[ducht]

Mình sưu tầm sách TCP/IP tiếng Anh từ nguồn MicroSoft mình sẽ post lên từ từ xin chia sẻ cùng mọi người.

TCP/IP Fundamentals for Microsoft Windows: Overview
Published: November 02, 2004 | Updated: January 05, 2007
This online book is a structured, introductory approach to the basic concepts and principles of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite, how the most important protocols function, and their basic configuration in the Microsoft® Windows Server® 2003 and Windows® XP operating systems. This book is primarily a discussion of concepts and principles to lay a conceptual foundation for the TCP/IP protocol suite. Unlike many other introductory TCP/IP texts, this book provides an integrated discussion of both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6).
This book is not a discussion of TCP/IP planning, configuration, deployment, management, or application development. For a discussion of TCP/IP planning, configuration, deployment, and management, see the online Help for Windows Server 2003 and the Windows Server 2003 Deployment Kit. For a discussion of how to develop TCP/IP applications using Windows Sockets, see the Microsoft Developer Network.
This book provides an educational vehicle for the fundamentals of TCP/IP to either prepare you for a career in information technology or to augment your knowledge of TCP/IP-based networking in Microsoft Windows. This book is not intended to be a primer for computing or networking technology.
For an Adobe Portable Document Format (PDF) version of this book that has been updated for Windows Vista and Windows Server 2008, click here.
On This Page
Who Should Read This Book
What Should You Know Before Reading this Book
Table of Contents
Acknowledgements
Who Should Read This Book
This book is written for the following audiences:

• Information technology students

This book can serve as a textbook for a comprehensive introductory TCP/IP course taught inside your organization or at an educational institution.

• Microsoft Certified Systems Engineers (MCSEs)

This book can be used as background information when preparing to take the courses and exams for an MCSE certification.

• Microsoft Windows network administrators and general technical staff

This includes anyone who is currently managing a Windows network and wants to gain additional technical knowledge about TCP/IP components and services and their basic configuration in Windows XP and Windows Server 2003.
Top of page
What Should You Know Before Reading this Book
This book assumes a foundation of knowledge that includes basic computing and networking concepts. For example, basic computing knowledge includes binary and hexadecimal numbers, parts of a computer, the role of software and hardware, and so forth. Basic networking knowledge includes the Open Systems Interconnection (OSI) model, the Institute of Electrical and Electronic Engineers (IEEE) 802 model, Ethernet and 802.11 wireless LAN standards, parts of a network, and so forth.
This book also assumes familiarity with Windows, such as desktop navigation and knowledge of configuration facilities such as Control Panel, Microsoft Management Console snap-ins, and the command prompt.
Top of page
Table of Contents
The following are the chapters of the TCP/IP Fundamentals for Microsoft Windows online book. You can also download an Adobe PDF version of this book, which has been updated for Windows Vista and Windows Server 2008.
Chapter 1: Introduction to TCP/IP
Introduces TCP/IP, both as an industry-standard protocol suite and as it is supported in Windows Server 2003 and Windows XP.
Chapter 2: Architectural Overview of the TCP/IP Protocol Suite
Examines the TCP/IP protocol suite in greater detail, analyzes its four layers and the core protocols used within each layer, and discusses the two main application programming interfaces (APIs) that networking applications for the Windows operating systems use and the APIs’ naming schemes.
Chapter 3: Addressing
Describes the types of IPv4 and IPv6 addresses, how they are expressed, and the different types of unicast addresses assigned to network node interfaces.
Chapter 4: Subnetting
Describes subnetting concepts and procedures for both IPv4 and IPv6 address prefixes to efficiently allocate and administer the unicast address spaces assigned and used on private intranets.
Chapter 5: IP Routing
Describes the details of IP routing when an IPv4 or IPv6 packet is forwarded from a source to a destination and discusses the basic concepts of routing tables, route determination processes, and routing infrastructure.
Chapter 6: Dynamic Host Configuration Protocol
Describes how the Dynamic Host Configuration Protocol (DHCP) automatically allocates unique IPv4 address configurations to DHCP client computers and how IPv6 hosts use address autoconfiguration.
Chapter 7: Host Name Resolution
Describes the various methods by which Windows-based computers resolve host names, such as www.example.com, to their corresponding IP addresses.
Chapter 8: Domain Name System Overview
Describes the Domain Name System (DNS) and its use for private intranets and the Internet.
Chapter 9: Windows Support for DNS
Describes the details of the DNS Client service, provided with Windows XP and Windows Server 2003, and the DNS Server Service, provided with Windows Server 2003.
Chapter 10: TCP/IP End-to-End Delivery
Describes the end-to-end delivery processes for both IPv4 and IPv6 traffic and show how they are used for typical IPv4 and IPv6 traffic on an example network.
Chapter 11: NetBIOS Over TCP/IP
Describes the network basic input/output system (NetBIOS) over TCP/IP and its implementation in Windows Server 2003 and Windows XP.
Chapter 12: Windows Internet Name Service Overview
Describes the use of Windows Internet Name Service (WINS) to resolve NetBIOS names on an IPv4 network.
Chapter 13: Internet Protocol Security (IPsec) and Packet Filtering
Describes the support for IPsec and IP packet filtering in Windows Server 2003 and Windows XP. IPsec provides cryptographic protection for IP packet payloads. Packet filtering determines which types of packets are permitted or dropped.
Chapter 14: Virtual Private Networking
Describes the virtual private network (VPN) technologies supported in Windows XP and Windows Server 2003. You can use VPN connections to connect remote users to an intranet and remote offices to each other by leveraging the global connectivity of the Internet.
Chapter 15: IPv6 Transition Technologies
Describes the mechanisms that allow for a seamless transition from IPv4 to IPv6, including details on how the Intra-site Automatic Tunnel Addressing Protocol (ISATAP), 6to4, and Teredo transition technologies work.
Chapter 16: Troubleshooting TCP/IP
Describes the guidelines, tools, and techniques for troubleshooting IPv4-based and IPv6-based communications including basic connectivity, DNS name resolution, NetBIOS name resolution for IPv4 addresses, and TCP sessions.
Appendix A: IP Multicast
Describes the details of IP multicast for both IPv4 and IPv6 and its support in Windows Server 2003 and Windows XP. IP multicast is a one-to-many delivery mechanism that is useful for efficiently distributing data to interested listening hosts at arbitrary locations on a private network or on the Internet.
Appendix B: Simple Network Management Protocol
Describes the Simple Network Management Protocol (SNMP) and its support in Windows Server 2003 and Windows XP. SNMP is used in enterprise network environments to manage many types of network devices.
Appendix C: Computer Browser Service
Describes how the Computer Browser service on computers running Windows XP and Windows Server 2003 works. The Computer Browser service helps a Windows-based computer display the list of workgroups and domains and the servers within them in My Network Places on the Windows desktop.
Top of page
Acknowledgements
Joseph Davies, Technical Writer, Microsoft Corporation
Anne Taussig, Technical Editor, Microsoft Corporation
Top of page
© 2010 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement

[ducht]

Chapter 1 – Introduction to TCP/IP
Published: November 02, 2004 | Updated: April 16, 2007
Writer: Joe Davies
Abstract
This chapter introduces Transmission Control Protocol/Internet Protocol (TCP/IP), both as an industry standard protocol suite and as it is supported in the Microsoft® Windows Server™ 2003 and Windows® XP operating systems. For the TCP/IP protocol suite, network administrators must understand its past, the current standards process, and the common terms used to describe network devices and portions of a network. For the TCP/IP components in Windows Server 2003 and Windows XP, network administrators must understand the installation and configuration differences of the Internet Protocol version 4 (IPv4)-based and Internet Protocol version 6 (IPv6)-based components and the primary tools for troubleshooting.
For a version of this chapter that has been updated for Windows Vista and Windows Server 2008.
On This Page
Chapter Objectives

After completing this chapter, you will be able to:
· Describe the purpose and history of the TCP/IP protocol suite.
· Describe the Internet standards process and the purpose of a Request for Comments (RFC) document.
· Define common terms used in TCP/IP.
· Describe the advantages of TCP/IP components in Windows Server 2003 and Windows XP.
· Describe how to configure the IPv4-based TCP/IP component in Windows.
· Describe how to install and configure the IPv6-based TCP/IP component in Windows.
· List and define the set of name resolution files and diagnostic tools used by the TCP/IP components in Windows.
· Test the TCP/IP components of Windows with the Ipconfig and Ping tools.
· Install and use Network Monitor.

History of TCP/IP

Transmission Control Protocol/Internet Protocol (TCP/IP) is an industry standard suite of protocols that is designed for large networks consisting of network segments that are connected by routers. TCP/IP is the protocol that is used on the Internet, which is the collection of thousands of networks worldwide that connect research facilities, universities, libraries, government agencies, private companies, and individuals.
The roots of TCP/IP can be traced back to research conducted by the United States Department of Defense (DoD) Advanced Research Projects Agency (DARPA) in the late 1960s and early 1970s. The following list highlights some important TCP/IP milestones:
· In 1970, ARPANET hosts started to use Network Control Protocol (NCP), a preliminary form of what would become the Transmission Control Protocol (TCP).
· In 1972, the Telnet protocol was introduced. Telnet is used for terminal emulation to connect dissimilar systems. In the early 1970s, these systems were different types of mainframe computers.
· In 1973, the File Transfer Protocol (FTP) was introduced. FTP is used to exchange files between dissimilar systems.
· In 1974, the Transmission Control Protocol (TCP) was specified in detail. TCP replaced NCP and provided enhanced reliable communication services.
· In 1981, the Internet Protocol (IP) (also known as IP version 4 [IPv4]) was specified in detail. IP provides addressing and routing functions for end-to-end delivery.
· In 1982, the Defense Communications Agency (DCA) and ARPA established the Transmission Control Protocol (TCP) and Internet Protocol (IP) as the TCP/IP protocol suite.
· In 1983, ARPANET switched from NCP to TCP/IP.
· In 1984, the Domain Name System (DNS) was introduced. DNS resolves domain names (such as www.example.com) to IP addresses (such as 192.168.5.18).
· In 1995, Internet service providers (ISPs) began to offer Internet access to businesses and individuals.
· In 1996, the Hypertext Transfer Protocol (HTTP) was introduced. The World Wide Web uses HTTP.
· In 1996, the first set of IP version 6 (IPv6) standards were published.
For more information about these protocols and the layers of the TCP/IP protocol architecture, see Chapter 2
With the refinement of the IPv6 standards and their growing acceptance, the chapters of this online book make the following definitions:
· TCP/IP is the entire suite of protocols defined for use on private networks and the Internet. TCP/IP includes both the IPv4 and IPv6 sets of protocols.
· IPv4 is the Internet layer of the TCP/IP protocol suite originally defined for use on the Internet. IPv4 is in widespread use today.
· IPv6 is the Internet layer of the TCP/IP protocol suite that has been recently developed. IPv6 is gaining acceptance today.
· IP is the term used to describe features or attributes that apply to both IPv4 and IPv6. For example, an IP address is either an IPv4 address or an IPv6 address.
Note Because the term IP indicates IPv4 in most of the TCP/IP implementations today, the term IP will be used for IPv4 in some instances. These references will be made clear in the context of the discussion. When possible, the chapters of this online book will use the term IP (IPv4).

