What functions of the network architecture require implementation of the protocol. Protocol architecture in computer networks. architecture emvos (open system interconnection, osi). Application Services

TCP/IP is an abbreviation for Transmission Control Protocol/Internet Protocol. In fact, TCP/IP is not one protocol, but many, a stack of protocols.

TCP/IP was developed so that computer networks at research centers around the world could be interconnected in the form of a virtual "internetwork". The original Internet was created by converting an existing conglomerate of computer networks called ARPAnet using TCP/IP.

In a TCP/IP-based network, information is transmitted in the form of discrete blocks called IP packets or IP datagrams. Essentially TCP/IP hides routers and the underlying network architecture from users so that it all looks like one large network. Just like connecting to Ethernet networks are recognized by 48-bit Ethernet IDs, intranet connections are identified by 32-bit IP addresses, which we express in dotted decimal form (for example, 128.10.2.3). By taking the IP address of a remote computer, a computer on the intranet or Internet can send data to it as if they were part of the same physical network.

Data is transmitted in packets. Packets have a header and a tail that contain service information. Data from higher levels is inserted (encapsulated), like a letter in an envelope, into packets of lower levels.

TCP/IP provides a solution to the problem of communication between two computers connected to the same intranet but belonging to different physical networks. The solution consists of several parts, with each layer of the TCP/IP protocol family making its contribution to the overall solution. IP, the most fundamental protocol in the TCP/IP suite, carries IP datagrams and allows for the selection of the route that the datagram will take from point A to point B and the use of routers to "hop" between networks.

TCP is a protocol more high level, which allows application programs running on different computers on the network to exchange data streams. TCP divides data streams into chains called TCP segments and transmits them using IP. In most cases, each TCP segment is sent in one IP datagram. However, if necessary, TCP will split segments into multiple IP datagrams that fit into the physical data frames that are used to transfer information between computers on the network. Because IP does not guarantee that datagrams will be received in the same sequence in which they were sent, TCP reassembles TCP segments at the other end of the route to form a continuous stream of data.

Another important protocol in the TCP/IP stack is User Datagram Protocol (UDP), which is similar to TCP but more primitive. TCP is a "reliable" protocol because it provides error checking and confirmation messages to ensure that data reaches its destination without corruption. UDP is an "unreliable" protocol that does not guarantee that datagrams will arrive in the order in which they were sent, or even that they will arrive at all. UDP is used to manage connections.

Other TCP/IP protocols play less prominent but equally important roles in the operation of TCP/IP networks. For example, the Address Resolution Protocol (ARP) converts IP addresses into physical network addresses, such as Ethernet identifiers. A related protocol, the Reverse Address Resolution Protocol (RARP), does the opposite, converting physical network addresses to IP addresses. Internet Control Message Protocol (ICMP) is an escort protocol that uses IP to exchange control information and control errors related to the transmission of IP packets. For example, if a router cannot transmit an IP datagram, it uses ICMP to inform the sender that there is a problem.

TCP/IP is a collective name for a set (stack) of network protocols at different levels used on the Internet.

The TCP/IP protocol stack is divided into 4 levels:

· Applied (applications);

· Transport;

· Network (internetwork);

· Physical (channel).

The basic functionality of TCP/IP networks is implemented by the TCP (Transmission Control Protocol) and IP (Internet Protocol) protocols. The IP protocol operates at the network layer, the TCP protocol at the transport layer. At the application level, there are a large number of protocols, both commonly used (http, smtp, dns, smb) and less common (binkp), which are used by various user programs to communicate with each other and transfer data, but they all use the transport provided by TCP/IP . These protocols are called basic because all others are based on them, and the entire technology is called TCP/IP.

Along with TCP, on transport layer UDP protocol is used. Unlike TCP, it does not create a connection, but simply sends datagrams. This connectionless transmission method is convenient for some applications, mainly office ones. In particular, the DNS network name resolution protocol operates over UDP.

The layers of the TCP/IP stack do not exactly match the theoretical layers of the OSI model

TCP/IP does not regulate the use of protocols and technologies of the physical and data link layers. It is necessary and sufficient to have an interface between the link level modules and the IP module, which ensures the transmission of IP packets. The means and methods for ensuring this transmission are outside the coverage of TCP/IP. In the practical implementation of the levels of the OSI model, it turned out to be more convenient to combine some levels in one module. The correspondence between the TCP/IP and OSI stack levels looks something like this:

The figure shows how TCP/IP fits into the ISO/OSI model. This figure also illustrates the layering of TCP/IP and shows the relationships between the major protocols. When transferring a block of data from a network application to a card network adapter it sequentially passes through a number of TCP/IP modules. At the same time, at each step it is completed with the information necessary for the equivalent TCP/IP module at the other end of the chain. By the time the data reaches the network adapter, it represents a standard frame of the technology to which the adapter belongs. The TCP/IP software at the receiving end recreates the original data for the receiving program by traversing the frame in reverse order through a set of TCP/IP modules.

