Network Virtual Terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48513.1.3 Telnet options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48713.1.4 Telnet command structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48913.1.5 Option negotiation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49113.1.6 Telnet basic commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49213.1.7 Terminal emulation (Telnet 3270) . . . . . . . . . . . . . . . . . . . . . . . . . 49213.1.8 TN3270 enhancements (TN3270E) . . . . . . . . . . . . . . . . . . . . . . . 49313.1.9 Device-type negotiation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494 13.2 Remote Execution Command protocol (REXEC and RSH) . . . . . . . . . 495 13.3 Introduction to the Distributed Computing Environment (DCE) . . . . . . . 49613.3.1 DCE directory service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49813.3.2 Authentication service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50213.3.3 DCE threads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50513.3.4 Distributed Time Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50713.3.5 Additional information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509 13.4 Distributed File Service (DFS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50913.4.1 File naming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51013.4.2 DFS performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511 13.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512 Chapter 14. File-related protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513 14.1 File Transfer Protocol (FTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51414.1.1 An overview of FTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51414.1.2 FTP operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51514.1.3 The active data transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52014.1.4 The passive data transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52114.1.5 Using proxy transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52214.1.6 Reply codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52314.1.7 Anonymous FTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52514.1.8 Using FTP with IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52514.1.9 Securing FTP sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527 14.2 Trivial File Transfer Protocol (TFTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 52914.2.1 TFTP usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53014.2.2 Protocol description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53114.2.3 TFTP packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 531x TCP/IP Tutorial and Technical Overview 12. 14.2.4 Data modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532 14.2.5 TFTP multicast option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532 14.2.6 Security issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53314.3 Secure Copy Protocol (SCP) and SSH FTP (SFTP) . . . . . . . . . . . . . . . 533 14.3.1 SCP syntax and usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533 14.3.2 SFTP syntax and usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535 14.3.3 SFTP interactive commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53614.4 Network File System (NFS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538 14.4.1 NFS concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 538 14.4.2 File integrity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542 14.4.3 Lock Manager protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 14.4.4 NFS file system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 14.4.5 NFS version 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543 14.4.6 Cache File System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545 14.4.7 WebNFS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54514.5 The Andrew File System (AFS). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54614.6 Common Internet File System (CIFS) . . . . . . . . . . . . . . . . . . . . . . . . . . 548 14.6.1 NetBIOS over TCP/IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 548 14.6.2 SMB/CIFS specifics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55014.7 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552Chapter 15. Mail applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55515.1 Simple Mail Transfer Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556 15.1.1 How SMTP works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 559 15.1.2 SMTP and the Domain Name System . . . . . . . . . . . . . . . . . . . . . 56515.2 Sendmail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568 15.2.1 Sendmail as a mail transfer agent (MTA) . . . . . . . . . . . . . . . . . . . 568 15.2.2 How sendmail works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56915.3 Multipurpose Internet Mail Extensions (MIME) . . . . . . . . . . . . . . . . . . . 571 15.3.1 How MIME works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 574 15.3.2 The Content-Transfer-Encoding field . . . . . . . . . . . . . . . . . . . . . . 582 15.3.3 Using non-ASCII characters in message headers . . . . . . . . . . . . 58715.4 Post Office Protocol (POP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589 15.4.1 Connection states . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589 15.4.2 POP3 commands and responses . . . . . . . . . . . . . . . . . . . . . . . . . 59015.5 Internet Message Access Protocol (IMAP4) . . . . . . . . . . . . . . . . . . . . . 591 15.5.1 Fundamental IMAP4 electronic mail models . . . . . . . . . . . . . . . . . 591 15.5.2 IMAP4 states. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 592 15.5.3 IMAP4 commands and response interaction . . . . . . . . . . . . . . . . 594 15.5.4 IMAP4 messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59715.6 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599Chapter 16. The Web . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601Contents xi 13. 16.1 Web browsers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60316.2 Web servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60416.3 Hypertext Transfer Protocol (HTTP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 605 16.3.1 Overview of HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605 16.3.2 HTTP operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60616.4 Content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 16.4.1 Static content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 16.4.2 Client-side dynamic content . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 616 16.4.3 Server-side dynamic content. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617 16.4.4 Developing content with IBM Web application servers . . . . . . . . . 