Advanced Computer Networking

Module Code :MIT6114

Ambo University
Hachalu Hundesa Campus Institute of Technology
Department of Information Technology
(MSc program)

Instructor: Dr.C.Suresh Gnana Dhas

E-Mail id:drsuresh.csambo@gmail.com
 Advanced Computer Networking MIT6114

Chapter 1- Fundamental Networking concepts review

• OSI Reference model
• Routing and Switching basics
• Internet Protocol
 Addressing—Classless inter domain routing (CIDR), sub netting,
Address Resolution Protocol (ARP), Network Address Translation
(NAT),
 Hot Standby Router Protocol (HSRP) Services—Domain Name
System (DNS), Bootstrap Protocol (BOOTP), Dynamic Host
Configuration Protocol (DHCP), Internet Control Message Protocol
(ICMP)
 Applications—Telnet, File Transfer Protocol (FTP), Trivial File
Transfer Protocol (TFTP)
 Transport—IP fragmentation, sockets, ports
 IP access lists

CINS/F1-01
 Chapter 1.3
Fundamental Networking Concepts Review

•Hot Standby Router Protocol (HSRP)

•Services—Domain Name System (DNS)
• Bootstrap Protocol (BOOTP)
•Dynamic Host Configuration Protocol (DHCP)
•Internet Control Message Protocol (ICMP)
• Applications—Telnet, File Transfer Protocol (FTP)
•Trivial File Transfer Protocol (TFTP)
•Transport—IP fragmentation
• IP access lists

3
 Hot Standby Router Protocol (HSRP)

• In computer networking, the Hot Standby Router

Protocol (HSRP) is a Cisco proprietary redundancy protocol
for establishing a fault-tolerant default gateway.
• The protocol establishes an association between gateways in
order to achieve default gateway failover if the primary
gateway becomes inaccessible. HSRP gateways
send multicast hello messages to other gateways to notify
them of their priorities (which gateway is preferred) and
current status (active or standby).
• In HSRP, two or more routers gives an illusion of a
virtual router. HSRP allows you to configure two or
more routers as standby routers and only a
single router as active router at a time.
4
 The need for HSRP

• The majority of devices can store a single IP address for the default gateway.
if that gateway fails, They won’t be able to communicate outside of their
subnet.
• If the default gateway fails, you will have a major outage. So, that router is
a Single Point of Failure (SPoF). the router fails, the entire network will be
isolated.
• if a switch fails, the computers connected to it will be isolated. the switch is
not a Single Point of Failure. This is because their failure does not impact the
entire infrastructure, only part of it. However, in case you are connecting
servers in a data center, you want to connect a server to two switches at
least.

5
The Solution

• A client to use multiple gateways, we need to find a workaround. We do that

by configuring the two routers with HSRP. Instead of telling the clients, we
prepare the secondary gateway to mask itself as the primary one, if the
primary fails. More or less, we are lying to clients about which router is the
default gateway.
• To do that configuration, you add a Virtual IP Address (VIP) on both routers.
By default, only the primary router will use it. However, if the primary router
fails the secondary will start using that address.
• That VIP is a dedicated IP address. You can make all your devices point to
that address as default gateway. In case the first router fails, the second one
will start being the default gateway.

6
How Hot Standby Router Protocol works?

• HSRP is a Cisco-proprietary protocol developed to provide redundancy to LAN

Users at network layer defined as per RFC 2281.
• Using HSRP, the gateway routers or Multi Layer switches(MLS) are configured to
behave as single gateway (with Virtual IP) to the LAN users.
• HSRP works on top of UDP (port 1985) i.e. at application layer.
• HSRP gateways/routers/Multi layer Switches send hello messages on "All-
Routers" Multicast address 224.0.0.2.
• The gateways routers/MLS for a given gateway address are made member of a
common HSRP group.
• LAN users are configured with the Virtual IP (also called Phantom IP) of the
Gateway Running HSRP.
• In a two gateway setup, One router is elected as Primary (Active) and another acts
as Backup (Standby). More details in one of the points below.
• In a topology with more than two gateways, one router is elected as Primary
(Active), one is elected as Backup (Standby) and other remains in Listen state.
• Only the Primary router (with 'active' role) responds to the ARP queries(for virtual
IP) raised by LAN users with Virtual MAC 0000.0c07.acxx where xx is the group
number in Hex. 7
How Hot Standby Router Protocol works? (CON.)

