TCP/IP Essentials A Lab-Based Approach Shivendra S. Panwar DepartmentofElectricalandComputerEngineering, PolytechnicUniversity,Brooklyn,NewYork Shiwen Mao TheBradleyDepartmentofElectricalandComputerEngineering, VirginiaPolytechnicInstituteandStateUniversity Blacksburg,Virginia Jeong-dong Ryoo ElectronicsandTelecommunicationsResearchUnit, Daejeon,SouthKorea Yihan Li DepartmentofElectricalandComputerEngineering, PolytechnicUniversity, Brooklyn,NewYork CAMBRIDGE UNIVERSITY PRESS Cambridge, New York, Melbourne, Madrid, Cape Town, Singapore, São Paulo Cambridge University Press The Edinburgh Building, Cambridge CB2 8RU, UK Published in the United States of America by Cambridge University Press, New York www.cambridge.org Information on this title: www.cambridge.org/9780521841443 © Cambridge University Press 2004 This publication is in copyright. Subject to statutory exception and to the provision of relevant collective licensing agreements, no reproduction of any part may take place without the written permission of Cambridge University Press. First published in print format 2004 ISBN-13 978-0-511-26472-6 eBook (EBL) ISBN-10 0-511-26472-0 eBook (EBL) ISBN-13 978-0-521-84144-3 hardback ISBN-10 0-521-84144-5 hardback ISBN-13 978-0-521-60124-5 paperback ISBN-10 0-521-60124-X paperback Cambridge University Press has no responsibility for the persistence or accuracy of urls for external or third-party internet websites referred to in this publication, and does not guaranteethatanycontentonsuchwebsitesis,orwillremain,accurateorappropriate. Contents Preface pagexiii Notetoinstructors xv Acknowledgements xvi Generalconventions xvii Listofabbreviations xviii 0 TCP/IP overview 1 0.1 TheInternet 1 0.2 TCP/IP protocols 2 0.3 Internetworkingdevices 5 0.4 Encapsulationandmultiplexing 7 0.5 Namingandaddressing 8 0.6 Multipleaccess 15 0.7 Routingandforwarding 16 0.8 Congestioncontrolandflowcontrol 17 0.9 Errordetectionandcontrol 18 0.10 Headerformatsoftheprotocols 19 0.11 Anexample:howTCP/IPprotocolswork together 22 1 Linux and TCP/IP networking 26 1.1 Objectives 26 1.2 LinuxandTCP/IPimplementations 26 1.3 Linuxcommandsandtools 31 1.4 Diagnostictools 35 vii viii Contents 1.5 ExerciseswithLinuxcommands 36 1.6 Exerciseswithdiagnostictools 39 1.7 Exercisesonportnumbers 41 2 A single segment network 43 2.1 Objectives 43 2.2 Localareanetworks 43 2.3 Networkinterface 50 2.4 TheInternetControlMessageProtocol 52 2.5 TheSocktrafficgenerator 54 2.6 Networkinterfaceexercises 54 2.7 ARPexercises 55 2.8 ExerciseswithICMPandping 58 2.9 ExerciseswithIPaddressandsubnetsmask 59 3 Bridges, LANs and the Cisco IOS 61 3.1 Objectives 61 3.2 Ethernetbridges 61 3.3 Configuringabridgeorrouter 66 3.4 ExercisesonCiscoIOS 71 3.5 Asimplebridgeexperiment 73 3.6 Spanningtreeexercises 75 3.7 ExerciseontheCiscoIOSwebbrowserUI 76 4 Static and dynamic routing 77 4.1 Objectives 77 4.2 Staticanddynamicrouting 77 4.3 Manipulatingroutingtables 89 4.4 Traceroute 90 4.5 Asimplerouterexperiment 91 4.6 RIPexercises 93 4.7 RoutingexperimentswithICMP 95 ix Contents 4.8 OSPFexercise 97 4.9 Staticroutingexperiment 98 4.10 Tracerouteexperiment 99 5 UDP and its applications 100 5.1 Objectives 100 5.2 TheUserDatagramProtocol 100 5.3 MTUandIPfragmentation 101 5.4 Client–serverapplications 102 5.5 Usingthesockprogram 106 5.6 UDPexercises 106 5.7 PathMTUdiscoveryexercise 107 5.8 ExerciseswithFTPandTFTP 108 6 TCP study 111 6.1 Objectives 111 6.2 TCPservice 111 6.3 ManagingtheTCPconnection 112 6.4 ManagingtheTCPdataflow 114 6.5 TuningtheTCP/IPkernel 123 6.6 TCPdiagnostictools 124 6.7 ExercisesonTCPconnectioncontrol 126 6.8 ExerciseonTCPinteractivedataflow 127 6.9 ExerciseonTCPbulkdataflow 128 6.10 ExercisesonTCPtimersandretransmission 128 6.11 Otherexercises 129 6.12 ExerciseswithDBSandNISTNet 130 7 Multicast and realtime service 134 7.1 Objectives 134 7.2 IPmulticast 134 x Contents 7.3 Realtimemultimediastreaming 145 7.4 Simplemulticastexercises 152 7.5 IGMPexercises 154 7.6 Multicastroutingexercises 156 7.7 Multicastvideostreamingexercise 158 8 The Web, DHCP, NTP and NAT 159 8.1 Objectives 159 8.2 TheHyperTextTransferProtocol 159 8.3 TheDynamicHostConfigurationProtocol 164 8.4 TheNetworkTimeProtocol 169 8.5 TheIPnetworkaddresstranslator 172 8.6 Socketprogramminginanutshell 175 8.7 HTTPexercises 178 8.8 DHCPexercises 180 8.9 NTPexercises 181 8.10 NATexercises 182 8.11 Socketprogrammingexercises 185 9 Network management and security 187 9.1 Objectives 187 9.2 Networkmanagement 187 9.3 Networksecurityoverview 192 9.4 Encryption,confidentiality,andauthentication 193 9.5 Applicationlayersecurity 198 9.6 Transportlayerandwebsecurity 200 9.7 Networklayersecurity 203 9.8 Systemsecurity 205 9.9 SNMPexercises 208 9.10 Exercisesonsecureapplications 209 9.11 ExercisesonasecureApacheserver 210 9.12 Exercisesonfirewallsandiptables 211 9.13 Exercisesonauditingandintrusiondetection 212 xi Contents References and further reading 214 Appendix A: instructor’s guide 216 A.1 Laboperationmechanism 216 A.2 Labequipment 217 A.3 Softwareinstallationandconfiguration 219 A.4 Estimatedbudget 229 A.5 Rootprivilegeforsystemcommands 230 A.6 Internetaccess 232 Appendix B: initial configuration of the routers 233 B.1 Initialconfigurationofrouter1 233 B.2 Initialconfigurationsoftheotherrouters 235 Appendix C: source code 236 C.1 CommandfilesfortheDBSexperiments 236 C.2 Netspysourcecode 239 C.3 HTMLandCGIfiles 245 C.4 Socketprogrammingsourcecode 246 Appendix D: list of key requests for comments (RFC) 253 Index 258 Preface Youcanknowthenameofabirdinallthelanguagesoftheworld,butwhen you’refinished,you’llknowabsolutelynothingwhateveraboutthebird...So let’slookatthebirdandseewhatit’sdoing–that’swhatcounts.Ilearnedvery earlythedifferencebetweenknowingthenameofsomethingandknowing something. RichardFeynman(1918–1988) As the title of this book suggests, this book is a minimalist approach to teaching TCP/IP using laboratory-based experiments. It is minimalist in that it provides one, possibly idiosyncratic, choice of topics at a depth we felt was sufficient to learn the basics of TCP/IP. The intention was not to write a reference text on the subject. The laboratory was important in giving students the experience of observing the TCP/IP protocols in action. The act of observing and drawing some conclusions from those observations, brings to life the often dry study of network protocols, and motivatesstudentstolearnmoreaboutthem. AppendixAisnecessaryreadingonlyfortheinstructorwhoisincharge ofsettingupthelab.Wehaveattemptedtokeepcostsdownsothatonlythe most Scrooge-like University administrator would raise an eyebrow over the cost of the lab equipment (as for lab space, that may be another mat- ter!).Weassumethatthestudentshaveabasicbackgroundinnetworking, perhaps from a previous course, or perhaps as part of a course that back loadstheexperimentsinthisbookafterprovidingagenerallecture-based introduction to networks. Chapter 0 is a quick overview of TCP/IP that serves two purposes. It provides an overview of the TCP/IP stack, and servesastheframeworkfortherestofthebook.Chapters1to9havethe followingcommonstructure.Eachofthemprovidesintroductorymaterial suitableforpresentationinthelecturepartofthecoursefollowedbyalab experiment. The lab experiments should follow lectures that provide the xiii xiv Preface students with the basic knowledge they need to perform the experiments andderiveinsightsfromtheirobservationsduringthecourseoftheexper- iments. Each lab experiment is designed to take no more than 3 hours to complete. The experiments were developed on the basis of a course taught at the Polytechnic University over the course of over eight years. Initially, we used SUN workstations with the Solaris operating system, but have now switched to Linux machines. The primary operating system in this book is Linux, but with Solaris commands provided when they differ from Linux commands. Chapter 1 provides an introduction to Linux, sincemanystudentsmaybeunfamiliarwiththisoperatingsystem.Italso introduces key tools used in subsequent experiments such as tcpdump and Ethereal. Chapter2 introduces network interfaces, ping and IP ad- dresses. Chapter3 introduces bridges, also known as layer two switches, bridge/routerconfiguration,andtheCiscoIOS.Chapter4focusesonrout- ing, with RIP and OSPF as the routing protocols studied, along with the useful traceroute utility. Chapter 5 introduces UDP and FTP. Chapter 6 follows up with TCP, including a study of its congestion control mecha- nism.Thesesixchaptersaresufficientinmanycasestointroducestudents tothebasicsofTCP/IP.Nonetheless,thenextthreechaptersareimportant for students who wish to link the basic plumbing of TCP/IP with appli- cations. Chapter 7 deals with IP multicast and realtime applications. The web, DHCP, NTP and NAT are some key applications that are presented in Chapter 8, as well as a brief introduction to socket programming. Net- work management and security are arguably two of the most important features that students need to know, at least at a basic level. Chapter 9 providesabriefintroductiontothismaterial,whichcaneasilybethesub- ject of a separate course. A list of key RFCs is provided at the end of the book. There are several alternative ways of teaching this material with this book.Ageneralknowledgeofnetworkingisassumedasaprerequisitefor this book. However, an introductory course in networking could be com- binedwiththefirstsixexperiments,back-loadedattheendofthecourse,to illustratethelowestfourlayersoftheprotocolstack.Forcomputerscien- tists,atop-downapproachissometimesthepreferredapproachinteaching networking.Inthatcasethelabexperimentscanbere-orderedtofocuson thehigherlayers. xv Preface Notetoinstructors Additional course material, including lecture transparencies, sample lab reports,homeworkassignments,examinations,anderrata,areavailableat thecoursewebsite:www.cambridge.org/052160124X.