62116.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 621Chapter 17. Network management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62317.1 The Simple Network Management Protocol (SNMP) . . . . . . . . . . . . . . 624 17.1.1 The Management Information Base (MIB) . . . . . . . . . . . . . . . . . . 625 17.1.2 The SNMP agent. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 630 17.1.3 The SNMP manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 631 17.1.4 The SNMP subagent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632 17.1.5 The SNMP model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 633 17.1.6 SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638 17.1.7 SNMP versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 639 17.1.8 Single authentication and privacy protocol . . . . . . . . . . . . . . . . . . 64717.2 The NETSTAT utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 648 17.2.1 Common NETSTAT options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 649 17.2.2 Sample NETSTAT report output . . . . . . . . . . . . . . . . . . . . . . . . . . 64917.3 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651Chapter 18. Wireless Application Protocol . . . . . . . . . . . . . . . . . . . . . . . . 65518.1 The WAP environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65718.2 Key elements of the WAP specifications. . . . . . . . . . . . . . . . . . . . . . . . 65718.3 WAP architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65818.4 Client identifiers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66318.5 Multimedia messaging system (MMS) . . . . . . . . . . . . . . . . . . . . . . . . . 66318.6 WAP push architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664 18.6.1 Push framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 664 18.6.2 Push proxy gateway (PPG) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665 18.6.3 Push access control protocol (PAP) . . . . . . . . . . . . . . . . . . . . . . . 667 18.6.4 Service indication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668 18.6.5 Push over-the-air protocol (OTA) . . . . . . . . . . . . . . . . . . . . . . . . . 668 18.6.6 Client-side infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668 18.6.7 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66918.7 The Wireless Application Environment (WAE2) . . . . . . . . . . . . . . . . . . 67018.8 User Agent Profile (UAProf) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671xii TCP/IP Tutorial and Technical Overview 14. 18.9 Wireless protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 672 18.9.1 Wireless Datagram Protocol (WDP) . . . . . . . . . . . . . . . . . . . . . . . 672 18.9.2 Wireless Profiled Transmission Control Protocol (WP-TCP) . . . . 674 18.9.3 Wireless Control Message Protocol (WCMP) . . . . . . . . . . . . . . . . 678 18.9.4 Wireless Transaction Protocol (WTP) . . . . . . . . . . . . . . . . . . . . . . 679 18.9.5 Wireless Session Protocol (WSP) . . . . . . . . . . . . . . . . . . . . . . . . . 682 18.9.6 Wireless profiled HTTP (W-HTTP) . . . . . . . . . . . . . . . . . . . . . . . . 69518.10 Wireless security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 696 18.10.1 Wireless Transport Layer Security (WTLS). . . . . . . . . . . . . . . . . 696 18.10.2 Wireless Identity Module (WIM) . . . . . . . . . . . . . . . . . . . . . . . . . 70118.11 Wireless Telephony Application (WTA) . . . . . . . . . . . . . . . . . . . . . . . . 70218.12 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70218.13 Specifications relevant to this chapter. . . . . . . . . . . . . . . . . . . . . . . . . 703Chapter 19. Presence over IP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70719.1 Overview of the presence service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71019.2 Presence Information Data Format (PIDF) . . . . . . . . . . . . . . . . . . . . . . 71419.3 Presence protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716 19.3.1 Binding to TCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 718 19.3.2 Address resolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71819.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 718Part 3. Advanced concepts and new technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 721Chapter 20. Voice over Internet Protocol . . . . . . . . . . . . . . . . . . . . . . . . . 72320.1 Voice over IP (VoIP) introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724 20.1.1 Benefits and applications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 724 20.1.2 VoIP functional components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72620.2 Session Initiation Protocol (SIP) technologies. . . . . . . . . . . . . . . . . . . . 730 20.2.1 SIP request and response. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732 20.2.2 Sample SIP message flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 733 20.2.3 SIP protocol architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73420.3 Media Gateway Control Protocol (MGCP) . . . . . . . . . . . . . . . . . . . . . . 736 20.3.1 MGCP architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 737 20.3.2 MGCP primitives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73720.4 Media Gateway Controller (Megaco). . . . . . . . . . . . . . . . . . . . . . . . . . . 738 20.4.1 Megaco architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73820.5 ITU-T recommendation H.323 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 20.5.1 H.323 architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 20.5.2 H.323 protocol stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74120.6 Summary of VoIP protocols. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74220.7 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 743Chapter 21. Internet Protocol Television. . . . . . . . . . . . . . . . . . . . . . . . . . 745 Contentsxiii 15. 21.1 IPTV overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74621.1.1 IPTV requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74721.1.2 Business benefits and applications . . . . . . . . . . . . . . . . . . . . . . . . 749 21.2 Functional components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75021.2.1 Content acquisition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75021.2.2 CODEC (encode and decode) . . . . . . . . . . . . . . . . . . . . . . . . . . . 75021.2.3 Display devices and control gateway . . . . . . . . . . . . . . . . . . . . . . 75121.2.4 IP (TV) transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 752 21.3 IPTV technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75221.3.1 Summary of protocol standards . . . . . . . . . . . . . . . . . . . . . . . . . . 75321.3.2 Stream Control Transmission Protocol . . . . . . . . . . . . . . . . . . . . . 