Protocol tsp ip. What is TCP-IP protocol

UNIX, which contributed to the growing popularity of the protocol, as manufacturers included TCP/IP in the set software every UNIX computer. TCP/IP finds its mapping in reference model OSI, as shown in Figure 3.1.

You can see that TCP/IP is located at layers three and four of the OSI model. The point of this is to leave the LAN technology to the developers. The purpose of TCP/IP is message transmission in local networks of any type and establishing communication using any network application.

The TCP/IP protocol works because it is connected to OSI model at the two lowest levels - at the data transmission level and physical level. This allows TCP/IP to find mutual language with virtually any network technology and, as a result, with any computer platform. TCP/IP includes four abstract layers, listed below.

Rice. 3.1.

• Network interface. Allows TCP/IP to actively interact with all modern network technologies, based on the OSI model.
• Internetwork. Defines how IP controls forwarding messages through routers of a network space such as the Internet.
• Transport. Defines a mechanism for exchanging information between computers.
• Applied. Specifies network applications to perform tasks such as forwarding, Email and others.

Due to its widespread use, TCP/IP has become the de facto Internet standard. The computer on which it is implemented network technology, based on the OSI model (Ethernet or Token Ring), has the ability to communicate with other devices. In "Networking Fundamentals" we looked at layers 1 and 2 when discussing LAN technologies. Now we'll move on to OSI stack and see how the computer establishes communication on the Internet or on a private network. This section discusses the TCP/IP protocol and its configurations.

What is TCP/IP

The fact that computers can communicate with each other is itself a miracle. After all, these are computers from different manufacturers, working with different operating systems and protocols. In the absence of some common basis such devices would not be able to exchange information. When sent over a network, data must be in a format that is understandable to both the sending device and the receiving device.

TCP/IP satisfies this condition through its internetworking layer. This layer directly matches the network layer of the OSI reference model and is based on a fixed message format called an IP datagram. A datagram is something like a basket in which all the information of a message is placed. For example, when you load a web page into a browser, what you see on the screen is delivered piecemeal by datagram.

It's easy to confuse datagrams with packets. A datagram is an information unit, while a packet is a physical message object (created at the third and higher layers) that is actually sent over the network. Although some consider these terms interchangeable, their distinction actually matters in a specific context - not here, of course. It is important to understand that the message is broken into fragments, transmitted over the network and reassembled at the receiving device.

The positive thing about this approach is that if a single packet is corrupted during transmission, then only that packet will need to be retransmitted, not the entire message. Another positive point is that no host has to wait indefinitely for another host's transmission to finish before sending its own message.

TCP and UDP

When sending an IP message over a network, one of the transport protocols is used: TCP or UDP. TCP (Transmission Control Protocol) makes up the first half of the acronym TCP/IP. The User Datagram Protocol (UDP) is used instead of TCP to transport less important messages. Both protocols are used for the correct exchange of messages in TCP/IP networks. There is one significant difference between these protocols.

TCP is called a reliable protocol because it communicates with the recipient to verify that the message was received.

UDP is called an unreliable protocol because it does not even attempt to contact the recipient to verify delivery.

It is important to remember that only one protocol can be used to deliver a message. For example, when a web page is loaded, packet delivery is controlled by TCP without any UDP intervention. On the other hand, Trivial File Transfer Protocol File Transfer Protocol, TFTP) downloads or sends messages under the control of the UDP protocol.

The transport method used depends on the application - it could be email, HTTP, the application responsible for networking work, and so on. Developers network programs use UDP wherever possible, since this protocol reduces excess traffic. TCP protocol attaches more effort for guaranteed delivery and transmits many more packets than UDP. Figure 3.2 provides a list of network applications and shows which applications use TCP and which use UDP. For example, FTP and TFTP do essentially the same thing. However, TFTP is mainly used for downloading and copying network device programs. TFTP can use UDP because if the message fails to be delivered, nothing bad happens because the message was not intended for the end user, but for the network administrator, whose priority level is much lower. Another example is a voice video session, in which ports for both TCP and UDP sessions can be used. Thus, a TCP session is initiated to exchange data when a telephone connection is established, while the TCP session itself phone conversation transmitted via UDP. This is due to the speed of voice and video streaming. If a packet is lost, there is no point in resending it, since it will no longer match the data flow.

Rice. 3.2.

IP Datagram Format

IP packets can be broken down into datagrams. The datagram format creates fields for the payload and for message transmission control data. Figure 3.3 shows the datagram diagram.

Note. Don't be fooled by the size of the data field in a datagram. The datagram is not overloaded with additional data. The data field is actually the largest field in the datagram.

Rice. 3.3.

It is important to remember that IP packets can have different lengths. In "Networking Fundamentals" it was said that information packets on an Ethernet network range in size from 64 to 1400 bytes. In the Token Ring network their length is 4000 bytes, in the ATM network - 53 bytes.

Note. The use of bytes in a datagram can be confusing, since data transfer is often associated with concepts such as megabits and gigabits per second. However, because computers prefer to work with data bytes, datagrams also use bytes.

If you look again at the datagram format in Figure 3.3, you'll notice that the leftmost margins are a constant value. This happens because CPU A person working with packets must know where each field begins. Without standardization of these fields, the final bits will be a jumble of ones and zeros. On the right side of the datagram are packets of variable length. The purpose of the various fields in a datagram is as follows.

