Networking and Protocols Lecture

if you need to move a box from one place to the other a common way to accomplish that is to get a moving truck we can put boxes in the moving truck move that box to another location and unload the moving truck in the case of networking the road that we're driving on is the network so if you've got a wireless network a dsl network a cable modem network or you have an ethernet switch that is the road that we're using to transport this particular package in this metaphor the truck itself is what we will consider internet protocol or ip we've designed all of these networks so that this type of truck can move most efficiently between one point and another in each moving truck is a box and inside of that box is your data the moving truck has no idea what's inside of that box all it knows is that it has one job which is to put the box in the back of the truck transport it across the network and unload that box on the other side if you were to open up the box there would be a certain type of information inside it may be specific to a certain application or particular function on your network you can think of the information in this box as belonging to a particular room in your house so when the box is delivered that box needs to be moved to the bathroom the kitchen or the living room it's this encapsulation process that allows us to move all kinds of data across the network so we would have application data we would put inside of a box we would place that box inside of a truck that truck would then move across the network and on the other side we removed the box from the truck we open up the box and we take out the application data if you were to look at this visually this is the way that our networks operate on one side may be your device a workstation a client a laptop computer and on the other side is a server this could be a web server or a mail server or any other type of server that you'd be connecting to this client is going to send information to this server and if this is across an ethernet network then everything inside of that ethernet packet is what we call our ethernet payload in ethernet we also have a header at the beginning of this particular frame and an ethernet trailer that's at the end of the frame this ethernet payload could have anything inside of it but as you're probably aware the most popular protocol we use on our networks is the internet protocol or ip so our ethernet payload will have an ip header and then there will be an ip payload within that particular part of the frame obviously the ip payload has information inside of it this could be tcp data with a tcp header and a tcp payload and as you probably can expect that tcp payload can be separated out into different types of data so for this entire ethernet frame inside we have ip inside of ip we have tcp and inside of tcp we have http data let's drill down into this ip packet at the tcp protocol and the udp protocol tcp and udp are transported inside of that ip packet we commonly say that they are encapsulated within ip and they are two very common ways to move data from one part of the network to the other you may be using tcp for some applications and udp for other applications you might also hear someone refer to tcp or udp as operating at the transport layer of the osi model sometimes we refer to this as osi layer 4. you may think that ip is all you would need to be able to move data from one part of the network to the other and in many ways you would be correct but tcp and udp add additional capabilities that ip can't provide for example these provide multiplexing so that you can have many different applications on your system communicating to a separate server all simultaneously so your workstation is sending a lot of information for a lot of different applications to this server and the server is able to determine what applications are in use through the use of this multiplexing let's really break down the difference between tcp and udp tcp stands for the transmission control protocol we often refer to this as a connection oriented protocol that's because there is a formal process to set up the flow from one device to the other and a formal process to tear down that flow when the conversation is over we sometimes refer to tcp as reliable delivery this doesn't mean that tcp somehow works better or faster than other protocols on the network it means that tcp has a built-in system to ensure that data that has been sent has been verified as being received on the other side this allows us with a number of different features behind the scenes and one of the most important is that tcp can reorder messages that may have been received out of order which sometimes can happen on networks that have multiple links to a single location and tcp can manage a retransmission process so that any data is not received by the destination that information can be resent from the source tcp also has a flow control mechanism so that if a device feels that it's receiving information too quickly it can tell the other side to slow down the process so that information can be received at a more reasonable rate udp is the user datagram protocol with tcp we had a connection oriented flow but udp is a connectionless flow there is no formal process to set up a traffic flow and there's no formal process to tear that down at the end udp simply sends data from one place to the other and it's a very simple transaction to be able to send information across the network because there's no acknowledgement being sent by the destination device we refer to udp as unreliable again this doesn't mean that udp does not work as well as any other protocol on the network it only means that we have no receipt or any knowledge that the information that we've sent was really received by the device on the other side with tcp we had a way to regulate the flow of communication across the network but because this is a single conversation between one device and another there's no flow control on udp and no way to determine whether a