The Internet Standards Process

Because TCP/IP is the protocol of the Internet, it has evolved based on fundamental standards that have been created and adopted over more than 30 years. The future of TCP/IP is closely associated with the advances and administration of the Internet as additional standards continue to be developed. Although no one organization owns the Internet or its technologies, several organizations oversee and manage these new standards, such as the Internet Society and the Internet Architecture Board.
The Internet Society (ISOC) was created in 1992 and is a global organization responsible for the internetworking technologies and applications of the Internet. Although the society’s principal purpose is to encourage the development and availability of the Internet, it is also responsible for the further development of the standards and protocols that allow the Internet to function.
The ISOC sponsors the Internet Architecture Board (IAB), a technical advisory group that sets Internet standards, publishes RFCs, and oversees the Internet standards process. The IAB governs the following bodies:
· The Internet Assigned Number Authority (IANA) oversees and coordinates the assignment of protocol identifiers used on the Internet.
· The Internet Research Task Force (IRTF) coordinates all TCP/IP-related research projects.
· The Internet Engineering Task Force (IETF) solves technical problems and needs as they arise on the Internet and develops Internet standards and protocols. IETF working groups define standards known as RFCs.
Requests for Comments (RFCs)

The standards for TCP/IP are published in a series of documents called Requests for Comments (RFCs). RFCs describe the internal workings of the Internet. TCP/IP standards are always published as RFCs, although not all RFCs specify standards. Some RFCs provide informational, experimental, or historical information only.
An RFC begins as an Internet draft, which is typically developed by one or more authors in an IETF working group. An IETF working group is a group of individuals that has a specific charter for an area of technology in the TCP/IP protocol suite. For example, the IPv6 working group devotes its efforts to furthering the standards of IPv6. After a period of review and a consensus of acceptance, the IETF publishes the final version of the Internet draft as an RFC and assigns it an RFC number.
RFCs also receive one of five requirement levels, as listed in Table 1-1.


If an RFC is being considered as a standard, it goes through stages of development, testing, and acceptance. Within the Internet standards process, these stages are formally known as maturity levels.
Internet standards have one of three maturity levels, as listed in Table 1-2. Maturity levels are determined by the RFC's IETF working group and are independent of requirement levels.

If an RFC-based standard must change, the IETF publishes a new Internet draft and, after a period of review, a new RFC with a new number. The original RFC is never updated. Therefore, you should verify that you have the most recent RFC on a particular topic or standard. For example, we reference RFCs throughout the chapters of this online book. If you decide to look up the technical details of an Internet standard in its RFC, make sure that you have the latest RFC that describes the standard.
You can obtain RFCs from
TCP/IP Terminology

The Internet standards use a specific set of terms when referring to network elements and concepts related to TCP/IP networking. These terms provide a foundation for subsequent chapters. Figure 1-1 illustrates the components of an IP network.


Figure 1-1 Elements of an IP network
Common terms and concepts in TCP/IP are defined as follows:
· Node Any device, including routers and hosts, which runs an implementation of IP.
· Router A node that can forward IP packets not explicitly addressed to itself. On an IPv6 network, a router also typically advertises its presence and host configuration information.
· Host A node that cannot forward IP packets not explicitly addressed to itself (a non-router). A host is typically the source and the destination of IP traffic. A host silently discards traffic that it receives but that is not explicitly addressed to itself.
· Upper-layer protocol A protocol above IP that uses IP as its transport. Examples include Internet layer protocols such as the Internet Control Message Protocol (ICMP) and Transport layer protocols such as the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). (However, Application layer protocols that use TCP and UDP as their transports are not considered upper-layer protocols. File Transfer Protocol [FTP] and Domain Name System [DNS] fall into this category). For details of the layers of the TCP/IP protocol suite, see Chapter 2,
· LAN segment A portion of a subnet consisting of a single medium that is bounded by bridges or Layer 2 switches.
· Subnet One or more LAN segments that are bounded by routers and use the same IP address prefix. Other terms for subnet are network segment and link.
· Network Two or more subnets connected by routers. Another term for network is internetwork.
· Neighbor A node connected to the same subnet as another node.
· Interface The representation of a physical or logical attachment of a node to a subnet. An example of a physical interface is a network adapter. An example of a logical interface is a tunnel interface that is used to send IPv6 packets across an IPv4 network.
· Address An identifier that can be used as the source or destination of IP packets and that is assigned at the Internet layer to an interface or set of interfaces.
· Packet The protocol data unit (PDU) that exists at the Internet layer and comprises an IP header and payload.

TCP/IP Components in Windows

Table 1-3 lists the advantages of the TCP/IP protocol suite and the inclusion of TCP/IP components in Windows.

Windows includes both an IPv4-based and an IPv6-based TCP/IP component.

(Còn tiếp)

[ducht]

Configuring the IPv4-based TCP/IP Component in Windows

The IPv4-based TCP/IP component in Windows Server 2003 and Windows XP is installed by default and appears as the Internet Protocol (TCP/IP) component in the Network Connections folder. Unlike in previous versions of Windows, you cannot uninstall the Internet Protocol (TCP/IP) component. However, you can restore its default configuration by using the netsh interface ip reset command. For more information about Netsh commands, see Windows Server 2003 or Windows XP Help and Support.
The Internet Protocol (TCP/IP) component can be configured to obtain its configuration automatically or from manually specified settings. By default, this component is configured to obtain an address configuration automatically. Figure 1-2 shows the General tab of the Internet Protocol (TCP/IP) Properties dialog box.

Figure 1-2 The General tab of the properties dialog box for the Internet Protocol (TCP/IP) component
Automatic Configuration

If you specify automatic configuration, the Internet Protocol (TCP/IP) component attempts to locate a Dynamic Host Configuration Protocol (DHCP) server and obtain a configuration when Windows starts. Many TCP/IP networks use DHCP servers that are configured to allocate TCP/IP configuration information to clients on the network. For more information about DHCP, see Chapter 6,
If the Internet Protocol (TCP/IP) component fails to locate a DHCP server, TCP/IP checks the setting on the Alternate Configuration tab. Figure 1-3 shows this tab.

Figure 1-3 The Alternate Configuration tab of the Internet Protocol (TCP/IP) component
This tab contains two options:
· Automatic Private IP Address If you choose this option, Automatic Private IP Addressing (APIPA) is used. The Internet Protocol (TCP/IP) component automatically chooses an IPv4 address from the range 169.254.0.1 to 169.254.255.254, using the subnet mask of 255.255.0.0. The DHCP client ensures that the IPv4 address that the Internet Protocol (TCP/IP) component has chosen is not already in use. If the address is in use, the Internet Protocol (TCP/IP) component chooses another IPv4 address and repeats this process for up to 10 addresses. When the Internet Protocol (TCP/IP) component has chosen an address that the DHCP client has verified as not in use, the Internet Protocol (TCP/IP) component configures the interface with this address. With APIPA, users on single-subnet Small Office/Home Office (SOHO) networks can use TCP/IP without having to perform manual configuration or set up a DHCP server. APIPA does not configure a default gateway. Therefore, only local subnet traffic is possible.
· User Configured If you choose this option, the Internet Protocol (TCP/IP) component uses the configuration that you specify. This option is useful when a computer is used on more than one network, not all of the networks have a DHCP server, and an APIPA configuration is not wanted. For example, you might want to choose this option if you have a laptop computer that you use both at the office and at home. At the office, the laptop uses a TCP/IP configuration from a DHCP server. At home, where no DHCP server is present, the laptop automatically uses the alternate manual configuration. This option provides easy access to home network devices and the Internet and allows seamless operation on both networks, without requiring you to manually reconfigure the Internet Protocol (TCP/IP) component.
If you specify an APIPA configuration or an alternate manual configuration, the Internet Protocol (TCP/IP) component continues to check for a DHCP server in the background every 5 minutes. If TCP/IP finds a DHCP server, it stops using the APIPA or alternate manual configuration and uses the IPv4 address configuration offered by the DHCP server.
Manual Configuration

To configure the Internet Protocol (TCP/IP) component manually, also known as creating a static configuration, you must at a minimum assign the following:
· IP address An IP (IPv4) address is a logical 32-bit address that is used to identify the interface of an IPv4-based TCP/IP node. Each IPv4 address has two parts: the subnet prefix and the host ID. The subnet prefix identifies all hosts that are on the same physical network. The host ID identifies a host on the network. Each interface on an IPv4-based TCP/IP network requires a unique IPv4 address, such as 131.107.2.200.
· Subnet mask A subnet mask allows the Internet Protocol (TCP/IP) component to distinguish the subnet prefix from the host ID. An example of a subnet mask is 255.255.255.0.
For more information about IPv4 addresses and subnet masks, see Chapter 3, "and Chapter 4.
You must configure these parameters for each network adapter in the node that uses the Internet Protocol (TCP/IP) component. If you want to connect to nodes beyond the local subnet, you must also assign the IPv4 address of a default gateway, which is a router on the local subnet to which the node is attached. The Internet Protocol (TCP/IP) component sends packets that are destined for remote networks to the default gateway, if no other routes are configured on the local host.
You can also manually configure the IPv4 addresses of primary and alternate DNS servers. The Internet Protocol (TCP/IP) component uses DNS servers to resolve names, such as www.example.com, to IPv4 or IPv6 addresses.
Figure 1-4 shows an example of a manual configuration for the Internet Protocol (TCP/IP) component.