• VER. The version of the IP protocol used by the station where the original message appeared. The current version of IP is version 4. This field ensures that different versions exist simultaneously in the Internet space.
• HLEN. The field informs the receiving device of the length of the header so that the CPU knows where the data field begins.
• Service type. Code that tells the router the type of packet control in terms of service level (reliability, priority, deferment, etc.).
• Length. The total number of bytes in the packet, including header fields and data fields.
• ID, frags and frags offset. These fields tell the router how to fragment and reassemble the packet and how to compensate for differences in frame size that may occur as the packet traverses LAN segments with different network technologies (Ethernet, FDDI, etc.).
• TTL. An abbreviation for Time to Live is a number that decreases by one each time a packet is sent. If the lifetime becomes zero, the packet ceases to exist. TTL prevents loops and lost packets from wandering endlessly across the Internet.
• Protocol. The transport protocol to use to transmit the packet. The most common protocol specified in this field is TCP, but other protocols may be used.
• Header checksum. A checksum is a number that is used to verify the integrity of a message. If the checksums of all message packets do not match correct value, this means that the message has been corrupted.
• Source IP address. The 32-bit address of the host that sent the message (usually Personal Computer or server).
• Destination IP address. The 32-bit address of the host to which the message was sent (usually a personal computer or server).
• IP options. Used for network testing or other special purposes.
• Padding. Fills all unused (empty) bit positions so that the processor can correctly determine the position of the first bit in the data field.
• Data. The payload of the sent message. For example, the package data field may contain the text of an email.

As mentioned earlier, the packet consists of two main components: data about message processing, located in the header, and the information itself. The information part is located in the payload sector. You can imagine this sector as the cargo compartment of a spaceship. The title is everything on-board computers shuttle in the control cabin. It manages all the information needed by all the different routers and computers along the message path, and is used to maintain a certain order in assembling the message from individual packets.

Let's assume that you have poor knowledge of network technologies and don't even know the basics. But you have been given a task: to quickly build an information network in a small enterprise. You have neither the time nor the desire to study thick Talmuds on network design, instructions for using network equipment, and delve into network security. And, most importantly, in the future you have no desire to become a professional in this field. Then this article is for you.

The second part of this article, which covers the practical application of the basics laid out here: Notes on Cisco Catalyst: VLAN configuration, password reset, flashing the IOS operating system

Understanding the Protocol Stack

The task is to transfer information from point A to point B. It can be transmitted continuously. But the task becomes more complicated if you need to transfer information between points A<-->B and A<-->C over the same physical channel. If information is transmitted continuously, then when C wants to transfer information to A, he will have to wait until B finishes the transmission and frees the communication channel. This mechanism for transmitting information is very inconvenient and impractical. And to solve this problem, it was decided to divide the information into portions.

At the recipient, these portions need to be put together into a single whole, to receive the information that came from the sender. But on recipient A now we see pieces of information from both B and C mixed together. This means that an identification number must be entered for each portion so that recipient A can distinguish portions of information from B from portions of information from C and assemble these portions into the original message. Obviously, the recipient must know where and in what form the sender added identification data to the original piece of information. And for this they must develop certain rules for the formation and writing of identification information. Further, the word “rule” will be replaced by the word “protocol”.

To meet the needs of modern consumers, it is necessary to indicate several types of identification information at once. It also requires protection of transmitted pieces of information both from random interference (during transmission over communication lines) and from intentional sabotage (hacking). For this purpose, a portion of the transmitted information is supplemented with a significant amount of special, service information.

The Ethernet protocol contains the number network adapter the sender (MAC address), the recipient's network adapter number, the type of data being transferred, and the data being directly transferred. A piece of information compiled in accordance with the Ethernet protocol is called a frame. It is believed that there are no network adapters with the same number. Network equipment extracts the transmitted data from the frame (hardware or software) and performs further processing.

As a rule, the extracted data, in turn, is formed in accordance with the IP protocol and has another type of identification information - the recipient's IP address (a 4-byte number), the sender's IP address and data. As well as a lot of other necessary service information. Data generated in accordance with the IP protocol are called packets.

Next, the data is extracted from the package. But this data, as a rule, is not yet the initially sent data. This piece of information is also compiled in accordance with a certain protocol. The most widely used protocol is TCP. It contains this identification information, as the sender port (a two-byte number) and the source port, as well as data and service information. The extracted data from TCP is typically the data that the program running on computer B sent to the “receiver program” on computer A.

Protocol depth (in in this case TCP over IP over Ethernet) is called a protocol stack.

ARP: Address Resolution Protocol

There are networks of classes A, B, C, D and E. They differ in the number of computers and the number of possible networks/subnets in them. For simplicity, and as the most common case, we will consider only a class C network, the IP address of which begins at 192.168. The next number will be the subnet number, followed by the network equipment number. For example, a computer with IP address 192.168.30.110 wants to send information to another computer number 3 located in the same logical subnet. This means that the recipient's IP address will be: 192.168.30.3

It is important to understand that the node information network is a computer connected by one physical channel to switching equipment. Those. if we send data from the network adapter “out into the wild”, then they have one path - they will come out from the other end of the twisted pair. We can send absolutely any data generated according to any rule we have invented, without specifying an IP address or mac address and not other attributes. And, if this other end is connected to another computer, we can receive them there and interpret them as we need. But if this other end is connected to a switch, then in this case the information packet must be formed according to strictly defined rules, as if giving instructions to the switch what to do next with this packet. If the packet is formed correctly, the switch will send it further to another computer, as indicated in the packet. After which the switch will remove this packet from its random access memory. But if the packet was not formed correctly, i.e. the instructions in it were incorrect, then the package will “die”, i.e. the switch will not send it anywhere, but will immediately delete it from its RAM.

