Chapter 3 – How Data is Transported Over Networks Summary
By Susan Rokicki
In this chapter, we learn more details about the Transport and Network layers, and how applications send data and instructions from one host to another in those layers. TCP/IP Core Protocols are open for anyone to use and routable. TCP/IP also usually an add a header to the data they received or inherited from the layer before it. There are 3 characteristics of the TCP/IP, which are connection-oriented, sequencing and checksums, and flow control. Connection-oriented basically check if there is a session or connection established, and usually it does a 3-way handshake to establish a connection. A checksum is usually a character string that a host(A) sends to the destination host, which the destination(B) hosts sends a similar string. If they both failed, the destination host asks the host to retransmit the data. The sequencing part of the second character of the TCP is usually where it attaches a chronological sequence number to each segment it sends to the other host which is called the destination host. Flow control is basically a process in where they control the rate of transmission and sees how well the recipient can quickly accept the data. The fields in a TCP segment are on page 109, and page 110 for more information about the different types of fields there are in a TCP segment. Once TCP is sent down to the Network layer, which is layer 3, the TCP segment becomes the data portion of the IP message, similar to how the TCP has a data field at the bottom on page 109, which they likely received from the layer above, since it typically does not have a data portion or field. The data in the IP message will then encapsulated in the IP packet. The TCP Three Way Handshake is a process where the TCP must do before it transmits the actual data to the other host. It must send overall 3 initial messages to the host just to verify that the host is there and that the host will be able to take the data or information. Usually the 3 initial messages involve exchanging sequence numbers, and other numbers just to verify the other host is responsive, and usually will exchange the same sequence numbers with a plus 1. Part 1 involves the flag SYN, part 2 involves the flags ACK and SYN and part 3 involves ACK. After these 3 parts are done, it means the connection has been established, and the data transmission can begin. Payload will only be sent after those 3 initial messages. The sequence number will increase by the number of bits included in each of received segments, and this is pretty much continuous until A finally issues a segment whose FIN flag is set, which means the end of the transmission.
UDP is user data protocol and it usually is more efficient than TCP since it does not provide any error checking or sequencing. This protocol is more useful if you’re transferring a huge deal of volume over the network like video conferences, and media. It’s more efficient for carrying messages within one data packet. Differences between UDP and TCP is, UDP has less fields; it only has 4 fields while TCP has 10 fields. For the checksum in UDP, it is OPTIONAL in IPv4, but NOT for IPv6.
The internal protocol is typically the protocol for the Network layer of the OSI model and it’s not reliable and it is a connectionless protocol. This protocol relies more on TCP to do its job, which is to ensure that these data packets are going to their rightful destinations. IP is useful since it does enable TCP/IP to internetwork, which means it can transverse more than one LAN segment and it can go to more than one type of network through the router. There are 2 version of IP protocols, which is IPv4 and IPv6. IPv4 is more standard, while the other is just better, but might cost companies a lot therefore it’s not used as much. Differences is IPv6 usually contains a much longer address than IPv4. IPv4 fields are on page 115 and 116 while fields for IPv6 are on page 118. Both are similar since they both begin with a 4 bit, and might have similar fields, but those similar fields might be “slightly’ different than the other. ICMP stands for as the Internet Control Message Protocol and this protocol only reports the success or failures of the data deliveries; it does not correct them. TCP is usually the one in charge to correct them. IPv6 relies on ICMPv6, which pretty much does the same as ICMPv4, IGMP, ARP in just one name while IPv4 needs the protocols of ICMPv4, IGMP, and ARP. IGMP stands for Internet Group Management Protocol and it just manages multicasting. ARP stands for Address Resolution Protocol which mainly discovers the physical or MAC address of a host or node on the network that is local, and maintains an ARP table or ARP cache, which is usually a database of all these addresses to the MAC addresses on the local network. ARP is typically a layer 2 protocol that uses IP in layer 3. It can only operate within the local networks, which are typically bounded by the routers. Anyway, back to the ARP table, there are two types of entries which are dynamic and static. Static is usually entered manually, while the dynamic is quite the opposite of that. If you need to find databases that tells you a manufacturer’s specific OUIS, there are online MAC address lookup tables.
Routers are multiport devices that manage traffic between more than two networks and usually can help find the best path to get to from one network to another. They usually have an internal processor, an operating system, memory, input, and output jackets for various types of network connectors, and they also have a management console interface. All routers can usually connect to networks like LAN or WAN, which those use different types of routing protocols. They can read layer 3 and layer 4. They can find the best path from point A to point B for a message. They can always find another path if one path is down. There are three types of routers which are interior routers, border/gateway routers, and exterior routers. Interior routers are typically routers that direct data between networks within the same AS. AS stands for autonomous system, which are a group of networks that are often operated by the same organization. Gateway routers connect an AS with an outside network. Exterior routers help direct data between multiple autonomous systems. A layer 3 switch is quite similar to a router and can be read to Layer 3 data. These are usually expensive, but much faster, and were mainly designed for super large LANs. Layer 4 switches can read layer 4 data and are sometimes referred as applications or content switches. These can operate anywhere between layer 4 to layer 7. Routing tables are databases that help tell where hosts are located, and the most efficient way to reach them. They usually maintain the information in these databases. Routers relies on routing tables to help them find which router is the next hop to reach a destination host. There are two types of routing which are static and dynamic. Dynamic routing is usually calculating the best path between the two networks and assists this information into the routing table while static routing usually involves putting together the routing table to direct messages along certain paths between networks. Typically, all networks use dynamic routing, however they may use static routing to indicate a gateway of last resort. That router takes any unrouteable messages from any routers unconditionally. If a router can’t find the destination router, it will send the message through a default route, which is to another router that might know. If that router doesn’t know, it will send that message to a default route until eventually the message reaches the destination or the hop count just depletes itself. The route command will let you see a host’s routing table. Routing metrics are things that a router usually like to look at which are the properties of a route and use that to determine the best path to a destination when there are usually various types of ways to get to a designation. There are routing protocols which are administrative distance, convergence time and overhead. Interior gateway protocols are distance-vector routing protocols, and link-state routing protocols. Exterior gateway protocols are OSPF, IS-IS, and BGP.
There are troubleshooting tools to help you track down any TCP/IP related problems which is very likely in a big network. We have already learned about ping, ipconfig, ifconfig, and nslookup. Netstat displays a list of all active TCP/IP connections on the local computer. It usually tells you what transport layer protocol you are using as well, and pretty much helps you view traffic statistics such as the state of the connections that your client has established, and the messages that have been sent and received. There are other netstats commands on page 133. Nbtstat is an old utility that can give information about the NETBIOS statistics and resolve NETBIOS to their IP addresses. Traceroute or tracert traces the path from one networked node to another from using ICMP echo requests. They also identify all intermediate hops between those nodes. The pathping is a utility that combines elements that from a ping and a tracert/traceroute to provide more information about any network issues along a route. It usually sends multiple pings to various hops around the route, and then collect all that information, and give it in a single report. On page 139, there are a list of command-line utilities that can help facing some common routing problems. Interface Errors usually occur when there is a logical connection between a node and network that are not “connected” with one another, or just not pinging each other correctly. Two commands to figure out the problem is through netstat or ping. One command to figure out a hardware failure is through using the command tracert.
Chapter 3 – How Data is Transported Over Networks Summary