75321.3.3 Session Description Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75421.3.4 Real-Time Transport Protocol (RTP) . . . . . . . . . . . . . . . . . . . . . . 75621.3.5 Real-Time Control Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76221.3.6 Moving Picture Experts Group (MPEG) standards . . . . . . . . . . . . 76721.3.7 H.261. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 769 21.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 770 Chapter 22. TCP/IP security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 771 22.1 Security exposures and solutions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77222.1.1 Common attacks against security . . . . . . . . . . . . . . . . . . . . . . . . . 77222.1.2 Solutions to network security problems. . . . . . . . . . . . . . . . . . . . . 77222.1.3 Implementations of security solutions . . . . . . . . . . . . . . . . . . . . . . 77422.1.4 Network security policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 776 22.2 A short introduction to cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . 77722.2.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77722.2.2 Symmetric or secret-key algorithms . . . . . . . . . . . . . . . . . . . . . . . 77922.2.3 Asymmetric or public key algorithms. . . . . . . . . . . . . . . . . . . . . . . 78022.2.4 Hash functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78522.2.5 Digital certificates and certification authorities . . . . . . . . . . . . . . . 79122.2.6 Random-number generators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79222.2.7 Export/import restrictions on cryptography . . . . . . . . . . . . . . . . . . 793 22.3 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79422.3.1 Firewall concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79522.3.2 Components of a firewall system . . . . . . . . . . . . . . . . . . . . . . . . . 79622.3.3 Types of firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 805 22.4 IP Security Architecture (IPSec) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80922.4.1 Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81022.4.2 Authentication Header (AH) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81322.4.3 Encapsulating Security Payload (ESP) . . . . . . . . . . . . . . . . . . . . . 81722.4.4 Combining IPSec protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82322.4.5 Internet Key Exchange (IKE) protocol. . . . . . . . . . . . . . . . . . . . . . 829 22.5 SOCKS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 846xiv TCP/IP Tutorial and Technical Overview 16. 22.5.1 SOCKS Version 5 (SOCKSv5) . . . . . . . . . . . . . . . . . . . . . . . . . . . 84822.6 Secure Shell (1 and 2). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 853 22.6.1 SSH overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85322.7 Secure Sockets Layer (SSL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854 22.7.1 SSL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854 22.7.2 SSL protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85622.8 Transport Layer Security (TLS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86122.9 Secure Multipurpose Internet Mail Extension (S-MIME) . . . . . . . . . . . . 86122.10 Virtual private networks (VPNs) overview . . . . . . . . . . . . . . . . . . . . . . 861 22.10.1 VPN introduction and benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . 86222.11 Kerberos authentication and authorization system . . . . . . . . . . . . . . . 864 22.11.1 Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 22.11.2 Naming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 865 22.11.3 Kerberos authentication process. . . . . . . . . . . . . . . . . . . . . . . . . 866 22.11.4 Kerberos database management . . . . . . . . . . . . . . . . . . . . . . . . 870 22.11.5 Kerberos Authorization Model . . . . . . . . . . . . . . . . . . . . . . . . . . . 871 22.11.6 Kerberos Version 5 enhancements. . . . . . . . . . . . . . . . . . . . . . . 87122.12 Remote access authentication protocols. . . . . . . . . . . . . . . . . . . . . . . 87222.13 Extensible Authentication Protocol (EAP) . . . . . . . . . . . . . . . . . . . . . . 87422.14 Layer 2 Tunneling Protocol (L2TP) . . . . . . . . . . . . . . . . . . . . . . . . . . . 875 22.14.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 876 22.14.2 Protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 877 22.14.3 L2TP security issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87922.15 Secure Electronic Transaction (SET) . . . . . . . . . . . . . . . . . . . . . . . . . 880 22.15.1 SET roles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 880 22.15.2 SET transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 881 22.15.3 The SET certificate scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88322.16 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 885Chapter 23. Port based network access control . . . . . . . . . . . . . . . . . . . 88923.1 Port based network access control (NAC) overview . . . . . . . . . . . . . . . 89023.2 Port based NAC component overview . . . . . . . . . . . . . . . . . . . . . . . . . 89123.3 Port based network access control operation . . . . . . . . . . . . . . . . . . . . 892 23.3.1 Port based network access control functional considerations. . . . 90423.4 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 906Chapter 24. Availability, scalability, and load balancing . . . . . . . . . . . . . 90724.1 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90924.2 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90924.3 Load balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91024.4 Clustering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91024.5 Virtualization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91224.6 Virtual Router Redundancy Protocol (VRRP) . . . . . . . . . . . . . . . . . . . . 914 Contents xv 17. 24.6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91424.6.2 VRRP definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91624.6.3 VRRP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91624.6.4 Sample configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91824.6.5 VRRP packet format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 919 24.7 Round-robin DNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921 24.8 Alternative solutions to load balancing . . . . . . . . . . . . . . . . . . . . . . . . . 92124.8.1 Network Address Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92224.8.2 Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 923 24.9 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 924 Appendix A. Multiprotocol Label Switching . . . . . . . . . . . . . . . . . . . . . . . 