You are previewing Internet Core Protocols: The Definitive Guide.
O'Reilly logo
Internet Core Protocols: The Definitive Guide

Book Description

If you've ever been responsible for a network, you know that sinkingfeeling: your pager has gone off at 2 a.m., the network is broken, and you can't figure out why by using a dial-in connection from home. You drive into the office, dig out your protocol analyzer, and spend the next four hours trying to put things back together before the staff shows up for work. When this happens, you often find yourself looking at the low-level guts of the Internet protocols: you're deciphering individual packets, trying to figure out what is (or isn't) happening. Until now, the only real guide to the protocols has been the Internet RFCs--and they're hardly what you want to be reading late at night when your network is down. There hasn't been a good book on the fundamentals of IP networking aimed at network administrators--until now. Internet Core Protocols: The Definitive Guide contains all the information you need for low-level network debugging. It provides thorough coverage of the fundamental protocols in the TCP/IP suite: IP, TCP, UDP, ICMP, ARP (in its many variations), and IGMP. (The companion volume, Internet Application Protocols: The Definitive Guide, provides detailed information about the commonly used application protocols, including HTTP, FTP, DNS, POP3, and many others). It includes many packet captures, showing you what to look for and how to interpret all the fields. It has been brought up to date with the latest developments in real-world IP networking. The CD-ROM included with the book contains Shomiti's "Surveyor Lite," a packet analyzer that runs on Win32 systems, plus the original RFCs, should you need them for reference. Together, this package includes everything you need to troubleshoot your network--except coffee.

Table of Contents

  1. Special Upgrade Offer
  2. A Note Regarding Supplemental Files
  3. Foreword
  4. Preface
    1. Audience
    2. Organization
    3. How to Read This Book
      1. Terminology
      2. Images
      3. The Author’s Test Network
    4. Font Conventions
    5. How to Contact Us
    6. Acknowledgments
  5. 1. An Introduction to TCP/IP
    1. 1.1. A Brief History of the Internet
      1. 1.1.1. TCP/IP to the Rescue
      2. 1.1.2. The Internet Today
      3. 1.1.3. The Internet, Defined
    2. 1.2. TCP/IP’s Architecture
      1. 1.2.1. An Introduction to the OSI Reference Model
      2. 1.2.2. Comparing TCP/IP to the OSI Reference Model
    3. 1.3. TCP/IP Protocols and Services In-Depth
      1. 1.3.1. Data-Link Services
      2. 1.3.2. The Internet Protocol
      3. 1.3.3. The Address Resolution Protocol
      4. 1.3.4. The Internet Control Message Protocol
      5. 1.3.5. The Transport Protocols
        1. 1.3.5.1. The Transmission Control Protocol
        2. 1.3.5.2. The User Datagram Protocol
      6. 1.3.6. Presentation Services
      7. 1.3.7. Application Protocols
    4. 1.4. How Application Protocols Communicate Over IP
      1. 1.4.1. Servers Listen for Incoming Connections
      2. 1.4.2. Clients Open Connections to Servers
  6. 2. The Internet Protocol
    1. 2.1. The IP Standard
      1. 2.1.1. IP Datagrams Versus IP Packets
      2. 2.1.2. Local Versus Remote Delivery
        1. 2.1.2.1. How IP finds remote hosts and networks
        2. 2.1.2.2. Route aggregation
      3. 2.1.3. Datagram Independence
      4. 2.1.4. Housekeeping and Maintenance
        1. 2.1.4.1. Header checksums
        2. 2.1.4.2. Time-to-Live
      5. 2.1.5. Fragmentation and Reassembly
      6. 2.1.6. Prioritization and Service-Based Routing
    2. 2.2. The IP Header
      1. Reference Section
      2. Reference Section
      3. Reference Section
      4. Reference Section
      5. Reference Section
      6. Reference Section
      7. Reference Section
      8. Reference Section
      9. Reference Section
      10. Reference Section
      11. Reference Section
      12. Reference Section
      13. Reference Section
      14. Reference Section
      15. 2.2.1. Notes on IP Options
    3. 2.3. IP in Action
      1. 2.3.1. Notes on IP Routing
      2. 2.3.2. Notes on Fragmentation
