:: TCP/IP Basics ::

Introduction to TCP/IP Networking

Unix has been the platform for TCP/IP development. While Berkeley has been the main contributor countless others have contributed to the effort. This work has produced a system for networking that has proven itself over the years. Presently, there are estimated to be over 5 million systems running the TCP/IP software suite, the overwhelming majority are microcomputers. Unix has evolved as the platform to use for integrating these many different systems into something useful. As a system administrator on a Unix system it is very likely you will be involved in networking issues and need to have a basic understanding of things work.

Many vendors have provided other network on Unix systems other than (or in addition too) TCP/IP. DEC has offered a version of it's DECNET software for systems running it's version of Unix, named Ultrix. IBM also offers a version of their propreitary SNA network software on IBM AIX machines. However, the emphasis in this course will be on the TCP/IP

Introduction to TCP/IP
TCP/IP is made up of two acronyms, TCP, for Transmission Control Protocol, and IP, for Internet Protocol. TCP handles packet flow between systems and IP handles the routing of packets. However, that is a simplistic answer that we will expound on further.
All modern networks are now designed using a layered approach. Each layer presents a predefined interface to the layer above it. By doing so, a modular design can be developed so as to minimize problems in the development of new applications or in adding new interfaces.

The ISO/OSI protocol with seven layers is the usual reference model. SInce TCP/IP was designed before the ISO model was developed it has four layers; however the differences between the two are mostly minor. Below, is a comparison of the TCP/IP and OSI protocol stacks:

OSI Protocol Stack

7. Application -- End user services such as email.
6. Presentation -- Data problems and data compression
5. Session -- Authenication and authorization
4. Transport -- Gaurentee end-to-end delivery of packets
3. Network -- Packet routing
2. Data Link -- Transmit and receive packets
1. Physical -- The cable or physical connection itself.

TCP/IP Protocol Stack.

5. Application -- Authenication, compression, and end user services.
4. Transport -- Handles the flow of data between systems and
provides access to the network for applications via
the (BSD socket library)
3. Network -- Packet routing
2. Link -- Kernel OS/device driver interface to the network
interface on the computer.

Below are the major difference between the OSI and TCP/IP:
The application layer in TCP/IP handles the responsibilities of layers 5,6, and 7 in the OSI model.
The transport layer in TCP/IP does not always gaurentee reliable delivery of packets as the transport layer in the OSI model does. TCP/IP offers an option called UDP that does not gaurentee reliable packet delivery.
Software Componets of TCP/IP
Application Layer
Some of the applications we will cover are SMTP (mail), Telnet, FTP, Rlogin, NFS, NIS, and LPD
Transport Layer
The transport uses two protocols, UDP and TCP. UDP which stands for User Datagram Protocol does not gaurentee packet delivery and applications which use this must provide their own means of verifying delivery. TCP does gaurentee delivery of packets to the applications which use it.
Network Layer
The network layer is concerned with packet routing and used low level protocols such as ICMP, IP, and IGMP. In addition, routing protocols such as RIP, OSPF, and EGP will be discussed.
Link Layer
The link layer is concerned with the actual transmittal of packets as well as IP to ethernet address translation. This layer is concerned with Arp, the device driver, and Rarp.
Over the next few months we will be examining these components as we work our way up from the bottom. First, we need to get a basic upderstanding of how networks are designed and how the basic hardware used to interconnect them.

Basic Network Design
The most common form of network is Ethernet. This is a bus-like network that uses Carrier-Sense Multiple Access with Collision Detection (CMSA-CD). Interpreting this we have a network where stations apply a voltage to the bus when they wish to send data, by sensng the bus for this voltage we can determine if the bus is in use; multiple access implies many hosts may be on this bus; collision detect is used to detect multiple hosts sending data at the same time. Initially, it would seem unnecessary to need collision detection, after all, a station on sends data on the bus when there is no one else sending. Due to the propagation delay of electrical signals we can have to stations decide to send data at the same time, when each station looks at the bus it is clear, however before the data they send reaches it's destination they will collide and the result will be garbage. The collision detection circuitry monitors the line to verify there were no collisions and the data does not need to be resent.
Understanding the CMSA-CD concept is fundamental to understanding how ethernet works. All limitations found on the design of ethernet networks are there do to issues surrounding CMSA-CD. The biggest design limitation is that reading data on an ethernet is a passive operation, the sending stations has no way to "sense" when this has happened. However, the sending station must perform collision detection until it knows the receiving station has gotten the packet! To do, lenght restrictions must be developed so that a sending station knows that within a finite time the receiving stations must have gotten the packet. This time limit controls most aspects of network design.