To transfer information to another computer, three identification values ​​must be specified in the sent information packet - mac address, ip address and port. Relatively speaking, a port is a number that the operating system issues to each program that wants to send data to the network. The recipient's IP address is entered by the user, or the program itself receives it, depending on the specifics of the program. The mac address remains unknown, i.e. network adapter number of the recipient's computer. To obtain the necessary data, a “broadcast” request is sent, compiled using the so-called “ARP Address Resolution Protocol”. Below is the structure of the ARP packet.

Now we don’t need to know the values ​​of all the fields in the above picture. Let's focus only on the main ones.

The fields contain the source IP address and destination IP address, as well as the source mac address.

The “Ethernet destination address” field is filled with units (ff:ff:ff:ff:ff:ff). Such an address is called a broadcast address, and such a frame is sent to all “interfaces on the cable”, i.e. all computers connected to the switch.

The switch, having received such a broadcast frame, sends it to all computers on the network, as if addressing everyone with the question: “if you are the owner of this IP address (destination IP address), please tell me your mac address.” When another computer receives such an ARP request, it checks the destination IP address with its own. And if it matches, then the computer, in place of the ones, inserts its mac address, swaps the ip and mac addresses of the source and destination, changes some service information and sends the packet back to the switch, which sends it back to the original computer, the initiator of the ARP request.

This way your computer finds out the mac address of the other computer to which you want to send data. If there are several computers on the network responding to this ARP request, then we get an “IP address conflict.” In this case, it is necessary to change the IP address on the computers so that there are no identical IP addresses on the network.

Building networks

The task of building networks

In practice, as a rule, it is necessary to build networks with at least a hundred computers in them. And in addition to file sharing functions, our network must be secure and easy to manage. Thus, when building a network, three requirements can be distinguished:

1. Easy to operate. If accountant Lida is transferred to another office, she will still need access to the computers of accountants Anna and Yulia. And if the information network is built incorrectly, the administrator may have difficulty giving Lida access to the computers of other accountants in her new place.
2. Security. To ensure the security of our network, access rights to information resources must be differentiated. The network must also be protected from threats to disclosure, integrity, and denial of service. Read more in the book “Attack on the Internet” by Ilya Davidovich Medvedovsky, chapter “Basic concepts of computer security”.
3. Network performance. When building networks there is technical problem- dependence of the transmission speed on the number of computers in the network. How more computers- the lower the speed. With a large number of computers, the network speed can become so low that it becomes unacceptable to the customer.

What causes network speed to slow down when there are a large number of computers? - the reason is simple: due to the large number of broadcast messages (BMS). AL is a message that, upon arriving at the switch, is sent to all hosts on the network. Or, roughly speaking, all computers located on your subnet. If there are 5 computers on the network, then each computer will receive 4 alarms. If there are 200 of them, then each computer in such a large network will receive 199 shs.

There are a large number of applications software modules and services that, for their work, send to the network broadcast messages. Described in paragraph ARP: the address determination protocol is only one of many ALs sent by your computer to the network. For example, when you go to “Network Neighborhood” (Windows OS), your computer sends several more ALs with special information generated using the NetBios protocol in order to scan the network for the presence of computers located in the same working group. After which the OS draws the found computers in the “Network Neighborhood” window and you see them.

It is also worth noting that during the scanning process with one program or another, your computer does not send one broadcast message, but several, for example, in order to install with remote computers virtual sessions or for any other system needs caused by problems with the software implementation of this application. Thus, each computer on the network, in order to interact with other computers, is forced to send many different ALs, thereby loading the communication channel with information that the end user does not need. As practice shows, in large networks, broadcast messages can make up a significant portion of the traffic, thereby slowing down the network activity visible to the user.

Virtual LANs

To solve the first and third problems, as well as to help solve the second problem, the mechanism of dividing the local network into smaller networks, like separate local networks (Virtual Local Area Network), is widely used. Roughly speaking, a VLAN is a list of ports on a switch that belong to the same network. "Same" in the sense that the other VLAN will contain a list of ports belonging to the other network.

In fact, creating two VLANs on one switch is equivalent to buying two switches, i.e. creating two VLANs is the same as dividing one switch into two. In this way, a network of one hundred computers is divided into smaller networks of 5-20 computers - as a rule, this number corresponds to the physical location of the computers for the need for file sharing.

• By dividing the network into VLANs, ease of management is achieved. So, when accountant Lida moves to another office, the administrator just needs to remove the port from one VLAN and add it to another. This is discussed in more detail in the section VLANs, theory.
• VLANs help solve one of the network security requirements, namely the delimitation of network resources. Thus, a student from one classroom will not be able to penetrate the computers of another classroom or the rector’s computer, because they are on actually different networks.
• Because our network is divided into VLANs, i.e. on small “as if networks”, the problem with broadcast messages disappears.

