The IP transport protocol provides. What does the routing protocol (IP) do? . IP protocol – routing protocol

05.10.2023 -

/ Protocols / Connection

TCP/IP protocol family

The name TCP/IP comes from the two main protocols included in this family - TCP (Transmission Control Protocol) and IP (Internet Protocol). They are responsible for reliable data transfer between computers. The IP protocol is closely related to the concept of an IP address - the unique address of a computer on a network.

TCP – transport protocol

According to this protocol, any message is cut into packets (IP packets) of approximately the same size and format, these packets are numbered and transmitted independently of each other, and at the destination the original message is assembled from the received packets. If one packet is lost, you can send a request to retransmit it (or ask to repeat all packets). In some cases, retransmission does not make sense, for example, when transmitting audio and video in real time.

IP protocol – routing protocol

According to this protocol, each packet, in addition to the data embedded in it, has a header that is only 20 bytes long. It contains the sender's computer address (IP address) and the recipient's address, and other information necessary for the correct assembly of packets at their destination.
In local networks, the path along which the packet is transmitted is determined by the geometric structure of the network and the possible ways of connecting nodes. Knowing this, you can accurately indicate the path that data takes when transmitting a message from one computer on the local network to another.
In global networks and the Internet, the route of each packet is determined dynamically during transmission. This guarantees optimal loading of nodes and resistance of the system to damage to individual areas. Special devices - routers - select the path of the packet and forward it to the next network node. The principle of dynamic route determination is called flexible routing.

The principles of packet switching and flexible routing were first applied in the United States during the development of the ARPANET network in 1969. That is why ARPANET is considered the prototype of the Internet. TCP/IP is the basis of the Internet.
The user most often deals with application protocols. Each application protocol has its own service or Internet service.
For example, HTTP protocol deals with WWW documents - Web pages, users work using the HTTP protocol.
FTP protocol allows you to transfer information in the form of files over the network.
Postal POP and SMTP protocols provide connection to mail servers, sending and delivery of letters.
NNTP protocol allows you to work with the news service.

The table clearly shows network masks.

The first two entries indicate that the router itself, through its corresponding IP interfaces, sends datagrams addressed to the network to which it is directly connected. All other datagrams are forwarded to G2 (194.84.0.118). The se0 interface denotes a serial channel - a dedicated line.

2.3.5. Creating Static Routes

The route table can be populated in various ways. Static routing is used when the routes used cannot change over time, such as the host and router discussed above, where there simply are no alternative routes. Static routes are configured by the network or host administrator.

For an ordinary host from the example discussed above, it is enough to indicate only the address of the gateway (the next router in the default route), the rest of the entries in the table are obvious, and the host, knowing its own IP address and network mask, can enter them independently. The gateway address can be specified either manually or obtained automatically when configuring the TCP/IP stack via a DHCP server (see the laboratory work “Dynamic assignment of IP addresses” in the course “Internet Technologies”).

2.3.6. Dynamic routing

In the case of combining networks with a complex topology, when there are several route options from one node to another and (or) when the state of the networks (topology, quality of communication channels) changes over time, route tables are compiled dynamically using various routing protocols. We emphasize that routing protocols do not actually route datagrams - it is in any case performed by the IP module according to entries in the route table, as discussed above. Routing protocols, based on certain algorithms, dynamically edit the route table, that is, they add and delete entries, while some entries can still be statically entered by the administrator.

Depending on the operating algorithm, there are distance vector distance vector protocols and protocols connection states(link state protocols).

According to the area of application, there is a division into protocols external(exterior) and internal(interior) routing.

Distance vector protocols implement the Bellman-Ford algorithm. The general scheme of their operation is as follows: each router periodically broadcasts information about the distance from itself to all networks known to it ( “distance vector”). At the initial moment of time, of course, information is sent only about those networks to which the router is directly connected.

Also, each router, having received a distance vector from someone, in accordance with the information received, corrects the data it already has about the reachability of networks or adds new ones, indicating the router from which the vector was received as next router on the way to the data network. After some time, the algorithm converges and all routers have information about routes to all networks.

Distance vector protocols only work well in small networks. The algorithm of their operation will be discussed in more detail in Chapter 4. Development of distance vector technology - “path vectors” used in the BGP protocol.

When working link state protocols Each router monitors the state of its connections with neighbors and when the state changes (for example, when a connection is broken), it sends out a broadcast message, after receiving which all other routers adjust their databases and recalculate routes. Unlike distance vector protocols, link state protocols create a database on each router that describes the complete network graph and allows route calculations to be carried out locally and therefore quickly.

A common protocol of this type is OSPF, is based on the SPF (Shortest Path First) algorithm for finding the shortest path in a graph, proposed by E.W. Dijkstra.

Link state protocols are much more complex than distance vector protocols, but provide faster, more optimal and correct calculation of routes. Link state protocols will be discussed in more detail using the OSPF protocol as an example in Chapter 5.

