In the last section you learned what the key TCP/IP protocols do. Now take a closer look at how TCP/IP works. This section’s goal is not to make you a TCP/IP network
administrator, but merely to give you a working knowledge of TCP/IP sufficient to develop networkcapable software and to communicate with network administrators responsible for configuring the systems on which your programs run. By learning a bit more about the TCP/IP, you’ll be a more effective system developer.
IP Addresses
Recall that the IP protocol provides every network device with a logical address, called an IP address, which is more convenient to use than the device’s physical address. The IP addresses provided by the IP protocol take a very specific form: Each is a 32-bit number, commonly represented as a series of four 8-bit numbers (bytes), which range in value from 0 to 255. For example, 192.190.268.124 is a valid IP address.
The purpose of the IP address is to identify a network and a specific host on that network.
However, the IP protocol uses four distinct schemes, known as address classes, to specify this information.
The value of the first of the four bytes that compose an IP address determines the form of the address:
• Class A addresses begin with a value less than 128. In a Class A address, the first byte specifies the network and the remaining three bytes specify the host. About 16 million hosts can exist on a single Class A network.
• Class B addresses begin with a value from 128 to 191. In a Class B address, the first two bytes specify the network and the remaining two bytes specify the host. About 65,000 hosts can exist on a single Class B network.
• Class C addresses begin with a value from 192 to 223. In a Class C address, the first three bytes specify the network and the remaining byte specifies the host. Only 254 hosts can exist on a single Class C network (hosts 0 and 255 are reserved).
IP addresses that begin with a value greater than 223 are used for special purposes, as are certain addresses beginning with 0 and 127.
As you can see, a Class A address enables you to specify a much larger network than a Class C address. Class A addresses are assigned to only the largest of organizations;
smaller organizations must make do with Class C addresses, using several such addresses if they have more than 254 network hosts.
Routing
IP addresses are important because of their role in routing, finding a suitable path across which packets can be transmitted from a source host to a destination host. Every packet contains the destination host’s IP address. Network hosts use the network part of the destination IP address to determine how to handle a packet. If the destination host is on the same network as the host, the host simply transmits the data packet via the local
network. The destination host receives and processes the packet.
If the destination host is on a different network, the host transmits the packet to a gateway, which forwards the packet to the destination, possibly by way of several intermediate gateways. The host determines to which gateway it should send the packet by searching its routing table, which lists known networks and gateways that serve them.
Generally, the routing table includes a default gateway used for destination hosts that are on unfamiliar networks. Internally, the default gateway is known by the special IP address 0.0.0.0. Other special IP addresses are 127.0.0.1, which is used as a synonym for the address of the host itself, and 127.0.0.0, which is used as a synonym for the local network.
The routing table does not provide enough information for a host to construct a complete route to the destination host. Instead, it determines only the next hop in the journey, relying on a downstream gateway to pick up where it left off.
Hosts can be configured to use static routing, in which the routing table is built when the host is booted, or dynamic routing, in which ICMP messages may update the routing table, supplying new routes or closing old ones. Typically, system administrators use static routing only for small, simple networks; larger, more complex networks are easier to manage using dynamic routing.
Ports and Sockets
Recall that the TCP protocol’s final task is to hand the data stream to the proper
application, identified by the port number contained in the packets that compose the data stream. Certain port numbers, so-called well-known port numbers (see Table 2.1), are normally reserved for standard applications.
TABLE 2.1 Some Representative Well-Known Port Numbers and Their Associated Applications
Port Number Application
7 ECHO, which retransmits the received packet
21 FTP, which transfers files
23 Telnet, which provides a remote login
25 SMTP, which delivers mail messages
67 BOOTP, which provides configuration information at boot time
109 POP, which enables users to access mail boxes on remote systems
Port numbers are 16-bit numbers, providing for 65,536 possible ports. Although there are dozens of well-known ports, these are a fraction of the available ports. The remaining ports are dynamically allocated ports known as sockets. The combination of an IP address and a port number uniquely identifies a program, permitting it to be targeted for delivery of a network data stream.