TCP/IP protocol stack(English) Transmission Control Protocol/Internet Protocol- transmission control protocol) - a set of network protocols of different levels of the DOD network interaction model used in networks. Protocols work with each other in a stack. stack, stack) - this means that the protocol located at a higher level works “on top” of the lower one, using encapsulation mechanisms. For example, the TCP protocol runs on top of the IP protocol.

The TCP/IP protocol stack is based on the DOD networking model and includes four layers of protocols:

application

· transport (transport),

network

· channel (data link).

The protocols of these levels fully implement functionality OSI models. All user interaction in IP networks is built on the TCP/IP protocol stack. The stack is independent of the physical data transmission medium.

[edit]Physical level

The physical layer describes the data transmission medium (be it coaxial cable, twisted pair, optical fiber or radio channel), the physical characteristics of such a medium and the principle of data transmission (channel separation, modulation, signal amplitude, signal frequency, method of transmission synchronization, response latency and maximum distance).

[edit] Link layer

The data link layer describes how data packets are transmitted through the physical layer, including coding(that is, special sequences of bits that determine the beginning and end of a data packet). Ethernet, for example, contains in the packet header fields an indication of which machine or machines on the network the packet is destined for.

Examples of link layer protocols are Ethernet, IEEE 802.11Wireless Ethernet, SLIP, Token Ring, ATM, and MPLS.

PPP does not quite fit into this definition, so it is usually described as a pair of HDLC/SDLC protocols.

MPLS occupies an intermediate position between the data link and network layers and, strictly speaking, cannot be classified as one of them.

The data link layer is sometimes divided into 2 sublayers - LLC and MAC.

[edit]Network layer

The network layer is initially designed to transfer data from one (sub)network to another. Examples of such a protocol are X.25 and IPC on the ARPANET.

With the development of the concept of a global network, the level was introduced additional features for transmission from any network to any network, regardless of lower-level protocols, as well as the ability to request data from a remote side, for example in the ICMP protocol (used to transmit diagnostic information of an IP connection) and IGMP (used to manage multicast streams).



ICMP and IGMP are located above IP and should go to the next transport layer, but functionally they are network layer protocols and therefore cannot be fit into the OSI model.

IP network protocol packets may contain code indicating which next-layer protocol to use to extract data from the packet. This number is unique IP protocol number. ICMP and IGMP are numbered 1 and 2, respectively.

This level includes: DHCP, DVMRP, ICMP, IGMP, MARS, PIM, RIP, RIP2, RSVP

Transport layer

Transport layer protocols can solve the problem of unguaranteed message delivery (“did the message reach the recipient?”), and also guarantee the correct sequence of data arrival. In the TCP/IP stack, transport protocols determine which application the data is intended for.

The automatic routing protocols logically represented at this layer (because they run on top of IP) are actually part of the network layer protocols; for example OSPF (IP ID 89).

TCP (IP ID 6) is a “guaranteed” connection-pre-established transport mechanism that provides an application with a reliable data stream, provides confidence that the data received is error-free, re-requests data if lost, and eliminates duplication of data. TCP allows you to regulate the load on the network, as well as reduce the latency of data when transmitting over long distances. Moreover, TCP ensures that the received data was sent in exactly the same sequence. This is its main difference from UDP.

UDP (IP ID 17) connectionless datagram transmission protocol. It is also called an “unreliable” transmission protocol, in the sense of the impossibility of verifying the delivery of a message to the recipient, as well as the possible mixing of packets. Applications that require guaranteed data transfer use the TCP protocol.



UDP is commonly used in applications such as streaming video And computer games, where packet loss is acceptable and retrying a request is difficult or not justified, or in challenge-response applications (such as DNS queries) where creating a connection takes more resources than resending.

Both TCP and UDP use a number called a port to identify their upper-layer protocol.

See also: List of TCP and UDP ports

Application layer

The application layer is where most network applications operate.

These programs have their own communication protocols, for example, HTTP for WWW, FTP (file transfer), SMTP (email), SSH ( secure connection with a remote machine), DNS (converting symbolic names to IP addresses) and many others.

For the most part, these protocols work on top of TCP or UDP and are tied to a specific port, for example:

· HTTP on TCP port 80 or 8080,

· FTP to TCP port 20 (for data transfer) and 21 (for control commands),

· SSH to TCP port 22,

· DNS requests for UDP port(less often TCP) 53,

· updating routes via RIP protocol to UDP port 520.

These ports are defined by the International Assigned Naming Authority (IANA).

This level includes: Echo, Finger, Gopher, HTTP, HTTPS, IMAP, IMAPS, IRC, NNTP, NTP, POP3, POPS, QOTD, RTSP, SNMP, SSH, Telnet, XDMCP.

Network access methods

Access method– a set of rules governing the use of the network.

Implemented at the physical level.

The purpose of the access method is to resolve the issue of using the cable connecting users on the network.

Ethernet method

Multiple access with carrier sniffing and conflict resolution.

Every PC on the network “hears” every transmission, but not every PC receives it.

Any PC transmits a message that contains the address of the receiver and the sender. All PCs hear the message, but only one recognizes it, accepts it, and sends confirmation.

A conflict occurs if two PCs transmit messages at the same time. Then they stop transmitting for a random period of time and then resume it.

Archnet method

Handover access method for a star topology network.