VLANs, theory

Perhaps the phrase “the administrator only needs to remove a port from one VLAN and add it to another” could be unclear, so I will explain it in more detail. The port in this case is not a number issued by the OS to the application, as was described in the Protocol stack paragraph, but a socket (place) where you can attach (insert) an RJ-45 connector. This connector (i.e. the tip to the wire) is attached to both ends of an 8-core wire called a “twisted pair”. The figure shows a Cisco Catalyst 2950C-24 switch with 24 ports:
As stated in paragraph ARP: address determination protocol, each computer is connected to the network by one physical channel. Those. You can connect 24 computers to a 24-port switch. The twisted pair physically penetrates all premises of the enterprise - all 24 wires from this switch extend to different rooms. Let, for example, 17 wires go and connect to 17 computers in the classroom, 4 wires go to the special department office and the remaining 3 wires go to the newly repaired one, new office accounting department And accountant Lida, for special services, was transferred to this very office.

As mentioned above, VLANs can be represented as a list belonging to the network ports. For example, our switch had three VLANs, i.e. three lists stored in the switch's flash memory. In one list the numbers 1, 2, 3... 17 were written, in another 18, 19, 20, 21 and in the third 22, 23 and 24. Lida’s computer was previously connected to port 20. And so she moved to another office. They dragged her old computer to a new office, or she sat down at a new computer - it doesn’t matter. The main thing is that her computer was connected with a twisted pair cable, the other end of which was inserted into port 23 of our switch. And in order for her to continue sending files to her colleagues from her new location, the administrator must remove the number 20 from the second list and add the number 23. Note that one port can belong to only one VLAN, but we will break this rule at the end of this paragraph.

I will also note that when changing a port’s VLAN membership, the administrator does not need to “plug” the wires in the switch. Moreover, he doesn’t even have to get up from his seat. Because the administrator's computer is connected to port 22, with the help of which he can manage the switch remotely. Of course, thanks to special settings, which will be discussed later, only the administrator can manage the switch. For information on how to configure VLANs, read the section VLANs, practice [in the next article].

As you probably noticed, initially (in the section Building networks) I said that there will be at least 100 computers in our network. But only 24 computers can be connected to the switch. Of course, there are switches with more ports. But there are still more computers in the corporate/enterprise network. And to connect an infinitely large number of computers into a network, switches are connected to each other via the so-called trunk port. When configuring the switch, any of the 24 ports can be defined as a trunk port. And there can be any number of trunk ports on the switch (but it is reasonable to do no more than two). If one of the ports is defined as a trunk, then the switch forms all the information received on it into special packets, using the ISL or 802.1Q protocol, and sends these packets to the trunk port.

All the information that came in - I mean, all the information that came to it from other ports. And the 802.1Q protocol is inserted into the protocol stack between Ethernet and the protocol that generated the data that this frame carries.

IN in this example, as you probably noticed, the administrator sits in the same office with Lida, because... The twisted cable from ports 22, 23 and 24 leads to the same office. Port 24 is configured as a trunk port. And the switchboard itself is in the utility room, next to the old accountants’ office and the classroom, which has 17 computers.

The twisted pair cable that goes from port 24 to the administrator’s office is connected to another switch, which in turn is connected to a router, which will be discussed in the following chapters. Other switches that connect the other 75 computers and are located in other utility rooms of the enterprise - they all have, as a rule, one trunk port connected by twisted pair or fiber optic cable to the main switch, which is located in the office with the administrator.

It was said above that sometimes it is reasonable to make two trunk ports. The second trunk port in this case is used to analyze network traffic.

This is roughly what building networks of large enterprises looked like during the times Cisco switch Catalyst 1900. You've probably noticed two big disadvantages of such networks. Firstly, using a trunk port causes some difficulties and creates unnecessary work when configuring the equipment. And secondly, and most importantly, let’s assume that our “networks” of accountants, economists and dispatchers want to have one database for three. They want the same accountant to be able to see the changes in the database that the economist or dispatcher made a couple of minutes ago. To do this, we need to make a server that will be accessible to all three networks.

As mentioned in the middle of this paragraph, a port can only be in one VLAN. And this is true, however, only for switches of the Cisco Catalyst 1900 series and older and for some younger models, such as the Cisco Catalyst 2950. For other switches, in particular the Cisco Catalyst 2900XL, this rule can be broken. When configuring ports in such switches, each port can have five operating modes: Static Access, Multi-VLAN, Dynamic Access, ISL Trunk and 802.1Q Trunk. The second mode of operation is exactly what we need for the above task - to provide access to the server from three networks at once, i.e. make the server belong to three networks at the same time. This is also called VLAN crossing or tagging. In this case, the connection diagram may look like this.

Interaction between computers on the Internet is carried out through network protocols, which are an agreed upon set of specific rules according to which different data transmission devices exchange information. There are protocols for error control formats and other types of protocols. The most commonly used protocol in global internetworking is TCP-IP.

What kind of technology is this? The name TCP-IP comes from two network protocols: TCP and IP. Of course, the construction of networks is not limited to these two protocols, but they are basic as far as the organization of data transmission is concerned. In fact, TCP-IP is a set of protocols that allows individual networks to come together to form

The TCP-IP protocol, which cannot be described only by the definitions of IP and TCP, also includes the protocols UDP, SMTP, ICMP, FTP, telnet, and more. These and other TCP-IP protocols provide the most complete operation of the Internet.

Below we provide a detailed description of each protocol included in general concept TCP-IP.

. Internet protocol(IP) is responsible for the direct transmission of information on the network. The information is divided into parts (in other words, packets) and transmitted to the recipient from the sender. For accurate addressing, you need to specify the exact address or coordinates of the recipient. Such addresses consist of four bytes, which are separated from each other by dots. Each computer's address is unique.

However, using the IP protocol alone may not be enough for correct data transmission, since the volume of most of the transmitted information is more than 1500 characters, which no longer fits into one packet, and some packets may be lost during transmission or sent in the wrong order, what is needed.

