Port numbers are used to keep track of different conversations that cross the network at the same time.. Port numbers are necessary when a host is communicating with a server running mul
Trang 1because both SMTP and the World Wide Web services use TCP as their transport layer
protocol A port number must be associated with the conversation between hosts to
ensure that the packet reaches the appropriate service on the server Without a way to
distinguish between different conversations, the client is unable to send an e-mail and
browse a web page at the same time using one server A method to separate transport
layer conversations must be used
Hosts running TCP/IP associate ports at the transport layer with certain applications
Port numbers are used to keep track of different conversations that cross the network
at the same time Port numbers are necessary when a host is communicating with a
server running multiple services Both TCP and UDP use port, or socket, numbers to
pass information to the upper layers Figure 19-13 shows an example of TCP and UDP
port numbers
Figure 19-13 TCP and UDP Port Numbers
Application software developers have agreed to use the well-known port numbers that
are defined in RFC 1700 For example, any conversation bound for the FTP
applica-tion uses the standard port number 21 Conversaapplica-tions that do not involve applicaapplica-tions
with well-known port numbers are assigned port numbers that have been randomly
selected from within a specific range These port numbers are used as source and
desti-nation addresses in the TCP segment Table 19-1 lists the reserved TCP and UDP port
numbers
Table 19-1 Reserved TCP and UDP Port Numbers
continues
F T P
T e l n e t
S M T P
D N S
T F T P
S N M P
21
Application Layer
Transport Layer
Port Numbers 23
Trang 2830 Chapter 19: Intermediate TCP
Table 19-1 Reserved TCP and UDP Port Numbers (Continued)
Trang 3Port numbers have the following assigned ranges:
■ Numbers below 255 are for public applications
■ Numbers from 255 to 1023 are assigned to companies for marketable applications
■ Numbers above 1023 are unregulated
End systems use port numbers to select proper applications As shown in Figure 19-14,
the originating source port number (1028) is dynamically assigned by the source host
Usually, this port number is larger than 1023 The Internet Assigned Numbers
Author-ity (IANA) controls Port numbers in the range of zero to 1023
Figure 19-14 Source and Destination Ports
Ports for Services
Services running on hosts must have a port number assigned to them for
communica-tion to occur A remote host attempting to connect to a service expects that service to
run on certain transport layer protocols at particular ports Some ports, defined in
RFC 1700, are known as the well-known ports These ports are reserved in both TCP
and UDP
These well-known ports can identify applications that run above the transport layer
protocols For example, a server running the FTP service forwards TCP connections
using ports 20 and 21 from clients to its FTP application This way, the server can
Table 19-1 Reserved TCP and UDP Port Numbers (Continued)
Source Port
Destination Port
Source Port
1028
Destination Port
Telnet Z
Destination port = 23.
Send packets to my Telnet application.
Host A Host Z
23
Trang 4832 Chapter 19: Intermediate TCP
determine exactly what service a client is requesting TCP and UDP use port numbers
to determine the correct service to forward service requests to
Ports for Clients
Whenever a client connects to a service on a server, a source and destination port must
be specified TCP and UDP segments contain fields for source and destination ports Destination ports, or ports for services, are normally defined using the well-known ports Source ports, those set by the client, are determined dynamically
In general, a client determines the source port by randomly assigning a number above
1023 For instance, a client attempting to communicate with a web server uses TCP and assigns the destination port as 80 and the source port as 1045 When the packet arrives at the server, it passes up to the transport layer and eventually to the World Wide Web service, which operates at port 80 The World Wide Web server responds to the client’s request with a segment that uses port 80 as the source and port 1045 as the destination In this way, clients and servers use ports to distinguish what process the segment is associated with If a client has two browser sessions open to two different web servers, the destination port is 80 for both sessions However, the source port is a different number for each session (for example, 1045 and 1048) This difference allows the client to keep track of the two different conversations
Port Numbering and Well-Known Ports
Port numbers are represented by 2 bytes in the header of a TCP or UDP segment This 16-bit value can result in port numbers ranging from 0 to 65,535 These port numbers are divided into three different categories:
■ Well-known ports
■ Registered ports
■ Dynamic or private ports The first 1023 ports are well-known ports As previously discussed, these ports are used for well-known network services such as FTP, Telnet, DNS, or HTTP Registered ports range from 1024 to 49151 and identify services such as Cisco-Net-Mgmt and Calendar Access Protocol Finally, ports between 49152 and 65535 are defined as dynamic or private ports