device should slow down or send information faster if you compare these two protocols it does sound like udp is not as functional and therefore may not be the best choice for sending information over our network but in reality udp plays a very important role in being able to send information very quickly over the network udp is most associated with real-time communication communication where you can't stop re-transmit information and then catch up with yourself if you're on a phone call there's no way to rewind the conversation and send a packet that may have been missed a second or two ago with udp we simply send the data if it makes it to the other side then we were successful if the information was dropped along the way we simply keep the conversation going an example of protocols that use this connectionless form of communication is dhcp which is the dynamic host configuration protocol this is the protocol that we use to automatically assign ip addresses to our devices and another protocol that uses udp is tftp or the trivial file transfer protocol which uses udp as its transport mechanism since both of these protocols are using udp information is simply sent across the network with no type of acknowledgement that the data was received on the other side it's up to the application therefore to keep track of who has received information and who has not received information so in the example we gave before dhcp is responsible for making sure that information may have been received by the other side so if it sends information and doesn't receive a response dhcp is responsible for resending that data over the network with tcp we receive an acknowledgement for any packets that are sent over the network an example of protocols that take advantage of this return receipt functionality is https that's the hypertext transfer protocol secure commonly used to send information in our web browsers and protocols like secure shell or ssh which provide us with an encrypted form of terminal communication between our systems if our https data between a web server and a client somehow loses a packet between point a and point b tcp will recognize that that packet was missing it will ask to retransmit that information and the retransmitted data is sent over the network all of this happens automatically with tcp and https and ssh don't have to worry about managing the process of getting data from one side to the other so far in our moving truck metaphor we know that we have our ip delivery truck this truck is moving information from one physical address in the world of networking this is one ip address and it's delivering it to another ip address just as every house that's on your block has a unique mailing address every computer that's inside your network has a unique ip address at this point our moving truck ip has taken information from one ip address and moved it to another ip address once that box is received at the destination ip address there is more information that needs to be examined on the label to determine where that box is to go inside of the house inside of your house for example you have many different rooms there's a bathroom a kitchen a living room and a bedroom and when this box is delivered we have to determine what room is going to receive that box in the case of tcp and udp there's an additional piece of information that's added to all of those conversations and that piece of information is a port number that port number determines what room in the house is going to receive this data or in the case of an actual server what application on the server is going to receive this data the port number is written on the outside of the box so when the box is received at the front door we can look at the box and see oh that box needs to go to the bedroom in the case of port numbers each room has a number and we know that the bedroom is port 80 we have a living room of port 443 our bathroom is port 25 and the kitchen will be port 123. when we receive the box in the front door we look at the port number it says port 80 so we can move this box inside of the house and deliver it into the bedroom in the case of our server we have four different services running on the same ip address we have a web server sending unencrypted data on port 80. we have a web server sending encrypted data on port 443 we've got a mail server on port 25 and a time server on port 123. when this packet is received by our ip address at the front door we examine the port number and if the port number says this is for the service running at port 443 that packet is delivered into that service that's running on that device this is where the multiplexing feature comes from that i mentioned earlier this front door is going to be receiving a lot of boxes destined for this ip address and the port number allows us to know exactly what service running on this device will be receiving that data so to complete this traffic flow between these two devices we need some information the first would be the server's ip address a protocol that would be in use such as tcp or udp and for that protocol what server application port number should be assigned for that in the example we had before we had the house that had four different ports running inside of that house for port 80 port 443 port 25 and port 123 those are all associated with the server ip address the protocol and the application port numbers the client communicating with that server also has an ip address it's communicating using tcp or udp and there are port numbers that it is using to send that data so that when a response is received we know exactly what that response is associated with it's important on our server that the port numbers we're communicating with are well known for example if the browser on a client wants to communicate with a web server we know that that web server commonly uses tcp port 80 and tcp port 443 every web server we communicate with we'll use those same port numbers so that we know exactly where that service is located on that ip address because these port