A PC can transmit a message if it receives a token - a sequence of bits created by one of the PCs. The marker moves along the chain as if in a ring. All PCs have a number (from 0 to 255). The marker goes from PC to PC. When the PC receives the token, it can transmit a data packet (up to 512 bytes), including the source and destination addresses. The entire packet goes from node to node until it reaches the destination. In this node, the data is output, and the marker goes further.

Advantage this method– predictability, because the path of the marker is known, i.e. you can calculate how much time it takes to transfer.

Flaw– any node functions as a repeater, accepting and regenerating a token. If not operated correctly, the marker may be distorted or lost.

TokenRing method

Passing a token in a ring (ring topology)

When receiving an empty token, the PC can transmit a message within a certain time. This message is called a frame. The receiver copies the message into its memory, but does not remove it from the ring. This is what the sending computer does when it receives its message back.

There is a priority mechanism.

Advantage– reliability and simplicity.

You can turn off faulty PCs

The TCP/IP protocol stack is a family of protocols that provide connectivity and sharing various systems. The stack was designed to work across heterogeneous networks. The stack protocols are highly reliable: they meet the requirement of ensuring the ability to operate network nodes that have survived a limited nuclear attack. Currently, the TCP/IP protocol stack is used both for communication on the Internet and in local networks.

The TCP/IP architecture was purposefully based on a peer-to-peer structure. TCP/IP is distributed in nature, as opposed to the classic top-down reliability model. In a TCP/IP environment, there is no central authority. Nodes communicate directly with each other, and each of them has complete information about all available network services. If any of the host computers fails, none of the other machines react to this (unless it needs data, which is located on the failed computer).

Here is a list of protocols included in the TCP/IP stack:

  • TCP(Transmission Control Protocol) is the basic transport protocol that gives its name to the entire family of TCP/IP protocols;
  • UDP(User Datagram Protocol) is the second most common transport protocol of the TCP/IP family;
  • IP(Internet Protocol) - internet protocol;
  • ARP(Address Resolution Protocol) - used to determine the correspondence between IP addresses and Ethernet addresses;
  • SLIP (Serial Line Internet Protocol) - data transfer protocol telephone lines;
  • PPP (Point to Point Protocol) - point-to-point data exchange protocol;
  • RPC (Remote Process Control) - protocol for controlling remote processes;
  • TFTP (Trivial File Transfer Protocol) - a simple file transfer protocol;
  • DNS (Domain Name System) - protocol for accessing the domain name system;
  • R.I.P. (Routing Information Protocol) - routing protocol.

The main protocols of the TCP/IP stack can be represented in the form of the structure shown in Fig. 1.

Rice. 1. TCP/IP stack architecture

The model, based on the TCP/IP stack, includes 4 levels: application, main (transport), level of internetwork interactions (network), level of network interfaces (link). The correspondence of these layers to the OSI model architecture is shown in Table 1.

Table 1. Comparison of OSI and TCP/IP model levels

As can be seen from the table, both communication architectures include similar layers, but in the TCP/IP model several layers of the OSI model are combined into one.

Let's consider the functions of all four levels of the model based on the TCP/IP protocol stack.

1. Application layer -

provided by services that provide network service to user applications. The list of main services includes the following protocols: Telnet, FTP, TFTP, DNS, SNMP, HTTP. The application layer performs the functions of the application layer and the presentation layer of the OSI model.

2. Main level -

ensures the reliability of delivery of data packets, their integrity and order of delivery. At this layer, the transmitted data is divided into packets and transmitted to the lower layer. After transmission, the packets are collected and the data is transferred to the application layer. The main protocol of this layer is TCP. The main layer performs the functions of the session and transport layers of the OSI model.

3. Interconnection level -

ensures the transmission of data packets in a composite network, where there are not only local but also global connections. The main protocol of this layer is IP. At this level, routing protocols RIP and OSPF (Open Shortest Path First) are used to collect routing information. This layer corresponds to the network layer of the OSI model.

The TCP/IP protocol stack is the most common protocol stack today. Flexibility and traffic routing capabilities allow it to be used in networks of various sizes. The TCP/IP protocol stack is a set of network protocols that regulate all aspects of the interaction between network devices.

Requirements-characteristics:

Fault tolerance. A network built using a protocol must maintain its functionality even if part of the network loses its functionality.

Extensibility. The protocol must allow for easy network expansion. Adding new segments to the network should not disrupt existing services.

Reliability. The protocol must include mechanisms to ensure reliable transmission of information within the network, regardless of the reliability of existing communications.

Inner simplicity. The protocol must have simple structure to provide sufficient performance

Architecture: The TCP/IP stack, in terms of system architecture, corresponds to reference model OSI (Open Systems Interconnection) open systems) and allows applications and services running on virtually any platform to communicate over the network, including Unix, Windows, Macintosh and others.

Overview of the main protocols of the stack:

TCP: Transmission Control Protocol (TCP) assumes all responsibilities for delivering packets received from upper-layer protocols in an unchanged state and in the appropriate sequence. Therefore, it is the responsibility of the transport layer protocol to break these packets into smaller TCP packets, which are then passed on to the network layer protocol.