925 A.1 MPLS: An introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 926A.1.1 Conventional routing versus MPLS forwarding mode. . . . . . . . . . . 926A.1.2 Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 927A.1.3 Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 929 A.2 MPLS network processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 932A.2.1 Label swapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 932A.2.2 Label switched path (LSP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 934A.2.3 Label stack and label hierarchies . . . . . . . . . . . . . . . . . . . . . . . . . . 934A.2.4 MPLS stacks in a BGP environment. . . . . . . . . . . . . . . . . . . . . . . . 936A.2.5 Label distribution protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 938A.2.6 Stream merge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 939 A.3 Emulating Ethernet over MPLS networks . . . . . . . . . . . . . . . . . . . . . . . . 939 A.4 Generalized Multiprotocol Label Switching (GMPLS) . . . . . . . . . . . . . . . 941A.4.1 Benefits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 941A.4.2 MPLS and GMPLS comparison in OTN environment. . . . . . . . . . . 942A.4.3 How does GMPLS work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 943A.4.4 Link Management Protocol (LMP) . . . . . . . . . . . . . . . . . . . . . . . . . 944A.4.5 Signaling for route selection and path setup. . . . . . . . . . . . . . . . . . 947A.4.6 GMPLS considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 949A.4.7 GMPLS examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 950 A.5 RFCs relevant to this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 952 Abbreviations and acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 953 Related publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 959 IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 959 Other publications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 959 Online resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 959 How to get IBM Redbooks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961 Help from IBM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 961 Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 963xvi TCP/IP Tutorial and Technical Overview 18. NoticesThis information was developed for products and services offered in the U.S.A.IBM may not offer the products, services, or features discussed in this document in other countries. Consultyour local IBM representative for information on the products and services currently available in your area.Any reference to an IBM product, program, or service is not intended to state or imply that only that IBMproduct, program, or service may be used. Any functionally equivalent product, program, or service thatdoes not infringe any IBM intellectual property right may be used instead. However, it is the usersresponsibility to evaluate and verify the operation of any non-IBM product, program, or service.IBM may have patents or pending patent applications covering subject matter described in this document.The furnishing of this document does not give you any license to these patents. You can send licenseinquiries, in writing, to:IBM Director of Licensing, IBM Corporation, North Castle Drive, Armonk, NY 10504-1785 U.S.A.The following paragraph does not apply to the United Kingdom or any other country where suchprovisions are inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATIONPROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS ORIMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT,MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimerof express or implied warranties in certain transactions, therefore, this statement may not apply to you.This information could include technical inaccuracies or typographical errors. Changes are periodically madeto the information herein; these changes will be incorporated in new editions of the publication. IBM maymake improvements and/or changes in the product(s) and/or the program(s) described in this publication atany time without notice.Any references in this information to non-IBM Web sites are provided for convenience only and do not in anymanner serve as an endorsement of those Web sites. The materials at those Web sites are not part of thematerials for this IBM product and use of those Web sites is at your own risk.IBM may use or distribute any of the information you supply in any way it believes appropriate withoutincurring any obligation to you.Information concerning non-IBM products was obtained from the suppliers of those products, their publishedannouncements or other publicly available sources. IBM has not tested those products and cannot confirmthe accuracy of performance, compatibility or any other claims related to non-IBM products. Questions onthe capabilities of non-IBM products should be addressed to the suppliers of those products.This information contains examples of data and reports used in daily business operations. To illustrate themas completely as possible, the examples include the names of individuals, companies, brands, and products.All of these names are fictitious and any similarity to the names and addresses used by an actual businessenterprise is entirely coincidental.COPYRIGHT LICENSE:This information contains sample application programs in source language, which illustrate programmingtechniques on various operating platforms. You may copy, modify, and distribute these sample programs inany form without payment to IBM, for the purposes of developing, using, marketing or distributing applicationprograms conforming to the application programming interface for the operating platform for which thesample programs are written. These examples have not been thoroughly tested under all conditions. IBM,therefore, cannot guarantee or imply reliability, serviceability, or function of these programs. Copyright IBM Corp. 1989-2006. All rights reserved.xvii 19. TrademarksThe following terms are trademarks of the International Business Machines Corporation in the United States,other countries, or both:1350 IBM Global Network OS/390Advanced Peer-to-Peer ibm.comOS/400Networking IBMRACFAIX 5L IPDS Redbooks (logo) AIXLotus NotesRedbooksAS/400 LotusRISC System/6000CICS MVSSystem/390developerWorks NotesVTAMESCONOperating System/2 WebSphereHiperSockets OS/2 z/OSThe following terms are trademarks of other companies:SAP, and SAP logos are trademarks or registered trademarks of SAP AG in Germany and in several othercountries.CacheFS, Enterprise JavaBeans, EJB, IPX, Java, Java Naming and Directory Interface, JavaBeans,JavaScript, JavaServer, JavaServer Pages, JavaSoft, JDBC, JDK, JSP, JVM, J2EE, ONC, Solaris, Sun,Sun Microsystems, WebNFS, and all Java-based trademarks are trademarks of Sun Microsystems, Inc. inthe United States, other countries, or both.Internet