• All these gateway routers exchange Hello messages at regular intervals (Default
timer 3 seconds and Default hold time 10 seconds) to remain aware of each
other's state and existence. If Primary router fails, Standby becomes active and
start responding to the ARP queries raised by LAN users.
• Group number can be any value from 0-255. Most Cisco Catalyst Multi layer
Switches support only up to 16 unique HSRP group numbers . If you configure
HSRP on Multi layer Switches, on VLAN interfaces, redundancy can only be
provided for on 16 VLANs as you can only use 16 unique group numbers. Solution
to this problem is to use same group number for all VLAN interfaces because
HSRP group numbers are locally significant to interfaces.
• The active/primary router is chosen based on highest HSRP priority (default
priority is 100). In case of a tie, the router with the highest configured IP address
becomes primary. A new router with a higher priority does not cause an election
unless it is configured to preempt—that is, take over from a lower priority router.
Configuring a router to preempt also ensures that the highest priority router regains
its active status if it goes down and comes back online again.
• Interface tracking reduces the active router’s priority if a specified link is down. This
enables the standby router to take over even though the active router is still up.
8
Hot Standby Router Protocol States

• Initial: HSRP is not running.

• Learn: The router does not know the virtual IP address and is
waiting to hear from the active router.
• Listen: The router knows the IP and MAC of the virtual router,
but it is not the active or standby router.
• Speak: Router sends periodic HSRP hellos and participates in
the election of the active router.
• Standby: Router monitors hellos from active router and
assumes responsibility if active router fails.
• Active: Router forwards packets on behalf of the virtual
router.

9
HSRP features include:

• Consistent IP routing protocol sets

• Works in a bridging environment
• Automatically self-updates when media access control (MAC)
addresses are modified
• High-priority HSRPs are virtual (or active) routers with
predefined gateway IP addresses
• HSRP groups or standby groups are HSRP router sets
coordinated as illusory single active routers
• HSRP group routers have universal IP and MAC addresses.
• The virtual IP address for an HSRP group is the primary IP
address LAN subnet and differs from other allocated interface
addresses. 10
 Introduction to the Domain Name System
(DNS)
• The domain name system (DNS) is a naming database in which
internet domain names are located and translated into internet protocol (IP)
addresses.
• The domain name system maps the name people use to locate a website
to the IP address that a computer uses to locate a website.
• The Domain Name System (DNS) is a hierarchical and decentralized
naming system for computers, services, or other resources connected to the
internet or a private network. It associates various information with domain
names assigned to each of the participating entities.
• Most prominently, it translates more readily memorized domain names to the
numerical IP address needed for locating and identifying computer services
and devices with the underlying network protocols.
• By providing a worldwide, distributed directory services the Domain Name
System has been an essential component of the functionality of the Internet

11
 DNS

• A lookup mechanism for translating objects into other objects

• A globally distributed, loosely coherent, scalable, reliable,
dynamic database
• Comprised of three components
 A “name space”
 Servers making that name space available
 Resolvers (clients) which query the servers about
the name space

12
DNS Features:
Global Distribution
• Data is maintained locally, but retrievable globally
– No single computer has all DNS data
• DNS lookups can be performed by any device
• Remote DNS data is locally cachable to improve performance
Loose Coherency
• The database is always internally consistent
– Each version of a subset of the database (a zone) has a serial number
• The serial number is incremented on each database change
• Changes to the master copy of the database are replicated according to timing set
by the zone administrator
• Cached data expires according to timeout set by zone administrator
Scalability
• No limit to the size of the database
– One server has over 20,000,000 names
• Not a particularly good idea
• No limit to the number of queries
– 24,000 queries per second handled easily
• Queries distributed among masters, slaves, and caches 13
Reliability
• Data is replicated
– Data from master is copied to multiple slaves
• Clients can query
– Master server
– Any of the copies at slave servers
• Clients will typically query local caches
• DNS protocols can use either UDP or TCP
– If UDP, DNS protocol handles retransmission, sequencing, etc
Dynamicity
• Database can be updated dynamically
– Add/delete/modify of any record
• Modification of the master database triggers replication
– Only master can be dynamically updated
• Creates a single point of failure

14
DNS Concepts

• The namespace needs to be made hierarchical to be able to scale.