Interior routing protocols (for example, RIP, OSPF; collectively called IGP - Interior Gateway Protocols) are used on routers operating inside autonomous systems . An autonomous system is the largest division of the Internet, which is a combination of networks with the same routing policy and common administration, for example, the set of networks of the Global One company and its clients in Russia.

The scope of a particular internal routing protocol may not cover the entire autonomous system, but only some combination of networks that is part of the autonomous system. We will call such a union network system , or simply system, sometimes indicating the routing protocol operating in this system, for example: RIP system, OSPF system.

Routing between carried out by autonomous systems border(border) routers whose route tables are compiled using external routing protocols (collectively called EGP - Exterior Gateway Protocols). The peculiarity of external routing protocols is that when calculating routes, they must take into account not only the topology of the network graph, but also the political restrictions imposed by the administration of autonomous systems on routing traffic of other autonomous systems through their networks. Currently, the most common external routing protocol is BGP.

2.4. IP Datagram Header Format

An IP datagram consists of a header and data.

The datagram header consists of 32-bit words and has a variable length depending on the size of the Options field, but is always a multiple of 32 bits. The header is immediately followed by the data carried in the datagram.

Header Format:

The header field values are as follows.

Ver(4 bits) - IP protocol version, currently version 4 is used, new developments have version numbers 6-8.

IHL (Internet Header Length)(4 bits) - header length in 32-bit words; The range of valid values is from 5 (minimum header length, no “Options” field) to 15 (i.e. there can be a maximum of 40 bytes of options).

TOS (Type Of Service)(8 bits) - the value of the field determines the priority of the datagram and the desired type of routing. TOS byte structure:

The three least significant bits (“Precedence”) determine the priority of the datagram:

111 - network management
110 - internetwork control
101 - CRITIC-ECP
100 - more than instantly
011 - instantly
010 - immediately
001 - urgent
000 - usually

Bits D,T,R,C determine the desired type of routing:

D (Delay) - selection of a route with minimal delay,
T (Throughput) - selecting a route with maximum throughput,
R (Reliability) - choosing a route with maximum reliability,
C (Cost) - selection of the route with the minimum cost.

Only one of the D, T, R, C bits can be set in a datagram. The most significant bit of the byte is not used.

The actual consideration of priorities and route selection based on the TOS byte value depends on the router and its software and settings. A router may support route calculations for all TOS types, some, or ignore TOS altogether. A router may consider the priority value when processing all datagrams, or when processing datagrams originating only from a limited set of network nodes, or ignore the priority altogether.

Total Length(16 bits) - length of the entire datagram in octets, including header and data, maximum value 65535, minimum - 21 (header without options and one octet in the data field).

ID (Identification)(16 bits), Flags(3 bits), Fragment Offset(13 bits) are used for fragmentation and reassembly of datagrams and will be discussed in more detail below in section 2.4.1.

TTL (Time To Live)(8 bits) - “lifetime” of the datagram. Set by the sender, measured in seconds. Each router through which the datagram passes rewrites the TTL value, first subtracting from it the time spent processing the datagram. Because the processing speed of routers these days is so fast, it usually takes less than a second to process one datagram, so each router actually subtracts one from the TTL. When TTL=0 is reached, the datagram is discarded and a corresponding ICMP message can be sent to the sender. TTL control prevents the datagram from looping on the network.

Protocol(8 bits) - defines the program (higher stack protocol) to which the datagram data should be transferred for further processing. Some protocol codes are shown in Table 2.4.1.

IP protocol codes

Code	Protocol	Description
1	ICMP	Control message protocol
2	IGMP	Host Group Management Protocol
4	IP	IP over IP (encapsulation)
6	TCP
8	E.G.P.	External Routing Protocol (deprecated)
9	IGP	Internal Routing Protocol (obsolete)
17	UDP
46	RSVP	Resource reservation protocol for multicasting
88	IGRP	Internal routing protocol from Cisco
89	OSPF	Internal Routing Protocol

Header Checksum(16 bits) - header checksum, consists of 16 bits, complementary bits in the sum of all 16-bit header words. Before calculating the checksum, the value of the “Header Checksum” field is reset to zero. Because routers change the values of some header fields when processing a datagram (at least the “TTL” field), the checksum is recalculated by each router. If an error is detected during checksum verification, the datagram is discarded.

Source Address(32 bits) - sender IP address.

Destination Address(32 bits) - recipient IP address.

Padding- header alignment on a 32-bit word boundary if the options list occupies a non-integer number of 32-bit words. The “Padding” field is filled with zeros.

2.4.1. Datagram fragmentation

Different transmission media have different maximum size of the transmitted data unit (MTU - Media Transmission Unit), this number depends on the speed characteristics of the medium and the probability of an error occurring during transmission. For example, the MTU size in 10 Mbit/s Ethernet is 1536 octets, in 100 Mbit/s FDDI it is 4096 octets.