Explorer, Microsoft, MSN, Windows NT, Windows, and the Windows logo are trademarks ofMicrosoft Corporation in the United States, other countries, or both.Intel, Intel logo, Intel Inside logo, and Intel Centrino logo are trademarks or registered trademarks of IntelCorporation or its subsidiaries in the United States, other countries, or both.UNIX is a registered trademark of The Open Group in the United States and other countries.Linux is a trademark of Linus Torvalds in the United States, other countries, or both.Other company, product, or service names may be trademarks or service marks of others.xviiiTCP/IP Tutorial and Technical Overview 20. Preface The TCP/IP protocol suite has become a staple of todays international society and global economy. Continually evolving standards provide a wide and flexible foundation on which an entire infrastructure of applications are built. Through these we can seek entertainment, conduct business, make financial transactions, deliver services, and much, much more. However, because TCP/IP continues to develop and grow in order to meet the changing needs of our communities, it might sometimes be hard to keep track of new functionality or identify new possibilities. For this reason, the TCP/IP Tutorial and Technical Overview provides not only an introduction to the TCP/IP protocol suite, but also serves as a reference for advanced users seeking to keep their TCP/IP skills aligned with current standards. It is our hope that both the novice and the expert will find useful information in this publication. In Part I, you will find an introduction to the core concepts and history upon which TCP/IP is founded. Included is an introduction to the history of TCP/IP and an overview of its current architecture. We also provide detailed discussions about the protocols that comprise the suite, and how those protocols are most commonly implemented. Part II expands on the information provided in Part I, providing general application concepts (such as file sharing) and specific application protocols within those concepts (such as the File Transfer Protocol, or FTP). Additionally, Part II discusses applications that might not be included in the standard TCP/IP suite but, because of their wide use throughout the Internet community, are considered de facto standards. Finally, Part III addresses new concepts and advanced implementations within the TCP/IP architecture. Of particular note, Part III examines the convergence of many formerly disparate networks and services using IP technology. Conjointly, this section reviews potential dangers of this IP convergence and approaches the ever-growing standards used to secure and control access to networks and networked resources. We purposely kept this book platform independent. However, we recognize that you might have a need to learn more about TCP/IP on various platforms, so the following Web sites might assist you in further researching this topic: TCP/IP and System z: http://www.ibm.com/servers/eserver/zseries/zos/bkserv/ Copyright IBM Corp. 1989-2006. All rights reserved.xix 21. TCP/IP and System p:http://www.ibm.com/systems/p/library/index.htmlTCP/IP and System i:http://www.ibm.com/servers/eserver/iseries/tcpip/index.htmlTCP/IP and System x:http://www.ibm.com/servers/eserver/support/xseries/allproducts/installing.htmlThe team that wrote this redbook This redbook was produced by a team of specialists from around the world working at the International Technical Support Organization, Poughkeepsie Center. Lydia Parziale is a Project Leader for the ITSO team in Poughkeepsie, New York with domestic and international experience in technology management including software development, project leadership, and strategic planning. Her areas of expertise include e-business development and database management technologies. Lydia is a Certified IT Specialist with an MBA in Technology Management and has been employed by IBM for 23 years in various technology areas.David T. Britt is a Software Engineer for IBM in ResearchTriangle Park, NC, working specifically with the z/OSCommunications Server product. He is a subject matterexpert in the Simple Networking Management Protocol(SNMP) and File Transfer Protocol (FTP), and has writteneducational material for both in the form of IBMTechnotes, Techdocs, and Webcasts. He holds a degreein Mathematical Sciences from the University of NorthCarolina in Chapel Hill, and is currently pursuing a masterof science in Information Technology and Management from the University of North Carolina in Greensboro.xx TCP/IP Tutorial and Technical Overview 22. Chuck Davis is a Security Architect in the U.S. He has 12years of experience in IT security field. He has worked atIBM for nine years. His areas of expertise include ITsecurity and privacy. He has written extensively aboutUNIX/Linux and Internet security.Jason Forrester is an IT Architect for IBM GlobalTechnology Services in Boulder, CO. He has more than 12years of experience with network communications.Specializing in IT strategy and architecture, Jason hasdesigned large-scale enterprise infrastructures. He holds aCCIE certification and his work has lead to multiple patentson advanced networking concepts.Dr. Wei Liu received his Ph.D. from Georgia Institute ofTechnology. He has taught TCP/IP networks in theUniversity of Maryland (UMBC campus) and he hasparticipated in ICCCN conference organizationcommittees. Dr. Liu has given lectures at Sun Yat-SenUniversity and Shantou University in Next GenerationNetworks (NGNs). With more than 30 technicalpublications (in packet networks, telecommunications, andstandards), he has received several awards from ATIScommittees. Dr. Wei Liu has more than 10 years of telecom industryexperience, having participated in various network transformation projects andservice integration programs. Currently, he is investigating new infrastructureopportunities (virtualization, network, services, security, and metadata models)that can lead to future offering and new capabilities. Prefacexxi 23. Carolyn Matthews is an IT Architect for IBM GlobalTechnology Services in South Africa. She is aninfrastructure architect for one of South Africas largestaccounts. She also acts as a consultant, using variousIBM techniques. Carolyn holds an honors degree inInformation Systems and is currently pursuing hermasters degree in Information Systems. Her areas ofexpertise include TCP/IP networks, IT architecture, andnew technologies.Nicolas Rosselot is a Developer from Santiago, Chile.He has most recently been teaching an AdvancedTCP/IP Networking class at Andres Bello University.Thanks to the following people for their contributions to this project and laying thefoundation for this book by writing the earlier version:Adolfo Rodriguez, John Gatrell, John Karas, Roland Peschke, Srinath