      3. 2.3.3. Notes on Precedence and Type-of-Service
    4. 2.4. Troubleshooting IP
      1. 2.4.1. Misconfigured Routing Tables
      2. 2.4.2. Media-Related Issues
      3. 2.4.3. Fragmentation Problems
  7. 3. The Address Resolution Protocol
    1. 3.1. The ARP Standard
      1. 3.1.1. The ARP Cache
        1. 3.1.1.1. Cache size issues
        2. 3.1.1.2. Cache timeout issues
        3. 3.1.1.3. Static caching
      2. 3.1.2. Proxy ARP
      3. 3.1.3. Variations on the ARP Theme
        1. 3.1.3.1. Inverse ARP (InARP)
        2. 3.1.3.2. Reverse ARP (RARP)
        3. 3.1.3.3. DHCP ARP
        4. 3.1.3.4. Gratuitous ARP
        5. 3.1.3.5. UnARP
    2. 3.2. The ARP Packet
    3. 3.3. ARP in Action
      1. 3.3.1. A Typical Exchange
      2. 3.3.2. Notes on DHCP ARP
      3. 3.3.3. Notes on Gratuitous ARP
    4. 3.4. Debugging ARP Problems
      1. 3.4.1. Lots of ARP Requests from Network Clients
      2. 3.4.2. Bursted Duplicate ARP Requests
      3. 3.4.3. Clients Can’t Connect to Network Resources
      4. 3.4.4. ARP Tables Are Fine, but Still No Connections
  8. 4. Multicasting and the Internet Group Management Protocol
    1. 4.1. The IP Multicasting and IGMP Specifications
      1. 4.1.1. An Introduction to IP Multicasting
      2. 4.1.2. Local Multicasting
      3. 4.1.3. Distributed Multicasting
        1. 4.1.3.1. Limited forwarding
        2. 4.1.3.2. Time-to-Live considerations
      4. 4.1.4. Managing Group Memberships
        1. 4.1.4.1. Membership reports
        2. 4.1.4.2. Leave reports
        3. 4.1.4.3. Membership queries
    2. 4.2. IGMP Messages
      1. 4.2.1. IGM Message Headers
      2. 4.2.2. IGMP Message Types
    3. 4.3. Multicasting and IGMP in Action
      1. 4.3.1. Simple Multicast Traffic
      2. 4.3.2. Membership and Leave Reports
      3. 4.3.3. Membership Queries and Reports
    4. 4.4. Troubleshooting Multicasts and IGMP
  9. 5. The Internet Control Message Protocol
    1. 5.1. The ICMP Specification
      1. 5.1.1. The Need for ICMP
      2. 5.1.2. When Not to Send ICMP Messages
      3. 5.1.3. Reporting on Delivery Problems
        1. 5.1.3.1. Destination Unreachable error messages
        2. 5.1.3.2. Time Exceeded error messages
        3. 5.1.3.3. Redirect error messages
        4. 5.1.3.4. Source Quench error messages
        5. 5.1.3.5. Parameter Problem error messages
      4. 5.1.4. Probing the Network
        1. 5.1.4.1. Echo Request and Echo Reply query messages
        2. 5.1.4.2. Timestamp Request and Timestamp Reply query messages
        3. 5.1.4.3. Address Mask Request and Address Mask Reply query messages
        4. 5.1.4.4. Router Solicitation and Router Advertisement query messages
    2. 5.2. ICMP Messages
      1. 5.2.1. ICMP Error Messages
        1. 5.2.1.1. Error message headers
        2. 5.2.1.2. Error message types and codes
      2. 5.2.2. ICMP Query Messages
        1. 5.2.2.1. Query message headers
        2. 5.2.2.2. Query message types and codes
    3. 5.3. ICMP in Action
      1. 5.3.1. Notes on Reading ICMP Error Messages
      2. 5.3.2. Notes on ping
      3. 5.3.3. Notes on traceroute
      4. 5.3.4. Notes on Path MTU Discovery
    4. 5.4. Troubleshooting ICMP
      1. 5.4.1. Firewalls Blocking ICMP Traffic
      2. 5.4.2. Misconfigured Routing Tables
      3. 5.4.3. Large Quantities of Redirect Error Messages
        1. 5.4.3.1. Router Discovery
        2. 5.4.3.2. Misconfigured subnet masks
      4. 5.4.4. First Packet from <em xmlns="http://www.w3.org/1999/xhtml" xmlns:epub="http://www.idpf.org/2007/ops" xmlns:m="http://www.w3.org/1998/Math/MathML" xmlns:pls="http://www.w3.org/2005/01/pronunciation-lexicon" xmlns:ssml="http://www.w3.org/2001/10/synthesis" xmlns:svg="http://www.w3.org/2000/svg" class="filename">ping</em> Always Fails Always Fails
  10. 6. The User Datagram Protocol
    1. 6.1. The UDP Standard
      1. 6.1.1. UDP Is an Unreliable, Datagram-CentricTransport Protocol
        1. 6.1.1.1. Limited reliability
        2. 6.1.1.2. Datagram-centric transport services
      2. 6.1.2. UDP Ports
        1. 6.1.2.1. Well-known ports
    2. 6.2. The UDP Header
    3. 6.3. Troubleshooting UDP
      1. 6.3.1. ICMP Destination Unreachable: PortUnreachable Error Messages
      2. 6.3.2. UDP-Based Application Failures
