5.Networking Protocols
Network Protocols
• Network Protocol is a set of rules that are used by the network system to communicate on the network.
• These are the set of rules or standards that defines the processes, principle and synchronization of communication and error recovery methods.
• It can be deployed by a hardware, software or combination of both. There are two types of protocols.
1. Proprietary protocols
2. Standard protocols
Proprietary protocols
• Proprietary protocols are communication protocols designed by a single organization or individual.
• The ownership of these protocols is entitled to the single organization or to an individual, which can put restrictions on the use of these protocols.
• The entity may or may not provide the free distribution of the proprietary protocol.
• Other than the owner, other party or organization cannot make use of proprietary protocols. For example: skype, AppleTalk,
• Enhanced Interior Gateway Routing Protocol (EIGRP).
Standard Protocols
Standard protocols are protocols which are not bounded to any particular organization.
Standard protocols can be used and implemented by the whole industry.
Standard protocols are not specific to any vendor.
Standard protocols are developed by the contribution of all the experts from different organizations. Examples: IP, TCP, UDP etc.
Ports Number
Ports are virtual pathways on which Internet data flows. You probably know that data on the Internet is sent to and from IP addresses. What you might not have known is that all data sent to an IP address is sent on specific ports. In other words, ports are numerical identifiers that make it possible for you to check your email and browse the web at the same time. Technically speaking, this is possible because browsing the web traffic generally uses port 80, and getting your email generally uses port 110.
Technical Facts about Ports:
Ports are a 16-bit numbers which can range from 1-65535
TCP and UDP packets specify the port on which they have to be sent in their packet header
The ports that a given application uses are generally set by the developers of that application
TCP and UDP packets specify the port on which they have to be sent in their packet header
The ports that a given application uses are generally set by the developers of that application
Commonly used Network Protocols
As a networking student or a professional it is necessary for us to know the different commonly used networking protocols.
1.Domain Name Service (DNS)
2.Dynamic Host Configuration Protocol (DHCP)/ Bootstrap Protocol (BootP)
3.Hypertext Transfer Protocol (HTTP)
4.Trivial File Transfer Protocol (TFTP)
5.File Transfer Protocol (FTP)
6.Network File System (NFS)
7.Post Office Protocol (POP)
8.Internet Message Access Protocol, Version 4 (IMAP4)
9.Simple Mail Transfer Protocol (SMTP)
10.Transport Layer Security (TLS)/Secure Sockets Layer (SSL)
11.Simple Network Management Protocol (SNMP)
12.Telnet
13.Secure Shell (SSH)
14.Transmission Control Protocol (TCP)
15.User Datagram Protocol (UDP)
16.Internet Protocol (IP)
17.Internet Control Message Protocol (ICMP)
18.Address Resolution Protocol (ARP)
Domain Name Service (DNS)
Domain Name System or DNS is an internet service that translates domain names into IP addresses. Because domain names are alphabetic, they’re easier to remember. The Internet however, is really based on IP addresses. Every time you use a domain name, a DNS service translates the name into the corresponding IP address. For example, the domain name www.cmsitservices.com might translate
to 23.229.193.162.
The DNS protocol uses port number 53. The Domain Name System (DNS) is basically a large database which resides on various computers and it contains the names and IP addresses of various hosts on the internet and various domains.
The Domain Name System is used to provide information to the Domain Name Service, when queries are made. DNS is hierarchical in structure. A domain is a subtree of the domain name space. From the root, few of the assigned top-level domains are:
GOV - Government body.
EDU - Educational body.
NET - Networks
COM - Commercial entity.
MIL - U. S. Military.
ORG - Any other organization not previously listed.
Dynamic Host Configuration Protocol (DHCP) / Bootstrap Protocol (BootP)
Dynamic Host Configuration Protocol is used to assign IP addresses to hosts or workstations on the network. Usually a DHCP server on the network performs this function. Basically it “leases” out address for specific times to the various hosts. If a host does not use a given address for some period of time, that IP address can then be assigned to another machine by the DHCP server. When assignments are made or changed, the DHCP server must update the information in the DNS server. Port 67 for the DHCP server, and port 68 for the DHCP client.
DHCP server is used to provide information to client such as:
IP address
Subnet mask
Default gateway (routers)
Domain name
DNS address
Windows Internet Naming Service (WINS) information
• As with BOOTP, DHCP uses the machine’s or NIC ethernet (MAC) or hardware address to determine IP address assignments.
• The DHCP protocol is built on BOOTP and replaces BOOTP
Hypertext Transfer Protocol (HTTP)
• The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems.
• HTTP is the foundation of data communication for the World Wide Web. HTTP protocol uses port number 80.
