TCP/IP is the default network protocol for Unix systems and is becoming popular as a protocol for Windows NT networks, even those unconnected to the Internet or Unix servers.
Most of the TCP/IP protocols were created by the Internet Activities Board (IAB), which consists of two task forces: the IETF (Internet Engineering Task Force) and the IRTF (Internet Research Task Force.) Most Internet protocols begin their lives as RFCs, or Request for Comments. These documents are created to propose new protocols or standards.
RFCs that have become standards are still referred to with an RFC number. RFC numbers are mentioned here for many of the protocols described in this chapter. The full text of RFCs is available from this URL:
| http://www.nexor.com/index-rfc.htm |
The TCP/IP protocol suite includes a wide variety of protocols and services that are in common use on the Internet as well as on Windows NT and Windows 2000 networks. These include its namesake protocols, TCP (Transmission Control Protocol) and IP (Internet Protocol).
The various protocols that comprise the TCP/IP suite are organized according to the DoD (US Department of Defense) reference model, also known as the TCP/IP reference model. This model organizes protocols and services into four layers: Network Access, Internet, Host-to-Host, and Process/Application. The sections below describe each layer and give descriptions of the major protocols that act at each layer.
The Network Access layer is responsible for the physical transmission of data. This layer includes protocols that deal with the specific networking topologies and media used in the network. Table 18-1 describes some common network layer protocols.
Table 18-1. Common Network Layer Protocols
|
Protocol |
Network Type |
|---|---|
|
LANs using coaxial, twisted-pair, or fiber-optic cable | |
|
LANs using coaxial or fiber-optic cable | |
|
LANS using high speed fiber-optic cable | |
|
Dial-up Internet connections (older Unix systems) | |
|
Dial-up Internet connections (Unix and Windows NT/2000) | |
|
Dedicated WAN connections | |
|
Dedicated WAN connections |
The Internet layer deals with communication and routing between networks and also provides a common interface for upper-layer protocols. IP, described in RFC 791, is the most important protocol in the Internet layer. IP collects segments of data from the higher-layer protocols (TCP or UDP) and combines them into packets, or datagrams .
IP datagrams include IP addressesto identify the originating host and the destination host. IP addresses, described later in this section, provide a logical (software) addressing scheme that simplifies network routing.
IP and the other protocols of the Internet layer are summarized in Table 18-2.
Table 18-2. Common Internet Layer Protocols
The Host-to-Host layer provides a layer of abstraction in communication between hosts and provides applications with a consistent interface independent of hardware and routing. The two host-to-host layer protocols, TCP and UDP, are explained in the following sections.
TCP is defined in RFC 793. TCP is a connection-oriented protocol: before any data is sent, a connection, or virtual circuit , is established between the originating host and the destination. This circuit provides a continuous connection and manages flow control.
TCP accepts blocks of data from an application at the process/application layer and breaks the data down into segments, which are sequenced for later reassembly. These packets are then processed by IP and sent over the network. The TCP protocol at the receiving end reassembles the segments into their original form for use by the application.
TCP is reliable and is considered a full-duplex protocol: after each segment is sent, the receiving end’s TCP protocol returns a handshake, or acknowledgment. If the acknowledgment is negative, the segment is resent. The price for reliability is high bandwidth and a significant processing overhead.
UDP is defined by RFC 768. UDP is a connectionless protocol: no virtual circuit is established between the source and destination. The destination does not know that UDP data is coming until the first segment arrives.
As with TCP, UDP accepts large blocks of data from the process/application layer and breaks them into segments. Segments are sequenced for later reassembly, but are not necessarily sent in the proper sequence or even all over the same route.
UDP provides no handshaking and is considered an unreliable protocol. However, it has a very low overhead in network bandwidth and processing, and it is ideal for situations where speed is crucial and small errors are tolerable (such as streaming audio).
The Process/Application layer includes protocols and services that do actual work for a user. Because the complexities of the network are handled by the other layers, these protocols are generally platform-independent. Most of these protocols require server software on one machine and client software on another. Table 18-3 lists common process/application layer protocols.