When transmitting a datagram from an environment with a large MTU to an environment with a smaller MTU, it may be necessary to fragment the datagram. Fragmentation and reassembly of datagrams is carried out by the IP protocol module. For this purpose, the “ID” (Identification), “Flags” and “Fragment Offset” fields of the datagram header are used.

Flags-the field consists of 3 bits, the least significant of which is always reset:

DF (Don’t Fragment) bit values:

0 - fragmentation is allowed,
1 - fragmentation is disabled (if the datagram cannot be transmitted without fragmentation, it is destroyed).

MF (More Fragments) bit values:

0 - this fragment is the last (the only one),
1 - this fragment is not the last.

ID (Identification)- datagram identifier, set by the sender; used to assemble a datagram from fragments to determine whether the fragments belong to the same datagram.

Fragment Offset- fragment offset, the field value indicates at what position in the data field of the original datagram this fragment is located. The offset is considered in 64-bit chunks, i.e. The minimum fragment size is 8 octets, and the next fragment in this case will have an offset of 1. The first fragment has an offset of zero.

Let's look at the fragmentation process with an example. Suppose a datagram of 4020 octets (including 20 octets of header) is transmitted from an FDDI environment (MTU=4096) to an Ethernet environment (MTU=1536). At the boundary of the media, the datagram is fragmented. The headers in this datagram and in all its fragments are the same length - 20 octets.

Original datagram:
header: ID=X, Total Length=4020, DF=0, MF=0, FOffset=0
data (4000 octets): “A....A” (1472 octets), “B....B” (1472 octets), “C....C” (1056 octets)

Fragment 1:
header: ID=X, Total Length=1492, DF=0, MF=1, FOffset=0
data: “A....A” (1472 octets)

Fragment 2:
header: ID=X, Total Length=1492, DF=0, MF=1, FOffset=184
data: “B....B” (1472 octets)

Fragment 3:
header: ID=X, Total Length=1076, DF=0, MF=0, FOffset=368
data: “C....C” (1056 octets)

Fragmentation can be recursive, i.e., for example, fragments 1 and 2 can be fragmented again; in this case, the offset (Fragment Offset) is calculated from the beginning of the original datagram.

2.4.2. Discussion of fragmentation

The maximum number of fragments is 2 13 =8192 with a minimum (8 octets) size of each fragment. With a larger fragment size, the maximum number of fragments decreases accordingly.

When fragmenting, some options are copied into the fragment header, some are not. All other datagram header fields in the fragment header are present. The following header fields can change their value compared to the original datagram: options field, flag “MF”, “Fragment Offset”, “Total Length”, “IHL”, checksum. The remaining fields are copied into fragments without changes.

Each IP module must be able to transmit a 68-octet datagram without fragmentation (maximum header size 60 octets + minimum fragment 8 octets).

Reassembly of fragments occurs only at the destination node of the datagram, since different fragments may take different routes to the destination.

If fragments are delayed or lost in transit, the remaining fragments already received at the reassembly point have their TTL decreased by one per second until the missing fragments arrive. If the TTL becomes zero, then all fragments are destroyed and the resources used to reassemble the datagram are released.

The maximum number of datagram IDs is 65536. If all IDs are used, you must wait until the TTL expires before the same ID can be used again, since in TTL seconds the “old” datagram will either be delivered and reassembled, or destroyed.

Transmitting datagrams with fragmentation has certain disadvantages. For example, as follows from the previous paragraph, the maximum speed of such transmission is 65536/TTL datagrams per second. If we take into account that the recommended TTL value is 120, we get a maximum speed of 546 datagrams per second. In an FDDI environment, the MTU is approximately 4100 octets, from which we obtain a maximum data transfer rate in an FDDI environment of no more than 18 Mbit/s, which is significantly lower than the capabilities of this environment.

Another disadvantage of fragmentation is its low efficiency: if one fragment is lost, the entire datagram is retransmitted; When simultaneously waiting for lagging fragments of several datagrams, a noticeable shortage of resources is created and the operation of the network node slows down.

A way to bypass the fragmentation process is to use the “Path MTU Discovery” algorithm, this algorithm is supported by the TCP protocol. The purpose of the algorithm is to discover the minimum MTU along the entire path from the sender to the destination. To do this, datagrams are sent with the DF bit set (“fragmentation prohibited”). If they do not reach the destination, the size of the datagram is reduced, and this continues until the transmission is successful. When transmitting payloads, datagrams are then created with a size corresponding to the detected minimum MTU.

2.4.3. IP Options

Options define additional IP protocol services for datagram processing. An option consists of, at a minimum, an Option Type octet, which may be followed by an Option Length octet and data octets for the option.

Structure of the “Option Type” octet:

Bit C values:

1 - the option is copied to all fragments;
0 - the option is copied only to the first fragment.

Two classes of options are defined: 0 - “Management” and 2 - “Measurement and debugging”. Within a class, an option is identified by a number. The following are the options described in the IP protocol standard; a “-” sign in the “Length Octet” column means that the option consists of only the “Option Type” octet, a number next to the plus sign means that the option has a fixed length (length is indicated in octets).