. Transmission Control Protocol(TCP) is used at a higher level than the previous one. Based on the IP protocol's ability to carry information from one host to another, the TCP protocol allows large amounts of information to be sent. TCP is also responsible for dividing transmitted information into separate parts - packets - and correctly recovering data from packets received after transmission. In this case, this protocol automatically repeats the transmission of packets that contain errors.

Management of the organization of data transfer in large volumes can be carried out using a number of protocols that have special functional purpose. In particular, there are the following types of TCP protocols.

1. FTP(File Transfer Protocol) organizes file transfer and is used to transfer information between two Internet nodes using TCP connections in the form of a binary or simple text file, as a named area in computer memory. In this case, it does not matter where these nodes are located and how they are connected to each other.

2. User Datagram Protocol, or User Datagram Protocol, is connection independent and transmits data in packets called UDP datagrams. However, this protocol is not as reliable as TCP because the sender does not know whether the packet was actually received.

3. ICMP(Internet Control Message Protocol) exists to transmit error messages that occur during data exchange on the Internet. However, the ICMP protocol only reports errors, but does not eliminate the reasons that led to these errors.

4. Telnet- which is used for implementation text interface on the network using TCP transport.

5. SMTP(Simple Mail Transfer Protocol) is a special electronic message that defines the format of messages that are sent from one computer, called an SMTP client, to another computer running an SMTP server. In this case, this transfer can be delayed for some time until the work of both the client and the server is activated.

Data transmission scheme via TCP-IP protocol

1. The TCP protocol breaks the entire amount of data into packets and numbers them, packing them into TCP envelopes, which allows you to restore the order in which parts of information are received. When data is placed in such an envelope, a calculation occurs checksum, which is then written to the TCP header.

3. TCP then checks to see if all packets have been received. If, during reception, the newly calculated one does not coincide with that indicated on the envelope, this indicates that some of the information was lost or distorted during transmission, the TCP-IP protocol again requests the forwarding of this packet. Confirmation of the receipt of data from the recipient is also required.

4. After confirming the receipt of all packets, the TCP protocol orders them accordingly and reassembles them into a single whole.

The TCP protocol uses repeated data transmissions and waiting periods (or timeouts) to ensure reliable delivery of information. Packets can be transmitted in two directions simultaneously.

Thus, TCP-IP eliminates the need for retransmissions and waits for application processes (such as Telnet and FTP).

The Internet, which is a network of networks and unites a huge number of different local, regional and corporate networks, operates and develops through the use of a single TCP/IP data transfer protocol. The term TCP/IP includes the name of two protocols:

Transmission Control Protocol (TCP) - transport protocol;

Internet Protocol (IP) is a routing protocol.

Routing protocol. The IP protocol ensures the transfer of information between computers on a network. Let's consider the operation of this protocol by analogy with the transfer of information using regular mail. In order for the letter to reach its intended destination, the address of the recipient (who the letter is to) and the address of the sender (from whom the letter is from) are indicated on the envelope.

Similarly, information transmitted over the network is “packed in an envelope” on which the IP addresses of the recipient’s and sender’s computers are “written”, for example “To: 198.78.213.185”, “From: 193.124.5.33”. The contents of the envelope in computer language are called an IP packet and are a set of bytes.

In the process of forwarding regular letters, they are first delivered to the nearest address to the sender. Postal office, and then are transmitted along the chain of post offices to the post office closest to the recipient. At intermediate post offices, letters are sorted, that is, it is determined to which next post office a particular letter should be sent.

On the way to the recipient computer, IP packets also pass through numerous intermediate Internet servers where the routing operation is performed. As a result of routing, IP packets are sent from one Internet server to another, gradually approaching the recipient computer.

Internet Protocol (IP) provides routing of IP packets, that is, the delivery of information from the sending computer to the receiving computer.

Determining the route for information to pass through. The “geography” of the Internet differs significantly from the geography we are accustomed to. The speed of obtaining information does not depend on the distance of the Web server, but on the number of intermediate servers and the quality of communication lines (their capacity) through which information is transmitted from node to node.

You can get acquainted with the route of information on the Internet quite simply. The special program tracert.exe, which is included in Windows composition, allows you to track through which servers and with what delay information is transferred from the selected Internet server to your computer.

Let's see how access to information is implemented in the "Moscow" part of the Internet to one of the most popular search servers Russian Internet www.rambler.ru.

Determining the route of information passage

1. Connect to the Internet, enter the command [Programs-MS-DOS Session].

2. In the MS-DOS Session window, in response to the system prompt, enter the command.

3. After some time, a trace of information transfer will appear, that is, a list of nodes through which information is transmitted to your computer, and the time of transmission between nodes.

Route tracing transmission of information shows that the server www.rambler.ru is located at a “distance” of 7 transitions from us, i.e. information is transmitted through six intermediate Internet servers (through the servers of the Moscow providers MTU-Inform and Demos). The speed of information transfer between nodes is quite high; one “transition” takes from 126 to 138 ms.

Transport protocol. Now let’s imagine that we need to send a multi-page manuscript by mail, but the post office does not accept parcels or parcels. The idea is simple: if the manuscript does not fit into a regular postal envelope, it must be disassembled into sheets and sent in several envelopes. In this case, the sheets of the manuscript must be numbered so that the recipient knows in what sequence these sheets will be combined later.