• The idea is to name objects based on
– location (within country, set of organizations, set of companies, etc)
– unit within that location (company within set of company, etc)
– object within unit (name of person in company)
How names appear in the DNS
Fully Qualified Domain Name (FQDN)
WWW.RIPE.NET.
• labels separated by dots
• DNS provides a mapping from fully qualified domain names(FQDN) to resources
of several types
• Names are used as a key when fetching data in the DNS
• The DNS maps names into data using Resource Records.
• Domain names can be mapped to a tree.
• New branches at the ‘dots’
• No restriction to the amount of branches.
15
DNS Design: Hierarchy Definitions

• Each node in hierarchy stores a list of

names that end with same suffix

• Suffix = path up tree

•root
•org • E.g., given this tree, where would
•net •edu •com •uk following be stored:

• Fred.com
•gwu •ucb •cmu •bu •mit
• Fred.edu
•cs •ece
•cmcl • Fred.cmu.edu

• Fred.cmcl.cs.cmu.edu

• Fred.cs.mit.edu
DNS Design: Zone Definitions

• Zone = contiguous section of name

space

• E.g., Complete tree, single node

•root
or subtree
•org •ca
•net •edu •com •uk • A zone has an associated set of
name servers
•gwu •ucb •cmu •bu •mit • Must store list of names and tree
links
•cs •ece
•Subtree
•cmcl •Single node

•Complete Tree
Servers/Resolvers

• Each host has a resolver

– Typically a library that applications can link to Local name servers hand-
configured (e.g. /etc/resolv.conf)
• Name servers
– Either responsible for some zone or other sub tree
– Local servers
• Do lookup of distant host names for local hosts
• Typically answer queries about local zone
Typical Resolution

•root & edu

•www.cs.cmu.edu •DNS server

•ns1.cmu.edu
•Local
•Client •DNS server
•DNS server •ns1.cs.cmu.edu

•DNS

•server
Top-level Domains (TLDs)

• Generic Top Level Domains (gTLDs)

– .com - commercial organizations
– .org - not-for-profit organizations
– .edu - educational organizations
– .mil - military organizations
– .gov - governmental organizations
– .net - network service providers
– New: .biz, .info, .name, …
• Country code Top Level Domains (ccTLDs)
– One for each country
 Bootstrap Protocol (BOOTP)

• The Bootstrap Protocol (BOOTP) is a computer

networking protocol used in Internet Protocol networks to
automatically assign an IP address to network devices from a
configuration server. The BOOTP was originally defined
in RFC 951.
• When a computer that is connected to a network is powered
up and boots its operating system, the system software
broadcasts BOOTP messages onto the network to request an
IP address assignment. A BOOTP configuration server
assigns an IP address based on the request from a pool of
addresses configured by an administrator.

21
 Bootstrap Protocol(BOOTP)

• The information that is held in each computer attached to a TCP/IP internet

– Its IP address
– Its subnet mask
– The IP address of a router
– The IP address of a name server
• The above information is usually stored in a configuration file and accessed by the
computer during the bootstrap process
• In the case of a diskless computer, the operating system and networking S/W can
be stored in ROM. But the above information cannot be stored in ROM
• BOOTP(Bootstrap Protocol) is client/server protocol designed to provide the
information for a diskless computer or a computer that is booted for the first time
– RARP provides only the IP address and not the other information
– If we use BOOTP, we do not need RARP
– RARP is not implemented in most systems, it is totally removed from TCP/IP
version 6

22
 RARP ( Reverse Address Resolution Protocol)

• RARP ( Reverse Address Resolution Protocol)

– Provide the IP address for a booted computer
– Map a physical address to an IP address
– But deprecated today for two reasons
• RARP used the broadcast service of the data link layer
– So RARP server must be present in each network
• RARP can provide only the IP address of the computer
– Today, a computer requires IP address, subnet mask, IP address of
router, IP address of name server.
 BOOTP ( Bootstrap Protocol) Operation

• BOOTP ( Bootstrap Protocol)