numbers are usually permanent we refer to them as non-ephemeral ports this means they are non-temporary port numbers that tend to be the same every time we access that device port number 80 is commonly associated with http port number 443 is commonly associated with https and if you go to any web server that's usually the port numbers that will be in use if you were to look at those port numbers they're commonly between port 0 and port 1023 but these port numbers can really be anything as long as they're port numbers that are commonly known and well known across multiple devices when you're communicating to the server you need a port number on your device that you can associate with this particular traffic flow these are usually temporary port numbers and once that traffic flow is over we'll no longer use that port number we refer to these as ephemeral ports or temporary port numbers and commonly an operating system will assign a port number between 1024 and 65535 but this is often configured in the operating system itself and it's assigned in real time as you're using these applications if you were to look at a protocol decode of these conversations both tcp and udp can therefore use any port number between zero and sixty five thousand five hundred and thirty five as we mentioned most services are going to use non-ephemeral or non-temporary port numbers but that's not always the case there are some applications that use dynamic port numbers that can change dramatically from one device to the other just keep in mind that this is simply a number associated with that service and if we know that then we're able to communicate with that service and have a conversation to send data you might also think that you could change the port number on the server to something that is not well known and that would be more secure because it might hide the application or keep other people from accessing that application but port numbers are not designed to be a security mechanism they're simply designed to allow you to access those services on that particular device it's relatively easy to use a port scanner to find all of the open ports on a particular server and then begin to do more research to determine what service is really running on that port this means when you access all of the different sites that you visit on the internet that all of those sites are going to be using the same port numbers which are well known this allows you to simply type in the name of the website and you're immediately connected to that site and able to transfer data if all of those different websites used completely different port numbers we would have to have another mechanism in place to somehow determine what the appropriate port number might be for that individual site you can see why having well-known port numbers makes the process so much simpler although these port numbers can range between port 0 and port 65535 tcp has its own set of port numbers that are different than udp's port numbers this means that there could be a service running on tcp port 80 but a completely different service running on udp port 80. as you can imagine having one service running on tcp port 80 and another service running on udp port 80 could be a bit confusing which is why we don't tend to do that in normal operation so let's take a scenario from the picture we looked at earlier we have a client on the left side its ip address is 10.0.0.1 it is communicating to a server on the other side its ip address is 10.0.0.2 and you can see there is web server traffic communicating over tcp port 80 to this server this server is also a voice over ip server using traffic communicating over udp port 5004 this server is also an email server communicating over tcp port 143 we want to send information from this client to the server we'll send web server traffic with http data inside of it we'll send voip traffic there's the voip data inside of that packet and email traffic with email data inside of the packet if we were to look at this a little bit closer we would see the comparison of port numbers on both sides of the conversation so we have these two devices the client and the server and you can see the source ip address of 10.0.0.1 that's our client and the destination ip address of 10.0.0.2 which is our server when the client wants to send data to the server it's sending http data so we know we're going to be sending data to a destination port of port 80. for our web traffic we know that that's going to use tcp data and we know the well-known port for web traffic for this server is tcp destination port 80. but we need some port number to send this information from so this client will pick a random port number and in this example this client picked the random port number of three thousand so the tcp source port is three thousand heading to a tcp destination port which is a well-known port of port 80 on the server to be able to send the http data at the same time this client wants to communicate to the server using voice over ip our source and destination ip is the same you can see that udp is being used in this scenario because we are using voip traffic and voip traffic uses udp the destination port is 5004 which is the well-known port number for this voip server and we picked a random port number to send this traffic over udp using port 7100. the same thing applies for the third conversation that's occurring simultaneously where the source and destination ip address in this example are identical the destination port number is tcp port 143 because this is email traffic and this client picked a random source port of tcp port 4407 to send this email data you can see that we're sending a lot of information simultaneously across the network but because we're using ip addresses and port numbers the server knows exactly where this traffic goes once it's received by this destination device you