Example of Multiple Sessions Between Hosts
Port numbers are used to track multiple sessions that can occur between hosts A port number and a network address combine to form a socket A pair of sockets, one on each
Trang 5host, forms a unique connection For example, a host can have a Telnet connection
through port 23, while simultaneously surfing the net through port 80 The IP address
and the MAC address are the same because the packets are coming from the same
host However, the port numbers are different because they are different protocols
and, thus, different sockets
Comparison of MAC Addresses, IP Addresses, and Port Numbers
MAC addresses, IP addresses, and port numbers are often confusing, but this
confu-sion can be avoided if the addresses are explained in reference to the OSI reference
model Port numbers are located at the transport layer and are serviced by the network
layer The network layer assigns the logical address, or IP It is then serviced by the
data link layer, which assigns the physical address, or MAC
TCP/IP and the Internet Layer
Internet Protocol (IP) is the Layer 3 protocol responsible for the addressing scheme
that allows packets to be properly routed over intranets and the Internet to their
desti-nations Routers use the IP address information in an IP packet header to determine
which interface the packet should be switched to in order to reach its destination IP
does not provide any services to ensure that the packet reaches its destination IP is
described as an unreliable, connectionless protocol Packets might be dropped in route,
arrive in the wrong order, or be transmitted faster than the receiver can accept them IP
has no means of overcoming these and other delivery issues
The Internet layer of the TCP/IP stack corresponds to the network layer of the OSI
model The network layer is responsible for getting packets through a network using
software addressing
Lab Activity—Multiple Active Host Sessions
In this activity, you enable HTTP services on a router and observe multiple
HTTP and Telnet sessions on a single host using the netstat command.
Lab Activity—Well-Known Port Numbers and Multiple Sessions
In this activity, you observe the well-known port numbers of multiple sessions
on a single host using the netstat command.
Trang 6834 Chapter 19: Intermediate TCP
As shown in the Figure 19-15, several protocols operate at the TCP/IP Internet layer,
corresponding to the OSI network layer:
■ IP—Provides addressing and connectionless, best-effort delivery routing of
data-grams, is not concerned with the content of the datadata-grams, and looks for a way
to move the datagrams to their destination
■ ICMP—Provides control and messaging capabilities
■ Address Resolution Protocol (ARP)—Determines the data link layer (MAC) addresses for known IP addresses
■ Reverse Address Resolution Protocol (RARP)—Determines network addresses when data link layer addresses are known
Figure 19-15 OSI Network Layer
How ARP Works
ARP is used to resolve or map a known IP address to a MAC sublayer address This mapping allows for communication because the data link hardware will not accept a frame unless the MAC address in the frame matches the hardware MAC address (or it
is a broadcast MAC address) To determine a destination MAC address for a datagram,
a table called the ARP cache is checked Every host on a TCP/IP network (routers, workstations, servers, and so on) maintains an ARP cache If the address is not in the table, ARP sends a broadcast that is received by every station on the network, looking
for the destination station The term local ARP describes the search for an address
when the requesting host and the destination host share the same medium or wire As shown in Figure 19-16, before issuing the ARP, the subnet mask must be consulted In this case, the mask determines that the nodes are on the same subnet
Transport Internet Network Interface
Application
IP ICMP ARP RARP
Trang 7Figure 19-16 OSI Network Layer
RARP is a TCP/IP protocol that permits a physical address, such as an Ethernet
address, to be translated into an IP address Consequently, this protocol is the opposite
of ARP Hosts such as diskless workstations often know only their hardware interface
addresses, or MAC address, when booted, but not their IP addresses They must
dis-cover their IP addresses from an external source Usually, a RARP server using the
RARP protocol can resolve this situation
Summary
In this chapter, you learned the following:
■ TCP is a connection-oriented transport layer protocol that provides necessary
quality of service processes to the unreliable IP protocol
■ TCP provides reliability, flow control, and virtual connection services
■ TCP utilizes a three-way handshake to establish synchronized communication
between hosts
■ Sliding windows allows for dynamic data flow control
■ Sequence numbers ensure proper data reassembly by the receiving host
■ UDP is a connectionless transport layer protocol
■ UDP and TCP use ports to distinguish upper layer applications
To supplement all that you’ve learned in this chapter, refer to the chapter-specific Videos,
PhotoZooms, and e-Lab Activities on the CD-ROM accompanying this book
IP: 172.16.3.2 = ? ? ?