A similar situation often occurs on the Internet when computers exchange large files. If you send such a file as a whole, it can “clog” the communication channel for a long time, making it inaccessible for sending other messages.

To prevent this from happening, the sending computer must be set to large file into small parts, number them and transport them in separate IP packets to the recipient computer. On the recipient computer you need to collect original file from individual parts in the correct sequence.

Transmission Control Protocol (TCP), that is, a transport protocol, ensures that files are split into IP packets during transmission and files are assembled during reception.

Determining the time of IP packet exchange. The time for the exchange of IP packets between the local computer and the Internet server can be determined using the ping utility, which is part of the Windows operating system. The utility sends four IP packets via specified address and shows the total transmission and reception time for each packet

73. Searching for information on the Internet.

There is a largely fair opinion that today the Internet “has everything” and the only problem is how to find the necessary information. The very open architecture of the Network means that it lacks any centralization and the most valuable data for you, which you have unsuccessfully searched all over the world, may turn out to be located on a server in the same city as you. There are two complementary approaches to collecting information about Internet resources: creating indexes And creating directories:

With the first method, powerful search servers continuously “search” the Internet, creating and expanding Database, containing information about which documents on the Network contain certain keywords. Thus, in reality the search takes place not on Internet servers, which would be technically impossible, but on the database of a search engine, and the absence of suitable information found upon request does not mean that it is not on the Internet - you can try using another search tool or resource directory. Search server databases are not only replenished automatically. On any major search engine It is possible to index your site and add it to the database. The advantage of the search server is the ease of working with it, the disadvantage is the low degree of selection of documents upon request.

In the second case, the server is organized as library catalog, containing a hierarchy of sections and subsections that store links to documents that correspond to the topic of the subsection. The catalog is usually replenished by the users themselves after checking the data they entered by the server administration. A resource catalog is always better organized and structured, but it takes time to find the right category, which, moreover, is not always easy to define. In addition, the size of the directory is usually less than the number of sites indexed by the search engine.

Working with search servers. When entering home page search server, just type your query in the input field in the form of a set of keywords and press Enter or the start search button.

Queries can contain any words, and it is not necessary to worry about cases and declensions - for example, the queries “philosophy essay” and “philosophy essay” are quite correct.

Modern search servers understand natural language quite well, however, many of them retain advanced or special search capabilities that allow you to search for words by mask, combine query words with logical operations “AND”, “OR”, etc.

After completing the database search, the server displays the first batch of 10 or more documents containing the keywords. In addition to the link, there are usually several lines of text describing the document or just its beginning. Opening links in a new or the same browser window, you can move to the selected documents, and the link line at the bottom of the page allows you to move to the next portion of documents. This line looks something like this:

Different servers sort found documents in different ways - by date of creation, by document traffic, by the presence of all or part of the query words in the document ( relevance), some servers allow you to narrow your search by selecting the category of the document you are looking for on the main page - for example, the query “banks” in the “business world” category is unlikely to find information about cans.

Among the popular Russian-language search tools we can name servers Yandex, Aport And Rambler, indexing tens of thousands of servers and tens of millions of documents. Popular from foreign servers Altavista, Excite, Hotbot, Lycos, WebCrawler, OpenText.

Finally, there are many pages on the Internet for metasearch, allowing you to access several popular search servers at once with the same query - look, for example, at the pages http://www.find.ru/ or http://www.rinet.ru/buki/.

Working with resource catalogs. When we enter the main page of the catalog, we find ourselves in an extensive menu or table for selecting categories, each of which can contain nested subcategories. There is no standard here, but still the directory structures are very similar, everywhere you can find sections “business” or “business world”, “computers”, “programming” or “Internet”, “humor” or “hobbies”, etc. . By moving through categories, you can get to links to specific documents, which, just like on a search server, are issued in portions and are accompanied by brief information.

Today there are many large directories with tens of thousands of links, from domestic directories we can name http://www.list.ru/, http://www.weblist.ru/, http://www.stars.ru/, http://www.au.ru/, http://www.ru/, http://www.ulitka.ru/, and from foreign ones - Yahoo, Magellan.

Often the catalog also has a form for searching by keywords among the documents listed in it.

Search rules. Some simple tips related to Internet searches.

clearly define in advance the topic of your search, keywords and the time you are willing to spend on this search; select a search server - it is useful to store links to the best of them in Favorites;

do not be afraid natural language, but check the spelling of words, for example, using Microsoft Word;

use capital letters only in names and titles. Many search engines will correctly process the query “abstract”, but not “Abstract”;

IN modern world information spreads in seconds. The news has just appeared, and a second later it is already available on some website on the Internet. The Internet is considered one of the most useful developments of the human mind. To enjoy all the benefits that the Internet provides, you need to connect to this network.

Few people know that the simple process of visiting web pages involves a complex system of actions, invisible to the user. Each click on a link activates hundreds of different computational operations at the heart of the computer. These include sending requests, receiving responses, and much more. The so-called TCP/IP protocols are responsible for every action on the network. What are they?

Any Internet protocol TCP/IP operates at its own level. In other words, everyone does their own thing. The entire TCP/IP protocol family does a tremendous amount of work simultaneously. And the user at this time sees only bright pictures and long lines text.

The concept of a protocol stack

The TCP/IP protocol stack is an organized set of basic network protocols, which is hierarchically divided into four levels and is a system for transport distribution of packets over a computer network.

TCP/IP is the most famous network protocol stack used in this moment. The principles of the TCP/IP stack apply to both local and wide area networks.