• Hypertext is structured text that uses logical link i.e. hyperlinks, between nodes containing text. HTTP is the protocol to exchange or transfer hypertext.
• It is used to make a request from the client to the web servers that open the right resource when you click on a link or type a URL in the web browser, wherever that resource may actually reside.
Trivial File Transfer Protocol (TFTP)
• Trivial File Transfer Protocol (TFTP) is a simple version of FTP that allows a client to get from or put a file onto a remote host.
• TFTP is a simple protocol for transferring files, implemented on top of the UDP/IP protocols using well-known port number 69.
• One of its primary uses is in the early stages of booting from a local area network, because TFTP is very simple to implement.
• TFTP lacks security and most of the advanced features offered by more robust file transfer protocols such as File Transfer Protocol.
• TFTP protocol cannot be use for directory browsing; it can do nothing but only send and receive files.
• This protocol sends smaller block of data as compared to FTP without any authentication access hence it is insecure due to which it is less supported or used in site
File Transfer Protocol (FTP)
• The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files from one host to another host over a TCP-based network, such as the Internet.
• It uses port number 21.
• FTP is built on server-client architecture and uses separate control and data connections between the client and the server.
• FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it.
• It uses port number 21.
• FTP is built on server-client architecture and uses separate control and data connections between the client and the server.
• FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it.
Network File System (NFS)
• Network File System (NFS) is a distributed file system protocol allowing a user on a client computer to access files over a network much like a local storage access. It allows two different types of file systems to interoperate.
• It has different version: NFS2, NFS3, and NFS4. NFS protocol uses port number 2049.
• In NFS environment, a Windows server running NFS Server software and the UNIX host running the NFS client software allows to store the UNIX files which can be access by UNIX users.
• Hence both UNIX users and Windows users with Windows file system and UNIX file system can access that same file with their normal file systems, in their normal way.
• It has different version: NFS2, NFS3, and NFS4. NFS protocol uses port number 2049.
• In NFS environment, a Windows server running NFS Server software and the UNIX host running the NFS client software allows to store the UNIX files which can be access by UNIX users.
• Hence both UNIX users and Windows users with Windows file system and UNIX file system can access that same file with their normal file systems, in their normal way.
Post Office Protocol (POP)
• In computing, the Post Office Protocol (POP) is an application-layer Internet standard protocol used by local e-mails clients to retrieve e-mail from a remote server over a TCP/IP connection. It is also known as incoming address.
• POP has been developed through several versions, with version 3 (POP3) being the latest one.
• E-mail clients using POP generally connect, retrieve all messages, store them on the user's PC as new messages, delete them from the server, and then disconnect. Most POP clients have an option to leave mail on server after the download.
• A POP3 server listens on well-known port 110 or Secure Sockets Layer (SSL) on well-known TCP port 995.
• POP has been developed through several versions, with version 3 (POP3) being the latest one.
• E-mail clients using POP generally connect, retrieve all messages, store them on the user's PC as new messages, delete them from the server, and then disconnect. Most POP clients have an option to leave mail on server after the download.
• A POP3 server listens on well-known port 110 or Secure Sockets Layer (SSL) on well-known TCP port 995.
Internet Message Access Protocol, Version 4 (IMAP4)
• In computing, the Internet Message Access Protocol (IMAP) is an Internet standard protocol used by e-mail clients to retrieve e-mail messages from a mail server over a TCP/IP connection.
• The current version of IMAP is version 4.
• IMAP was designed with the goal of permitting complete management of an email box by multiple email clients; therefore, clients generally leave messages on the server until the user explicitly deletes them.
• An IMAP server typically listens on port number 143. IMAP over SSL (IMAPS) is assigned the port number 993.
Simple Mail Transfer Protocol (SMTP)
• Simple Mail Transfer Protocol (SMTP) known as outgoing address is an Internet standard protocol for electronic mail transmission where mail are send from client to mail server.
• SMTP is used to send mail; POP3 is used to receive mail. SMTP by default uses TCP port 25 and when secured by SSL also known as SMTPS uses default port 465.
• Although electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages, user-level client mail applications typically use SMTP only for sending messages to a mail server for relaying.
Transport Layer Security (TLS)/Secure Sockets Layer (SSL)
Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL'. TLS are cryptographic protocols that are used to enabling secure online datatransfer processes such as surfing the web sites, downloading from site, sending messages across network, etc.
Most web sites use TLS for setting secure communication between their servers and web browsers client. The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating computer applications.
Simple Network Management Protocol (SNMP)
Simple Network Management Protocol (SNMP) used to collect and manipulates information about network components. It collects information by selecting the devices on the network from a central network management console using SNMP messages at fixed or random intervals. Devices that typically support SNMP include routers, switches, servers, workstations, printers, modem racks and more. In typical uses of SNMP one or more administrative computers, called managers, have the task of monitoring or managing a group of hosts or devices on a computer network. Each managed system executes, at all times, a software component called an agent which reports information via SNMP to the manager.