Figure 1-4 An example of a manual configuration for the Internet Protocol (TCP/IP)
You can also manually configure the Internet Protocol (TCP/IP) using netsh interface ip commands at a command prompt.
Installing and Configuring the IPv6-based TCP/IP Component in Windows

Windows XP with Service Pack 1 (SP1) and Windows Server 2003 are the first versions of Windows to support IPv6 for production use. You install IPv6 as a component in Network Connections; the component is named Microsoft TCP/IP Version 6 in Windows Server 2003and Windows XP with Service Pack 2 (SP2) and Microsoft IPv6 Developer Edition in Windows XP with SP1.
Note The Microsoft IPv6 Developer Edition component included in Windows XP with no service packs was intended for application developers only, not for use in production environments. Therefore, all of the Help topics for that version contain a disclaimer describing its limitations and supported uses. Windows XP SP1 and SP2 include a version of IPv6 that is intended for production use. However, the Help topics were not updated for Windows XP SP1 or SP2. Therefore, you can disregard the disclaimer if you have installed Windows XP SP1 or SP2.
Unlike the Internet Protocol (TCP/IP) component, the IPv6 component is not installed by default, and you can uninstall it. You can install the IPv6 component in the following ways:
· Using the Network Connections folder.
· Using the netsh interface ipv6 install command.
To install the IPv6 component in Windows Server 2003 using the Network Connections folder, do the following:
1. Click Start, point to Control Panel, and then double-click Network Connections.
2. Right-click any local area connection, and then click Properties.
3. Click Install.
4. In the Select Network Component Type dialog box, click Protocol, and then click Add.
5. In the Select Network Protocol dialog box, click Microsoft TCP/IP Version 6, and then click OK.
6. Click Close to save changes.
Unlike Internet Protocol (TCP/IP), the IPv6 component has no properties dialog box from which you can configure IPv6 addresses and settings. Configuration should be automatic for IPv6 hosts and manual for IPv6 routers.
Automatic Configuration

The Microsoft TCP/IP Version 6 component supports address autoconfiguration. All IPv6 nodes automatically create unique IPv6 addresses for use between neighboring nodes on a subnet. To reach remote locations, each IPv6 host upon startup sends a Router Solicitation message in an attempt to discover the local routers on the subnet. An IPv6 router on the subnet responds with a Router Advertisement message, which the IPv6 host uses to automatically configure IPv6 addresses, the default router, and other IPv6 settings.
Manual Configuration

You do not need to configure the typical IPv6 host manually. If a host does require manual configuration, use the netsh interface ipv6 commands to add addresses or routes and configure other settings.
If you are configuring a computer running Windows XP with SP1, Windows XP with SP2, or Windows Server 2003 to be an IPv6 router, then you must use the netsh interface ipv6 commands to manually configure the IPv6 component with address prefixes.
For more information about configuring an IPv6 router, see Chapter 5.
(Còn tiếp)

[ducht]

Name Resolution Files in Windows

The Internet Protocol (TCP/IP) and Microsoft TCP/IP Version 6 components support the use of name resolution files to resolve the names of destinations, networks, protocols, and services. Table 1-4 lists these name resolution files, which are stored in the Systemroot\System32\Drivers\Etc folder.

TCP/IP Tools in Windows
Table 1-5 lists the TCP/IP diagnostic tools that are included with Windows Server 2003 and Windows XP. You can use these tools to help identify or resolve TCP/IP networking problems.

Windows Server 2003 and Windows XP also include command-line tools for data transfer using FTP, Trivial File Transfer Protocol (TFTP), Telnet, and connectivity to UNIX-based resources.
After you have configured TCP/IP, you can use the Ipconfig and Ping tools to verify and test the configuration and connectivity to other TCP/IP hosts and networks.
The Ipconfig Tool

You can use the Ipconfig tool to verify the TCP/IP configuration parameters on a host, including the following:
· For IPv4, the IPv4 address, subnet mask, and default gateway.
· For IPv6, the IPv6 addresses and the default router.
Ipconfig is useful in determining whether the configuration is initialized and whether a duplicate IP address is configured. To view this information, type ipconfig at a command prompt.
Here is an example of the display of the Ipconfig tool for a computer that is using both IPv4 and IPv6:
C:\>ipconfigWindows IP ConfigurationEthernet adapter Local Area Connection: Connection-specific DNS Suffix . : wcoast.example.com IP Address. . . . . . . . . . . . : 157.60.139.77 Subnet Mask . . . . . . . . . . . : 255.255.252.0 IP Address. . . . . . . . . . . . : 2001:db8:ffff:f282:204:76ff:fe36:7363 IP Address. . . . . . . . . . . . : fec0::f282:204:76ff:fe36:7363%2 IP Address. . . . . . . . . . . . : fe80::204:76ff:fe36:7363 Default Gateway . . . . . . . . . : 157.60.136.1 2001:db8:1:21ad:210:ffff:fed6:58c0Tunnel adapter Automatic Tunneling Pseudo-Interface: Connection-specific DNS Suffix . : wcoast.example.com IP Address. . . . . . . . . . . . : 2001:db8:ffff:f70f:0:5efe:157.60.139.77 IP Address. . . . . . . . . . . . : fe80::5efe:157.60.139.77%2 Default Gateway . . . . . . . . . : fe80::5efe:157.54.253.9%2Type ipconfig /all at a command prompt to view the IPv4 and IPv6 addresses of DNS servers, the IPv4 addresses of Windows Internet Name Service (WINS) servers (which resolve NetBIOS names to IP addresses), the IPv4 address of the DHCP server, and lease information for DHCP-configured IPv4 addresses.
The Ping Tool

After you verify the configuration with the Ipconfig tool, use the Ping tool to test connectivity. The Ping tool is a diagnostic tool that tests TCP/IP configurations and diagnoses connection failures. For IPv4, Ping uses ICMP Echo and Echo Reply messages to determine whether a particular IPv4-based host is available and functional. For IPv6, Ping uses ICMP for IPv6 (ICMPv6) Echo Request and Echo Reply messages. The basic command syntax is ping Destination, in which Destination is either an IPv4 or IPv6 address or a name that can be resolved to an IPv4 or IPv6 address.
Here is an example of the display of the Ping tool for an IPv4 destination:
C:\>ping 157.60.136.1Pinging 157.60.136.1 with 32 bytes of data:Reply from 157.60.136.1: bytes=32 time<1ms TTL=255Reply from 157.60.136.1: bytes=32 time<1ms TTL=255Reply from 157.60.136.1: bytes=32 time<1ms TTL=255Reply from 157.60.136.1: bytes=32 time<1ms TTL=255Ping statistics for 157.60.136.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msHere is an example of the display of the Ping tool for an IPv6 destination:
C:\>ping 2001:db8:1:21ad:210:ffff:fed6:58c0Pinging 2001:db8:1:21ad:210:ffff:fed6:58c0 from 2001B8:1:21ad:204:76ff:fe36:7363 with 32 bytes of data:Reply from 2001:db8:1:21ad:210:ffff:fed6:58c0: time<1msReply from 2001:db8:1:21ad:210:ffff:fed6:58c0: time<1msReply from 2001:db8:1:21ad:210:ffff:fed6:58c0: time<1msReply from 2001:db8:1:21ad:210:ffff:fed6:58c0: time<1msPing statistics for 2001:db8:1:21ad:210:ffff:fed6:58c0: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 1ms, Average = 0msTo verify a computer’s configuration and to test for router connections, do the following:
1. Type ipconfig at a command prompt to verify whether the TCP/IP configuration has initialized.
2. Ping the IPv4 address of the default gateway or the IPv6 address of the default router to verify whether they are functioning and whether you can communicate with a node on the local network.
3. Ping the IPv4 or IPv6 address of a remote node to verify whether you can communicate through a router.
If you start with step 3 and you are successful, then you can assume that you would be successful with steps 1 and 2.
Note You cannot use the Ping tool to troubleshoot connections if packet filtering routers and host-based firewalls are dropping ICMP and ICMPv6 traffic. For more information, see Chapter 13.
Network Monitor

You can use Network Monitor to simplify troubleshooting complex network problems because it monitors and captures network traffic for analysis. Network Monitor works by configuring a network adapter to capture all incoming and outgoing packets.
You can define capture filters so that only specific frames are saved. Filters can save frames based on source and destination MAC addresses, source and destination protocol addresses, and pattern matches. After a packet is captured, you can use display filtering to further isolate a problem. When a packet has been captured and filtered, Network Monitor interprets and displays the packet data in readable terms.
Note Windows Server 2003 includes a version of Network Monitor that can capture data for the local computer only. Microsoft Systems Management Server includes a version that can capture data for remote computers.
To install Network Monitor in Windows Server 2003, do the following:
1. Click Start, point to Control Panel, click Add or Remove Programs, and then click Add/Remove Windows Components.
2. In the Windows Components wizard, click Management and Monitoring Tools, and then click Details.
3. In Management And Monitoring Tools, select the Network Monitor Tools check box, and then click OK.
4. If you are prompted for additional files, insert the product CD, or type a path to the location of the files on the network.
Note To perform this procedure, you must be logged on as a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might also be able to perform this procedure.
To analyze network traffic with Network Monitor, you must start the capture, generate the network traffic you want to observe, stop the capture, and then view the data.
Starting a Capture

Network Monitor uses different windows to display data in different ways. One of the primary windows is the Capture window. Figure 1-5 shows an example of the Capture window.

Figure 1-5 The Capture window in Network Monitor
When this window is active, the toolbar has options to start, pause, stop, or stop and view captured data. On the Capture menu, click Start to start a capture. While the capture is running, statistical information appears in the Capture window.
Stopping a Capture

After you have generated the network traffic that you want to analyze, on the Capture menu, click Stop to stop the capture. You can then start another capture or display the current capture data. To stop a capture and immediately open it for viewing, on the Capture menu, click Stop and View.
Viewing the Data

When you open a capture to view, a Summary window appears, showing the list of frames in the capture. Each frame contains a frame number, the time of frame reception, source and destination addresses, the highest-layer protocol used in the frame, and a description of the frame. Figure 1-6 shows an example Summary window.

For more detailed information about a specific frame, on the Window menu, click Zoom pane. In the zoom view, the Summary window shows two more panes, the Detail pane and the Hexadecimal pane. The Detail pane shows the protocol information in detail. The Hexadecimal pane shows the individual bytes in the frame. Figure 1-7 shows the zoom view of a frame within an example capture.