Table 2.4.2

		Length octet
			End of options list
			No operation
			Safety
			Loose Source Routing (free execution of the sender's route)
			Strict Source Routing (strict execution of the sender's route)
			Recording a route

			Internet Timestamp

When the “End of list of options” option is found in the list, parsing of options stops, even if the header length (IHL) has not yet been exhausted. The No Operation option is typically used to align options on a 32-bit boundary.

Most options are currently not used. The “Stream ID” and “Security” options were used in a limited range of experiments; the functions of the “Record Route” and “Internet Timestamp” options are performed by the traceroute program. Only the “Loose/Strict Source Routing” options are of some interest; they are discussed in the next paragraph.

Using options in datagrams slows down their processing. Since most datagrams do not contain options, that is, they have a fixed header length, their processing is maximally optimized for this particular case. The appearance of an option interrupts this high-speed process and calls a standard universal IP module, capable of processing any standard options, but at the expense of a significant loss in performance.

The “Loose/Strict Source Routing” options (class 0, numbers 3 and 9, respectively) are intended to indicate to the datagram a route predetermined by the sender.

Both options look the same:

The “Data” field contains a list of IP addresses of the required route in order. The “Pointer” field is used to determine the next route point; it contains the number of the first octet of the IP address of this point in the “Data” field. The numbers are counted from the beginning of the option from one, the initial value of the pointer is 4.

The options work as follows.

Suppose a datagram sent from A to B must travel through routers G1 and G2. At the exit from A, the “Destination Address” field of the datagram header contains the address of G1, and the option data field contains the addresses of G2 and B (pointer = 4). Upon arrival of the datagram at G1, from the option data field, starting with the octet indicated by the pointer (octet 4), the address of the next destination (G2) is extracted and placed in the “Destination Address” field, the value of the pointer is incremented by 4, and the G2 address is replaced the option data field contains the address of the interface of router G1 through which the datagram will be sent to the new destination (that is, to G2). Upon arrival of the datagram at G2, the procedure is repeated and the datagram is sent to B. When processing the datagram at B, it is discovered that the value of the pointer (12) exceeds the length of the option, which means that the final destination of the route has been reached.

The differences between the “Loose Source Routing” and “Strict Source Routing” options are as follows:

“Loose”: the next point of the required route can be reached in any number of steps ( hops);

“Strict”: the next point of the required route must be reached in 1 step, that is, directly.

The considered options are copied to all fragments. There can only be one such option per datagram.

The “Loose/Strict Source Routing” options can be used for the purpose of unauthorized penetration through a controlling (filtering) node (the allowed address is set in the “Destination Address” field, the datagram is passed by the controlling node, then a prohibited address is substituted from the option data field and the datagram is redirected to this address is already beyond the reach of the controlling node), therefore, for security reasons, it is recommended to generally prohibit the controlling node from passing datagrams with the options in question.

A fast alternative to using the “Loose Source Routing” option is IP-IP encapsulation: enclosing an IP datagram inside an IP datagram (the “Protocol” field of the outer datagram has a value of 4, see ). For example, you need to send some TCP segment from A to B via C. A datagram like this is sent from A to C:

When processing a datagram in C, it is discovered that the datagram data must be transferred to the IP protocol for processing and is, of course, also an IP datagram. This internal datagram is retrieved and sent to B.

In this case, additional time for processing the datagram was required only in node C (processing two headers instead of one), but in all other nodes of the route no additional processing was required, unlike the case of using options.

The use of IP-to-IP encapsulation can also cause the security problems described above.

2.5. ICMP protocol

The ICMP protocol (Internet Control Message Protocol) is an integral part of the IP module. It provides feedback in the form of diagnostic messages sent to the sender when its datagram cannot be delivered and in other cases. ICMP is standardized in RFC-792, with additions in RCF-950.1256.

ICMP messages are not generated if delivery is impossible:

datagrams containing ICMP messages;
not the first datagram fragments;
datagrams sent to a group address (broadcasting, multicasting);
datagrams whose source address is null or multicast.

All ICMP messages have an IP header, the value of the “Protocol” field is 1. Datagram data with an ICMP message is not passed up the protocol stack for processing, but is processed by the IP module.

After the IP header there is a 32-bit word with the fields “Type”, “Code” and “Checksum”. The type and code fields define the content of the ICMP message. The format of the rest of the datagram depends on the type of message. The checksum is calculated in the same way as in the IP header, but in this case the contents of the ICMP message are summed, including the “Type” and “Code” fields.

