The protocols operating at the network layer of the Open Systems Interconnection (OSI) reference model are responsible for the end-to-end transmission of data across an internetwork. This is in contrast to data-link layer protocols, which are
This chapter requires a basic understanding of the OSI reference model, as described in Chapter 1, "Networking Basics," as well as
The Internet Protocol (IP) is the cornerstone of the TCP/IP protocol suite. TCP/IP refers to a combination of two protocols, IP at the network layer and the Transmission Control Protocol (TCP) at the transport layer, which together provide one of the most common network transport services used today. TCP data is encapsulated within IP, as are most of the other protocols in the TCP/IP suite. IP
On a TCP/IP internetwork, IP is the protocol responsible for transmitting data from its source to its final destination. IP is a connectionless protocol, meaning that it transmits messages to a destination without first establishing a connection to the receiving system. IP is connectionless because it carries data generated by many other protocols, only some of which require connection-oriented service. TCP/IP supports both connection-oriented and connectionless services at the transport layer, making it possible to keep the network layer connectionless, thus reducing the amount of control overhead generated by the protocol stack.
A transport layer protocol like TCP or the User Datagram Protocol (UDP)
Protocols operating at different
During the transportation process, various systems might encapsulate the datagram in different data-link layer protocol headers, but the datagram itself remains intact. The process is similar to the delivery of a letter by the post office, with IP functioning as the envelope. The letter might be placed into different mailbags and transported by various
The TCP/IP protocols are defined in documents called Requests for Comments (RFCs), which are published by a body called the Internet Engineering Task Force (IETF). Unlike most networking standards, TCP/IP specifications are released to the public domain and are
These functions are discussed in the following sections.
The header that IP applies to the data it receives from the transport layer protocol is typically 20 bytes long. The datagram format is shown in Figure 6.2.
The datagram fields perform the following functions:
The IP protocol is unique among network layer protocols because it has its own self-contained addressing system that it uses to identify computers on an internetwork of almost any size. Other network layer protocols (such as IPX) use the hardware addresses coded into network interface adapters to identify computers on a LAN, with a separate address for the network, whereas NetBEUI
For more information about the structure of IP addresses, see Lesson 2: IP Addressing, in Chapter 8, "TCP/IP Fundamentals."
The IP addresses that a computer inserts into the Source IP Address and Destination IP Address fields of the IP header identify, respectively, the computer that created the packet and the one that will eventually receive it. If the packet is intended for a computer on the local network, the Destination IP Address refers to the same computer as the Destination Address in the data-link protocol header. However, if the packet's destination is a computer on another network, the Destination IP Address refers to a different computer because IP is an end-to-end protocol that deals with the entire journey of the data to its ultimate destination, not just a single network hop, as is the case with the data-link layer protocol.
Data-link layer protocols cannot work with IP addresses, however, so to actually transmit the datagram, IP has to supply the data-link layer protocol with the hardware address of a system on the local network. To do this, IP uses another TCP/IP protocol, called Address Resolution Protocol (ARP). ARP works by generating broadcast messages that contain an IP address on the local network. The system using that IP address must respond to the broadcast, and the reply message contains the system's hardware address. If the datagram's destination system is on the local network, the IP protocol generates an ARP message containing the IP address of that system. If the destination system is located on another network, IP generates an ARP message containing the address of a router on the local network. Once it has received the ARP reply, the IP protocol on the original system can pass the datagram down to the data-link layer protocol and provide it with the hardware address it needs to build the frame.
Routing is the most important and the most complex function of the IP protocol. When a TCP/IP system has to transmit data to a computer on another network, the packets must travel through the routers that connect the networks together. As explained in Chapter 1, "Networking Basics," the source and final destination computers in a case like this are called
and the routers are called
(see Figure 6.3). When the packets pass through an intermediate system, they only travel up through the protocol stack as high as the network layer, where IP is responsible for deciding where to send the packet
Intermediate systems use their own internal routing tables to determine where to send each packet they receive, and it is the compiling of the routing tables that is the most complicated part of the routing process. For more information about routing tables and the other complexities of IP routing, see Chapter 9, "TCP/IP Routing."
Because packets only reach as high as the network layer in an intermediate system, the datagrams are not opened and used. The router
When a router discards a packet with a TTL value of zero, it generates an error message called a Time To Live Exceeded In Transit message using the Internet Control Message Protocol (ICMP) and sends it to the system where the packet originated. This informs the system that the packet has not reached its destination. There is a utility program called Traceroute included with most TCP/IP
Routers can connect networks that use different media types and different data-link layer protocols, but to forward packets from one network to another, routers must often repackage the datagrams into different data-link layer frames. In some cases, this is simply a matter of stripping off the old frame and adding a new one, but at other times the data-link layer protocols are different enough to require more
When it fragments a datagram, IP attaches an IP header to each fragment. The Identification field in each fragment's header contains the same value as the datagram's original header, which enables the destination system to associate the fragments of a particular datagram. The router modifies the value of the Total Length fields to reflect the length of each fragment, and it also changes the value of the More Fragments bit in the Flags field from 0 to 1 in all of the fragments except the last one. The value of 1 in this bit indicates that there are more fragments coming for that datagram. The destination system uses this bit to determine when it has received all of the fragments and can begin to assemble them back into the whole datagram.
The Fragment Offset field contains a value that specifies each fragment's place in the datagram. The first fragment has a value of 0 in this field, and the value in the second fragment is the size (in bytes) of the first fragment. The third fragment's offset value is the size of the first two fragments, and so forth. The destination system uses these values to reassemble the fragments in the proper order. Another bit in the Flags field, called the Don't Fragment bit, instructs routers to discard a datagram rather than fragment it. The router returns an ICMP error message to the source system when it discards a packet for this reason.
video located in the Demos folder on the CD-ROM
For the destination system to process the incoming datagram properly, it must know which protocol generated the information carried in the Data field. The Protocol field in the IP header provides this information, using codes that are defined in RFC 1700, "Assigned Numbers," which contains lists of the many codes used by the TCP/IP protocols. Assigned
Every TCP/IP system has a text file called PROTOCOL that also contains a partial list of the protocol codes expected to be recognized or used by that system. Should you need to look up a protocol code, you may find it easier to look at this file than to find a copy of the "Assigned Numbers" RFC.
The protocols that you most expect to see in the list are TCP and UDP, which are the transport layer protocols that account for much of the IP traffic on a TCP/IP network. However, IP also carries other types of information in its datagrams, including ICMP messages, which notify systems of errors and other network conditions, and messages generated by routing protocols like GGP and EGP, which TCP/IP systems use to automatically update their routing tables.
IP options are additional header fields that enable datagrams to carry extra information and, in some cases, accumulate information as they travel through an internetwork on the way to their destinations. Some of the options defined in the IP standard are as follows:
Match the IP functions in the left column with the descriptions in the right column.
MCTS Self-Paced Training Kit (Exam 70-680): Configuring Windowsu00ae 7
MCTS Self-Paced Training Kit (Exam 70-643): Configuring Windows Server 2008 Applications Infrastructure
MCTS Self-Paced Training Kit (Exam 70-640): Configuring Windows Server 2008 Active Directory (Self-Paced Training Kits)
MCITP Windows Server 2008 Server Administrator: Training Kit 3-Pack: Exams 70-640, 70-642, 70-646