(Còn tiếp)

[ducht]

Chapter Summary

The chapter includes the following pieces of key information:
· TCP/IP is an industry-standard suite of protocols that are designed for large-scale networks. The TCP/IP protocol suite includes both the IPv4 and IPv6 sets of protocols.
· The standards for TCP/IP are published in a series of documents called RFCs.
· On a TCP/IP-based network, a router can forward packets that are not addressed to the router, a host cannot, and a node is either a host or a router.
· On a TCP/IP-based network, a subnet is one or more LAN segments that are bounded by routers and that use the same IP address prefix, and a network is two or more subnets connected by routers.
· The IPv4-based TCP/IP component in Windows is the Internet Protocol (TCP/IP) component in Network Connections. This component is installed by default, and you cannot uninstall it. You configure it either automatically (by using DHCP or an alternate configuration) or manually (by using Network Connections or the Netsh tool).
· The IPv6-based TCP/IP component in Windows is the Microsoft TCP/IP Version 6 or Microsoft IPv6 Developer Edition component in Network Connections. This component is not installed by default, and you can uninstall it. You configure it either automatically (by using router discovery) or manually (by using the Netsh tool).
· Ipconfig and ping are the primary tools for troubleshooting basic IP configuration and connectivity.
· You can use Network Monitor to troubleshoot complex network problems by capturing and viewing network traffic for analysis.
Top of page
Chapter Glossary

address – An identifier that specifies the source or destination of IP packets and that is assigned at the IP layer to an interface or set of interfaces.
APIPA – See Automatic Private IP Addressing.
Automatic Private IP Addressing – A feature in Windows Server 2003 and Windows XP that automatically configures a unique IPv4 address from the range 169.254.0.1 through 169.254.255.254 and a subnet mask of 255.255.0.0. APIPA is used when the Internet Protocol (TCP/IP) component is configured for automatic addressing, no DHCP server is available, and the Automatic Private IP Address alternate configuration option is chosen.
host – A node that is typically the source and a destination of IP traffic. Hosts silently discard received packets that are not addressed to an IP address of the host.
interface – The representation of a physical or logical attachment of a node to a subnet. An example of a physical interface is a network adapter. An example of a logical interface is a tunnel interface that is used to send IPv6 packets across an IPv4 network.
IP – Features or attributes that apply to both IPv4 and IPv6. For example, an IP address is either an IPv4 address or an IPv6 address.
IPv4 – The Internet layer protocols of the TCP/IP protocol suite as defined in RFC 791. IPv4 is in widespread use today.
IPv6 – The Internet layer protocols of the TCP/IP protocol suite as defined in RFC 2460. IPv6 is gaining acceptance today.
LAN segment – A portion of a subnet that consists of a single medium that is bounded by bridges or Layer 2 switches.
neighbor – A node that is connected to the same subnet as another node.
network – Two or more subnets that are connected by routers. Another term for network is internetwork.
node – Any device, including routers and hosts, which runs an implementation of IP.
packet – The protocol data unit (PDU) that exists at the Internet layer and comprises an IP header and payload.
Request for Comments (RFC) - An official document that specifies the details for protocols included in the TCP/IP protocol suite. The Internet Engineering Task Force (IETF) creates and maintains RFCs for TCP/IP.
RFC – See Request for Comments (RFC).
router – A node that can be a source and destination for IP traffic and can also forward IP packets that are not addressed to an IP address of the router. On an IPv6 network, a router also typically advertises its presence and host configuration information.
subnet – One or more LAN segments that are bounded by routers and that use the same IP address prefix. Other terms for subnet are network segment and link.
TCP/IP – See Transmission Control Protocol/Internet Protocol (TCP/IP).
Transmission Control Protocol/Internet Protocol (TCP/IP) – A suite of networking protocols, including both IPv4 and IPv6, that are widely used on the Internet and that provide communication across interconnected networks of computers with diverse hardware architectures and various operating systems.
upper-layer protocol – A protocol above IP that uses IP as its transport. Examples of upper-layer protocols include Internet layer protocols such as the Internet Control Message Protocol (ICMP) and Transport layer protocols such as the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).

Hết chương 1.

[ducht]

Published: November 02, 2004 | Updated: April 16, 2007
Writer: Joe Davies
Abstract
This chapter examines the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite in greater detail, analyzing its four layers and the core protocols used within each layer. Network administrators must have an understanding of the core protocols in the various layers and their functions to understand how networking applications work, how data is sent from one application to another, and how to interpret network captures. This chapter also discusses the two main application programming interfaces (APIs) that networking applications for the Microsoft® Windows® operating systems use and the APIs’ naming schemes.
For a version of this chapter that has been updated for Windows Vista and Windows Server 2008, click here.
On This Page

Chapter Objectives
The TCP/IP Protocol Suite
IPv4 Internet Layer
IPv6 Internet Layer
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
Packet Multiplexing and Demultiplexing
Application Programming Interfaces
TCP/IP Naming Schemes in Windows
Chapter Summary
Chapter Glossary
Chapter Objectives

After completing this chapter, you will be able to:
· Describe how the TCP/IP protocol suite maps to the Department of Defense Advanced Research Projects Agency (DARPA) and Open System Interconnection (OSI) models.
· List the main protocols in the Network Interface, Internet, Transport, and Application layers of the DARPA model.
· Describe the purpose of the core protocols of the IPv4 Internet layer.
· Describe the purpose of the core protocols of the IPv6 Internet layer.
· Describe the purpose and characteristics of the TCP and User Datagram Protocol (UDP) protocols.
· Explain how IP uses the information in IP packets to deliver data to the correct application on a destination node.
· Describe the purpose and characteristics of the Windows Sockets and Network Basic Input/Output System (NetBIOS) APIs.
· Describe the purpose and characteristics of the host name and NetBIOS naming schemes used by TCP/IP components in Microsoft Windows Server™ 2003 and Windows XP operating systems.
Top of page
The TCP/IP Protocol Suite

The TCP/IP protocol suite maps to a four-layer conceptual model known as the DARPA model, which was named after the U.S. government agency that initially developed TCP/IP. The four layers of the DARPA model are: Application, Transport, Internet, and Network Interface. Each layer in the DARPA model corresponds to one or more layers of the seven-layer OSI model.
Figure 2-1 shows the architecture of the TCP/IP protocol suite.

The TCP/IP protocol suite has two sets of protocols at the Internet layer:
· IPv4, also known as IP, is the Internet layer in common use today on private intranets and the Internet.
· IPv6 is the new Internet layer that will eventually replace the existing IPv4 Internet layer.
Network Interface Layer

The Network Interface layer (also called the Network Access layer) sends TCP/IP packets on the network medium and receives TCP/IP packets off the network medium. TCP/IP was designed to be independent of the network access method, frame format, and medium. Therefore, you can use TCP/IP to communicate across differing network types that use LAN technologies—such as Ethernet and 802.11 wireless LAN—and WAN technologies—such as Frame Relay and Asynchronous Transfer Mode (ATM). By being independent of any specific network technology, TCP/IP can be adapted to new technologies.
The Network Interface layer of the DARPA model encompasses the Data Link and Physical layers of the OSI model. The Internet layer of the DARPA model does not take advantage of sequencing and acknowledgment services that might be present in the Data Link layer of the OSI model. The Internet layer assumes an unreliable Network Interface layer and that reliable communications through session establishment and the sequencing and acknowledgment of packets is the responsibility of either the Transport layer or the Application layer.
Internet Layer

The Internet layer responsibilities include addressing, packaging, and routing functions. The Internet layer is analogous to the Network layer of the OSI model.
The core protocols for the IPv4 Internet layer consist of the following:
· The Address Resolution Protocol (ARP) resolves the Internet layer address to a Network Interface layer address such as a hardware address.
· The Internet Protocol (IP) is a routable protocol that addresses, routes, fragments, and reassembles packets.
· The Internet Control Message Protocol (ICMP) reports errors and other information to help you diagnose unsuccessful packet delivery.
· The Internet Group Management Protocol (IGMP) manages IP multicast groups.
For more information about the core protocols for the IPv4 Internet layer, see "IPv4 Internet Layer" later in this chapter.
The core protocols for the IPv6 Internet layer consist of the following:
· IPv6 is a routable protocol that addresses and routes packets.
· The Internet Control Message Protocol for IPv6 (ICMPv6) reports errors and other information to help you diagnose unsuccessful packet delivery.
· The Neighbor Discovery (ND) protocol manages the interactions between neighboring IPv6 nodes.
· The Multicast Listener Discovery (MLD) protocol manages IPv6 multicast groups.
For more information about the core protocols for the IPv6 Internet layer, see "IPv6 Internet Layer" later in this chapter.
Transport Layer

The Transport layer (also known as the Host-to-Host Transport layer) provides the Application layer with session and datagram communication services. The Transport layer encompasses the responsibilities of the OSI Transport layer. The core protocols of the Transport layer are TCP and UDP.
TCP provides a one-to-one, connection-oriented, reliable communications service. TCP establishes connections, sequences and acknowledges packets sent, and recovers packets lost during transmission.
In contrast to TCP, UDP provides a one-to-one or one-to-many, connectionless, unreliable communications service. UDP is used when the amount of data to be transferred is small (such as the data that would fit into a single packet), when an application developer does not want the overhead associated with TCP connections, or when the applications or upper-layer protocols provide reliable delivery.
TCP and UDP operate over both IPv4 and IPv6 Internet layers.
Note The Internet Protocol (TCP/IP) component of Windows contains separate versions of the TCP and UDP protocols than the Microsoft TCP/IP Version 6 component does. The versions in the Microsoft TCP/IP Version 6 component are functionally equivalent to those provided with the Microsoft Windows NT® 4.0 operating systems and contain all the most recent security updates. The existence of separate protocol components with their own versions of TCP and UDP is known as a dual stack architecture. The ideal architecture is known as a dual IP layer, in which the same versions of TCP and UDP operate over both IPv4 and IPv6 (as Figure 2-1 shows). Windows Vista has a dual IP layer architecture for the TCP/IP protocol components.
Application Layer