– Pre-runner of Dynamic Host Configuration Protocol (DHCP)
– Client/Server protocol designed
• BOOTP server can be anywhere in the Internet
• BOOTP can provide all pieces of information
– But BOOTP is a static configuration protocol
– BOOTP can not support dynamic configuration
• Client and server on the same network
 BOOTP

• Operation

Steps involved in use of the BOOTP protocol

1) BOOTP server uses UDP port 67
and waiting for a client
2) The client sends a BOOTP request
message to the server. The client uses
0s as the source address and all 1s as the
destination address.
3) The server replies to the client with
either a broadcast or a unicast message
using UDP destination port 68.
BOOTP

• UDP Ports
– BOOTP is the client’s use of the well-known port 68 instead of an transient
port
– if two hosts with same well-known port 68 use BOOTP at the same time in
case of broadcasting the reply, both hosts receive the message.
• In this case, transaction ID is used
• Using TFTP
– If a client needs more information for booting, the client can use the pathname
of a file sent by server which the client can find complete booting information.
– The client can then use a TFTP message to get the rest of the needed
information.
• Relay agent
– In case that does not include a BOOTP sever in each LAN, a remote BOOTP
server may serve several LANs
– If a client needs to be booted, it cannot reach the remote sever using the
broadcast address because an address of all 1s has only local jurisdiction.
– So, a relay agent is used to send local requests to remote severs
BOOTP (cont’d)

• Client and server on two different networks

BOOTP (cont’d)
•Ethernet : 1 •Ethernet : 6 •Maximum No. of Hops that can travel
BOOTP

• Operation code : request(1) or reply (0)

• Transaction ID : set by the client and used to match a reply with the request
• Number of seconds : indicating the number of seconds elapsed since the time the
client started to boot
• Your IP address : client address filled by server (in the client message)
• Server IP address : in a reply message
• Gateway IP address : IP address of a router in a reply message
• Server name : the domain name of the server in a reply packet
• Boot filename : the full pathname of the boot in a reply packet (128-byte)
• Options : used in a reply message (64-byte)
• carrying either additional information (such as the network mask or default
router address) or some specific vendor information

29
Dynamic Host Configuration Protocol (DHCP)

• The Dynamic Host Configuration Protocol (DHCP) is a network

management protocol used on Internet Protocol (IP) network, whereby a
DHCP server dynamically assigns an IP Address and other network
configuration parameters to each device on the network, so they can
communicate with other IP networks. A DHCP server enables computers
to request IP addresses and networking parameters automatically from
the Internet Service Provider (ISP), reducing the need for a network
administrator or a use to manually assign IP addresses to all network
devices. In the absence of a DHCP server, a computer or other device on
the network needs to be manually assigned an IP address
• DHCP can be implemented on networks ranging in size from home
networks to large campus networks band regional ISP networks. A
router or a residential gateway can be enabled to act as a DHCP server.
Most residential network routers receive a globally unique IP address
within the ISP network. Within a local network, a DHCP server assigns a
local IP address to each device connected to the network.
30
Dynamic Host Configuration Protocol (DHCP)

BOOTP is not dynamic configuration protocol.

– When a client requests its IP address, the BOOTP sever looks up a table that matches the
physical address of the client with its IP address.
– This means that the binding between the physical address and the IP address of the client
should already exist.
– What if a host moves from one physical network to another ?
DHCP is extension to BOOTP and has backward compatible with BOOTP
– meaning that a host running the BOOTP client can request a static configuration to a DHCP
server
DHCP provides temporary IP addresses for a limited period of time with two option
– one for statically binding between physical address and IP address
– the other one with a pool of available IP addresses
• When a DHCP client requests a temporary IP addresses, the DHCP sever assigns an IP
address from a pool for a negotiable period of time
• When a DHCP client sends a request to a DHCP server
– At first, checking its static database
– If not , selecting an IP address from the available pool
Leasing
– The DHCP server issues a lease for a specific period of time
– When the lease expires, the client must either stop using the IP address or renew the lease
Client and server on the same network

1. The DHCP server issues an active open command on UDP port number 67
and waits for a client
2. A booted client issues an active open command on port number 68.
3. The server responds with either a broadcast or a unicast message using
UDP source port number 67 and destination port 68
Client and server on two different networks