UDP: Within the TCP/IP protocol stack, there is another protocol that operates at the transport layer, which is not connection oriented. We are talking about the User Datagram Protocol (UDP). The UDP protocol is a fairly fast protocol because it does not include mechanisms to control the delivery of packets.

IP: Its main task is to route data packets. Receiving a packet from the upper layer protocols of the OSI model, the IP protocol makes a decision about the delivery of these packets. The decision is made on the basis of special tables called routing tables. Based on this table, two decisions can be made, depending on what subnet the packet recipient computer is located on

ARP: At the link layer, addressing is carried out on the basis of so-called MAC addresses. The MAC address is a unique 48-bit identification code assigned to each network adapter. This code is written (or, as they say, “stitched”) into a special ROM on the network adapter board and is thereby permanently associated with this network adapter. Since link layer addressing is done through MAC addresses, a mechanism is needed to translate IP addresses into corresponding MAC addresses. The Address Resolution Protocol (ARP) provides such a mechanism. Its main task is to establish a correspondence between an IP address and a MAC address.

ICMP: Internet Control Message Protocol (ICMP) is a mechanism by which hosts can exchange service information. The ICMP protocol supports two types of service messages: error messages and control messages.

IGMP: The transmission of multicast traffic is governed by the Internet Group Management Protocol (IGMP).

IPsec: The IPsec protocol provides security for any packets transmitted by upper-layer protocols

Application Layer: Through the Application layer of the TCP/IP model, applications and services access the network. Access to TCP/IP protocols is provided through two software interfaces (API - Application Programming Interface):

  • - Windows sockets;
  • - NetBIOS.

The Windows Socket Interface, or WinSock as it is called, is a network programming interface designed to facilitate communication between different TCP/IP applications and protocol families.

The NetBIOS interface is used for interprocess communication (IPC - Interposes Communications) of Windows OS services and applications. NetBIOS performs three main functions: NetBIOS naming; NetBIOS Datagram Service; NetBIOS session service.

Transport Layer: The TCP/IP transport layer is responsible for establishing and maintaining a connection between two nodes. Main level functions:

  • - confirmation of receipt of information;
  • - data flow control;
  • - ordering and relaying of packets.

Depending on the type of service, two protocols can be used:

  • - TCP (Transmission Control Protocol - transmission control protocol);
  • - UDP (User Datagram Protocol - user datagram protocol).

TCP is typically used when an application needs to transfer a large amount of information and ensure that the data is received by the recipient in a timely manner. Applications and services that send small amounts of data and do not need to receive confirmation use UDP, which is a connectionless protocol.

Internetwork Layer: The Internetwork layer is responsible for routing data within a network and between different networks. At this level, routers operate, which depend on the protocol used and are used to send packets from one network (or segment of it) to another (or another segment of the network). The TCP/IP stack uses the IP protocol at this layer.

Network Interface Layer: This layer of the TCP/IP model is responsible for distributing IP datagrams. It works with ARP to determine the information that should be placed in the header of each frame. This layer then creates a frame appropriate for the type of network being used, such as Ethernet, Token Ring or ATM, then the IP datagram is placed in the data area of ​​that frame and it is sent out to the network.

Diagnostic utilities:

ipconfig /flushdns /registerdns /displaydns /showclassid /setclassid class_id]

/all -- as a result of executing the utility, complete information about the protocol configuration for all interfaces of the local computer is displayed. Including for network interfaces working with the routing service and remote access(Routing and Remote Access Service, RAS);

/release -- executing the utility with this key releases the allocated IP address. The key is applicable for use on DHCP clients only;

/renew -- Using this switch instructs the system to update the configuration of the TCP/IP protocol stack. If you specify a network adapter name, only the protocol configuration for the selected adapter is updated. Otherwise, the protocol stack configuration for all network adapters is updated;

/displaydns -- as a result of executing the utility, information about the contents of the local DNS client cache used for domain name resolution will be displayed;

ping [-t] [-a] [-n count] [-1 size] [-f] [-i ttl] [-v tos] [-r count] [-S count] [[-] host-list ] | (-k host-list]] [-w timeout] [-R] [-S srcaddr] [-4] [-6] destination-host

  • -t -- using this switch instructs the system to continuously send special ICMP packets to the remote computer until the user stops running the utility;
  • -a -- using this key allows you to determine the domain name of a remote computer by its IP address. The usefulness of this key is often underestimated by users. However, when working in local network situations often arise when it is necessary to find out the domain name of a computer by its IP address;
  • -n count -- unlike the previous switch, allows you to set the number of ICMP packets that will be sent during the connection check process. By default, the utility sends four packets;
  • -w timeout -- By default, the ping utility waits for an acknowledgment from the remote host for one second. At the end of this time, the utility concludes that it is impossible to establish a connection with the host. This situation occurs especially often when remote computer connected via slow communication lines. Using this key allows you to increase the confirmation wait time to a certain value, specified in milliseconds as the timeout parameter;

tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] [-R] [-S srcaddr] [-4] [-6] target_name