The Application layer allows applications to access the services of the other layers, and it defines the protocols that applications use to exchange data. The Application layer contains many protocols, and more are always being developed.
The most widely known Application layer protocols help users exchange information:
· The Hypertext Transfer Protocol (HTTP) transfers files that make up pages on the World Wide Web.
· The File Transfer Protocol (FTP) transfers individual files, typically for an interactive user session.
· The Simple Mail Transfer Protocol (SMTP) transfers mail messages and attachments.
Additionally, the following Application layer protocols help you use and manage TCP/IP networks:
· The Domain Name System (DNS) protocol resolves a host name, such as www.microsoft.com, to an IP address and copies name information between DNS servers.
· The Routing Information Protocol (RIP) is a protocol that routers use to exchange routing information on an IP network.
· The Simple Network Management Protocol (SNMP) collects and exchanges network management information between a network management console and network devices such as routers, bridges, and servers.
Windows Sockets and NetBIOS are examples of Application layer interfaces for TCP/IP applications. For more information, see “Application Programming Interfaces” later in this chapter.
Top of page
IPv4 Internet Layer

The IPv4 Internet layer consists of the following protocols:
· ARP
· IP (IPv4)
· ICMP
· IGMP
The following sections describe each of these protocols in more detail.
ARP

When IP sends packets over a shared access, broadcast-based networking technology such as Ethernet or 802.11 wireless LAN, the protocol must resolve the media access control (MAC) addresses corresponding to the IPv4 addresses of the nodes to which the packets are being forwarded, also known as the next-hop IPv4 addresses. As RFC 826 defines, ARP uses MAC-level broadcasts to resolve next-hop IPv4 addresses to their corresponding MAC addresses.
Based on the destination IPv4 address and the route determination process, IPv4 determines the next-hop IPv4 address and interface for forwarding the packet. IPv4 then hands the IPv4 packet, the next-hop IPv4 address, and the next-hop interface to ARP.
If the IPv4 address of the packet’s next hop is the same as the IPv4 address of the packet’s destination, ARP performs a direct delivery to the destination. In a direct delivery, ARP must resolve the IPv4 address of the packet’s destination to its MAC address.
If the IPv4 address of the packet’s next hop is not the same as the IPv4 address of the packet’s destination, ARP performs an indirect delivery to a router. In an indirect delivery, ARP must resolve the IPv4 address of the router to its MAC address
To resolve the IPv4 address of a packet’s next hop to its MAC address, ARP uses the broadcasting facility on shared access networking technologies (such as Ethernet or 802.11) to send out a broadcast ARP Request frame. In response, the sender receives an ARP Reply frame, which contains the MAC address that corresponds to the IPv4 address of the packet’s next hop.
ARP Cache

To minimize the number of broadcast ARP Request frames, many TCP/IP protocol implementations incorporate an ARP cache, which is a table of recently resolved IPv4 addresses and their corresponding MAC addresses. ARP checks this cache before sending an ARP Request frame. Each interface has its own ARP cache.
Depending on the vendor implementation, the ARP cache can have the following qualities:
· ARP cache entries can be dynamic (based on ARP replies) or static. Static ARP cache entries are permanent, and you add them manually using a TCP/IP tool, such as the Arp tool provided with Windows. Static ARP cache entries prevent nodes from sending ARP requests for commonly used local IPv4 addresses, such as those for routers and servers. The problem with static ARP cache entries is that you must manually update them when network adapter equipment changes.
· Dynamic ARP cache entries have time-out values associated with them so that they are removed from the cache after a specified period of time. For example, dynamic ARP cache entries for Windows are removed after no more than 10 minutes.
To view the ARP cache on a Windows–based computer, type arp -a at a command prompt. You can also use the Arp tool to add or delete static ARP cache entries.
ARP Process

When sending the initial packet as the sending host or forwarding the packet as a router, IPv4 sends the IPv4 packet, the next-hop IPv4 address, and the next-hop interface to ARP. Whether performing a direct or indirect delivery, ARP performs the following process:
1. Based on the next-hop IPv4 address and interface, ARP checks the appropriate ARP cache for an entry that matches the next-hop IPv4 address. If ARP finds an entry, ARP skips to step 6.
2. If ARP does not find an entry, ARP builds an ARP Request frame. This frame contains the MAC and IPv4 addresses of the interface from which the ARP request is being sent and the IPv4 packet's next-hop IPv4 address. ARP then broadcasts the ARP Request frame from the appropriate interface.
3. All nodes on the subnet receive the broadcasted frame and process the ARP request. If the next-hop address in the ARP request corresponds to the IPv4 address assigned to an interface on the subnet, the receiving node updates its ARP cache with the IPv4 and MAC addresses of the ARP requestor. All other nodes silently discard the ARP request.
4. The receiving node that is assigned the IPv4 packet’s next-hop address formulates an ARP reply that contains the requested MAC address and sends the reply directly to the ARP requestor.
5. When the ARP requestor receives the ARP reply, the requestor updates its ARP cache with the address mapping. With the exchange of the ARP request and the ARP reply, both the ARP requestor and ARP responder have each other's address mappings in their ARP caches.
6. The ARP requestor sends the IPv4 packet to the next-hop node by addressing it to the resolved MAC address.
Figure 2-2 shows this process.



(Còn tiếp)

[ducht]

Internet Protocol version 4 (IPv4)

IPv4 is a datagram protocol primarily responsible for addressing and routing packets between hosts. IPv4 is connectionless, which means that it does not establish a connection before exchanging data, and unreliable, which means that it does not guarantee packet delivery. IPv4 always makes a “best effort” attempt to deliver a packet. An IPv4 packet might be lost, delivered out of sequence, duplicated, or delayed. IPv4 does not attempt to recover from these types of errors. A higher-layer protocol, such as TCP or an application protocol, must acknowledge delivered packets and recover lost packets if needed. IPv4 is defined in RFC 791.
An IPv4 packet consists of an IPv4 header and an IPv4 payload. An IPv4 payload, in turn, consists of an upper layer protocol data unit, such as a TCP segment or a UDP message. Figure 2-3 shows the basic structure of an IPv4 packet.

Table 2-1 lists and describes the key fields in the IPv4 header.

Fragmentation and Reassembly
If a router receives an IPv4 packet that is too large for the network segment on which the packet is being forwarded, IPv4 on the router fragments the original packet into smaller packets that fit on the forwarding network segment. When the packets arrive at their final destination, IPv4 on the destination host reassembles the fragments into the original payload. This process is referred to as fragmentation and reassembly. Fragmentation can occur in environments that have a mix of networking technologies, such as Ethernet or Token Ring.
Fragmentation and reassembly work as follows:
1. Before an IPv4 packet is sent, the source places a unique value in the Identification field.
2. A router in the path between the sending host and the destination receives the IPv4 packet and notes that it is larger than the maximum transmission unit (MTU) of the network onto which the packet is to be forwarded.
3. IPv4 divides the original IPv4 payload into fragments that fit on the next network. Each fragment receives its own IPv4 header containing:
· The original Identification field, which identifies all fragments that belong together.
· The More Fragments flag, which indicates that other fragments follow. The More Fragments flag is not set on the last fragment, because no other fragments follow it.
· The Fragment Offset field, which indicates the position of the fragment relative to the original IPv4 payload.
When the remote host receives the fragments, it uses the Identification field to identify which fragments belong together and the Fragment Offset field to reassemble the fragments in their proper order to recreate the original IPv4 payload.
Internet Control Message Protocol (ICMP)

ICMP, defined in RFC 792, reports and helps troubleshoot errors for packets that are undeliverable. For example, if IPv4 cannot deliver a packet to the destination host, ICMP on the router or the destination host sends a Destination Unreachable message to the sending host. Table 2-2 lists and describes the most common ICMP messages.

ICMP contains a series of defined Destination Unreachable messages. Table 2-3 lists and describes the most common messages.

ICMP does not make IPv4 a reliable protocol. ICMP attempts to report errors and provide feedback on specific conditions. ICMP messages are carried as unacknowledged IPv4 packets and are themselves unreliable.
Internet Group Management Protocol (IGMP)

Routers and hosts use IGMP to manage membership in IPv4 multicast groups on a subnet. An IPv4 multicast group, also known as a host group, is a set of hosts that listen for IPv4 traffic destined for a specific IPv4 multicast address. IPv4 multicast traffic on a given subnet is sent to a single MAC address but received and processed by multiple IPv4 hosts. A host group member listens on a specific IPv4 multicast address and receives all packets sent to that IPv4 address.
For a host to receive IPv4 multicasts, an application must inform IPv4 that it will receive multicasts at a specified IPv4 multicast address. IPv4 then informs the routers on locally attached subnets that it should receive multicasts sent to the specified IPv4 multicast address. IGMP is the protocol to register host group membership information.
IGMP messages take the following forms:
· Host group members use the IGMP Host Membership Report message to declare their membership in a specific host group.
· Routers use the IGMP Host Membership Query message to poll subnets for information about members of host groups.
· Host group members use the IGMP Leave Group message when they leave a group of which they might be the last member on the subnet.
For IPv4 multicasting to span routers across an IPv4 network, routers use multicast routing protocols to communicate host group information. Each router that supports multicast forwarding can then determine how to forward IPv4 multicast traffic.
Windows Server 2003 and Windows XP support IGMP, IGMP version 2, and IGMP version 3, which RFC 1112, RFC 2236, and RFC 3376 define respectively.
Top of page
IPv6 Internet Layer

IPv6 will eventually replace the IPv4 Internet layer protocols in the DARPA model. IPv6 replaces:
· IPv4 with IPv6 IPv6 is a routable protocol that addresses, routes, fragments, and reassembles packets.
· ICMP with ICMPv6 ICMPv6 provides diagnostic functions and reports errors when IPv6 packets cannot be delivered.
· IGMP with MLD MLD manages IPv6 multicast group membership.
· ARP with ND ND manages interaction between neighboring nodes, including automatically configuring addresses and resolving next-hop IPv6 addresses to MAC addresses.
Software developers do not need to change the protocols at the Transport and Application layers to support operation over an IPv6 Internet layer, except when addresses are part of the payload or part of the data structures maintained by the protocol. For example, software developers must update both TCP and UDP to perform a new checksum, and they must update RIP to send and receive IPv6-based routing information.
The IPv6 Internet layer consists of the following protocols:
· IPv6
· ICMPv6
· ND
· MLD
The following sections describe these protocols in more detail.
IPv6

Like IPv4, IPv6 is a connectionless, unreliable datagram protocol that is primarily responsible for addressing and routing packets between hosts.
RFC 2460 defines IPv6 packet structure. An IPv6 packet consists of an IPv6 header and an IPv6 payload. The IPv6 payload consists of zero or more IPv6 extension headers and an upper layer protocol data unit, such as an ICMPv6 message, a TCP segment, or a UDP message. Figure 2-4 shows the basic structure of an IPv6 packet.

Table 2-4 lists and describes the key fields in the IPv6 header.