SNMP agents expose management data on the managed systems as variables. The protocol also permits active management tasks, such as modifying and applying a new configuration through remote modification of these variables.
Telnet
Telnet is an application layer protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection. This protocol is used to establish a connection to Transmission Control Protocol (TCP) port number 23. Through telnet user can access a remote client machine resources without being physical present over there. In telnet the remote client machine appears as it is a terminal directly attached to the local network. In telnet access you gain a virtual terminal that act as an interface with the chosen remote client machine. Telnet, by default, does not encrypt any data sent over the connection (including passwords).
Secure Shell (SSH)
Secure Shell, or SSH, is a cryptographic encrypted network protocol to allow remote login and other network services to operate securely over an unsecured network. SSH provides a secure channel over an unsecured network in a clientserver architecture, connecting an SSH client application with an SSH server. Common applications include remote command-line login and remote command execution, but any network service can be secured with SSH. The protocol specification distinguishes between two major versions, referred to as SSH-1 and SSH-2.
The standard TCP port 22 has been assigned for contacting SSH servers. SSH was designed as a replacement for Telnet and for unsecured remote shell protocols. There are many application used for SSH for example: putty, OpenSSH, Chrome Secure Shell, etc.
Transmission Control Protocol (TCP)
• The Transmission Control Protocol (TCP) is a core protocol of the Internet protocol suite.
• It originated in the initial network implementation in which it complemented the Internet Protocol (IP). Therefore, the entire suite is commonly referred to TCP/IP.
• TCP provides reliable, ordered, and error checked delivery of a stream of octets between applications running on hosts communicating over an IP network.
• TCP is the protocol that major Internet applications such as the World Wide Web, email, remote administration and file transfer rely on.
• Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connection less data-gram service that emphasizes reduced latency over reliability
User Datagram Protocol (UDP)
The User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite. UDP uses a simple connectionless transmission model with a minimum of protocol mechanism. It has no handshaking dialogues, and thus exposes the user's program to any unreliability of the underlying network protocol. There is no guarantee of delivery, ordering, or duplicate protection. UDP provides checksums for data integrity, and port numbers for addressing different functions at the source and destination of the datagram.
Internet Protocol (IP)
• The Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries.
• Its routing function enables internetworking and essentially establishes the Internet.
• IP has the task of delivering packets from the source host to the destination host solely based on the IP addresses in the packet headers.
• For this purpose, IP defines packet structures that encapsulate the data to be delivered.
• It also defines addressing methods that are used to label the datagram with source and destination information.
Internet Control Message Protocol (ICMP)
• The Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol Suite.
• It is used by network devices, like routers, to send error messages. For example, that a requested service is not available or that a host or router could not be reached.
• ICMP can also be used to relay query messages. It is assigned protocol number 1. ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications.
• Example: while pinging a host, Internet Control Message Protocol (ICMP) echo request packets are send to the targeted host and then waiting for an ICMP echo reply
Address Resolution Protocol (ARP)
ARP stands for Address Resolution Protocol. When you try to ping an IP address on your local network, say 192.168.1.1, your system has to turn the IP address 192.168.1.1 into a MAC address. This involves using ARP to resolve the address, hence its name. Systems keep an ARP look-up table where they store information about what IP addresses are associated with what MAC addresses. When trying to send a packet to an IP address, the system will first consult this table to see if it already knows the MAC address. If there is a value cached, ARP is not used. If the IP address is not found in the ARP table, the system will then send a broadcast packet to the network using the ARP protocol to ask “who has 192.168.1.1”. Because it is a broadcast packet, it is sent to a special MAC address that causes all machines on the network to receive it. Any machine with the requested IP address will reply with an ARP packet that says “I am 192.168.1.1”, and this includes the MAC address which can receive packets for that IP.
TCP/IP Tools
• TCP/IP protocol suit also consists many tools which are typically used for
checking the configuration or for troubleshooting purpose.
- IPconfigPing
- Tracert
- Pathping
- ARP
Ipconfig
• The ipconfig command is a Windows Command line tool that provides the ip configuration information of your machine.
Ping
• Ping is a command line tool used to check the connectivity between two or more devices.
• Ping stands for Packet Internet Groper.
• Ping stands for Packet Internet Groper.
Tracert
• Tracert command is used to find the hop count i.e. the list of all routers from source to destination.
PathPing
PathPing is a network utility supplied in Windows NT and beyond that combines the functionality of ping with that of tracert.
ARP
ARP the Windows command displays the ARP table and can delete entries, or add static entries.
No comments:
Post a Comment