109.1 Lesson 2

109.1 Lesson 2

Certificate:

LPIC-1

Version:

5.0

Topic:

109 Networking Fundamentals

Objective:

109.1 Fundamentals of internet protocols

Lesson:

2 of 2

Introduction

At the beginning of this subtopic we saw that the TCP/IP stack is composed of a series of different protocols. So far we have studied the IP protocol, which allows communication between machines through IP addresses, masks, routes, etc.

For a host to be able to access a service available on another host, in addition to the IP addressing protocol at the network layer, it will be necessary to use a protocol at the transport layer such as the TCP and UDP protocols.

These protocols carry out this communication through network ports. So in addition to defining a source and destination IP, source and destination ports will be used to access a service.

The port is identified by a 16-bit field thus providing a limit of 65,535 possible ports. The services (destination) use ports 1 to 1023, which are called privileged ports because they have root access to the system. The origin of the connection will use the range of ports from 1024 to 65,535, called non-privileged ports, or socket ports.

The ports used by each type of service are standardized and controlled by IANA (Internet Assigned Numbers Authority). This means that on any system, port 22 is used by the SSH service, port 80 by the HTTP service and so on.

The table below contains the main services and their respective ports.

Port Service

20

FTP (data)

21

FTP (control)

22

SSH (Secure Socket Shell)

23

Telnet (Remote connection without encryption)

25

SMTP (Simple Mail Transfer Protocol), Sending Mails

53

DNS (Domain Name System)

80

HTTP (Hypertext Transfer Protocol)

110

POP3 (Post Office Protocol), Receiving Mails

123

NTP (Network Time Protocol)

139

Netbios

143

IMAP (Internet Message Access Protocol), Accessing Mails

161

SNMP (Simple Network Management Protocol)

162

SNMPTRAP, SNMP Notifications

389

LDAP (Lightweight Directory Access Protocol)

443

HTTPS (Secure HTTP)

465

SMTPS (Secure SMTP)

514

RSH (Remote Shell)

636

LDAPS (Secure LDAP)

993

IMAPS (Secure IMAP)

995

POP3S (Secure POP3)

On a Linux system, standard service ports are listed in the /etc/services file.

The identification of the desired destination port in a connection is done using the character : (colon) after the IPv4 address. Thus, when seeking access to the HTTPS service that is served by the IP host 200.216.10.15, the client must send the request to the destination 200.216.10.15:443.

The services listed above, and all others, use a transport protocol according to the characteristics required by the service, where TCP and UDP are the main ones.

Transmission Control Protocol (TCP)

TCP is a connection-oriented transport protocol. This means that a connection is established between the client through the socket port, and the service through the service standard port. The protocol is in charge of ensuring that all packets are delivered properly, verifying the integrity and order of the packets, including the re-transmission of packets lost due to network errors.

Thus the application does not need to implement this data flow control as it is already guaranteed by the TCP protocol.

User Datagram Protocol (UDP)

UDP establishes a connection between the client and the service, but does not control the data transmission of that connection. In other words, it does not check if packages have been lost, or if they are out of order, etc. The application is responsible for implementing the controls that are necessary.

As there is less control, UDP enables better performance in the data flow which is important for some types of services.

Internet Control Message Protocol (ICMP)

ICMP is a network layer protocol in the TCP/IP stack and its main function is to analyze and control network elements, making it possible, for example:

  • Traffic volume control

  • Detection of unreachable destinations

  • Route redirection

  • Checking the status of remote hosts

It is the protocol used by the ping command, which will be studied in another subtopic.

IPv6

So far we have studied version 4 of the IP protocol, i.e. IPv4. This has been the standard version used in all network and Internet environments. However it has limitations especially in regards to the number of available addresses, and with an already current reality that all devices will be somehow connected to the Internet (see IoT), it is becoming increasingly common to use version 6 of the IP protocol, commonly written as IPv6.

IPv6 brings a series of changes, new implementations and features, as well as a new representation of the address itself.

Each IPv6 address has 128 bits, divided into 8 groups of 16 bits, represented by hexadecimal values.