IPv6 Extension Headers

IPv6 payloads can contain zero or more extension headers, which can vary in length. A Next Header field in the IPv6 header indicates the next extension header. Each extension header contains another Next Header field that indicates the next extension header. The last extension header indicates the upper layer protocol (such as TCP, UDP, or ICMPv6), if any, that the upper layer protocol data unit contains.
The IPv6 header and extension headers replace the existing IPv4 header and its capability to include options. The new format for extension headers allows IPv6 to be augmented to support future needs and capabilities. Unlike options in the IPv4 header, IPv6 extension headers have no maximum size and can expand to accommodate all the extension data needed for IPv6 communication.
RFC 2460 defines the following IPv6 extension headers that all IPv6 nodes must support:
· Hop-by-Hop Options header
· Destination Options header
· Routing header
· Fragment header
· Authentication header
· Encapsulating Security Payload header
Typical IPv6 packets contain no extension headers. Sending hosts add one or more extension headers only if intermediate routers or the destination need to handle a packet in a particular way.
Fragmentation in IPv6

In IPv4, if a router receives a packet that is too large for the network segment to which the packet is being forwarded and fragmentation of the packet is allowed, IPv4 on the router fragments the original packet into smaller packets that fit on the forwarding network segment. In IPv6, only the sending host fragments a packet. If an IPv6 packet is too large, the IPv6 router sends an ICMPv6 Packet Too Big message to the sending host and discards the packet.
A sending host can fragment packets and destination hosts can reassemble packets through the use of the Fragment extension header.
Internet Control Message Protocol for IPv6 (ICMPv6)

Like IPv4, IPv6 does not report errors. Instead, IPv6 uses an updated version of ICMP for IPv4. This new version is named ICMPv6, and it performs the common ICMP for IPv4 functions of reporting errors in delivery or forwarding and providing a simple echo service for troubleshooting. The ICMPv6 protocol also provides a message structure for ND and MLD messages.
Table 2-5 lists and describes the ICMPv6 messages defined in RFC 2463.

ICMPv6 contains a series of defined Destination Unreachable messages. Table 2-6 lists and describes the most common messages.

(Còn tiếp)

[ducht]

ICMPv6 does not make IPv6 a reliable protocol. ICMPv6 attempts to report errors and provide feedback on specific conditions. ICMPv6 messages are carried as unacknowledged IPv6 packets and are themselves unreliable.
Neighbor Discovery (ND)

ND is a set of ICMPv6 messages and processes that determine relationships between neighboring nodes. ND replaces ARP, ICMP Router Discovery, and ICMP Redirect used in IPv4 and provides additional functionality.
Hosts use ND to:
· Discover neighboring routers.
· Discover and automatically configure addresses and other configuration parameters.
Routers use ND to:
· Advertise their presence, host addresses, and other configuration parameters.
· Inform hosts of a better next-hop address to forward packets for a specific destination.
Nodes (both hosts and routers) use ND to:
· Resolve the link-layer address (also known as a MAC address) of a neighboring node to which an IPv6 packet is being forwarded
· Dynamically advertise changes in MAC addresses.
· Determine whether a neighbor is still reachable.
Table 2-7 lists and describes the ND processes described in RFC 2461.

Address Resolution
IPv6 address resolution consists of exchanging Neighbor Solicitation and Neighbor Advertisement messages to resolve the next-hop IPv6 address to its corresponding MAC address. The sending host sends a multicast Neighbor Solicitation message on the appropriate interface. The Neighbor Solicitation message includes the MAC address of the sending node.
When the target node receives the Neighbor Solicitation message, it updates its neighbor cache (equivalent to the ARP cache) with an entry for the source address and MAC address included in the Neighbor Solicitation message. Next, the target node sends a unicast Neighbor Advertisement message with its MAC address to the sender of the Neighbor Solicitation message.
After receiving the Neighbor Advertisement from the target, the sending host updates its neighbor cache with an entry for the target node based upon the included MAC address. At this point, the sending host and the target of the neighbor solicitation can send unicast IPv6 traffic.
Router Discovery

Router discovery is the process through which hosts attempt to discover the set of routers on the local subnet. In addition to configuring a default router, IPv6 router discovery also configures the following:
· The default setting for the Hop Limit field in the IPv6 header.
· A determination of whether the node should use an address configuration protocol, such as Dynamic Host Configuration Protocol for IPv6 (DHCPv6), for addresses and other configuration parameters.
· The list of subnet prefixes defined for the link. Each subnet prefix contains both the IPv6 subnet prefix and its valid and preferred lifetimes. If indicated, the host uses the subnet prefix to create an IPv6 address configuration without using an address configuration protocol. A subnet prefix also defines the range of addresses for nodes on the local link.
The IPv6 router discovery processes are the following:
· IPv6 routers periodically send multicast Router Advertisement messages on the subnet advertising their existence as routers and other configuration parameters such as address prefixes and the default hop limit.
· IPv6 hosts on the local subnet receive the Router Advertisement messages and use their contents to configure addresses, a default router, and other configuration parameters.
· A host that is starting up sends a multicast Router Solicitation message. Upon receipt of a Router Solicitation message, all routers on the local subnet send a unicast Router Advertisement message to the host that sent the router solicitation. The host receives the Router Advertisement messages and uses their contents to configure addresses, a default router, and other configuration parameters.
Address Autoconfiguration

A highly useful aspect of IPv6 is its ability to automatically configure itself without the use of an address configuration protocol, such as Dynamic Host Configuration Protocol for IPv6 (DHCPv6). By default, an IPv6 host can configure an address for use on the subnet for each interface. By using router discovery, a host can also determine the addresses of routers, additional addresses, and other configuration parameters. Router Advertisement messages indicate whether an address configuration protocol should be used. RFC 2462 defines IPv6 address autoconfiguration.
For more information about IPv6 address autoconfiguration, see Chapter 6
Multicast Listener Discovery (MLD)
MLD is the IPv6 equivalent of IGMP version 2 for IPv4. MLD is a set of ICMPv6 messages exchanged by routers and nodes, enabling routers to discover the set of IPv6 multicast addresses for which there are listening nodes for each attached interface. Like IGMPv2, MLD discovers only those multicast addresses that include at least one listener, not the list of individual multicast listeners for each multicast address. RFC 2710 defines MLD.
Unlike IGMPv2, MLD uses ICMPv6 messages instead of defining its own message structure. The three types of MLD messages are:
· Multicast Listener Query Routers use Multicast Listener Query messages to query a subnet for multicast listeners.
· Multicast Listener Report Multicast listeners use Multicast Listener Report messages to either report interest in receiving multicast traffic for a specific multicast address or to respond to a Multicast Listener Query message.
· Multicast Listener Done Multicast listeners use Multicast Listener Done messages to report that they might be the last multicast group member on the subnet.
Top of page
Transmission Control Protocol (TCP)

TCP is a reliable, connection-oriented delivery service. Connection-oriented means that a connection must be established before hosts can exchange data. Reliability is achieved by assigning a sequence number to each segment transmitted. TCP peers, the two nodes using TCP to communicate, acknowledge when they receive data. A TCP segment is the protocol data unit (PDU) consisting of the TCP header and the TCP payload, also known as a segment. For each TCP segment sent containing data, the receiving host must return an acknowledgment (ACK). If an ACK is not received within a calculated time, the TCP segment is retransmitted. RFC 793 defines TCP.
Table 2-8 lists and describes the key fields in the TCP header.

TCP Ports
To use TCP, an application must supply the IP address and TCP port number of the source and destination applications. A port provides a location for sending segments. A unique number identifies each port. TCP ports are distinct and separate from UDP ports even though some of them use the same number. Port numbers below 1024 are well-known ports that the Internet Assigned Numbers Authority (IANA) assigns. Table 2-9 lists a few well-known TCP ports.

For a complete list of assigned TCP ports, see http://www.iana.org/assignments/port-numbers.
TCP Three-Way Handshake

A TCP connection is initialized through a three-way handshake. The purpose of the three-way handshake is to synchronize the sequence number and acknowledgment numbers of both sides of the connection and to exchange TCP window sizes. The following steps outline the process for the common situation when a client computer contacts a server computer:
1. The client sends a TCP segment to the server with an initial sequence number for the connection and a window size indicating the size of a buffer on the client to store incoming segments from the server.
2. The server sends back a TCP segment containing its chosen initial sequence number, an acknowledgment of the client’s sequence number, and a window size indicating the size of a buffer on the server to store incoming segments from the client.
3. The client sends a TCP segment to the server containing an acknowledgment of the server’s sequence number.
TCP uses a similar handshake process to end a connection. This guarantees that both hosts have finished transmitting and that all data was received.
Top of page
User Datagram Protocol (UDP)

UDP provides a connectionless datagram service that offers unreliable, best-effort delivery of data transmitted in messages. This means that neither the arrival of datagrams nor the correct sequencing of delivered packets is guaranteed. UDP does not retransmit lost data. UDP messages consist of a UDP header and a UDP payload, also known as a message. RFC 768 defines UDP.
Applications use UDP if they do not require an acknowledgment of receipt of data, and they typically transmit small amounts of data at one time. NetBIOS name service, NetBIOS datagram service, and SNMP are examples of services and applications that use UDP.
Table 2-10 lists and describes the key fields in the UDP header.

UDP Ports
To use UDP, an application must supply the IP address and UDP port number of the source and destination applications. A port provides a location for sending messages. A unique number identifies each port. UDP ports are distinct and separate from TCP ports even though some of them use the same number. Just like TCP ports, UDP port numbers below 1024 are well-known ports that IANA assigns. Table 2-11 lists a few well-known UDP ports.