Table 2.5.1

Types of ICMP messages

		Message
		Echo Reply
		Destination Unreachable (the destination is unreachable for various reasons):
		Net Unreachable (network unavailable)
		Host Unreachable (host is unavailable)
		Protocol Unavailable
		Port Unreachable (port unavailable)
		DF=1 (fragmentation required, but not allowed)
		Source Route failed (the Source Route option cannot be executed)
		Source Quench
		Redirect (choose another router to send datagrams to)
		to this network
		to this host
		to a given network with a given TOS
		to a given host with a given TOS
		Echo Request
		Router Advertisement
		Router Solicitation (router advertisement request)
		Time Exceeded (datagram lifetime has expired)
		upon transmission
		during assembly
		Parameter problem
		Error in IP header
		Required option missing
		Timestamp (time stamp request)
		Timestamp Reply (response to a timestamp request)
		Address Mask Request
		Address Mask Reply (response to the network mask request)

Below we discuss the formats of ICMP messages and provide comments on some messages.

Types 3, 4, 11, 12

In a message of type 12, the “xxxxxxxxxxxxx” field (1 octet) contains the number of the header octet in which the error was detected; not used in messages of types 3, 4, 11. All unused fields are filled with zeros.

Type 4 messages (“Slow Down”) are generated when the datagram processing buffers of the destination or intermediate node along the route are full (or are in danger of overflowing). When receiving such a message, the sender must reduce the speed or pause sending datagrams until it no longer receives messages of this type.

The IP header and the initial words of the original datagram are provided to identify the sender of the datagram and possibly analyze the cause of the failure.

Type 5

Type 5 messages are sent by a router to the sender of a datagram when the router believes that datagrams to a given destination should be routed through another router. The address of the new router is given in the second word of the message.

The concept of “destination” is specified by the value of the “Code” field (see Table 2.5.1). Information about where the datagram that generated the ICMP messages was sent is derived from its header attached to the message. The lack of netmask transmission limits the scope of Type 5 messages.

Types 0.8

Message types 0 and 8 are used to test IP communication between two network nodes. The testing node generates messages of type 8 (“Echo Request”), while the “Identifier” determines this testing session (sequence number of messages sent), the “Sequence Number” field contains the number of this message within the sequence. The data field contains arbitrary data, the size of this field is determined by the total length of the datagram, specified in the “Total length” field of the IP header.

The IP module that receives the echo request sends an echo response. To do this, it swaps the sender and recipient addresses, changes the ICMP message type to 0, and recalculates the checksum.

The testing node, based on the very fact of receiving echo responses, datagram turnaround time, percentage of losses and the sequence of arrival of responses, can draw conclusions about the presence and quality of communication with the node being tested. The ping program works by sending and receiving echo messages.

Type 9

Type 9 (router advertisement) messages are periodically sent by routers to hosts on a network so that the hosts can automatically configure their routing tables. Typically, such messages are sent to the multicast address 224.0.0.1 (“all hosts”) or to the broadcast address.

The message contains the addresses of one or more routers, with priority values for each router. The priority is a signed number, written in two's complement; the higher the number, the higher the priority.

The “NumAddr” field contains the number of router addresses in this message; the value of the “AddrEntrySize” field is equal to two (the size of the field allocated for information about one router, in 32-bit words). “Lifetime” defines the expiration date of the information contained in this message, in seconds.

Type 10

Message type 10 (Router Advertisement Request) consists of two 32-bit words, the first of which contains the Type, Code, and Checksum fields, and the second of which is reserved (filled with zeros).

Types 17 and 18

Messages of types 17 and 18 (request and response to a request for the value of the netmask) are used when the host wants to know the netmask in which it is located. To do this, a request is sent to the router address (or broadcast if the router address is unknown). The router responds with a message containing the mask value of the network from which the request came. In the case where the requester does not yet know his IP address, the response is sent broadcast.

The “Identifier” and “Sequence Number” fields can be used to control the correspondence of requests and responses, but in most cases they are ignored.

2.6. ARP protocol

ARP (Address Resolution Protocol) is designed to translate IP addresses into MAC addresses, often also called physical addresses.

MAC stands for Media Access Control, media access control. MAC addresses identify devices connected to a physical link; an example of a MAC address is an Ethernet address.

To transmit an IP datagram over a physical channel (we will consider Ethernet), it is necessary to encapsulate this datagram in an Ethernet frame and in the frame header indicate the address of the Ethernet card to which this datagram will be delivered for its subsequent processing by the IP protocol higher in the stack. The IP address included in the datagram header addresses the IP interface of any network node and does not contain any indication of the physical transmission medium to which this interface is connected, much less the physical address of the device (if any), through which this interface communicates with the environment.

A search for a corresponding Ethernet address using a given IP address is performed by the ARP protocol, which operates at the transmission media access level. The protocol maintains a dynamic arp table in RAM for the purpose of caching received information. The protocol operates as follows.

An IP datagram is received from the internetwork layer for transmission to a physical channel (Ethernet), and along with the datagram, among other parameters, the IP address of the destination host is transmitted. If the arp table does not contain an entry for the Ethernet address corresponding to the desired IP address, the arp module queues the datagram and issues a broadcast request. The request is received by all nodes connected to this network; a node that has recognized its IP address sends an arp-response with the value of its Ethernet address. The received data is entered into a table, the pending datagram is removed from the queue and transferred for encapsulation into an Ethernet frame for subsequent sending over a physical channel.