if you need to move a box from one place to the other a common way to accomplish that is to get a moving truck we can put boxes in the moving truck move that box to another location and unload the moving truck in the case of networking the road that we&#39;re driving on is the network so if you&#39;ve got a wireless network a dsl network a cable modem network or you have an ethernet switch that is the road that we&#39;re using to transport this particular package in this metaphor the truck itself is what we will consider internet protocol or ip we&#39;ve designed all of these networks so that this type of truck can move most efficiently between one point and another in each moving truck is a box and inside of that box is your data the moving truck has no idea what&#39;s inside of that box all it knows is that it has one job which is to put the box in the back of the truck transport it across the network and unload that box on the other side if you were to open up the box there would be a certain type of information inside it may be specific to a certain application or particular function on your network you can think of the information in this box as belonging to a particular room in your house so when the box is delivered that box needs to be moved to the bathroom the kitchen or the living room it&#39;s this encapsulation process that allows us to move all kinds of data across the network so we would have application data we would put inside of a box we would place that box inside of a truck that truck would then move across the network and on the other side we removed the box from the truck we open up the box and we take out the application data if you were to look at this visually this is the way that our networks operate on one side may be your device a workstation a client a laptop computer and on the other side is a server this could be a web server or a mail server or any other type of server that you&#39;d be connecting to this client is going to send information to this server and if this is across an ethernet network then everything inside of that ethernet packet is what we call our ethernet payload in ethernet we also have a header at the beginning of this particular frame and an ethernet trailer that&#39;s at the end of the frame this ethernet payload could have anything inside of it but as you&#39;re probably aware the most popular protocol we use on our networks is the internet protocol or ip so our ethernet payload will have an ip header and then there will be an ip payload within that particular part of the frame obviously the ip payload has information inside of it this could be tcp data with a tcp header and a tcp payload and as you probably can expect that tcp payload can be separated out into different types of data so for this entire ethernet frame inside we have ip inside of ip we have tcp and inside of tcp we have http data let&#39;s drill down into this ip packet at the tcp protocol and the udp protocol tcp and udp are transported inside of that ip packet we commonly say that they are encapsulated within ip and they are two very common ways to move data from one part of the network to the other you may be using tcp for some applications and udp for other applications you might also hear someone refer to tcp or udp as operating at the transport layer of the osi model sometimes we refer to this as osi layer 4. you may think that ip is all you would need to be able to move data from one part of the network to the other and in many ways you would be correct but tcp and udp add additional capabilities that ip can&#39;t provide for example these provide multiplexing so that you can have many different applications on your system communicating to a separate server all simultaneously so your workstation is sending a lot of information for a lot of different applications to this server and the server is able to determine what applications are in use through the use of this multiplexing let&#39;s really break down the difference between tcp and udp tcp stands for the transmission control protocol we often refer to this as a connection oriented protocol that&#39;s because there is a formal process to set up the flow from one device to the other and a formal process to tear down that flow when the conversation is over we sometimes refer to tcp as reliable delivery this doesn&#39;t mean that tcp somehow works better or faster than other protocols on the network it means that tcp has a built-in system to ensure that data that has been sent has been verified as being received on the other side this allows us with a number of different features behind the scenes and one of the most important is that tcp can reorder messages that may have been received out of order which sometimes can happen on networks that have multiple links to a single location and tcp can manage a retransmission process so that any data is not received by the destination that information can be resent from the source tcp also has a flow control mechanism so that if a device feels that it&#39;s receiving information too quickly it can tell the other side to slow down the process so that information can be received at a more reasonable rate udp is the user datagram protocol with tcp we had a connection oriented flow but udp is a connectionless flow there is no formal process to set up a traffic flow and there&#39;s no formal process to tear that down at the end udp simply sends data from one place to the other and it&#39;s a very simple transaction to be able to send information across the network because there&#39;s no acknowledgement being sent by the destination device we refer to udp as unreliable again this doesn&#39;t mean that udp does not work as well as any other protocol on the network it only means that we have no receipt or any knowledge that the information that we&#39;ve sent was really received by the device on the other side with tcp we had a way to regulate the flow of communication across the network but because this is a single conversation between one device and another there&#39;s no flow control on udp and no way to determine whether a device should slow down or send information faster if you compare these two protocols it does sound like udp is not