– DHCP request is broadcast because the client does not know the IP address
of server
• Broadcast IP datagram cannot pass through any router
– To solve above problem, one of the hosts can be used as a relay, called relay
agent.
• Relay agent knows the unicast address of a DHCP server
• Listen for broadcast message on port 67

33
• Packet Format
– To make DHCP backward compatible with BOOTP, it is only added a one-bit flag to the
packet.
– extra options have been added to the option field
– Flag :
• Let client specify a forced broadcast reply from the server
– Option :
• several options are added
– Ex - the value 53 for the tag subfield is used to define the type of interaction
between the client and server
– MAX : 312 bytes
• DHCP Options

34
DHCP Operation

1. A client broadcasts a DHCPDISCOVER message using destination port 67

2. Servers respond with a DHCPOFFER message including an IP address
Offering the duration of the lease - default : one hour
The server that sends a DHCPOFFER locks the offered IP address so that it is
not available to any other clients
• If the client receives no DHCPOFER message, it will try four more times, each
with a SPAN of two seconds.
• If there is no reply to any of these DHCPDISCOVERs, the client sleeps for five
minutes before trying again
3. The client chooses one of the offers and sends a DHCPREQUEST message to the
selected sever
4. The server responds with a DHCPACK message and creates the binding between the
client physical address and its IP address
5. Before 50 percent of the lease period is reached, the client sends another
DHCPREQUEST and asks for renewal
6. If the server responds with a DHCPACK, the client has a new lease agreement and can
reset its timer. If the server responds with a DHCPNACK, the client must immediately
stop using the IP address and find another server (step 1)
7. If the sever does not respond, the client sends another DHCPREQUEST when the lease
time reaches 87.5 percent. If the client terminates the lease prematurely, the client
sends a DHCPRELEASE message to the server.
DHCP Transition Diagram
DHCP (Cont’d)
DHCP (Cont’d)
DHCP (Cont’d)
 Internet Control Message Protocol (ICMP)

• The Internet Control Message Protocol (ICMP) is a

supporting protocol in the Internet protocol suite. It is used by
network devices, including routers, to send error messages
and operational information indicating success or failure when
communicating with another IP address, for example, an error
is indicated when a requested service is not available or that
a host or router could not be reached.
• ICMP differs from transport protocol such as TCP and UDP in
that it is not typically used to exchange data between
systems, nor is it regularly employed by end-user network
applications (with the exception of some diagnostic tools like
ping and trace route).

40
Internet Control Message Protocol (ICMP)

• used by hosts, routers,

Type Code description
gateways to communicate
0 0 echo reply (ping)
network-level information
3 0 dest. network unreachable
– error reporting: unreachable 3 1 dest host unreachable
host, network, port, protocol 3 2 dest protocol unreachable
– echo request/reply (used by 3 3 dest port unreachable
ping) 3 6 dest network unknown
• Part of IP, but architecturally lies 3 7 dest host unknown
“above” IP: 4 0 source quench (congestion
– ICMP msgs are carried as control - not used)
IP payload 8 0 echo request (ping)
9 0 route advertisement
• ICMP message: comprised of 10 0 router discovery
type, code plus first 8 bytes of 11 0 TTL expired
IP datagram causing error 12 0 bad IP header
Internet Control Message Protocol (ICMP)

• The IP (Internet Protocol) relies on several other protocols to perform necessary

control and routing functions:
• Control functions (ICMP)
Routing
RIP OSPF BGP PIM

• Multicast signaling (IGMP) ICMP IGMP Control

• Setting up routing tables

ICMP message format
• 4 byte header:
• Type (1 byte): type of ICMP message
• Code (1 byte): subtype of ICMP message
• Checksum (2 bytes): similar to IP header checksum. Checksum is calculated over entire
ICMP message
• If there is no additional data, there are 4 bytes set to zero.
 each ICMP messages is at least 8 bytes long
bit # 0 7 8 15 16 23 24 31

type code checksum

additional information
or
0x00000000

42
ICMP Query message
• ICMP query:

• Request sent by host to a router or host

• Reply sent back to querying host
Type/Code: Description
8/0 Echo Request
0/0 Echo Reply
13/0 Timestamp Request
14/0 Timestamp Reply
10/0 Router Solicitation
9/0 Router advertisement