For a complete list of assigned UDP ports, see http://www.iana.org/assignments/port-numbers.
Top of page
Packet Multiplexing and Demultiplexing

When a sending host sends an IPv4 or IPv6 packet, it includes information in the packet so that the data within the packet can be delivered to the correct application on the destination. The inclusion of identifiers so that data can be delivered to one of multiple entities in each layer of a layered architecture is known as multiplexing. Multiplexing information for IP packets consists of identifying the node on the network, the IP upper layer protocol, and for TCP and UDP, the port corresponding to the application to which the data is destined. The destination host uses these identifiers to demultiplex, or deliver the data layer by layer, to the correct destination application. The IP packet also includes information for the destination host to send a response.
IP contains multiplexing information to do the following:
· Identify the sending node (the Source IP Address field in the IPv4 header or the Source Address field in the IPv6 header).
· Identify the destination node (the Destination IP Address field in the IPv4 header or the Destination Address in the IPv6 header).
· Identify the upper layer protocol above the IPv4 or IPv6 Internet layer (the Protocol field in the IPv4 header or the Next Header field of the IPv6 header).
· For TCP segments and UDP messages, identify the application from which the message was sent (the Source Port in the TCP or UDP header).
· For TCP segments and UDP messages, identify the application to which the message is destined (the Destination Port in the TCP or UDP header).
TCP and UDP ports can use any number between 0 and 65,535. Port numbers for client-side applications are typically dynamically assigned when there is a request for service, and IANA pre-assigns port numbers for well-known server-side applications. The complete list of pre-assigned port numbers is listed on
http://www.iana.org/assignments/port-numbers.
All of this information is used to provide multiplexing information so that:
· The packet can be forwarded to the correct destination.
· The destination can use the packet payload to deliver the data to the correct application.
· The receiving application can send a response.
When a packet is sent, this information is used in the following ways:
· The routers that forward IPv4 or IPv6 packets use the Destination IP Address field in the IPv4 header or the Destination Address in the IPv6 header to deliver the packet to the correct node on the network.
· The destination node uses the Protocol field in the IPv4 header or the Next Header field of the IPv6 header to deliver the packet payload to the correct upper-layer protocol.
· For TCP segments and UDP messages, the destination node uses the Destination Port field in the TCP or UDP header to demultiplex the data within the TCP segment or UDP message to the correct application.
Figure 2-5 shows an example of a DNS Name Query Request message in an IPv4 packet with a destination IP address of 131.107.89.223 being demultiplexed to the DNS service.

(Còn tiếp)

[ducht]

Application Programming Interfaces

Windows networking applications use two main application programming interfaces (APIs) to access TCP/IP services in Windows: Windows Sockets and NetBIOS. Figure 2-6 shows these APIs and the possible data flows when using them.

Some architectural differences between the Windows Sockets and NetBIOS APIs are the following:
· NetBIOS over TCP/IP (NetBT) is defined for operation over IPv4. Windows Sockets operates over both IPv4 and IPv6.
· Windows Sockets applications can operate directly over the IPv4 or IPv6 Internet layers, without the use of TCP or UDP. NetBIOS operates over TCP and UDP only.
Windows Sockets

Windows Sockets is a commonly used, modern API for networking applications in Windows. The TCP/IP services and tools supplied with Windows are examples of Windows Sockets applications. Windows Sockets provides services that allow applications to use a specific IP address and port, initiate and accept a connection to a specific destination IP address and port, send and receive data, and close a connection.
There are three types of sockets:
· A stream socket, which provides a two-way, reliable, sequenced, and unduplicated flow of data using TCP.
· A datagram socket, which provides bidirectional flow of data using UDP.
· A raw socket, which allows protocols to access IP directly, without using TCP or UDP.
A socket functions as an endpoint for network communication. An application creates a stream or datagram socket by specifying three items: the IP address of the host, the type of service (TCP for connection-based service and UDP for connectionless), and the port the application is using. Two sockets, one for each end of the connection, form a bidirectional communications path. For raw sockets, the application must specify the entire IP payload.
NetBIOS

NetBIOS is an older API that provides name management, datagram, and session services to NetBIOS applications. An application program that uses the NetBIOS interface API for network communication can be run on any protocol implementation that supports the NetBIOS interface. Examples of Windows applications and services that use NetBIOS are file and printer sharing and the Computer Browser service.
NetBIOS also defines a protocol that functions at the OSI Session layer. This layer is implemented by the underlying protocol implementation, such as NetBIOS over TCP/IP (NetBT), which RFCs 1001 and 1002 define. The NetBIOS name service uses UDP port 137. The NetBIOS datagram service uses UDP port 138. The NetBIOS session service uses TCP port 139.
For more information about NetBIOS and NetBT, see Chapter 11, "NetBIOS over TCP/IP."
Top of page
TCP/IP Naming Schemes in Windows

Although IP is designed to work with the 32-bit (IPv4) and 128-bit (IPv6) addresses of sending and destination hosts, computers users are much better at using and remembering names than IP addresses. If a name is used as an alias for an IP address, mechanisms must exist for assigning names to IP addresses, ensuring their uniqueness, and for resolving the name to its IP address.
TCP/IP components of Windows use separate mechanisms for assigning and resolving host names (used by Windows Sockets applications) and NetBIOS names (used by NetBIOS applications).
Host Names

A host name is an alias assigned to an IP node to identify it as a TCP/IP host. The host name can be up to 255 characters long and can contain alphabetic and numeric characters and the “-” and “.” characters. Multiple host names can be assigned to the same host.
Windows Sockets applications, such as Internet Explorer and the Ping tool, can use one of two values to refer to the destination: the IP address or a host name. When the user specifies an IP address, name resolution is not needed. When the user specifies a host name, the host name must be resolved to an IP address before IP-based communication with the target resource can begin.
Host names can take various forms. The two most common forms are a nickname and a fully qualified domain name (FQDN). A nickname is an alias to an IP address that individual people can assign and use. An FQDN is a structured name, such as www.microsoft.com, that follows the Internet conventions used in DNS.
For information about how TCP/IP components in Windows resolve host names, see Chapter 7, “Host Name Resolution.” For more information about DNS, see Chapter 8, “Domain Name System Overview.”
NetBIOS Names

A NetBIOS name is a 16-byte name that identifies a NetBIOS application on the network. A NetBIOS name is either a unique (exclusive) or group (nonexclusive) name. When a NetBIOS application communicates with a specific NetBIOS application on a specific computer, a unique name is used. When a NetBIOS process communicates with multiple NetBIOS applications on multiple computers, a group name is used.
The NetBIOS name identifies applications at the Session layer of the OSI model. For example, the NetBIOS Session service operates over TCP port 139. Because all NetBT session requests are addressed to TCP destination port 139, a NetBIOS application must use the destination NetBIOS name when it establishes a NetBIOS session.
An example of a process using a NetBIOS name is the file and print sharing server service on a Windows–based computer. When your computer starts up, the server service registers a unique NetBIOS name based on your computer’s name. The exact name used by the server service is the 15-character computer name plus a 16th character of 0x20. If the computer name is not 15 characters long, it is padded with spaces up to 15 characters long. Other network services also use the computer name to build their NetBIOS names, and the 16th character is typically used to identify each service.
When you attempt to make a file-sharing connection to a computer running Windows Server 2003 or Windows XP by specifying the computer’s name, the Server service on the file server that you specify corresponds to a specific NetBIOS name. For example, when you attempt to connect to the computer called CORPSERVER, the NetBIOS name corresponding to the Server service is CORPSERVER <20>. (Note the padding using the space character.) Before a file and print sharing connection can be established, a TCP connection must be created. For a TCP connection to be created, the NetBIOS name CORPSERVER <20> must be resolved to an IPv4 address. NetBIOS name resolution is the process of mapping a NetBIOS name to an IPv4 address.
For more information about NetBT and NetBIOS name resolution methods, see Chapter 11, “NetBIOS over TCP/IP.”
Top of page
Chapter Summary

The key information in this chapter is the following:
· The TCP/IP protocol suite maps to the four layers of the DARPA model: Application, Transport, Internet, and Network Interface.
· The protocols of the IPv4 Internet layer consist of ARP, IP (IPv4), ICMP, and IGMP.
· The protocols of the IPv6 Internet layer consist of IPv6, ICMPv6, ND, and MLD.
· The protocols of the Transport layer include TCP and UDP. TCP is a reliable, connection-oriented delivery service. UDP provides a connectionless datagram service that offers unreliable, best-effort delivery of data transmitted in messages.
· IP packets are multiplexed and demultiplexed between applications based on fields in the IPv4, IPv6, TCP, and UDP headers.
· TCP/IP components in Windows support two main APIs for networking applications: Windows Sockets and NetBIOS. Windows Sockets is a modern API that allows applications to manage stream sockets, datagram sockets, and raw sockets. NetBIOS is an older API that allows applications to manage NetBIOS names, datagrams, and sessions.
· TCP/IP components in Windows support two naming schemes for networking applications: host names (used by Windows Sockets applications) and NetBIOS names (used by NetBIOS applications).
Top of page
Chapter Glossary

address autoconfiguration – The IPv6 ND process of automatically configuring IPv6 addresses on an interface.
address resolution – The IPv4 (using ARP) or IPv6 (using ND) process that resolves the MAC address for a next-hop IP address.
Address Resolution Protocol (ARP) – A protocol that uses broadcast traffic on the local network to resolve an IPv4 address to its MAC address.
ARP – See Address Resolution Protocol.
ARP cache – A table for each interface of static or dynamically resolved IPv4 addresses and their corresponding MAC addresses.
ICMP – See Internet Control Message Protocol.
ICMPv6 – Internet Control Message Protocol for IPv6.
IGMP – See Internet Group Management Protocol.
Internet Control Message Protocol (ICMP) – A protocol in the IPv4 Internet layer that reports errors and provides troubleshooting facilities.
Internet Control Message Protocol for IPv6 (ICMPv6) – A protocol in the IPv6 Internet layer that reports errors, provides troubleshooting facilities, and hosts ND and MLD messages.
Internet Group Management Protocol (IGMP) – A protocol in the IPv4 Internet layer that manages multicast group membership on a subnet.
Internet Protocol (IP) – For IPv4, a routable protocol in the IPv4 Internet layer that addresses, routes, fragments, and reassembles IPv4 packets. Also used to denote both IPv4 and IPv6 sets of protocols.
IP – See Internet Protocol.
IPv4 – The Internet layer in widespread use on the Internet and on private intranets. Another term for IP.
IPv6 – The new Internet layer that will eventually replace the IPv4 Internet layer.
MLD – See Multicast Listener Discovery.
Multicast Listener Discovery (MLD) – A set of three ICMPv6 messages that hosts and routers use to manage multicast group membership on a subnet.
name resolution – The process of resolving a name to an address.
ND – See Neighbor Discovery.
neighbor cache – A cache maintained by every IPv6 node that stores the IPv6 address of a neighbor and its corresponding MAC address. The neighbor cache is equivalent to the ARP cache in IPv4.
Neighbor Discovery (ND) – A set of ICMPv6 messages and processes that determine relationships between neighboring nodes. Neighbor Discovery replaces ARP, ICMP router discovery, and the ICMP Redirect message used in IPv4.
Network Basic Input/Output System (NetBIOS) – A standard API for user applications to manage NetBIOS names and access NetBIOS datagram and session services.
NetBIOS – See Network Basic Input/Output System.
router discovery – A Neighbor Discovery process in which a host discovers the local routers on an attached subnet.
TCP – See Transmission Control Protocol.
Transmission Control Protocol (TCP) – A reliable, connection-oriented Transport layer protocol that runs on top of IP.
UDP – See User Datagram Protocol
User Datagram Protocol (UDP) – An unreliable, connectionless Transport layer protocol that runs on top of IP.
Windows Sockets – A commonly used application programming interface (API) that Windows applications use to transfer data using TCP/IP.
Top of page
© 2010 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Hết Chapter 2