as functional and therefore may not be the best choice for sending information over our network but in reality udp plays a very important role in being able to send information very quickly over the network udp is most associated with real-time communication communication where you can&#39;t stop re-transmit information and then catch up with yourself if you&#39;re on a phone call there&#39;s no way to rewind the conversation and send a packet that may have been missed a second or two ago with udp we simply send the data if it makes it to the other side then we were successful if the information was dropped along the way we simply keep the conversation going an example of protocols that use this connectionless form of communication is dhcp which is the dynamic host configuration protocol this is the protocol that we use to automatically assign ip addresses to our devices and another protocol that uses udp is tftp or the trivial file transfer protocol which uses udp as its transport mechanism since both of these protocols are using udp information is simply sent across the network with no type of acknowledgement that the data was received on the other side it&#39;s up to the application therefore to keep track of who has received information and who has not received information so in the example we gave before dhcp is responsible for making sure that information may have been received by the other side so if it sends information and doesn&#39;t receive a response dhcp is responsible for resending that data over the network with tcp we receive an acknowledgement for any packets that are sent over the network an example of protocols that take advantage of this return receipt functionality is https that&#39;s the hypertext transfer protocol secure commonly used to send information in our web browsers and protocols like secure shell or ssh which provide us with an encrypted form of terminal communication between our systems if our https data between a web server and a client somehow loses a packet between point a and point b tcp will recognize that that packet was missing it will ask to retransmit that information and the retransmitted data is sent over the network all of this happens automatically with tcp and https and ssh don&#39;t have to worry about managing the process of getting data from one side to the other so far in our moving truck metaphor we know that we have our ip delivery truck this truck is moving information from one physical address in the world of networking this is one ip address and it&#39;s delivering it to another ip address just as every house that&#39;s on your block has a unique mailing address every computer that&#39;s inside your network has a unique ip address at this point our moving truck ip has taken information from one ip address and moved it to another ip address once that box is received at the destination ip address there is more information that needs to be examined on the label to determine where that box is to go inside of the house inside of your house for example you have many different rooms there&#39;s a bathroom a kitchen a living room and a bedroom and when this box is delivered we have to determine what room is going to receive that box in the case of tcp and udp there&#39;s an additional piece of information that&#39;s added to all of those conversations and that piece of information is a port number that port number determines what room in the house is going to receive this data or in the case of an actual server what application on the server is going to receive this data the port number is written on the outside of the box so when the box is received at the front door we can look at the box and see oh that box needs to go to the bedroom in the case of port numbers each room has a number and we know that the bedroom is port 80 we have a living room of port 443 our bathroom is port 25 and the kitchen will be port 123. when we receive the box in the front door we look at the port number it says port 80 so we can move this box inside of the house and deliver it into the bedroom in the case of our server we have four different services running on the same ip address we have a web server sending unencrypted data on port 80. we have a web server sending encrypted data on port 443 we&#39;ve got a mail server on port 25 and a time server on port 123. when this packet is received by our ip address at the front door we examine the port number and if the port number says this is for the service running at port 443 that packet is delivered into that service that&#39;s running on that device this is where the multiplexing feature comes from that i mentioned earlier this front door is going to be receiving a lot of boxes destined for this ip address and the port number allows us to know exactly what service running on this device will be receiving that data so to complete this traffic flow between these two devices we need some information the first would be the server&#39;s ip address a protocol that would be in use such as tcp or udp and for that protocol what server application port number should be assigned for that in the example we had before we had the house that had four different ports running inside of that house for port 80 port 443 port 25 and port 123 those are all associated with the server ip address the protocol and the application port numbers the client communicating with that server also has an ip address it&#39;s communicating using tcp or udp and there are port numbers that it is using to send that data so that when a response is received we know exactly what that response is associated with it&#39;s important on our server that the port numbers we&#39;re communicating with are well known for example if the browser on a client wants to communicate with a web server we know that that web server commonly uses tcp port 80 and tcp port 443 every web server we communicate with we&#39;ll use those same port numbers so that we know exactly where that service is located on that ip address because these port numbers are usually permanent we