Table 18-3. Common Process/Application Layer Protocols
|
Protocol |
Description |
|---|---|
|
Emulates a terminal and allows you to access a Unix or other host | |
|
Allows for two-way file transfer | |
|
A more basic file transfer protocol | |
|
A simple protocol used by the World Wide Web | |
|
Allows filesystems on remote machines to be accessed as local drives | |
|
Resolves hostnames into IP addresses | |
|
Delivers email messages between servers and clients | |
|
Allows client access to email messages | |
|
Allows client access to email messages | |
|
Transmits messages for USENET news discussion groups | |
|
Allows for statistical analysis and troubleshooting on the network |
TCP/IP packets identify their destination with an IP address . The IP addressing scheme in use today was originally defined by the IETF in RFC 791.
An IP address is a 32-bit number that uniquely identifies a machine in the network. The address is divided into four bytes, or octets. IP addresses are usually represented in dotted decimal format, such as 128.110.121.6. However, addresses often make more sense in binary format.
An IP address is actually composed of two addresses: a network address and a host address . The location of the boundary between these addresses depends on the network class, explained below. All machines on a particular network have the same network address, but must have unique host addresses.
The original IETF standard defined five IP address classes, lettered A through E. Only Classes A, B, and C are in wide use. The main difference between the three supported classes is the number of bytes used for the network and host addresses, as described in Table 18-4.
Table 18-4. Classes of IP Addresses
|
Class |
Network /Host Bytes |
Number of Networks |
Number of Hosts per Network |
|---|---|---|---|
|
A |
1/3 |
126 |
16,777,214 |
|
B |
2/2 |
16,382 |
65,534 |
|
C |
3/1 |
2,097,150 |
254 |
The three classes were designed to accommodate a wide range of networks, ranging from a small number of networks with large numbers of hosts (Class A) to a large number of networks with small numbers of hosts (Class C).
Network addresses are usually referred to with full four-byte IP addresses. For example, in the Class C network address 209.68.11.152, the entire network is referred to as 209.68.11.0, and the host is referred to as 209.68.11.152.
The actual number of hosts and networks for each class is limited by the fact that each class is assigned a specific leading bit pattern and, thus, a range of decimal addresses for the first byte. Table 18-5 lists the ranges and corresponding leading bit patterns for each class.
You can add flexibility to the host/network addressing scheme by using subnet masking. This technique steals a number of bits from the host address and uses these bits to divide the network into smaller networks, or subnets. These subnets can communicate via a router.
The subnet mask itself is, like the IP address, a 32-bit number. This number is applied to the binary IP address with a logical AND operation to determine the network address. In simpler terms, bits set to 1 in the subnet mask indicate the network address, and bits set to indicate the host address.
When you have not divided the network into subnets, the default subnet mask for the class is used. The default subnet masks are shown in Table 18-6.
Table 18-6. Default Subnet Masks
|
Class |
Default Subnet Mask |
|---|---|
|
A |
255.0.0.0 |
|
B |
255.255.0.0 |
|
C |
255.255.255.0 |
To divide the network into subnets, you can dedicate two or more bits to the subnet address by adding corresponding bits set to 1 to the subnet mask. The number of subnets available is 2^n -2, where n is the number of bits used for the subnet address. It is necessary to subtract 2 because the binary subnet address cannot be all 1s or all 0s.
Depending on the number of subnets you have allocated, a different number of host addresses is available; the maximum number of hosts decreases as you increase the number of subnets. The maximum number of hosts is 2^(x-n)-2, where x is the total number of available bits for subnet and host addresses: 24 for Class A, 16 for Class B, or 8 for Class C.
You cannot use more than 6 bits for the subnet address in a Class C network, because you would be left with no available host addresses.
As mentioned above, certain addresses and ranges are not available for use. These values are reserved for various purposes, as described in Table 18-7.
Table 18-7. Reserved TCP/IP Addresses
If your network is not connected to the Internet, you can assign IP addresses in any way you see fit; in fact, you can even break the class addressing rules given above, although doing so can cause problems with routing. Nevertheless, to avoid problems in the future, it is best to use one of the available blocks of private IP addresses shown in Table 18-8.
Table 18-8. Private IP Addresses
|
Address Class |
Starting Address |
Ending Address |
|---|---|---|
|
A |
10.0.0.0 |
10.255.255.255 |
|
B |
169.254.0.1 |
169.254.255.254 |
|
C |
172.16.0.0 |
172.31.255.255 |
|
C |
192.168.0.0 |
192.168.255.255 |
If your network is connected to the Internet, you must obtain a registered IP network address from Internet Assigned Numbers Authority (IANA), the agency that assigns IP addresses. Further information about registration is available at this URL:
| http://www.internic.net |
With the exploding popularity of the Internet, it is now virtually impossible to obtain a Class A or Class B address, and Class C addresses are becoming scarce. Because of this, InterNIC is now rather strict about issuing addresses.