[ducht]

Published: November 02, 2004 | Updated: April 18, 2006
Writer: Joe Davies
Abstract
This chapter describes the details of addressing for both IPv4 and IPv6. Network administrators need a thorough understanding of both types of addressing to administer Transmission Control Protocol/Internet Protocol (TCP/IP) networks and troubleshoot TCP/IP-based communication. This chapter discusses in detail the types of Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6) addresses, how they are expressed, and the types of unicast addresses assigned to network node interfaces.
For a version of this chapter that has been updated for Windows Vista and Windows Server 2008, click here.
On This Page

Chapter Objectives
IPv4 Addressing
IPv6 Addressing
Comparing IPv4 and IPv6 Addressing
Chapter Summary
Chapter Glossary
Chapter Objectives

After completing this chapter, you will be able to:
· Describe the syntax for IPv4 addresses and address prefixes, and convert between binary and decimal numbers.
· List the three types of IPv4 addresses, and give examples of each type.
· Describe the differences between public, private, and illegal IPv4 addresses.
· Describe the syntax for IPv6 addresses and address prefixes, and convert between binary and hexadecimal numbers.
· List the three types of IPv6 addresses, and give examples of each type.
· Describe the differences between global, site-local, and link-local unicast IPv6 addresses.
· Convert an Institute of Electrical and Electronics Engineers (IEEE) 802 address to an IPv6 interface identifier.
· Compare addresses and addressing concepts between IPv4 and IPv6.
Top of page
IPv4 Addressing

An IP address is an identifier that is assigned at the Internet layer to an interface or a set of interfaces. Each IP address can identify the source or destination of IP packets. For IPv4, every node on a network has one or more interfaces, and you can enable TCP/IP on each of those interfaces. When you enable TCP/IP on an interface, you assign it one or more logical IPv4 addresses, either automatically or manually. The IPv4 address is a logical address because it is assigned at the Internet layer and has no relation to the addresses that are used at the Network Interface layer. IPv4 addresses are 32 bits long.
IPv4 Address Syntax

If network administrators expressed IPv4 addresses using binary notation, each address would appear as a 32-digit string of 1s and 0s. Because such strings are cumbersome to express and remember, administrators use dotted decimal notation, in which periods (or dots) separate four decimal numbers (from 0 to 255). Each decimal number, known as an octet, represents 8 bits (1 byte) of the 32-bit address.
For example, the IPv4 address 11000000101010000000001100011000 is expressed as 192.168.3.24 in dotted decimal notation. To convert an IPv4 address from binary notation to dotted decimal notation, you:
· Segment it into 8-bit blocks: 11000000 10101000 00000011 00011000
· Convert each block to decimal: 192 168 3 24
· Separate the blocks with periods: 192.168.3.24
When referring to an IPv4 address, use the notation w.x.y.z. Figure 3-1 shows the IPv4 address structure.

To become adept at moving between binary and decimal formats, you can review the binary (Base2) and decimal (Base10) numbering systems and how to convert between them. Although you can use the calculator in the Microsoft® Windows Server™ 2003 or Windows® XP operating systems to convert between decimal and binary, you will better understand the conversions if you can do them manually.
Converting from Binary to Decimal

The decimal numbering system uses the digits 0 through 9 and the exponential powers of 10 to express a number. For example, the decimal number 207 is the sum of 2x102 + 0x101 + 7x100. The binary numbering system uses the digits 1 and 0 and the exponential powers of 2 to express a number. The binary number 11001 is the sum of 1x24 + 1x23 + 0x22 + 0x21 + 1x20. Dotted decimal notation never includes numbers that are larger than 255 because each decimal number represents 8 bits of a 32-bit address. The largest number that 8 bits can express is 11111111 in binary, which is 255 in decimal.
Figure 3-2 shows an 8-bit binary number, the bit positions, and their decimal values.

To manually convert an 8-bit number from binary to decimal (starting at the top of Figure 3-2), do the following:
1. If the eighth bit position equals 1, add 128 to the total.
2. If the seventh bit position equals 1, add 64 to the total.
3. If the sixth bit position equals 1, add 32 to the total.
4. If the fifth bit position equals 1, add 16 to the total.
5. If the fourth bit position equals 1, add 8 to the total.
6. If the third bit position equals to 1, add 4 to the total.
7. If the second bit position equals 1, add 2 to the total.
8. If the first bit position equals to 1, add 1 to the total.
For example, for the 8-bit binary number 10111001:
1. The eighth bit position equals 1. Add 128 to the total. The total is now 128.
2. The seventh bit position equals 0.
3. The sixth bit position equals 1. Add 32 to the total. The total is now 160.
4. The fifth bit position equals 1. Add 16 to the total. The total is now 176.
5. The fourth bit position equals 1. Add 8 to the total. The total is now 184.
6. The third bit position equals 0.
7. The second bit position equals 0.
8. The first bit position equals 1. Add 1 to the total. The total is now 185.
Therefore, 10111001 in binary is 185 in decimal.
In summary, to convert a binary number to its decimal equivalent, total the decimal equivalents for the bit positions that are set to 1. If all 8 bits are set to 1, add 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 to get 255.
Converting from Decimal to Binary

To manually convert a number up to 255 from decimal notation to binary format (starting at the decimal column of Figure 3-2), do the following:
1. If the number is larger than 127, place a 1 in the eighth bit position, and subtract 128 from the number. Otherwise, place a 0 in the eighth bit position.
2. If the remaining number is larger than 63, place a 1 in the seventh bit position, and subtract 64 from the number. Otherwise, place a 0 in the seventh bit position.
3. If the remaining number is larger than 31, place a 1 in the sixth bit position, and subtract 32 from the number. Otherwise, place a 0 in the sixth bit position.
4. If the remaining number is larger than 15, place a 1 in the fifth bit position, and subtract 16 from the number. Otherwise, place a 0 in the fifth bit position.
5. If the remaining number is larger than 7, place a 1 in the fourth bit position, and subtract 8 from the number. Otherwise, place a 0 in the fourth bit position.
6. If the remaining number is larger than 3, place a 1 in the third bit position, and subtract 4 from the number. Otherwise, place a 0 in the third bit position.
7. If the remaining number is larger than 1, place a 1 in the second bit position, and subtract 2 from the number. Otherwise, place a 0 in the second bit position.
8. If the remaining number equals 1, place a 1 in the first bit position. Otherwise, place a 0 in the first bit position.
Here is an example of converting the number 197 from decimal to binary:
1. Because 197 is larger than 127, place a 1 in the eighth bit position, and subtract 128 from 197, leaving 69. The binary number so far is 1xxxxxxx.
2. Because 69 is larger than 63, place a 1 in the seventh bit position, and subtract 64 from 69, leaving 5. The binary number so far is 11xxxxxx.
3. Because 5 is not larger than 31, place a 0 in the sixth bit position. The binary number so far is 110xxxxx.
4. Because 5 is not larger than 15, place a 0 in the fifth bit position. The binary number so far is 1100xxxx.
5. Because 5 is not larger than 7, place a 0 in the fourth bit position. The binary number so far is 11000xxx.
6. Because 5 is larger than 3, place a 1 in the third bit position, and subtract 4 from 5, leaving 1. The binary number so far is 110001xx.
7. Because 1 is not larger than 1, place a 0 in the second bit position. The binary number so far is 1100010x.
8. Because 1 equals 1, place a 1 in the first bit position. The final binary number is 11000101. The decimal number 197 is equal to the binary number 11000101.
In summary, to convert from decimal to binary, verify whether the decimal number contains the quantities represented by the bit positions from the eighth bit to the first bit. Starting from the eighth bit quantity (128), if each quantity is present, set the bit in that bit position to 1. For example, the decimal number 211 contains 128, 64, 16, 2, and 1. Therefore, 211 is 11010011 in binary notation.
IPv4 Address Prefixes

Each bit of a unique IPv4 address has a defined value. However, IPv4 address prefixes express ranges of IPv4 addresses in which zero or more of the high-order bits are fixed at specific values and the rest of the low-order variable bits are set to zero. Address prefixes are routinely used to express a range of allowable addresses, subnet prefixes assigned to subnets, and routes.
To express an IPv4 address prefix, you must identify the number of high-order bits that are fixed and their value. Then you can use prefix length notation or dotted decimal notation.
Prefix Length Notation

If you use prefix length notation, you express address prefixes as StartingAddress/PrefixLength, in which:
· StartingAddress is the dotted decimal expression of the first mathematically possible address in the range. To form the starting address, set the fixed bits at their defined values, and set the remaining bits to 0.
· PrefixLength is the number of high-order bits in the address that are fixed.
For example, the IPv4 address prefix 131.107.0.0/16 specifies a range of 65,536 addresses. The prefix length, 16, specifies that all addresses in the range begin with the same 16 bits as the starting address. Because the first 16 bits of the starting address are fixed at 10000011 01101011 (131 107 in decimal), all addresses in the range have 131 as the first octet and 107 as the second octet. With 16 variable bits in the last two octets, there is a total of 216 or 65,536 possible addresses.
To specify an address prefix using prefix length notation, you create the starting address by setting all variable bits to 0, you convert the address to dotted decimal notation, and then you add a slash and the number of fixed bits (the prefix length) after the starting address.
The IPv4 address prefix 131.107.0.0/16 has 16 fixed bits (10000011 01101011). The starting address is the first 16 bits that are fixed and then the last 16 bits that are set to 0, which is 10000011 01101011 00000000 00000000 or 131.107.0.0. Next, you would add a slash and specify the number of fixed bits (/16) to express the address prefix as 131.107.0.0/16.
Prefix length notation is also known as Classless Inter-Domain Routing (CIDR) notation.
(Còn tiếp)