•Ping’s are handled directly by the kernel

•Each Ping is translated into an ICMP Echo
•Host •Host
Request
or or
•The Ping’ed host responds with an ICMP Echo Router router
Reply
Frequent ICMP Error message and
some subtypes of the “Destination Unreachable”
Type Code Description
3 0–15 Destination Notification that an IP datagram could not be forwarded and was dropped. The
unreachable code field contains an explanation.
5 0–3 Redirect Informs about an alternative route for the datagram and should result in a
routing table update. The code field explains the reason for the route change.
11 0, 1 Time Sent when the TTL field has reached zero (Code 0) or when there is a timeout
exceeded for the reassembly of segments (Code 1)
12 0, 1 Parameter Sent when the IP header is invalid (Code 0) or when an IP header option is
problem missing (Code 1)
Code Description Reason for Sending
0 Network Unreachable No routing table entry is available for the destination network.
1 Host Unreachable Destination host should be directly reachable, but does not respond to
ARP Requests.
2 Protocol Unreachable The protocol in the protocol field of the IP header is not supported at the
destination.
3 Port Unreachable The transport protocol at the destination host cannot pass the datagram to
an application.
4 Fragmentation Needed IP datagram must be fragmented, but the DF bit in the IP header is set.
and DF Bit Set 44
 Telnet

• Telnet is an application protocol used on the Internet or local

area network to provide a bidirectional interactive text-
oriented communication facility using a virtual terminal
connection. User data is interspersed in-band with Telnet
control information in an 8-bit byte oriented data connection
over the Transmission Control Protocol(TCP).

45
 Telnet

• TELNET is a protocol that provides “a general, bi-directional, eight-bit byte oriented

communications facility”.
• telnet is a program that supports the TELNET protocol over TCP.
• Many application protocols are built upon the TELNET protocol.

The TELNET Protocol

• TCP connection
• data and control over the same connection.
• Network Virtual Terminal
• negotiated options

Network Virtual Terminal

• intermediate representation of a generic terminal.
• provides a standard language for communication of terminal control function s

46
Telnet

Negotiated Options
• All Network Virtual Terminals(NVT) support a minimal set of capabilities.
• Some terminals have more capabilities than the minimal set.
• The 2 endpoints negotiate a set of mutually acceptable options (character set, echo
mode, etc).
• The protocol for requesting optional features is well defined and includes rules for
eliminating possible negotiation “loops”.
• The set of options is not part of the TELNET protocol, so that new terminal features
can be incorporated without changing the TELNET protocol

Option examples
• Line mode vs. character mode
• echo modes
• character set (EBCDIC vs. ASCII)
.
Control Functions

• TELNET includes support for a series of control functions commonly supported

by servers.
• This provides a uniform mechanism for communication of (the supported) control
functions
• Interrupt Process (IP)
– suspend/abort process.
• Abort Output (AO)
– process can complete, but send no more output to user’s terminal.
• Are You There (AYT)
– check to see if system is still running.
• Erase Character (EC)
– delete last character sent
– typically used to edit keyboard input.
• Erase Line (EL)
– delete all input in current line.
Command Structure

• All TELNET commands and data flow through the same TCP connection.
• Commands start with a special character called the Interpret as Command escape
character (IAC).
• The IAC code is 255.
• If a 255 is sent as data - it must be followed by another 255.
Looking for Commands
• Each receiver must look at each byte that arrives and look for IAC.
• If IAC is found and the next byte is IAC - a single byte is presented to the
application/terminal.
• If IAC is followed by any other code - the TELNET layer interprets this as a
command.
Command Codes
• IP 243 WILL 251
• AO 244 WON’T 252
• AYT 245 DO 253
• EC 246 DON’T 254
• EL 247 IAC 255
 File Transfer Protocol(FTP)
• The File Transfer Protocol (FTP) is a standard Network Protocol used for the
transfer of data/files between client and server on a Network
• FTP is built on a client-server model architecture using separate control and data
connections between the client and the server.
• FTP users may authenticate themselves with a clear-text sign-in protocol,
normally in the form of a username and password, but can connect anonymously if
•applicatio
the server is configured to allow it. n

•transport
•network
Applications and Application-Layer Protocols •data link
• Application: communicating, distributed processes •physical

– Running in network hosts in “user space”