For example:

2001:0db8:85a3:08d3:1319:8a2e:0370:7344

Abbreviations

IPv6 defines ways to shorten addresses in some situations. Let’s review the following address:

2001:0db8:85a3:0000:0000:0000:0000:7344

The first possibility is to reduce strings from 0000 to just 0, resulting in:

2001:0db8:85a3:0:0:0:0:7344

In addition, in case of group strings with a value of 0, they can be omitted, as follows:

2001:0db8:85a3::7344

However, this last abbreviation can only be done once in the address. See the example:

2001:0db8:85a3:0000:0000:1319:0000:7344

2001:0db8:85a3:0:0:1319:0:7344

2001:0db8:85a3::1319:0:7344

IPv6 Address Types

IPv6 classifies addresses into 3 types:

Unicast

Identifies a single network interface. By default, the 64 bits on the left identify the network, and the 64 bits on the right identify the interface.

Multicast

Identifies a set of network interfaces. A packet sent to a multicast address will be sent to all interfaces that belong to that group. Although similar, it should not be confused with broadcast, which does not exist in the IPv6 protocol.

Anycast

This also identifies a set of interfaces on the network, but the packet forwarded to an anycast address will be delivered to only one address in that set, not everyone.

Differences between IPv4 and IPv6

In addition to the address several other differences can be pointed out between versions 4 and 6 of the IP. Here are some of them:

  • Service ports follow the same standards and protocols (TCP, UDP), the difference is only in the representation of the IP and port set. In IPv6 the IP address must be protected with [] (brackets):

    IPv4

    200.216.10.15:443

    IPv6

    [2001:0db8:85a3:08d3:1319:8a2e:0370:7344]:443

  • IPv6 does not implement the broadcast feature exactly as it exists in IPv4. However the same result can be achieved by sending the packet to the address ff02::1, reaching all hosts on the local network. Something similar to using 224.0.0.1 on IPv4 for multicasting as a destination.

  • Through the SLAAC (Stateless Address Autoconfiguration) feature, IPv6 hosts are able to self-configure.

  • The TTL (Time to Live) field of IPv4 has been replaced by the “Hop Limit” in the IPv6 header.

  • All IPv6 interfaces have a local address, called link-local address, prefixed with fe80::/10.

  • IPv6 implements the Neighbor Discovery Protocol (NDP), which is similar to the ARP used by IPv4, but with much more functionality.

Guided Exercises

  1. Which port is the default for the SMTP protocol?

  2. How many different ports are available in a system?

  3. Which transport protocol ensures that all packets are delivered properly, verifying the integrity and the order of the packets?

  4. Which type of IPv6 address is used to sent a packet to all interfaces that belong to group of hosts?

Explorational Exercises

  1. Mention 4 examples of services that use the TCP protocol by default.

  2. What is the name of the field on IPv6 header package that implement the same resource of TTL on IPv4?

  3. What kind of information Neighbor Discovery Protocol (NDP) is able to discover?

Summary

This lesson covered the main transport protocols and services used on TCP/IP stack.

Another important topic was the version 6 of IP Protocol, including the IPv6 addresses and the main differences with IPv4.

The following subjects were addressed:

  • The correlation between Port numbers and Services

  • TCP (Transmission Control Protocol)

  • UDP (User Datagram Protocol)

  • ICMP (Internet Control Message Protocol)

  • The IPv6 address and how it can be abbreviated

  • IPv6 address types

  • Main differences between IPv4 and IPv6

Answers to Guided Exercises

  1. Which port is the default for the SMTP protocol?

    25

  2. How many different ports are available in a system?

    65535

  3. Which transport protocol ensures that all packets are delivered properly, verifying the integrity and the order of the packets?

    TCP

  4. Which type of IPv6 address is used to sent a packet to all interfaces that belong to group of hosts?

    Multicast

Answers to Explorational Exercises

  1. Mention 4 examples of services that use the TCP protocol by default.

    FTP, SMTP, HTTP, POP3, IMAP, SSH

  2. What is the name of the field on IPv6 header package that implement the same resource of TTL on IPv4?

    Hop Limit

  3. What kind of information Neighbor Discovery Protocol (NDP) is able to discover?

    NDP is able to obtain various information from the network, including other nodes, duplicate addresses, routes, DNS servers, gateways, etc.

Linux Professional Insitute Inc. All rights reserved. Visit the Learning Materials website: https://learning.lpi.org
This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.