  • -d -- by default, the utility, providing information about routers traversed by packets, indicates not only IP addresses, but also their domain names. Using this key instructs the utility not to convert IP addresses to domain names. This allows you to reduce the execution time of the utility;
  • -h maximum_hops -- using the utility with this switch allows you to limit valid number transitions from one subnet to another in the process of route tracking. The maximum_hops parameter determines the maximum allowed number of hops;
  • -w timeout -- the switch allows you to explicitly define the maximum time to wait for a response from the remote router. In this case, the time is specified by the timeout parameter in milliseconds;

target_name -- Specifies the name of the remote host to which the route should be traced.

netstat utility. Allows you to obtain statistical information on some of the stack protocols (TCP, UDP, IP and ICMP), and also provides information about current network connections.

nbtstat utility. The utility is used to obtain information related to the operation of NetBIOS over TCP/IP. Using this utility, you can get information about both the local and remote computer.

IP Address: According to the TCP/IP concept, each host must have a specific IP address in order to work on the network

The IP address is a 32-bit binary number, which for ease of remembering is divided into octets - eight-bit groups

Rules for assigning an IP address:

  • 1. The computer cannot be assigned the first address in this network (address ending with the number 0). Such addresses are reserved to designate the entire network.
  • 2. The computer cannot be assigned the last address on this network (address ending with the number 255). Such addresses are used for broadcasting (broadcasting) - access to all computers on the network.
  • 3. Each octet is a number in the range from 0 to 255.
  • 4. The IP address of each computer must be unique within the network. If you assign an address that already exists on the network to a new computer, an address conflict will arise. operating system will report a conflict by displaying a warning window, and both computers will not be allowed to work on the network until the situation is corrected.

Subnet address and host address: Any IP address can have two components: the subnet address and the host address in that subnet. At the development stage, the creators of the protocol divided all IP addresses into three categories, combining them into three classes of subnets - A, B and C.

Class A subnets are the most expensive, so only large corporations can afford them. All class A address pools have already been allocated. Their holders are corporations such as IBM, Xerox, Apple and Hewlett-Packard.

Class B addresses are less expensive, but they are only affordable by wealthy corporations who are willing to pay significant sums for a sufficient number of IP addresses. One of the most famous corporations that holds a pool of Class B addresses is Microsoft.

Subnetting: Subnet mask is one of the key terms of TCP/IP, it is a 32-bit number that is used to allocate a subnet address from an IP address.


Because of this, subnet mask bits set to 1 indicate the bits that are used in an IP address to determine the subnet address. Allocation is carried out by the method of logical multiplication (AND operation) of the IP address and subnet mask.

ROOT address: 11000000 10101000 00000001 00000001

Subnet address: 11000000 10101000 00000001

STORE address: 11000000 10101000 00000001 00010101

Subnet mask: 11111111 11111111 11111111 00000000

STORE subnet address: 11000000 10101000 00000001

ROOT subnet address: 11000000 10101000 00000001

Internal IP addresses: For local networks, depending on their size, the IANA (Internet Assigned Numbers Authority), which is responsible for assigning IP addresses on the Internet, allocates the following address ranges:

  • 10.0.0.0 -- 10.255.255.255
  • 172.16.0.0 -- 172.31.255.255
  • 192.168.0.0 -- 192.168.255.255

DHCP, DNS, WINS services

To organize and control access to network resources for users and applications, an approach based on symbolic designations of nodes and resources is used. To determine the location of these nodes on the network, services are needed to convert symbolic names into identifiers used at lower levels of internetworking protocols.

The Domain Name System (DNS - domain name services) is a method of registering computer names and their IP addresses.

Windows Internet Naming Service (WINS) is used as a service to resolve NetBIOS names to IP addresses on segmented networks.

Domain name servers are the tools of this system that ensure its functioning.

Domain Name System (DNS) is a hierarchical, distributed database containing mappings of DNS domain names to various types of data, such as IP addresses. DNS allows you to find computers and services by friendly names and view other database information.

DNS client is a client computer that queries DNS servers to resolve DNS domain names. DNS clients have a temporary cache of resolved DNS domain names.

DNS server - a server that contains information about part of the DNS database and responds to and resolves DNS queries.

DNS suffix is ​​a string of characters representing a domain name in DNS. The DNS suffix shows the location of the host relative to the DNS root, indicating the host's position in the DNS hierarchy. Typically, a DNS suffix describes the last part of a DNS name, preceded by one or more of the first DNS name tags.

Domain name space:

When grouped by organizational level, first-level domain names are formed by three characters:

Edu (educational institutions),

Com (commercial organizations),

Org (non-profit organizations),

Gov (government organizations),

Mil (military institutions), etc.

The expansion of the Internet beyond the United States has led to the need to take into account the nationality of organizations and institutions. In this regard, the system for constructing the DNS namespace was modified. It was proposed to group domains according to their affiliation with a certain state. For this purpose, names consisting of two characters are used. For example:

Ru (Russia),

Ie (Ireland),

Au (Australia)

In addition, there is another first-level domain, which is used to group reverse domains. Reverse domains are used to look up a host's domain name by its IP address. This special domain was called .ara, and it was the only top-level domain with a four-character name. The domain contains only a few second-level domains: .in-addr.arpa., ip6.arpa

The creation of first- and second-level domains is handled by a special organization - the Internet Corporation for Assigned Names and Numbers (ICANN).

