TCP/IP: Link and Network Layers

Tom Kelliher, CS43

Feb. 29, 1996

The Data Link Layer

Ethernet frame encapsulation (RFC 894):

(IEEE 802.2/802.3 differs)

1. Destination, source address
2. Type:
   1. 0x0800 IP datagram
   2. 0x0806 ARP request/reply
   3. 0x8035 RARP request/reply
3. Data
4. CRC --- over rest of frame

SLIP

Serial line IP --- serial line (modems) is the physical layer

IP datagram ``Encapsulation:''

1. frame terminated by END ( 0xc0); also started
2. Escape sequence for END character occurring in datagram
3. Escape sequence for escape character

Deficiencies:

1. Each end must know the other's IP address
2. No frame type field --- can use only one protocol at a time
3. No checksum

PPP

Point to point protocol --- also for serial lines and bit-oriented synchronous links

Corrects SLIP's deficiencies

Features:

1. Real IP datagram encapsulation
2. Link control protocol to negotiate link options
3. Network control protocol family for network protocols (IP, DECnet, etc.)

PPP frame:

Protocol:

1. 0x0021 IP datagram
2. 0xc021 link control data
3. 0x8021 network control data

Loopback Interface

1. Everything sent to 127.0.0.1 ``looped back''
2. Datagrams broadcast or multicast are looped back and sent to NIC
3. Anything sent to host's IP address(es) looped back

MTU/Path MTU

1. ``Weakest'' link
2. Path MTU discovery (fragmentation)

IP

1. Best effort service (unreliable):
   • datagrams dropped
   • datagrams duplicated
   • datagrams delivered out of order
2. Connectionless: datagrams can take independent routes

IP datagram:

1. Version
2. Header length --- 32 bit words
3. TOS --- 4 TOS bits:
   • Minimize delay (telnet/rlogin)
   • Maximize throughput (FTP data, SMTP data, DNS zone transfer)
   • Maximize reliability (SNMP)
   • Minimize monetary cost (NNTP)
4. Total length --- header and data
5. Identification, flags, fragmentation offset
6. Time to live --- hop timer, prevent routing loops
7. Protocol --- demultiplexing: TCP, UDP, ICMP, IGMP
8. Header Checksum --- re-computed by each router
9. Options --- loose, tight source routing; record route, timestamp

Routing

Forwarding a received packet from one interface to another

Hosts don't route, but have routing tables

A routing table...

Routing algorithm for hosts/routers:

search routing table for match on entire IP address
search routing table for match on network id
search routing table for default route
generate "host unreachable" or "network unreachable"

Subnetting

Borrowing bits from host portion for network portion

Subnet mask ---- 1's show the network portion

Standard subnet masks:

• Class A: 255.0.0.0 ( 0xff000000)
• Class B: 255.255.0.0 ( 0xffff0000)
• Class C: 255.255.255.0 ( 0xffffff00)

Subnet example for 150.0 (Class B):

• Subnet mask of 255.255.255.0
• 254 subnets (must throw 2 away: 255, 0)
• 254 hosts on each subnet

Advantages of subnetting:

• Smaller routing tables elsewhere on the Internet
• Permits local customizations

Commands

netstat, ifconfig

ARP

Ethernet frames use ethernet addresses

IP datagrams contain IP addresses

Resolution?

Example involving finger, tcpdump, arp

Proxy ARP

RARP

I know my ethernet address, what's my IP address?

ICMP

Internet Control Message Protocol

Message Types:

1. Destination unreachable
   1. network unreachable
   2. host unreachable
   3. protocol unreachable
   4. port unreachable
   5. destination network unknown
   6. destination host unknown
2. Echo request (reply?)
3. Router advertisement/solicitation
4. Time exceeded --- TTL == 0

Ping

Traceroute

Send UDP datagrams with bogus port numbers (>30,000) to destination, starting with TTL = 1

ICMP errors returned:

• Time exceeded: found another router on the path
• Port unreachable: found the destination

Loose source routing to obtain return route