Karanam,and Martn F. MaldonadoInternational Technical Support Organization, Poughkeepsie CenterBecome a published authorJoin us for a two- to six-week residency program! Help write an IBM Redbookdealing with specific products or solutions, while getting hands-on experiencewith leading-edge technologies. Youll have the opportunity to team with IBMtechnical professionals, Business Partners, and Clients.Your efforts will help increase product acceptance and client satisfaction. As abonus, youll develop a network of contacts in IBM development labs, andincrease your productivity and marketability.Find out more about the residency program, browse the residency index, andapply online at:ibm.com/redbooks/residencies.htmlxxii TCP/IP Tutorial and Technical Overview 24. Comments welcome Your comments are important to us! We want our Redbooks to be as helpful as possible. Send us your comments about this or other Redbooks in one of the following ways:Use the online Contact us review redbook form found at:ibm.com/redbooksSend your comments in an e-mail to:[email protected] your comments to:IBM Corporation, International Technical Support OrganizationDept. HYTD Mail Station P0992455 South RoadPoughkeepsie, NY 12601-5400Preface xxiii 25. xxiv TCP/IP Tutorial and Technical Overview 26. Part 1Part 1 Core TCP/IP protocols The Transmission Control Protocol/Internet Protocol (TCP/IP) suite has become the industry-standard method of interconnecting hosts, networks, and the Internet. As such, it is seen as the engine behind the Internet and networks worldwide. Although TCP/IP supports a host of applications, both standard and nonstandard, these applications could not exist without the foundation of a set of core protocols. Additionally, in order to understand the capability of TCP/IP applications, an understanding of these core protocols must be realized. With this in mind, Part I begins with providing a background of TCP/IP, the current architecture, standards, and most recent trends. Next, the section explores the two aspects vital to the IP stack itself. This portion begins with a discussion of the network interfaces most commonly used to allow the protocol suite to interface with the physical network media. This is followed by the protocols that must be implemented in any stack, including protocols belonging to the IP and transport layers. Copyright IBM Corp. 1989-2006. All rights reserved.1 27. Finally, other standard protocols exist that might not necessarily be required in every implementation of the TCP/IP protocol suite. However, there are those that can be very useful given certain operational needs of the implementation. Such protocols include IP version 6, quality of service protocols, and wireless IP.2 TCP/IP Tutorial and Technical Overview 28. 1 Chapter 1.Architecture, history, standards, and trends Today, the Internet and World Wide Web (WWW) are familiar terms to millions of people all over the world. Many people depend on applications enabled by the Internet, such as electronic mail and Web access. In addition, the increase in popularity of business applications places additional emphasis on the Internet. The Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite is the engine for the Internet and networks worldwide. Its simplicity and power has led to its becoming the single network protocol of choice in the world today. In this chapter, we give an overview of the TCP/IP protocol suite. We discuss how the Internet was formed, how it developed, and how it is likely to develop in the future. Copyright IBM Corp. 1989-2006. All rights reserved.3 29. 1.1 TCP/IP architectural model The TCP/IP protocol suite is so named for two of its most important protocols: Transmission Control Protocol (TCP) and Internet Protocol (IP). A less used name for it is the Internet Protocol Suite, which is the phrase used in official Internet standards documents. In this book, we use the more common, shorter term, TCP/IP, to refer to the entire protocol suite.1.1.1 Internetworking The main design goal of TCP/IP was to build an interconnection of networks, referred to as an internetwork, or internet, that provided universal communication services over heterogeneous physical networks. The clear benefit of such an internetwork is the enabling of communication between hosts on different networks, perhaps separated by a large geographical area. The words internetwork and internet are simply a contraction of the phrase interconnected network. However, when written with a capital I, the Internet refers to the worldwide set of interconnected networks. Therefore, the Internet is an internet, but the reverse does not apply. The Internet is sometimes called the connected Internet. The Internet consists of the following groups of networks: Backbones: Large networks that exist primarily to interconnect other networks. Also known as network access points (NAPs) or Internet Exchange Points (IXPs). Currently, the backbones consist of commercial entities. Regional networks connecting, for example, universities and colleges. Commercial networks providing access to the backbones to subscribers, and networks owned by commercial organizations for internal use that also have connections to the Internet. Local networks, such as campus-wide university networks. In most cases, networks are limited in size by the number of users that can belong to the network, by the maximum geographical distance that the network can span, or by the applicability of the network to certain environments. For example, an Ethernet network is inherently limited in terms of geographical size. Therefore, the ability to interconnect a large number of networks in some hierarchical and organized fashion enables the communication of any two hosts belonging to this internetwork.4 TCP/IP Tutorial and Technical Overview 30. Figure 1-1 shows two examples of internets. Each consists of two or morephysical networks.RouterO neNetwork 1 R Network 2VirtualNetworkTwo networks interconnected by a router equals Internet A Router RouterNetwork 1RNetwork 2 RNetwork 3 M ultiple networks interconnected by routers (also seen as 1 virtual network, an Internet)Figure 1-1 Internet examples: Two interconnected sets of networks, each seen as onelogical networkAnother important aspect of TCP/IP internetworking is the creation of astandardized abstraction of the communication mechanisms provided by eachtype of network. Each physical network has its own technology-dependentcommunication interface, in the form of a programming interface that providesbasic communication functions (primitives). TCP/IP provides communicationservices that run between the programming interface of a physical network anduser applications. It enables a common interface for these applications,independent of the underlying physical network. The architecture