DNS service architecture

A set of multi-layer protocols, or as the TCP/IP stack is called (Table 2.1), is intended for use in various network environments. The TCP/IP stack, in terms of system architecture, follows the OSI (Open Systems Interconnection) reference model and allows applications and services running on virtually any platform to exchange data over the network, including Unix, Windows, Macintosh, and others.

Table 2.1. TCP/IP protocol family

Protocol name

Protocol Description

Network programming interface

Communication with Windows OS applications

The Transport Driver Interface allows you to create session layer components.

Transmission Control Protocol

User Datagram Protocol

Address Resolution Protocol

Reverse Address Resolution Protocol

Internet Protocol

Internet Control Message Protocol

Internet Group Management Protocol,

Interface for interaction between transport protocol drivers

File Transfer Protocol

Trivial File Transfer Protocol

Microsoft's TCP/IP implementation follows a four-layer model instead of the seven-layer model shown in Figure 1. 2.2. The TCP/IP model includes more functions per layer, resulting in fewer layers. The model uses the following levels:

The Application layer of the TCP/IP model corresponds to the Application, Presentation, and Session layers of the OSI model;

The Transport layer of the TCP/IP model corresponds to the similar Transport layer of the OSI model;

Rice. 2.2. Compliance with the seven-layer OSI model and the four-layer TCP/IP model

The Internet layer of the TCP/IP model performs the same functions as the Network layer of the OSI model;

The network interface layer of the TCP/IP model corresponds to the Link and Physical layers of the OSI model.

Application Level

Through the Application layer of the TCP/IP model, applications and services access the network. Access to TCP/IP protocols is provided through two software interfaces (API - Application Programming Interface):

Windows sockets;

The Windows Socket Interface, or WinSock as it is called, is a network programming interface designed to facilitate communication between various TCP/IP applications and protocol families.

The NetBIOS interface is used for interprocess communication (IPC - Interposes Communications) of Windows OS services and applications. NetBIOS performs three main functions: NetBIOS naming; NetBIOS Datagram Service; NetBIOS session service.

Transport level

The TCP/IP transport layer is responsible for establishing and maintaining a connection between two nodes. Main level functions:

Confirmation of receipt of information;

Data flow control;

Ordering and relaying of packets.

Depending on the type of service, two protocols can be used:

TCP (Transmission Control Protocol)

UDP (User Datagram Protocol - user datagram protocol).

TCP is typically used when an application needs to transfer a large amount of information and ensure that the data is received by the recipient in a timely manner. Applications and services that send small amounts of data and do not need to receive confirmation use UDP, which is a connectionless protocol.

Transmission Control Protocol (TCP)

The transmission control protocol - TCP (Transmission Control Protocol) - ensures reliable transmission of messages between remote application processes through the formation of virtual connections. It appeared in the initial period of network creation, when global networks were not particularly reliable.

The reliability of the TCP protocol is as follows:

– he diagnoses errors,

– if necessary, sends data again,

– if he cannot correct the error on his own, he reports it to other levels.

Before sending segments of information down the model, the sending TCP protocol contacts the receiving TCP protocol to establish communication. As a result, a virtual channel is created. This type of communication is called connection-oriented.

Establishing a connection occurs in three steps:

1. The client requesting the connection sends the server a packet indicating the port number that the client wishes to use, as well as the ISN (Initial Sequence number) code (a certain number).

2. The server responds with a packet containing the server’s ISN, as well as the client’s ISN, increased by 1.

3. The client must confirm the connection by returning the server's ISN increased by 1.

How TCP works:

Takes large blocks of information from the application, breaks them into segments,

Numbers and orders each segment so that the TCP protocol on the receiving end can correctly concatenate all the segments into the original large block;

Negotiates with the receiving protocol the amount of information that must be sent before receiving an acknowledgment from the receiving TCP;

After sending segments, TCP waits for confirmation from the target TCP that each of them has been received;

Resends those segments whose receipt was not confirmed.

The three-step connection opening sets the port number as well as the ISN of the client and server. Each TCP packet sent contains the sender and recipient TCP port numbers, a fragment number for messages broken into smaller parts, and a checksum to ensure that no errors occurred during transmission. The TCP protocol is responsible for reliable data transfer from one network node to another. It creates a connection-oriented session, in other words, a virtual channel between machines.

User Datagram Protocol (UDP)

The UDP protocol is designed to send small amounts of data (datagrams) without establishing a connection and is used by applications that do not need the recipient to acknowledge their receipt. UDP is considered a simpler protocol, since it does not clutter the network with service information and does not perform all the functions of TCP. However, it successfully copes with the transmission of information that does not require guaranteed delivery, and at the same time uses much less network resources. UDP does not create virtual circuits or contact the target device before sending information. Therefore, it is considered a connectionless, or connectionless, protocol.