IP: 172.16.3.2
Ethernet: 0800.0020.1111
I need the Ethernet address
of 172.16.3.2.
I heard that broadcast;
that is me Here is my Ethernet address.
Trang 8836 Chapter 19: Intermediate TCP
Key Terms
ARP (Address Resolution Protocol) Internet protocol used to map an IP address to
a MAC address
DoS (denial-of-service) Type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic
flow control The process of adjusting the flow of data from one device to another
to ensure that the receiving device can handle all of the incoming data
RARP (Reverse Address Resolution Protocol) Protocol in the TCP/IP stack that provides a method for finding IP addresses based on MAC addresses
TCP (Transmission Control Protocol) Connection-oriented transport layer protocol that provides reliable full-duplex data transmission TCP is part of the TCP/IP protocol stack
UDP (User Datagram Protocol) Connectionless transport layer protocol in the TCP/IP protocol stack UDP is a simple protocol that exchanges datagrams without acknowledgments or guaranteed delivery, requiring that error processing and retrans-mission be handled by other protocols
well-known ports These ports are defined in RFC 1700 and are reserved in both TCP and UDP These well-known ports can identify applications that run above the transport layer protocols
windowing Manages the flow The recipient reports to the sender what size window
in terms of octets it’s able to accept at this time The sender then sends that many octets to the receiving host
Check Your Understanding
Complete all the review questions to test your understanding of the topics and con-cepts in this chapter Answers are listed in Appendix C, “Check Your Understanding Answer Key.”
1. Which of the following best describes TCP/IP?
A. It is a suite of protocols that can be used to communicate across any set of interconnected networks
B. It is a suite of protocols that allows LANs to connect into WANs
Trang 9C. It is a suite of protocols that allows for data transmission across a multitude
of networks
D. It is a suite of protocols that allows different devices to be shared by intercon-nected networks
2. Which of the following is one of the protocols found at the transport layer?
3. What is the purpose of port numbers?
A. They keep track of different conversations crossing the network at the same time
B. Source systems use them to keep a session organized and to select the proper application
C. End systems use them to dynamically assign end users to a particular session, depending on their application use
D. Source systems generate them to predict destination addresses
4. Which of the following best describes UDP?
A. A protocol that acknowledges flawed or intact datagrams
B. A protocol that detects errors and requests retransmissions from the source
C. A protocol that processes datagrams and requests retransmissions when necessary
D. A protocol that exchanges datagrams without acknowledgments or guaranteed delivery
5. Which of the following TCP/IP layers includes file transfer, e-mail, remote login,
and network management?
A. Transport
B. Application
C. Internet
D. Network
Trang 10838 Chapter 19: Intermediate TCP
6. Why are TCP three-way handshake/open connections used?
A. To ensure that lost data can be recovered if problems occur later
B. To determine how much data the receiving station can accept at one time
C. To provide efficient use of bandwidth by users
D. To change binary ping responses into information in the upper layers
7. What does a TCP sliding window do?
A. It makes the window larger so that more data can come through at once, which results in more efficient use of bandwidth
B. The window size slides to each section of the datagram to receive data, which results in more efficient use of bandwidth
C. It allows the window size to be negotiated dynamically during the TCP session, which results in more efficient use of bandwidth
D. It limits the incoming data so that each segment must be sent one by one, which is an inefficient use of bandwidth
8. UDP segments use what protocols to provide reliability?
A. Network layer protocols
B. Application layer protocols
C. Internet protocols
D. Transmission Control Protocols
9. Which of the following best describes window size?
A. The maximum size of the window that software can have and still process data rapidly
B. The number of messages or bytes that can be transmitted while awaiting an acknowledgment
C. The size of the window, in picas, that must be set ahead of time so that data can be sent
D. The size of the window opening on a monitor, which is not always equal to the monitor size
10. What is the function of ARP?
A. It completes research for a Layer 3 destination address
B. It is used to develop a cached Layer 4 address resource table
C. It is used to map an IP address to a MAC address
D. It sends a broadcast message looking for the router IP address