– Exchange messages to implement app
– e.g., email, file transfer, the Web
• Application-layer protocols
– One “piece” of an app
•applicatio
– Define messages exchanged by apps and •applicatio
n
n
actions taken •transport •transport
•network
– User services provided by lower layer •data link
•network
•data link
protocols •physical •physical
Ftp: The File Transfer Protocol

•FTP •FTP •file transfer

•FTP
•user •client •server
•user
•interface •local file •remote file
•at host
•system •system
• Transfer file to/from remote host
• Client/server model
– Client: side that initiates transfer (either to/from
remote)
– Server: remote host
• ftp: RFC 959
• ftp server: port 21
Ftp: Separate Control, Data Connections

• Ftp client contacts ftp server at port

21, specifying TCP as transport
protocol
• :Client browses remote directory by
sending commands over control
connection. •TCP control connection
• When server receives a command for
a file transfer, the server opens a •port 21
TCP data connection to client
• After transferring one file, server •TCP data connection
closes connection or authentication •FTP •FTP
 Server opens a second TCP data •port 20
connection to transfer another file. •client •server
 Control connection: “out of band”
 FTP server maintains “state”: current
directory, earlier authentication
The Data Connection

• Uses Server’s well-known port 20

• Client issues a passive open on an ephemeral port, say x.
• Client uses PORT command to tell the server about the port number x.
• Server issues an active open from port 20 to port x.
• Server creates a child server/ephemeral port number to serve the client

Creating
the data
connection
EXAMPLE

220 (Service ready) 1

2 USER forouzan
331 (User name OK. Password?) 3
4 PASS xxxxxx
230 (User login OK) 5

6 PORT 8888
150 (Data connection opens shortly) 7
8 LIST /usr/user/forouzan/reports
125 (Data connection OK) 9
List of files or directories 10
DATA
TRANSFER

List of files or directories 11

226 (Closing data connection) 12

13 QUIT
221 (Service closing) 14
Ftp Commands, Responses
Sample Commands:
• sent as ASCII text over
control channel
• USER username
• PASS password
• LIST return list of files in
current directory
• RETR filename
retrieves (gets) file
• STOR filename stores
(puts) file onto remote host
Sample Return Codes
status code and phrase
• 331 Username OK,
password required
• 125 data connection
already open;
transfer starting
• 425 Can’t open data
connection
• 452 Error writing
file
What Transport Service Does an Application Need?

Data loss Timing

• Some apps (e.g., audio) can
tolerate some loss
• Other apps (e.g., file transfer,
telnet) require 100% reliable
data transfer
• Some apps (e.g., Internet
telephony, interactive
games) require low delay to
be “effective”

• Bandwidth
• Some apps (e.g., multimedia) require minimum amount of
bandwidth to be “effective”
• Other apps (“elastic apps”) make use of whatever bandwidth they
get
 Trivial File Transfer Protocol(TFTP)

Trivial File Transfer Protocol (TFTP) is a simple lockstep File Transfer

Protocol which allows a client to get a file from or put a file onto a remote host.
One of its primary uses is in the early stages of nodes booting from a local area
network. TFTP has been used for this application because it is very simple to
implement.
TFTP Usage and Design
• Transfer files between processes.
• Minimal overhead (no security)
• Designed for UDP, although could be used with many transport protocols.
• Easy to implement
• Small - possible to include in firmware
• Often uses to bootstrap workstations and network devices
TFTP Protocol
• 5 message types
– Read request ,Write request,Data
– ACK (acknowledgment)
– Error 57
Message Formats

– Read request

– Write request

– Data

– ACK (acknowledgment)

– Error
Error Types and Meaning

Data Connection
TFTP example
 Internet datagram

A datagram is a basic transfer unit associated with a packet-

switched network. Datagram's are typically structured
in header and payload sections. Datagram's provide
a connectionless communication service across a packet-
switched network. The delivery, arrival time, and order of
arrival of datagram's need not be guaranteed by the network.

61
 Internet datagram

• Basic transfer unit •Datagram header •Datagram data area

• Format of Internet datagram

•0 •4 •8 •16 •19 •24 •31

•Vers •Hlen •Type of serv. •Total length
•Identification •Flags •Fragment offset
•TTL •Protocol •Header Checksum

•Source IP address

•Destination IP address
•IP Options (if any) •Padding

•Data
•…
IP datagram format (cont.)