How UDP works:

Receives blocks of information from upper levels and breaks them into segments;

Numbers each of the segments so that all segments can be reunited into the required block at the destination, but does not order the segments or care about the order in which they arrive at the destination,

Sends segments and “forgets” about them;

It does not wait for confirmation of receipt or even allow such confirmation and is therefore considered an unreliable protocol. But this doesn't mean that UDP is ineffective - it's just not a reliable protocol.

UDP also uses port numbers to identify a specific process at a given IP address. However, UDP ports are different from TCP ports and therefore can use the same port numbers as TCP without conflicting between services.

Internet layer

The internetwork layer is responsible for routing data within a network and between different networks. At this level, routers operate, which depend on the protocol used and are used to send packets from one network (or segment of it) to another (or another segment of the network). The TCP/IP stack uses the IP protocol at this layer.

Internet Protocol IP

The IP protocol allows the exchange of datagrams between nodes on a network and is a connectionless protocol that uses datagrams to send data from one network to another. This protocol does not expect to receive confirmation (ASK, Acknowledgment) of sent packets from the destination node. Acknowledgments and resends of packets are carried out by protocols and processes running at the upper levels of the model.

Its functions include datagram fragmentation and internetworking addressing. The IP protocol provides control information for reassembling fragmented datagrams. The main function of the protocol is internetworking and global addressing. Depending on the size of the network over which the datagram or packet will be routed, one of three addressing schemes is used.

Addressing in IP networks

Each computer on TCP/IP networks has three levels of addresses: physical (MAC address), network (IP address) and symbolic (DNS name).

The physical or local address of a node, determined by the technology with which the network to which the node belongs is built. For nodes included in local networks, this is the MAC address of the network adapter or router port, for example, 11-A0-17-3D-BC-01. These addresses are assigned by equipment manufacturers and are unique addresses, since they are managed centrally. For all existing local network technologies, the MAC address has a 6-byte format: the upper 3 bytes are the manufacturer’s company identifier, and the lower 3 bytes are assigned uniquely by the manufacturer itself.

Network, or IP address, consisting of 4 bytes, for example, 109.26.17.100. This address is used at the network layer. It is assigned by the administrator during the configuration of computers and routers. An IP address consists of two parts: the network number and the host number. The network number can be chosen arbitrarily by the administrator, or assigned on the recommendation of a special Internet division (Network Information Center, NIC), if the network must operate as component Internet. Typically, Internet Service Providers obtain address ranges from NICs and then distribute them to their subscribers. The host number in the IP protocol is assigned independently of the local address of the host. The division of the IP address into the network number and host number fields is flexible, and the boundary between these fields can be set arbitrarily. A node can be part of several IP networks. In this case, the node must have several IP addresses, according to the number of network connections. An IP address does not characterize a single computer or router, but a single network connection.

When developing the IP protocol, based on the size of networks, their classes were identified (Table 2.2):

· Class a – few networks with very big amount nodes; The network number occupies one byte, the remaining 3 bytes are interpreted as the number of the node in the network.

· Class B – medium-sized networks; 16 bits (2 bytes each) are allocated for the network address and the node address.

· Class C – networks with a small number of nodes; 24 bits (3 bytes) are allocated for the network address, and 8 bits (1 byte) for the host address.

Table 2.2. Network classes

Address range

Maximum amount networks

Maximum number of nodes in one network

0Network.node.node.node

0.0.0.0 ‑ 0.255.255.255

reserved

1.0.0.0 ‑ 126.255.255.255

127.0.0.0 – 127.255.255.255

reserved

10Network.network.node.node

128.XXX.0.0 – 191.XXX.255.255

110Network.network.network.node

192.XXX.XXX.0 ‑ 223.XXX.255.255

1110Group.group. group.group

224.0.0.0 – 239.255.255.255

1111Reserve reserve reserve.reserve

240.0.0.0 – 255.255.255.255

reserved

· Class D addresses are special, group addresses are multicast; can be used to send messages to a specific group of nodes. If a packet contains a destination address belonging to class D, then such a packet must be received by all nodes to which this address is assigned.

· Class E addresses are reserved for future use.

In addition to the addresses described above, there are reserved addresses that are used in a special way.

If the network number field contains 0

0 0 0 0...................................0 Node number,

then by default it is considered that this node belongs to the same network as the node that sent the packet: if the computer address is 128.187.0.0, then the address 0.0.25.31 specified in the message is implicitly converted to the address 128.187.25.31;

Address 127.0.0.X is reserved for the organization feedback when testing the operation of a node's software without actually sending a packet over the network. This address is called loopback or localhost. If a program sends a packet with such an address, then this packet, without leaving the computer, will go through all levels of the network subsystem and return to this program. Allows you to develop and test network software on a local computer, including one that does not have a network adapter at all.

If all binary digits of the IP address are 1

1 1 1 1...................................1 1,

then a packet with such a destination address should be sent to all nodes located on the same network as the sender. Such distribution is called a limited broadcast message;

If the destination node address field contains solid 1s

Network address 1111................11,

then a packet with such an address is sent to all network nodes with the given address. Such distribution is called a broadcast message;

Class D addresses are a form of multicast IP address. The packet must be delivered to several nodes at once, which form a group with the number specified in the address field. The nodes identify themselves, that is, they determine which group they belong to. The same node can belong to several groups. Such messages, in contrast to broadcast messages, are called multicast messages. The multicast address is not divided into network and host number fields and is processed in a special way by the router.