of the physicalnetwork is therefore hidden from the user and from the developer of theapplication. The application need only code to the standardized communicationabstraction to be able to function under any type of physical network andoperating platform.As is evident in Figure 1-1, to be able to interconnect two networks, we need acomputer that is attached to both networks and can forward data packets fromone network to the other; such a machine is called a router. The term IP router isalso used because the routing function is part of the Internet Protocol portion ofthe TCP/IP protocol suite (see 1.1.2, The TCP/IP protocol layers on page 6).Chapter 1. Architecture, history, standards, and trends 5 31. To be able to identify a host within the internetwork, each host is assigned an address, called the IP address. When a host has multiple network adapters (interfaces), such as with a router, each interface has a unique IP address. The IP address consists of two parts: IP address = The network number part of the IP address identifies the network within the internet and is assigned by a central authority and is unique throughout the internet. The authority for assigning the host number part of the IP address resides with the organization that controls the network identified by the network number. We describe the addressing scheme in detail in 3.1.1, IP addressing on page 68.1.1.2 The TCP/IP protocol layers Like most networking software, TCP/IP is modeled in layers. This layered representation leads to the term protocol stack, which refers to the stack of layers in the protocol suite. It can be used for positioning (but not for functionally comparing) the TCP/IP protocol suite against others, such as Systems Network Architecture (SNA) and the Open System Interconnection (OSI) model. Functional comparisons cannot easily be extracted from this, because there are basic differences in the layered models used by the different protocol suites. By dividing the communication software into layers, the protocol stack allows for division of labor, ease of implementation and code testing, and the ability to develop alternative layer implementations. Layers communicate with those above and below via concise interfaces. In this regard, a layer provides a service for the layer directly above it and makes use of services provided by the layer directly below it. For example, the IP layer provides the ability to transfer data from one host to another without any guarantee to reliable delivery or duplicate suppression. Transport protocols such as TCP make use of this service to provide applications with reliable, in-order, data stream delivery.6 TCP/IP Tutorial and Technical Overview 32. Figure 1-2 shows how the TCP/IP protocols are modeled in four layers. Applications .......Applications Transport.......TCP/UDPICMP Internetwork ....... IPARP/RARPNetwork Interfaceand ....... Network Interface Hardwareand HardwareFigure 1-2 The TCP/IP protocol stack: Each layer represents a package of functionsThese layers include:Application layerThe application layer is provided by the program that uses TCP/IP for communication. An application is a user process cooperating with another process usually on a different host (there is also a benefit to application communication within a single host). Examples of applications include Telnet and the File Transfer Protocol (FTP). The interface between the application and transport layers is defined by port numbers and sockets, which we describe in more detail in 4.1, Ports and sockets on page 144.Transport layerThe transport layer provides the end-to-end data transfer by delivering data from an application to its remote peer. Multiple applications can be supported simultaneously. The most-used transport layer protocol is the Transmission Control Protocol (TCP), which provides connection-oriented reliable data delivery, duplicate data suppression, congestion control, and flow control. We discuss this in more detail in 4.3, Transmission Control Protocol (TCP) on page 149. Another transport layer protocol is the User Datagram Protocol (see 4.2, User Datagram Protocol (UDP) on page 146). It provides connectionless, unreliable, Chapter 1. Architecture, history, standards, and trends 7 33. best-effort service. As a result, applications using UDP as the transport protocol have to provide their own end-to-end integrity, flow control, and congestion control, if desired. Usually, UDP is used by applications that need a fast transport mechanism and can tolerate the loss of some data. Internetwork layerThe internetwork layer, also called the internet layer or the network layer, provides the virtual network image of an internet (this layer shields the higher levels from the physical network architecture below it). Internet Protocol (IP) is the most important protocol in this layer. It is a connectionless protocol that does not assume reliability from lower layers. IP does not provide reliability, flow control, or error recovery. These functions must be provided at a higher level. IP provides a routing function that attempts to deliver transmitted messages to their destination. We discuss IP in detail in Chapter 3, Internetworking protocols on page 67. A message unit in an IP network is called an IP datagram. This is the basic unit of information transmitted across TCP/IP networks. Other internetwork-layer protocols are IP, ICMP, IGMP, ARP, and RARP. Network interface layer The network interface layer, also called the link layer or the data-link layer, is the interface to the actual network hardware. This interface may or may not provide reliable delivery, and may be packet or stream oriented. In fact, TCP/IP does not specify any protocol here, but can use almost any network interface available, which illustrates the flexibility of the IP layer. Examples are IEEE 802.2, X.25 (which is reliable in itself), ATM, FDDI, and even SNA. We discuss some physical networks and interfaces in Chapter 2, Network interfaces on page 29. TCP/IP specifications do not describe or standardize any network-layer protocols per se; they only standardize ways of accessing those protocols from the internetwork layer.8 TCP/IP Tutorial and Technical Overview 34. A more detailed layering model is included in Figure 1-3. Applications SMTP, Telnet, FTP, Gopher...Transport TCP UDPICMP Internetwork IP ARP RARP Network Interface Ethernet, Token-Ring, FDDI, X.25, Wireless, Async, ATM,and Hardware SNA... Figure 1-3 Detailed architectural model1.1.3 TCP/IP applications The highest-level protocols within the TCP/IP protocol stack are application protocols. They communicate with applications on other internet hosts and are the user-visible interface to the TCP/IP protocol suite. All application protocols have some characteristics in common:They can be user-written applications