For small company networks with Internet connectivity, one alternative is to connect to the Internet through an ISP (Internet Service Provider). The ISP may allocate you a small block of IP addresses, or it may assign them dynamically as machines on your network connect to the Internet.
Occasionally you may require the opposite of subnetting. For example, you may have three Class C networks and wish to address them as one large network. This can be accomplished using a process called supernetting.
To use supernetting, you steal bits from the last network address octet and use them as part of the host address. For example, the default Class C subnet mask is 255.255.255.0. To support three Class C addresses, you will need two extra bits, so the subnet mask to use is 255.255.252.0.
To calculate a mask for supernetting, AND the values of the last network address octets. For example, suppose your three Class C addresses are 132.124.4.0, 132.24.5.0, and 132.24.6.0. The last network address octets are 4, 5, and 6, or in binary 100, 101, and 110.
An AND operation with these three values results in 100. Use these three bits as the last bits of the subnet mask network address octet, with the remaining bits set to 1. In this example, the octet would be 11111100. In decimal this is 252, so the subnet mask is 255.255.252.0.
Supernetting only works if the addresses are consecutive and fall in the correct range; be sure the addresses are assigned specifically for this purpose. If the AND technique described earlier results in all 1s, supernetting cannot be used. Also, this technique only works if the routers support supernetting.
Many of the routers used in today’s Internet backbones use CIDR (Classless Inter-domain Routing), a system that uses a supernetting technique to treat groups of IP addresses assigned to the same organization as the same network.
TCP/IP configuration in Windows 2000 is similar to that of Windows NT, with certain improvements and differences. The following sections explain the installation and configuration of TCP/IP under Windows 2000.
TCP/IP is Windows 2000’s default protocol suite and is normally installed during the installation of Windows 2000 Professional or Server. You will only need to install it manually if the installation options were changed, if it was removed, or if its required files have been corrupted.
To install TCP/IP, right-click the My Network Places icon and select Properties. This opens the Network and Dial-up Connections window, which contains icons for any configured connections. Right-click on the icon for your network (typically Local Area Connection) and select Properties.
The Properties dialog lists installed protocols, clients, and services. If there is no entry for Internet Protocol (TCP/IP), click Install. Select Protocol and click Add. Select TCP/IP from the list and click OK.
To manage settings for TCP/IP, highlight Internet Protocol (TCP/IP) in the Properties window for your network connection. Select Properties to display the settings dialog. The dialog is divided into several pages. The General page (shown in Figure 18-1) is displayed initially, and the remaining pages are available by clicking the Advanced button. The following categories of settings are available:
- General
Lets you choose whether to assign an IP address automatically (using DHCP, if available, or Automatic Private IP Addressing) or manually. You can also assign a default gateway (router) and choose whether to assign the DNS server address manually or automatically.
- IP settings
Allows you to configure IP addresses and Default Gateway settings. Unlike the General page, this page allows multiple addresses to be entered.
- DNS
Includes an option to specify multiple DNS server addresses and also includes DNS options. These are explained later in this chapter.
- WINS
Allows you to specify the addresses of one or more WINS servers and specify WINS options. WINS is explained later in this chapter.
- Options
Allows access to additional properties dialogs for advanced TCP/IP features. These include IP filtering and IPSec, described in the next sections.
Packet filtering is a new Windows 2000 feature that allows you to block access to unauthorized TCP/IP ports or protocols on a server. To access packet filtering options, select TCP/IP Filtering from the TCP/IP Options dialog, then click Properties. The TCP/IP Filtering dialog is displayed, as shown in Figure 18-2.
IP filtering is enabled by default. To disable filtering, uncheck the Enable TCP/IP Filtering option at the top of the dialog. This option affects all network adapters. When filtering is enabled, you can control access to the computer with three settings:
- TCP Ports
Select Permit All to allow access to all TCP ports or Permit Only to specify a list of accessible ports.
- UDP Ports
Select Permit All to allow access to all UDP ports or Permit Only to specify a list of accessible ports.
- IP Protocols
Select Permit All to allow access with any IP protocol or Permit Only to specify one or more protocols that can be used.