The ARP request or response is included in the Ethernet frame immediately after the frame header.

The request and response formats are the same and differ only in the operation code (Operation code, 1 and 2, respectively).

Although ARP was designed specifically for Ethernet, the protocol can support different types of physical media (the “Hardware type” field, value 1 corresponds to Ethernet), as well as different types of protocols supported (the “Protocol type” field). protocol)”, the value 2048 corresponds to IP). The H-len and P-len fields contain the lengths of the physical and “protocol” addresses, respectively, in octets. For Ethernet H-len=6, for IP P-len=4.

The “Source hardware address” and “Source protocol address” fields contain the physical (Ethernet) and “protocol” (IP) addresses of the sender. The “Target hardware address” and “Target protocol address” fields contain the corresponding recipient addresses. When sending a request, the “Target hardware address” field is initialized to zeros, and the “Destination Address” field of the Ethernet frame header is set to the broadcast address.

2.6.1. ARP for datagrams destined for another network

A datagram directed to an external (other) network must be transmitted to the router. Suppose host A sends a datagram to host B through router G. Even though the datagram sent from A has B's IP address in the Destination header, the Ethernet frame containing the datagram must be delivered to the router. This is achieved by the fact that the IP module, when calling the ARP module, transmits to it, along with the datagram, the address of the router extracted from the route table as the IP address of the destination host. Thus, a datagram with address B is encapsulated in a frame with MAC address G:

The Ethernet module on Router G receives this frame from the network, since the frame is addressed to it, extracts data (that is, a datagram) from the frame and sends it to the IP module for processing. The IP module detects that the datagram is not addressed to it, but to host B, and uses its route table to determine where it should be forwarded. Next, the datagram is again lowered to the lower level, to the corresponding physical interface, to which the address of the next router extracted from the route table is transmitted as the IP address of the destination host, or immediately the address of host B, if router G can deliver the datagram directly to it.

2.6.2. Proxy ARP

The ARP response may not necessarily be sent by the desired node; another node may send it instead. This mechanism is called proxy ARP.

Let's look at an example (Fig. 2.6.1). Remote host A is connected via a dial-up line to network 194.84.124.0/24 through access server G. Network 194.84.124.0 is an Ethernet physical layer. Server G gives host A the IP address 194.84.124.30, which belongs to the network 194.84.124.0. Therefore, any node on this network, such as Host B, believes that it can directly send a datagram to Host A because they are on the same IP network.

Rice. 2.6.1. Proxy ARP

The IP module of host B calls the ARP module to determine the physical address of A. However, instead of A (which, of course, cannot respond because it is not physically connected to the Ethernet network), server G responds, which returns its Ethernet address as a physical address host A. B then sends and G receives a frame containing a datagram for A, which G sends to the destination over the switched circuit.

TCP/IP protocol (Transmission Control Protocol/Internet Protocol) is a network protocol stack commonly used for the Internet and other similar networks (for example, this protocol is also used in LANs). The name TCP/IP comes from the two most important protocols:

IP (Internet Protocol) - is responsible for transmitting a data packet from node to node. IP forwards each packet based on a four-byte destination address (IP address).
TCP (Transmission Control Protocol) - is responsible for verifying the correct delivery of data from the client to the server. Data may be lost in the intermediate network. TCP added the ability to detect errors or lost data and, as a result, the ability to request retransmission until the data is correctly and completely received.

Main characteristics of TCP/IP:

Standardized high-level protocols used for well-known user services.
Open protocol standards are used, which makes it possible to develop and modify standards regardless of software and hardware;
Unique addressing system;
Independence from the physical communication channel used;

The principle of operation of the TCP/IP protocol stack is the same as in the OSI model; data from the upper layers is encapsulated in packets from the lower layers.

If a packet moves through the level from top to bottom, at each level service information is added to the packet in the form of a header and possibly a trailer (information placed at the end of the message). This process is called. Service information is intended for an object of the same level on a remote computer. Its format and interpretation are determined by the protocols of this layer.

If a packet moves through the layer from bottom to top, it is divided into header and data. The packet header is analyzed, service information is extracted and, in accordance with it, the data is redirected to one of the higher-level objects. The higher level, in turn, analyzes this data and also divides it into header and data, then the header is analyzed and service information and data are allocated for the higher level. The procedure is repeated again until user data, freed from all service information, reaches the application level.

It is possible that the package will never reach the application level. In particular, if a computer operates as an intermediate station on the path between the sender and the recipient, then an object at the appropriate level, when analyzing service information, will determine that the packet at this level is not addressed to it, as a result of which the object will take the necessary measures to redirect the packet to the destination or returned to the sender with an error message. But one way or another it will not promote data to the upper level.

An example of encapsulation can be represented as follows:

Let's look at each level function

Application layer

Applications running the TCP/IP stack can also perform the functions of the presentation layer and part of the session layer of the OSI model.