Principles of using addresses in the protocol stack

The TCP/IP network protocol stack describes the paths and directions in which packets are sent. This is the main task of the entire stack, performed at four levels that interact with each other using a logged algorithm. To ensure that the packet is sent correctly and delivered exactly to the point that requested it, IP addressing was introduced and standardized. This was due to the following tasks:

• Addresses various types, must be agreed upon. For example, converting a website domain to a server's IP address and back, or converting a host name to an address and back. In this way, it becomes possible to access the point not only using the IP address, but also by its intuitive name.
• Addresses must be unique. This is because in some special cases the packet must reach only one specific point.
• The need to configure local area networks.

In small networks where several dozen nodes are used, all these tasks are performed simply, using the simplest solutions: compiling a table describing the ownership of the machine and its corresponding IP address, or you can manually distribute IP addresses to all network adapters. However, for large networks with a thousand or two thousand machines, the task of manually issuing addresses does not seem so feasible.

That is why a special approach was invented for TCP/IP networks, which became distinctive feature protocol stack. The concept of scalability was introduced.

Layers of the TCP/IP protocol stack

There is a certain hierarchy here. The TCP/IP protocol stack has four layers, each of which handles its own set of protocols:

Application layer: created to enable the user to interact with the network. At this level, everything that the user sees and does is processed. The level allows the user to access various network services, for example: access to databases, the ability to read a list of files and open them, send electronic message or open a web page. Along with user data and actions, service information is transmitted at this level.

Transport layer: This is a pure packet transmission mechanism. At this level, neither the contents of the package nor its affiliation with any action matter at all. At this level, only the address of the node from which the packet is sent and the address of the node to which the packet should be delivered matters. As a rule, the size of fragments transmitted using different protocols can change, therefore, at this level, blocks of information can be split up at the output and assembled into a single whole at the destination. This causes possible data loss if, at the time of transmission of the next fragment, a short-term connection break occurs.

The transport layer includes many protocols, which are divided into classes, from the simplest ones, which simply transmit data, to complex ones, which are equipped with the functionality of acknowledging receipt, or re-requesting a missing block of data.

This level provides the higher (application) level with two types of services:

• Provides guaranteed delivery using the TCP protocol.
  
• Delivers via UDP whenever possible .

To ensure guaranteed delivery, a connection is established according to the TCP protocol, which allows packets to be numbered at the output and confirmed at the input. The numbering of packets and confirmation of reception is the so-called service information. This protocol supports transmission in "Duplex" mode. In addition, thanks to the well-thought-out regulations of the protocol, it is considered very reliable.

The UDP protocol is intended for moments when it is impossible to configure transmission via the TCP protocol, or you have to save on the network data transmission segment. Also UDP protocol can interact with more protocols high level, to improve the reliability of packet transmission.

Network layer or "Internet layer": the base layer for the entire TCP/IP model. The main functionality of this layer is identical to the layer of the same name in the OSI model and describes the movement of packets in a composite network consisting of several smaller subnets. It links adjacent layers of the TCP/IP protocol.

The network layer is the connecting layer between the higher transport layer and the lower level of network interfaces. The network layer uses protocols that receive a request from the transport layer, and through regulated addressing, transmit the processed request to the network interface protocol, indicating to which address to send the data.

At this level the following are used network protocols TCP/IP: ICMP, IP, RIP, OSPF. The main and most popular at the network level is, of course, the IP (Internet Protocol). Its main task is to transmit packets from one router to another until a unit of data reaches network interface destination node. The IP protocol is deployed not only on hosts, but also on network equipment: routers and managed switches. The IP protocol operates on the principle of best-effort, non-guaranteed delivery. That is, there is no need to establish a connection in advance to send a packet. This option leads to saving traffic and time on the movement of unnecessary service packets. The packet is routed towards its destination, and it is possible that the node remains unreachable. In this case, an error message is returned.

Network interface level: is responsible for ensuring that subnetworks with different technologies can interact with each other and transmit information in the same mode. This is accomplished in two simple steps:

• Encoding a packet into an intermediate network data unit.
• Converts the destination information into the required subnet standards and sends the data unit.

This approach allows us to constantly expand the number of supported networking technologies. As soon as it appears new technology, it immediately fits into the TCP/IP protocol stack and allows networks with older technologies to transfer data to networks built using more advanced technologies. modern standards and ways.

Units of data transferred

During the existence of such a phenomenon as the TCP/IP protocols, standard terms in terms of units of transmitted data. Data during transmission can be fragmented in different ways, depending on the technologies used by the destination network.

To have an idea of ​​what is happening with the data and at what point in time, it was necessary to come up with the following terminology:

• Data stream- data that arrives at the transport layer from protocols of a higher application layer.
• A segment is a fragment of data into which a stream is divided according to TCP protocol standards.
• Datagram(especially illiterate people pronounce it as “Datagram”) - units of data that are obtained by splitting a stream using connectionless protocols (UDP).
• Plastic bag- a unit of data produced via the IP protocol.
• The TCP/IP protocols package IP packets into blocks of data transmitted over composite networks, called personnel or frames.

Types of TCP/IP protocol stack addresses

Any TCP/IP data transfer protocol uses one of the following address types to identify hosts:

• Local (hardware) addresses.
• Network addresses (IP addresses).
• Domain names.