refer to them as non-ephemeral ports this means they are non-temporary port numbers that tend to be the same every time we access that device port number 80 is commonly associated with http port number 443 is commonly associated with https and if you go to any web server that&#39;s usually the port numbers that will be in use if you were to look at those port numbers they&#39;re commonly between port 0 and port 1023 but these port numbers can really be anything as long as they&#39;re port numbers that are commonly known and well known across multiple devices when you&#39;re communicating to the server you need a port number on your device that you can associate with this particular traffic flow these are usually temporary port numbers and once that traffic flow is over we&#39;ll no longer use that port number we refer to these as ephemeral ports or temporary port numbers and commonly an operating system will assign a port number between 1024 and 65535 but this is often configured in the operating system itself and it&#39;s assigned in real time as you&#39;re using these applications if you were to look at a protocol decode of these conversations both tcp and udp can therefore use any port number between zero and sixty five thousand five hundred and thirty five as we mentioned most services are going to use non-ephemeral or non-temporary port numbers but that&#39;s not always the case there are some applications that use dynamic port numbers that can change dramatically from one device to the other just keep in mind that this is simply a number associated with that service and if we know that then we&#39;re able to communicate with that service and have a conversation to send data you might also think that you could change the port number on the server to something that is not well known and that would be more secure because it might hide the application or keep other people from accessing that application but port numbers are not designed to be a security mechanism they&#39;re simply designed to allow you to access those services on that particular device it&#39;s relatively easy to use a port scanner to find all of the open ports on a particular server and then begin to do more research to determine what service is really running on that port this means when you access all of the different sites that you visit on the internet that all of those sites are going to be using the same port numbers which are well known this allows you to simply type in the name of the website and you&#39;re immediately connected to that site and able to transfer data if all of those different websites used completely different port numbers we would have to have another mechanism in place to somehow determine what the appropriate port number might be for that individual site you can see why having well-known port numbers makes the process so much simpler although these port numbers can range between port 0 and port 65535 tcp has its own set of port numbers that are different than udp&#39;s port numbers this means that there could be a service running on tcp port 80 but a completely different service running on udp port 80. as you can imagine having one service running on tcp port 80 and another service running on udp port 80 could be a bit confusing which is why we don&#39;t tend to do that in normal operation so let&#39;s take a scenario from the picture we looked at earlier we have a client on the left side its ip address is 10.0.0.1 it is communicating to a server on the other side its ip address is 10.0.0.2 and you can see there is web server traffic communicating over tcp port 80 to this server this server is also a voice over ip server using traffic communicating over udp port 5004 this server is also an email server communicating over tcp port 143 we want to send information from this client to the server we&#39;ll send web server traffic with http data inside of it we&#39;ll send voip traffic there&#39;s the voip data inside of that packet and email traffic with email data inside of the packet if we were to look at this a little bit closer we would see the comparison of port numbers on both sides of the conversation so we have these two devices the client and the server and you can see the source ip address of 10.0.0.1 that&#39;s our client and the destination ip address of 10.0.0.2 which is our server when the client wants to send data to the server it&#39;s sending http data so we know we&#39;re going to be sending data to a destination port of port 80. for our web traffic we know that that&#39;s going to use tcp data and we know the well-known port for web traffic for this server is tcp destination port 80. but we need some port number to send this information from so this client will pick a random port number and in this example this client picked the random port number of three thousand so the tcp source port is three thousand heading to a tcp destination port which is a well-known port of port 80 on the server to be able to send the http data at the same time this client wants to communicate to the server using voice over ip our source and destination ip is the same you can see that udp is being used in this scenario because we are using voip traffic and voip traffic uses udp the destination port is 5004 which is the well-known port number for this voip server and we picked a random port number to send this traffic over udp using port 7100. the same thing applies for the third conversation that&#39;s occurring simultaneously where the source and destination ip address in this example are identical the destination port number is tcp port 143 because this is email traffic and this client picked a random source port of tcp port 4407 to send this email data you can see that we&#39;re sending a lot of information simultaneously across the network but because we&#39;re using ip addresses and port numbers the server knows exactly where this traffic goes once it&#39;s received by this destination device you

Transcript for:Networking and Protocols Lecture

Transcript for:
Networking and Protocols Lecture