• Vers (4 bits): version of IP protocol (IPv4=4)

• Hlen (4 bits): Header length in 32 bit words, without options (usual case) = 20
• Type of Service – TOS (8 bits): little used in past, now being used for QoS
• Total length (16 bits): length of datagram in bytes, includes header and data
• Time to live – TTL (8bits): specifies how long datagram is allowed to remain in
internet
– Routers decrement by 1
– When TTL = 0 router discards datagram
– Prevents infinite loops
• Protocol (8 bits): specifies the format of the data area
– Protocol numbers administered by central authority to guarantee agreement,
e.g. TCP=6, UDP=17 …
• Source & destination IP address (32 bits each): contain IP address of sender
and intended recipient
• Options (variable length): Mainly used to record a route, or timestamps, or specify
routing

63
IP Fragmentation

• How do we send a datagram of say 1400 bytes through a link that has a Maximum
Transfer Unit (MTU) of say 620 bytes?
• the datagram is broken into fragments

•Net 1 •Net 3
•Net 2
•MTU=1500 •MTU=1500
•MTU=620

– Router fragments 1400 byte datagrams

• Into 600 bytes, 600 bytes, 200bytes (note 20 bytes for IP header)
• Routers do NOT reassemble, up to end host

64
Fragmentation Control

• Identification: copied into fragment, allows destination to know which fragments

belong to which datagram
• Fragment Offset (12 bits): specifies the offset in the original datagram of the data
being carried in the fragment
– Measured in units of 8 bytes starting at 0
• Flags (3 bits): control fragmentation
– Reserved (0-th bit)
– Don’t Fragment – DF (1st bit):
• useful for simple (computer bootstrap) application that can’t handle
• also used for MTU discovery (see later)
• if need to fragment and can’t router discards & sends error to source
– More Fragments (least sig bit): tells receiver it has got last fragment
• TCP traffic is hardly ever fragmented (due to use of MTU discovery). About 0.5% -
0.1% of TCP packets are fragmented .

65
 Fragment series composition

•Offset=0
•More frags •Offset=1480 •Offset=2960 •Offset=3440
•More frags •More frags •Last frag

•NB. If data segment contains its own header that is not replicated
IP Access Lists
• Access-list (ACL) is a set of rules defined for controlling the network traffic
and reducing network attacks. ACLs are used to filter traffic based on the set
of rules defined for the incoming or out going of the network. These are the
Access-list which are made using the source IP address only

• Access lists are used to control and manage access of interesting and non
interesting traffic.
• Access lists are powerful tools for controlling access both to and from network
segments.
• They can filter uninteresting packets and be used to implement security policies.
• Using the right combination of access lists, network managers will be armed with
the power to enforce nearly any access policy they can invent.
• After the lists are built, they can be applied to either inbound or outbound traffic on
any interface.
• By applying access lists can effect router to analyze each packet by crossing the
interface at specific direction and also take action.

67
Basic Rules for IP Access Lists

• It's always compared with each line of the access list in sequential order, it mean
that it will always start with line 1, then go to line 2, then line 3, and so on.
• It is compared with lines of the access list only until a match is made. Once the
packet matches a
• line of the access list, no further comparisons take place.
• "deny all" is used to end of each access list. This means that if a packet doesn't
match up to any statement of the access list, it'll be discarded.

68
Types of IP Access Lists

• Standard access lists: The standard IP access lists use only the source IP
address in an IP packet to filter the network. This basically permits or denies an
entire protocol suite.
• Extended access lists: The extended access lists check for source and
destination IP address, protocol field in the layer 3 header, and port number at the
layer 4 header.

69
• R1(config)#access-list ?
<1-99> IP standard access list
<100-199> IP extended access list
<1100-1199> Extended 48-bit MAC address access list
<1300-1999> IP standard access list (expanded range)
<200-299> Protocol type-code access list
<2000-2699> IP extended access list (expanded range)
<700-799> 48-bit MAC address access list
dynamic-extended Extend the dynamic ACL absolute timer
rate-limit Simple rate-limit specific access list

70
• R1(config)#access-list 1 ?
deny Specify packets to reject
permit Specify packets to forward
remark Access list entry comment

71