Common examples of applications are programs:

Telnet
HTTP
Email protocols (SMTP, POP3)

To send data to another application, the application accesses one or another module of the transport module.

Transport layer

Transport layer protocols provide transparent delivery of data between two application processes. A process that receives or sends data is identified at the transport layer by a number called a port number.

Thus, the role of the source and destination address at the transport layer is performed by the port number. By analyzing the header of its packet received from the internetwork layer, the transport module determines by the recipient port number which of the application processes the data is sent to and transmits this data to the corresponding application process.

The destination and source port numbers are written into the header by the transport module sending the data. The transport layer header also contains some other overhead information, and the format of the header depends on the transport protocol used.

Transport layer tools are a functional superstructure over the network layer and solve two main problems:

ensuring data delivery between specific programs operating, in general, on different network nodes;
ensuring guaranteed delivery of data arrays of arbitrary size.

Currently, two transport protocols are used on the Internet - UDP, which provides non-guaranteed delivery of data between programs, and TCP, which provides guaranteed delivery with the establishment of a virtual connection.

Network (internet) level

The main protocol at this layer is the IP protocol, which delivers blocks of data (datagrams) from one IP address to another. An IP address is a unique 32-bit identifier of a computer, or more precisely, its network interface. The data for the datagram is transmitted to the IP module by the transport layer. The IP module adds a header to this data containing the IP address of the sender and recipient, and other service information.

Thus, the generated datagram is transferred to the media access layer to be sent over the data link.

Not all computers can directly communicate with each other; often, in order to transmit a datagram to its destination, it is necessary to route it through one or more intermediate computers along a particular route. The task of determining the route for each datagram is solved by the IP protocol.

When an IP module receives a datagram from a lower level, it checks the destination IP address; if the datagram is addressed to a given computer, then the data from it is transferred for processing to a higher-level module, but if the destination address of the datagram is foreign, then the IP module can make two decisions:

Destroys the datagram;
Send it further to its destination, having determined the route, this is what intermediate stations do - routers.

It may also be necessary at the edge of networks, with different characteristics, to break the datagram into fragments, and then assemble them into a single whole on the recipient’s computer. This is also the task of the IP protocol.

The IP protocol can also send notification messages using the ICMP protocol, for example, in the event of a datagram being destroyed. There are no more means of monitoring the correctness of data, confirmation or delivery, there is no preliminary connection in the protocol; these tasks are assigned to the transport layer.

Media access level

The functions of this level are as follows:

Mapping IP addresses to physical network addresses. This function is performed by the ARP protocol;
Encapsulates IP datagrams into frames for transmission over a physical link and extracts the datagrams from the frames without requiring any error-free transmission control, since in the TCP/IP stack such control is assigned to the transport layer or the application itself. The frame header indicates the access point to the SAP service; this field contains the protocol code;
Determining the method of access to the transmission medium, i.e. the way in which computers establish their right to transmit data;
Defining the representation of data in the physical environment;
Frame forwarding and receiving.

Let's consider encapsulation using the example of intercepting an HTTP protocol packet using the wireshark sniffer, which operates at the application level of the TCP/IP protocol:

In addition to the intercepted HTTP protocol itself, the sniffer describes each underlying layer based on the TCP/IP stack. HTTP is encapsulated in TCP, TCP in IPv4, IPv4 in Ethernet II.

The Internet, which is a network of networks and unites a huge number of different local, regional and corporate networks, operates and develops through the use of a single TCP/IP data transfer protocol. The term TCP/IP includes the name of two protocols:

Transmission Control Protocol (TCP)) - transport protocol;

Internet Protocol (IP)- routing protocol.

Routing protocol. The IP protocol ensures the transfer of information between computers on a network. Let's consider the operation of this protocol by analogy with the transfer of information using regular mail. In order for the letter to reach its intended destination, the address of the recipient (who the letter is to) and the address of the sender (from whom the letter is from) are indicated on the envelope.

Similarly, information transmitted over the network is “packed in an envelope” on which the IP addresses of the recipient and sender’s computers are “written”, for example “To: 198.78.213.185”, “From: 193.124.5.33”. The contents of the envelope in computer language are called IP packet and is a set of bytes.

In the process of forwarding regular letters, they are first delivered to the post office closest to the sender, and then transferred along the chain of post offices to the post office closest to the recipient. At intermediate post offices, letters are sorted, that is, it is determined to which next post office a particular letter should be sent.

IP packets on the way to the recipient computer also pass through numerous intermediate Internet servers on which the operation is performed routing As a result of routing, IP packets are sent from one Internet server to another, gradually approaching the recipient computer.

Determining the route for information to pass through. The “geography” of the Internet differs significantly from the geography we are accustomed to. The speed of obtaining information does not depend on the distance of the Web server, but on the number of intermediate servers and the quality of communication lines (their capacity) through which information is transmitted from node to node.