A basic way of calculating this time limit is to look at how long a machine must monitor the network is to look at the underlying physics. By it's definition ethernet operates at a speed of 10 Mhz (10 million bits/sec). The maximum packet size is 1500 bytes (12,000 bits). Presently ethernet has a maximum lenght of 500 meters. The time required to transmit 1500 bytes over 500 meters is:

Time to transmit a packet is 12000 bits/10,000,000 bits/sec is .0012 seconds

Time to transmit a bit 500 meters is defined by the speed that electrical signals travel, which is the speed of light. This figure turns out to be :

500 meters / 60000 meters/sec which equaks .0008333 seconds

Other characteristics that define ethernet deal with the waveform that a ethernet signal assumes. The waveform on a thick ethernet segment is 2.5 meters in lenght, that is why stations are seperated by 2.5 meters.

Ethernet Hardware
Ethernet has evolved over time. Ethernet version 2 released in 1982 was originally developed by Xerox-Intel-Dec. In 1985 the IEEE released a new standard for ethernet. This standard is named IEEE 802.2. In general, these two versions of ethernet can inter-operate, however there are a few minor differences. The first difference is that in the ethernet packet header Version 2 defined a two byte Type field while IEEE created a 2 byte length field in that location. Luckily, values for type cannot conflict with valid length values and most systems can determine the Ethernet Frame type by examining this field. A second difference was that the Ethernet version 2 spec required that a transciever send a heartbeat signal each second. The IEEE 802.2 spec removed this. This has resulted in most vendors offerring transcievers that have a switch to enable or disable hearbeat. It should be off unless connected to a piece of equipment using the ethernet version 2 spec. Luckily, all new devices are built to conform to the 802.2 spec; however there are occasionally devices found that were installed years ago that still need this.
In either specification, ethernet uses a 48 bit identifier to uniquely identify each source and destination device. A range of addresses is assigned to each manufactuer of ethernet equipment.

There are basically two categories of ethernet components, one type that passes the signal onto other devices, generally these are known as repeaters. A secondtype of device which takes the signal and regenerates the signal onto a new network, these types of devices are generally known as bridges or routers. Repeaters are useful for propagating a network signal, a signal comes in on an input port is often output to many ports.However since they add some delay to the transmittal of packets they reduce the maximum size a segment can be. However, repeaters can simplify the design of a network.

Devices such as bridges and routers, which regenerate the signal, allow you to build larger networks. Since the signal is regenerated, it becomes the responsibility of the bridge or router to gaurentee the packets arrival at the destination (or the next router or bridge). Bridges and routers work at different levels of the network. Bridges work at the ethernet frame level while routers work at the protocol level. In both cases, the bridge or router, has the property of filtering traffic and only transmitting the signal onto networks where it makes sense. Thus, in each case they have the effect of reducing unnecessary traffic.

Types of Media used with Ethernet
The IEEE 802.2 spec defines the general properties of ethernet. Subsuquent standards define how each media type will operate. At present, ethernet can be run over voice grade twisted pair (10BASE-T), thinwire coaxial cable (10Base-2), thickwire coaxial cable (10Base-5), and fiber optic cable (10Base-F). The overwhelming majority of connections made today use twisted-pair wiring. This option is now offered as standard equipment on many workstation models.
Each media type has different signal properties and limits. For example, (10BASE-T) only supports one machine per segment and is limited in distance to 100 meters. Thinwire (10BASE-2) can support up to 29 stations and is limited to a maximum distance of 185 meters. Fiber optic cabling can support 1024 devices and can operate at distances up to 2 Kilometers. Thickcoaxial cable (10BASE-5) can operate up to 500 meters and support up to 1024 stations.

Trancievers often allow you to attach dis-similar devices togethor. Many machines have a 15 pin Ethernet AUI interface. Tranceivers exist which allow you to adapt the AUI interface to whatever media you have running to the desktop.

Designing Ethernet Networks
The goal in designing networks is to maximize reliability while minimizing cost. These are usually conflicting goals and tradeoffs must be made. In our environment we try to follow these guidelines:
Use twisted pair connections for all desktop connections. This is cost effective and provides an easy way to troubleshoot problems.
Build networks that whereever possible servers and clients are on the same network.
Use routers to build enterprise networks. Routers are more effective at isolating and controlling traffic among networks. Use bridges to seperate traffic within a network.
Adopt the Simple Netwok Management Protocol (SNMP) as a management standard and only purchase equipment supporting that standard.
If you are not sure of the type of cable you will be connecting it is wise to purchase machines with an AUI interface and then use transceivers to connect the machine to whatever media you have.
Before designing networks make sure you understand and follow the design limitations for each media type you use. The ethernet standard is conservative by nature and often things will work if you violate the design limitations; however when you violate the standard you often will see intermittent problems that are very difficult to diagnose. For that reason it is Stongly recommended you adhere to the standards.