A symbolic address, or DNS name, for example, SERV1.IBM.COM. This address is assigned by the administrator and consists of several parts, for example, machine name, organization name, domain name. This address is used at the application level, for example, in the FTP or telnet protocols.

Numerical addressing is convenient for machine processing of routing tables. It presents certain difficulties for human use. To facilitate interaction, tables of correspondence between numeric addresses and machine names were initially used. For example, on UNIX, in the /etc directory there is a file called hosts, which may look like this:

IP address Machine name

127.0.0.1 localhost

144.206.160.32 Polyn

144.206.160.40 Apollo

As the Internet grew, the Domain Name System (DNS) was developed, which allows computers to be given easy-to-remember names, such as yahoo.com, and is responsible for translating these names back into IP addresses. DNS is built on a hierarchical principle, but this hierarchy is not strict. In fact, there is no single root of all Internet domains.

A computer name has at least two domain levels, separated from each other by a period (.). The domains following top-level domains usually identify either regions (msk) or organizations (ulstu). The following hierarchy levels can be assigned to small organizations, or to divisions of large organizations or individuals (for example, alvinsoft.h11.ru).

Everything on the left is a subdomain for common domain. Thus, in the name somesite.uln.ru, somesite is a subdomain of uln, which in turn is a subdomain of ru.

The most popular DNS support program is BIND, or Berkeley Internet Name Domain, a domain name server that is widely used on the Internet. It provides search of domain names and IP addresses for any network node. BIND also provides messaging Email through Internet nodes.

BIND is implemented according to the client-server scheme. There are four types of servers:

· The primary master server maintains its name database and services the local domain;

· the secondary master server serves its own domain, but receives data about the addresses of some of its machines over the network from another server;

· caching server does not have its own domain. It receives data either from one of the master servers or from a buffer;

· remote server is a regular master server installed on a remote machine, which is accessed by programs over the network.

Primary or secondary master servers are usually installed on machines that are gateways for local networks.

Gateway is a system that performs conversion from one format to another.

The name server can be installed on any computer on the local network. Performance must be taken into account, as many server implementations keep name databases in random access memory. At the same time, information is often downloaded from other servers. Therefore, this may cause delays in resolving a request for an address by machine name.

ARP Address Mapping ProtocolsAndRARP

To determine a local address from an IP address, the Address Resolution Protocol (ARP) is used. ARP works differently depending on which link layer protocol is running on a given network - a local area network protocol (Ethernet, Token Ring, FDDI) with the ability to broadcast access simultaneously to all network nodes, or a wide area network protocol (X.25, frame relay), which typically does not support broadcast access. There is also a protocol that solves the inverse problem - finding an IP address from a known local address. It is called reverse ARP - RARP (Reverse Address Resolution Protocol) and is used when starting diskless stations that do not initially know their IP address, but know the address of their network adapter.

On local networks, ARP uses link-layer protocol broadcast frames to search the network for a host with a given
IP address.

A host that needs to map an IP address to a local address generates an ARP request, inserts it into a link-layer protocol frame with a known IP address, and broadcasts the request. All hosts on the local network receive an ARP request and compare the IP address specified there with their own address. If they match, the node generates an ARP response, in which it indicates its IP address and its local address and sends it already directed, since in the ARP request the sender indicates its local address. ARP requests and responses use the same packet format.

ICMP protocol

Internet Control Message Protocol (ICMP) is used by IP and other high-level protocols to send and receive status reports on transmitted information. This protocol is used to control the speed of information transfer between two systems. If the router connecting two systems is overloaded with traffic, it can send a special ICMP error message to reduce the rate at which messages are sent. It is part of the network layer of the TCP/IP protocol suite.

The ICMP protocol uses messages for its purposes, two of which are called ICMP Echo Request and ICMP Echo Reply:

· An echo request implies that the computer to which it was sent must respond to the packet.

· An echo reply is a type of ICMP message that is used to respond to such a request.

These messages are sent and received using the command ping(Packet Internet Groper).

Using special ICMP packets you can obtain information:

· about the impossibility of delivering the package,

· about exceeding the packet lifetime,

· about exceeding the duration of assembling a package from fragments,

· about abnormal values ​​of parameters,

· about changing the forwarding route and type of service,

· about the state of the system, etc.

IGMP protocol

Local network hosts use the Internet Group Management Protocol (IGMP) to register themselves in the group. Information about groups is contained on local network routers. Routers use this information to send multicast messages.

A group message, like a broadcast message, is used to send data to several nodes at once.

Network Device Interface Specification (NDIS) – a network device interface specification, a software interface that provides interaction between transport protocol drivers and corresponding network interface drivers. Allows multiple protocols to be used even if only one network card is installed.

Network Interface Layer

This layer of the TCP/IP model is responsible for distributing IP datagrams. It works with ARP to determine the information that should be placed in the header of each frame. This layer then creates a frame appropriate for the type of network being used, such as Ethernet, Token Ring or ATM, then the IP datagram is placed in the data area of ​​that frame and it is sent out to the network.