You can get acquainted with the route of information on the Internet quite simply. Special program tracert.exe, which is part of Windows, allows you to track through which servers and with what delay information is transferred from the selected Internet server to your computer.

Transport protocol. Now let’s imagine that we need to send a multi-page manuscript by mail, but the post office does not accept parcels or packages. The idea is simple: if the manuscript does not fit into a regular postal envelope, it must be disassembled into sheets and sent in several envelopes. In this case, the sheets of the manuscript must be numbered so that the recipient knows in what sequence these sheets will then be combined.

A similar situation often occurs on the Internet when computers exchange large files. If you send such a file as a whole, it can “clog” the communication channel for a long time, making it inaccessible for sending other messages.

To prevent this from happening, on the sending computer it is necessary to split the large file into small parts, number them and transport them in separate IP packets to the receiving computer. On the recipient computer, it is necessary to assemble the source file from individual parts in the correct sequence.

Interestingly, for the IP protocol responsible for routing, these packets are completely unrelated to each other. Therefore, the last IP packet may well overtake the first IP packet along the way. It may turn out that even the delivery routes for these packages will be completely different. However, TCP will wait for the first IP packet and assemble the source file in the correct sequence.

Transmission Control Protocol (TCP), that is, a transport protocol, ensures that files are split into IP packets during transmission and files are assembled during reception.

The time of exchange of IP packets between the local computer and the Internet server can be determined using the utility ping, which is part of the Windows operating system. "The utility sends four IP packets to the specified address and shows the total transmission and reception time for each packet.

TCP/IP data transfer protocol

Transmission Control Protocol (TCP) - transport protocol;
Internet Protocol (IP) is a routing protocol.

Similarly, information transmitted over the network is “packed in an envelope” on which the IP addresses of the recipient’s and sender’s computers are “written”, for example “To: 198.78.213.185”, “From: 193.124.5.33”. The contents of the envelope in computer language are called IP packet and is a set of bytes.

In the process of forwarding regular letters, they are first delivered to the post office closest to the sender, and then passed along the chain of post offices to the post office closest to the recipient. At intermediate post offices, letters are sorted, that is, it is determined to which next post office a particular letter should be sent.

IP packets on the way to the recipient computer also pass through numerous intermediate Internet servers on which the operation is performed routing. As a result of routing, IP packets are sent from one Internet server to another, gradually approaching the recipient computer.

Internet Protocol (IP) provides routing of IP packets, that is, delivery of information from the sending computer to the receiving computer.

Determining the route for information to pass through. The “geography” of the Internet differs significantly from the geography we are accustomed to. The speed of obtaining information does not depend on the distance of the Web server, but on the number of intermediate servers and the quality of communication lines (their capacity) through which information is transmitted from node to node.

You can get acquainted with the route of information on the Internet quite simply. The special program tracert.exe, which is included in Windows, allows you to track through which servers and with what delay information is transferred from the selected Internet server to your computer.

Let's see how access to information is implemented in the "Moscow" part of the Internet to one of the most popular search servers on the Russian Internet www.rambler.ru.

Determining the route of information passage

2. In the window MS-DOS session in response to the system prompt to enter the command.

3. After some time, a trace of information transfer will appear, that is, a list of nodes through which information is transmitted to your computer, and the time of transmission between nodes.

Tracing the route of information transmission shows that the server www.rambler.ru is located at a “distance” of 7 transitions from us, i.e. information is transmitted through six intermediate Internet servers (through the servers of the Moscow providers MTU-Inform and Demos). The speed of information transfer between nodes is quite high; one “transition” takes from 126 to 138 ms.

Transport protocol. Now let’s imagine that we need to send a multi-page manuscript by mail, but the post office does not accept parcels or parcels. The idea is simple: if the manuscript does not fit into a regular postal envelope, it must be disassembled into sheets and sent in several envelopes. In this case, the sheets of the manuscript must be numbered so that the recipient knows in what sequence these sheets will then be combined.

Transmission Control Protocol (TCP), that is, the transport protocol, ensures that files are split into IP packets during transmission and files are assembled during reception.

Determining the time of IP packet exchange. The time for the exchange of IP packets between the local computer and the Internet server can be determined using the ping utility, which is part of the Windows operating system. The utility sends four IP packets to the specified address and shows the total transmission and reception time for each packet.

Determining the time of IP packet exchange

1. Connect to the Internet, enter the command [Programs-MS-DOS Session].

2. In the window MS-DOS session in response to the system prompt to enter the command.

3. In the window MS-DOS session The result of testing the signal in four attempts will be displayed. The response time characterizes the speed parameters of the entire chain of communication lines from the server to the local computer.

Questions to Consider

1. What ensures the integral functioning of the global computer network Internet?

Practical tasks

4.5. Trace the route of information from one of the most popular Internet search servers www.yahoo.com, located in the “American” segment of the Internet.

4.6. Determine the time of exchange of IP packets with the www.yahoo.com server.

The IP transport protocol provides. What does the routing protocol (IP) do? ﻿. IP protocol – routing protocol