Well-known ports and sockets are typically used together. For example, suppose a user on host 111.111.111.111 wants to access mail held on host 222.222.222.222. The user’s program first dynamically acquires a socket on host 111.111.111.111. Assume that socket 3333 is assigned; the complete source address, including IP address and port number, is then 111.111.111.111.3333. Because the POP application uses well-known port 109, the destination address is 222.222.222.222.109. The user’s program sends a packet to the destination address, a packet containing a request to connect to the POP application. The TCP/IP protocols pass the packet across the network and deliver it to the POP application.
The POP application considers the request and decides whether to allow the user to connect. Assuming it decides to allow the connection, it dynamically allocates a socket.
Assume that socket 4444 is assigned. The two hosts now begin a conversation involving addresses 111.111.111.111.3333 and 222.222.222.222.4444. Port 109 is used only to initially contact the POP application. By allocating a socket specifically for the
conversation between the hosts, port 109 is quickly made available to serve other users who want to request a connection. Other well-known applications respond similarly.
Hosts and Domains
Recalling the IP addresses of network hosts quickly grows tiring: Was the budget
database on host 111.123.111.123 or 123.111.123.111? Fortunately, a standard TCP/IP service frees users and programmers from this chore. The Domain Name Service (DNS) translates from structured host names to IP addresses and vice versa.
The structured names supported by DNS take the form of words separated by periods.
For example, one host familiar to many is the AltaVista Web search engine, known as altavista.digital.com. The components of this fully qualified domain name (FQDN) include the host name, altavista, and the domain name, digital.com. As the period indicates, the domain name itself is composed of two parts: the top-level domain, com, and the subdomain, digital.
There are six commonly used top-level domains in the U.S., as shown in Table 2.2.
Outside the U.S., most nations use top-level domains that specify a host’s nation of origin. For example, the top-level domain ca is used in Canada, and the top-level domain uk is used in the United Kingdom. However, there is no effective regulation of top-level domains, so alternative schemes are in use and continue to arise. For example, some host names within the U.S. use the domain us, following the style used by most other nations.
TABLE 2.2 Common Top-Level Domains Used in the U.S.
Domain Organization Type
com Commercial organizations
edu Educational institutions
gov Government agencies
mil Military organizations
net Network support organizations and access providers
org Non-profit organizations
Authority to establish domains is held by the Internet Resource Registries (IRR), which hold authority for specific geographic regions. In the U.S., InterNIC holds authority to assign IP addresses and establish domains.
Once an organization has registered a domain name with the appropriate IRR, the organization can create as many subdomains as desired. For example, a university might register the domain almamater.edu. It might then establish subdomains for various university departments, such as chemistry.almamater.edu and literature.almamater.edu.
Hosts could then be assigned names within these domains. For example, hosts within the chemistry department might include benzene.chemistry.almamater.edu and
hydroxyl.chemistry.almamater.edu; hosts within the literature department might include chaucer.literature.almamater.edu and steinbeck.literature.almamater.edu. Of course, the university might choose to forego the creation of subdomains (see Figure 2.6),
particularly if it has few hosts. It might then use host names such as
benzene.almamater.edu and chaucer.almamater.edu, which include no subdomain.
Of course, typing names of such length can become tiresome. Fortunately, DNS allows users to abbreviate host names by supplying omitted domain information on behalf of the user. For example, if a user of a host within the almamater.edu domain refers to a host named chaucer, DNS assumes that the user means chaucer.almamater.edu. Similarly, if a user within the ivywalls.edu domain refers to a host named chaucer, DNS takes the user to mean chaucer.ivywalls.edu. This convention makes it much easier to refer to hosts within one’s domain, while preserving the possibility of addressing every host.
For example, if the user within the ivywalls.edu domain wants to refer to the chaucer host within the almamater.edu domain, the user merely specifies the fully qualified domain name, chaucer.almamater.edu.
As you see, DNS is rather simple from the user’s standpoint. On the other hand, it is somewhat more complex from the standpoint of the system administrator. The next section takes a more in-depth look at several TCP/IP application layer services, including DNS.