      3. 6.3.3. Misconfigured or Missing Services File
      4. 6.3.4. Firewalls Blocking UDP Messages
      5. 6.3.5. Datagrams Are Corrupted or Never Sent
  11. 7. The Transmission Control Protocol
    1. 7.1. The TCP Standard
      1. 7.1.1. TCP Is a Reliable, Connection-Centric Transport Protocol
      2. 7.1.2. Services Provided by TCP
      3. 7.1.3. Virtual Circuits
      4. 7.1.4. Application I/O Management
        1. 7.1.4.1. Application addressing with TCP ports
        2. 7.1.4.2. Opening a circuit
        3. 7.1.4.3. Exchanging data
        4. 7.1.4.4. Closing a circuit
        5. 7.1.4.5. Application design issues
        6. 7.1.4.6. Keep-alives
      5. 7.1.5. Network I/O Management
        1. 7.1.5.1. Buffer size considerations
        2. 7.1.5.2. MTU and MRU size considerations
        3. 7.1.5.3. Path MTU discovery
        4. 7.1.5.4. Header size considerations
        5. 7.1.5.5. Data considerations
      6. 7.1.6. Flow Control
        1. 7.1.6.1. A note on local blocking
        2. 7.1.6.2. Receive window size adjustments
        3. 7.1.6.3. Sliding receive windows
        4. 7.1.6.4. The Silly Window Syndrome
        5. 7.1.6.5. The Nagle algorithm
        6. 7.1.6.6. Congestion window sizing
        7. 7.1.6.7. Slow start
        8. 7.1.6.8. Congestion avoidance
      7. 7.1.7. Reliability
        1. 7.1.7.1. TCP checksums
        2. 7.1.7.2. Sequence numbers
        3. 7.1.7.3. Acknowledgment numbers
        4. 7.1.7.4. Acknowledgment timers
        5. 7.1.7.5. Delayed acknowledgments
    2. 7.2. The TCP Header
      1. Reference Section
      2. Reference Section
      3. Reference Section
      4. Reference Section
      5. Reference Section
      6. Reference Section
      7. Reference Section
      8. Reference Section
      9. Reference Section
      10. Reference Section
      11. Reference Section
      12. Reference Section
      13. 7.2.1. Notes on TCP Options
    3. 7.3. TCP in Action
      1. 7.3.1. A Complete Session
      2. 7.3.2. Notes on Virtual Circuit State Changes
      3. 7.3.3. Opening and Closing Virtual Circuits
      4. 7.3.4. Interactive Data Exchange
      5. 7.3.5. Bulk Data Transfer and Error Recovery
      6. 7.3.6. Notes on Determining the Optimal Receive Window Size
    4. 7.4. Troubleshooting TCP
      1. 7.4.1. Rejected Connections
      2. 7.4.2. Lost Circuits
      3. 7.4.3. Partially Filled Segments or Long Gaps Between Sends
        1. 7.4.3.1. Interactions between Nagle and delayed acknowledgments
        2. 7.4.3.2. Wrong MTU sizes
        3. 7.4.3.3. Uneven MTU multiples
        4. 7.4.3.4. Small send windows and excessively delayed acknowledgments
      4. 7.4.4. Excessive or Slow Retransmissions
      5. 7.4.5. Slow Throughput on High-Speed Networks
      6. 7.4.6. Lots of Reset Command Segments
      7. 7.4.7. Weird Command Segments
      8. 7.4.8. Path MTU Discovery-Related Problems
      9. 7.4.9. Misconfigured or Missing Services File
      10. 7.4.10. Miscellaneous Interoperability Problems
  12. A. The Internet Standardization Process
    1. A.1. The Internet Authorities
      1. A.1.1. The Internet Engineering Task Force
      2. A.1.2. The Internet Engineering Steering Group
      3. A.1.3. The Internet Architecture Board
      4. A.1.4. The Internet Research Task Force
      5. A.1.5. The Internet Assigned Numbers Authority
      6. A.1.6. The RFC Editor
    2. A.2. Internet Documents (Drafts, RFCs, and STDs)
      1. A.2.1. The Standards-Track Process
        1. A.2.1.1. Changes to the documents
        2. A.2.1.2. Requirement levels
      2. A.2.2. Off-Track Documents
        1. A.2.2.1. Informational RFCs
        2. A.2.2.2. Historical RFCs
        3. A.2.2.3. Experimental RFCs
        4. A.2.2.4. Best Common Practice (BCP) RFCs
        5. A.2.2.5. For Your Information (FYI) RFCs
  13. B. IP Addressing Fundamentals
    1. B.1. IP Addresses
    2. B.2. Subnet Masks
    3. B.3. Subnet Classes
      1. B.3.1. Class-Based Routing
      2. B.3.2. Classless Inter-Domain Routing (CIDR)
    4. B.4. Internet-Legal Versus Private Addressing
  14. C. Bibliography
    1. Books
    2. Request for Comments
  15. Index
  16. About the Author
  17. Colophon
  18. Special Upgrade Offer
  19. Copyright