Local addresses (MAC addresses) - used in most local area network technologies to identify network interfaces. When talking about TCP/IP, the word local means an interface that operates not in a composite network, but within a separate subnet. For example, the subnet of an interface connected to the Internet will be local, and the Internet network will be composite. A local network can be built on any technology, and regardless of this, from the point of view of a composite network, a machine located in a separately dedicated subnet will be called local. Thus, when a packet enters the local network, its IP address is then associated with the local address, and the packet is sent to the MAC address of the network interface.

Network addresses (IP addresses). TCP/IP technology provides its own global addressing of nodes to solve a simple problem - combining networks with different technologies into one large data transmission structure. IP addressing is completely independent of the technology used on the local network, but an IP address allows a network interface to represent a machine on a composite network.

As a result, a system was developed in which hosts are assigned an IP address and a subnet mask. The subnet mask shows how many bits are allocated to the network number, and how many to the host number. An IP address consists of 32 bits, divided into blocks of 8 bits.

When a packet is transmitted, it is assigned information about the network number and the node number to which the packet should be sent. First, the router forwards the packet to the desired subnet, and then a host is selected that is waiting for it. This process is carried out by the Address Resolution Protocol (ARP).

Domain addresses on TCP/IP networks are managed by a specially designed Domain Name System (DNS). To do this, there are servers that match the domain name, presented as a string of text, with the IP address, and send the packet in accordance with global addressing. There is no correspondence between a computer name and an IP address, so in order to convert a domain name to an IP address, the sending device must access the routing table that is created on the DNS server. For example, we write the site address in the browser, the DNS server matches it with the IP address of the server on which the site is located, and the browser reads the information, receiving a response.

In addition to the Internet, it is possible to issue computers domain names. Thus, the process of working on a local network is simplified. There is no need to remember all IP addresses. Instead, you can give each computer any name and use it.

IP address. Format. Components. Subnet mask

An IP address is a 32-bit number, which in traditional representation is written as numbers from 1 to 255, separated by dots.

Type of IP address in various recording formats:

• Decimal IP address: 192.168.0.10.
• Binary form of the same IP address: 11000000.10101000.00000000.00001010.
• Recording an address in hexadecimal system notation: C0.A8.00.0A.

There is no separator between the network ID and the point number in the entry, but the computer is able to separate them. There are three ways to do this:

1. Fixed border. With this method, the entire address is conditionally divided into two parts of a fixed length, byte by byte. Thus, if we give one byte for the network number, then we will get 2 8 networks of 2 24 nodes each. If the border is moved another byte to the right, then there will be more networks - 2 16, and fewer nodes - 2 16. Today, the approach is considered obsolete and is not used.
2. Subnet mask. The mask is paired with an IP address. The mask has a sequence of values ​​"1" in those bits that are allocated to the network number, and a certain number of zeros in those places of the IP address that are allocated to the node number. The boundary between ones and zeros in the mask is the boundary between the network ID and the host ID in the IP address.
3. Address classes method. Compromise method. When using it, network sizes cannot be selected by the user, but there are five classes - A, B, C, D, E. Three classes - A, B and C - are intended for various networks, and D and E are reserved for special-purpose networks . In a class system, each class has its own boundary of network number and node ID.

IP Address Classes

TO class A These include networks in which the network is identified by the first byte, and the remaining three are the node number. All IP addresses that have a first byte value from 1 to 126 in their range are class A networks. There are very few class A networks in quantity, but each of them can have up to 2 24 points.

Class B- networks in which the two highest bits are equal to 10. In them, 16 bits are allocated for the network number and point identifier. As a result, it turns out that the number of class B networks in big side differs from the number of class A networks quantitatively, but they have a smaller number of nodes - up to 65,536 (2 16) pieces.

On networks class C- there are very few nodes - 2 8 in each, but the number of networks is huge, due to the fact that the network identifier in such structures takes up three bytes.

Networks class D- already relate to special networks. It starts with the sequence 1110 and is called a multicast address. Interfaces with class A, B and C addresses can be part of a group and receive, in addition to the individual address, a group address.

Addresses class E- in reserve for the future. Such addresses begin with the sequence 11110. Most likely, these addresses will be used as group addresses when there is a shortage of IP addresses on the global network.

Setting up the TCP/IP protocol

Setting up the TCP/IP protocol is available on all operating systems. These are Linux, CentOS, Mac OS X, Free BSD, Windows 7. The TCP/IP protocol only requires a network adapter. Of course, server operating systems are capable of more. The TCP/IP protocol is very widely configured using server services. IP addresses in regular desktop computers set in settings network connections. It's being configured there network address, gateway - IP address of a point that has access to global network, and the addresses of the points where the DNS server is located.

Internet protocol TCP/IP can be configured in manual mode. Although this is not always necessary. You can receive TCP/IP protocol parameters from the dynamically distributed server address in automatic mode. This method is used in large corporate networks. On a DHCP server you can map local address to the network one, and as soon as a machine with a given IP address appears on the network, the server will immediately give it a pre-prepared IP address. This process is called reservation.

TCP/IP Address Resolution Protocol

The only way to establish a relationship between a MAC address and an IP address is by maintaining a table. If there is a routing table, each network interface is aware of its addresses (local and network), but the question arises of how to properly organize the exchange of packets between nodes using the TCP/IP 4 protocol.

Why was Address Resolution Protocol (ARP) invented? In order to link the TCP/IP family of protocols and other addressing systems. An ARP mapping table is created on each node and is populated by polling the entire network. This happens every time the computer is turned off.

ARP table

This is what an example of a compiled ARP table looks like.