or applications standardized andshipped with the TCP/IP product. Indeed, the TCP/IP protocol suite includesapplication protocols such as: Telnet for interactive terminal access to remote internet hosts File Transfer Protocol (FTP) for high-speed disk-to-disk file transfers Simple Mail Transfer Protocol (SMTP) as an internet mailing systemThese are some of the most widely implemented application protocols, butmany others exist. Each particular TCP/IP implementation will include alesser or greater set of application protocols.They use either UDP or TCP as a transport mechanism. Remember that UDPis unreliable and offers no flow-control, so in this case, the application has toprovide its own error recovery, flow control, and congestion controlfunctionality. It is often easier to build applications on top of TCP because it isa reliable stream, connection-oriented, congestion-friendly, flowcontrol-enabled protocol. As a result, most application protocols will use TCP,but there are applications built on UDP to achieve better performance throughincreased protocol efficiencies.Most applications use the client/server model of interaction.Chapter 1. Architecture, history, standards, and trends 9 35. The client/server model TCP is a peer-to-peer, connection-oriented protocol. There are no master/subordinate relationships. The applications, however, typically use a client/server model for communications, as demonstrated in Figure 1-4. A server is an application that offers a service to internet users. A client is a requester of a service. An application consists of both a server and a client part, which can run on the same or on different systems. Users usually invoke the client part of the application, which builds a request for a particular service and sends it to the server part of the application using TCP/IP as a transport vehicle. The server is a program that receives a request, performs the required service, and sends back the results in a reply. A server can usually deal with multiple requests and multiple requesting clients at the same time.ClientClientServerA B..... TCP/IPTCP/IP TCP/IPInternet Network Figure 1-4 The client/server model of applications Most servers wait for requests at a well-known port so that their clients know to which port (and in turn, which application) they must direct their requests. The client typically uses an arbitrary port called an ephemeral port for its communication. Clients that want to communicate with a server that does not use a well-known port must have another mechanism for learning to which port they must address their requests. This mechanism might employ a registration service such as portmap, which does use a well-known port. For detailed information about TCP/IP application protocols, refer to Part 2, TCP/IP application protocols on page 405.10 TCP/IP Tutorial and Technical Overview 36. Bridges, routers, and gatewaysThere are many ways to provide access to other networks. In an internetwork,this done with routers. In this section, we distinguish between a router, a bridge,and a gateway for allowing remote network access:Bridge Interconnects LAN segments at the network interface layer level and forwards frames between them. A bridge performs the function of a MAC relay, and is independent of any higher layer protocol (including the logical link protocol). It provides MAC layer protocol conversion, if required. A bridge is said to be transparent to IP. That is, when an IP host sends an IP datagram to another host on a network connected by a bridge, it sends the datagram directly to the host and the datagram crosses the bridge without the sending IP host being aware of it.Router Interconnects networks at the internetwork layer level and routes packets between them. The router must understand the addressing structure associated with the networking protocols it supports and take decisions on whether, or how, to forward packets. Routers are able to select the best transmission paths and optimal packet sizes. The basic routing function is implemented in the IP layer of the TCP/IP protocol stack, so any host or workstation running TCP/IP over more than one interface could, in theory and also with most of todays TCP/IP implementations, forward IP datagrams. However, dedicated routers provide much more sophisticated routing than the minimum functions implemented by IP. Because IP provides this basic routing function, the term IP router, is often used. Other, older terms for router are IP gateway, Internet gateway, and gateway. The term gateway is now normally used for connections at a higher layer than the internetwork layer. A router is said to be visible to IP. That is, when a host sends an IP datagram to another host on a network connected by a router, it sends the datagram to the router so that it can forward it to the target host.Chapter 1. Architecture, history, standards, and trends 11 37. Gateway Interconnects networks at higher layers than bridges and routers. A gateway usually supports address mapping from one network to another, and might also provide transformation of the data between the environments to support end-to-end application connectivity. Gateways typically limit the interconnectivity of two networks to a subset of the application protocols supported on either one. For example, a VM host running TCP/IP can be used as an SMTP/RSCS mail gateway.Note: The term gateway, when used in this sense, is notsynonymous with IP gateway. A gateway is said to be opaque to IP. That is, a host cannot send an IP datagram through a gateway; it can only send it to a gateway. The higher-level protocol information carried by the datagrams is then passed on by the gateway using whatever networking architecture is used on the other side of the gateway. Closely related to routers and gateways is the concept of a firewall, or firewall gateway, which is used to restrict access from the Internet or some untrusted network to a network or group of networks controlled by an organization for security reasons. See 22.3, Firewalls on page 794 for more information about firewalls.1.2 The roots of the Internet Networks have become a fundamental, if not the most important, part of todays information systems. They form the backbone for information sharing in enterprises, governmental groups, and scientific groups. That information can take several forms. It can be notes and documents, data to be processed by another computer, files sent to colleagues, and multimedia data streams. A number of networks were installed in the late 1960s and 1970s, when network design was the state of the art topic of computer research and sophisticated implementers. It resulted in multiple networking models such as packet-switching techno

Tcp ip red book latest edition

Education

Transcript of Tcp ip red book latest edition