Pat Shuff's Blog

  • Iaas
    August 8, 2016

TCP/IP Illustrated Vol 1

Back in 1998 I was working for Sun Microsystems and took an introductory class on networking. One of the big benefits of working for Sun is that it had a very strong affiliation with Stanford University and employees could take classes at no cost. An early rumor was that Sun really stood for Stanford University Networking since two of the founders of the company were living in the Stanford dorms during the early years of Sun. Stanford for years has offered CS 144 - Introduction to Computer Networking. The class is based on Kevin Fall and Richard Steven's book TCP/IP Illustrated Volume 1. I was in an internal training class about cloud services last week and terms and phrases that I remotely remembered kept coming up. As I talked to more and more people, they also knew most of the terms but not all of them. In the next few days we will go through TCP/IP Illustrated and provide a quick tutorial on networking for those of us that have been out of college more than ten years (much more for some of us) and don't work with this on a daily basis.

TCP/IP Illustrated starts out by talking about the history of computer connectivity and the evolution of the 7 layer OSI stack. The seven layers consist of physical (1), link (2), network (3), transport (4), session (5), presentation (6), and application (7). Each of these layers have different protocols, methodologies, and incantations that make them unique and worthy of selection for different problems.

The physical layer is the actual connection between two computers. This might be a copper cable, fiber optic cable, or wireless network. The physical connection media is the definition for this layer. Most of us are familiar with a cable that comes out of the wall, switch, or router and plugs into our server or wifi hub. We are also familiar with a wifi or bluetooth connection that allows us to connect without a physical wire connecting us to other computers. We are not going to focus on this layer but assume that we are wirelessly or ethernet connected to the internet and the cloud servers that we are connecting to are wired to an internet connection. We then use the nebulous internet to route our requests to access our cloud server and responses back to us. This will require higher layers of the stack to make this happen but the default is that we are connected to a network in some manner as well as the server that we want to connect to.

The link or data link layer include protocols for connecting to a link layer and exchanging data. Links can be multi-access layers with more than just two computers talking to each other. WiFi and Ethernet networks are examples of a multi-access layer. We can have more than two computers on these networks and all of them can operate at the same time on the network. Not all of the computers can talk at once but they can time slice the network and share the common physical layer together.

The network or internetwork layer (layer 3) is the protocol layer where we frame packets of information and define communication protocols. Protocols like TCP/IP is defined at this layer. We can put a data analyzer on the physical cable and look at bits streaming by on the wire (or wifi) and decode these packets into data and control blocks. The IP or internet protocol layer is defined here as well as other protocols for creating data packets.

The transport layer (layer 4) is the layer where we describe how data is exchanged and deal with collisions, addresses, and different types of services. TCP, for example, exists at this layer and has protocols for dealing with collisions on the network. If two computers are talking at the same time, bits get overwritten and listeners can not properly read the packets. The TCP layer defines how to request retransmission of data as well as how to avoid collisions in the future for short term. Other protocols like UDP and multicast are defined at this layer that allows us to do things like broadcast messages to all hosts on a network and not wait for a response or acknowledgement. We might want to do this for a video broadcast from a single source where we know that we have one transmitter and multiple receivers on a network.

The session layer (layer 5) are handshaking mechanisms to maintain state between data packets. An example of this would be a cookie in a web browser to maintain a relationship between a client and web server. Server affinity and route preferences are also defined at this layer. If we have a pool of web servers and want to send a client back to the web server that it went to previously, this layer helps create this affinity.

The presentation layer (layer 6) is responsible for format conversions and is typically not manipulated or used for internet protocols or communications.

The application layer (layer 7) is where most of the work is done. A web server, for example, uses http as the communication protocol and defines how screens are painted inside a browser and what files are retrieved from a web server. There are hundreds of layers defined here and we will go into a few examples in future blogs.

If we take an overview of TCP/IP Illustrated Volume I we see that chapter 1 covers the OSI stack and introduces networking and the history of networking as well as layer 1 options. Chapter 2 covers layer 3 and all networking options and touches on the differences between IPv4 and IPv6. Chapter 3 covers the link layer or layer 2 focusing on ethernet, bridges, switches, wireless networks, point to point protocols, and tunneling options. Chapter 4 dives into the ARP protocol which is an implementation of layer 3 used to deal with addressing and computers on a network. Chapter 5 covers the IP definition and discusses packet headers and formats. Chapter 6 goes into addressing more and talks about dynamic host configuration protocol (DHCP) for assigning addresses dynamically. Chapter 7 discusses firewalls and routers as well as network address translations (NAT) concepts. This is the layer that typically gets confusing for cloud vendors and leads to different configurations and options when it comes to protecting servers in the cloud. Chapters 8 and 9 deal with internet control message protocol, broadcasting, and multicasting. Most cloud vendors don't deal with this layer and just prohibit the use of this layer. Chapter 10 focuses on UDP and IP fragmentation. Chapter 11 centers on Domain Naming Services. Each cloud vendor addresses this differently with local and global naming services. We will look at the major cloud vendors and see how they address local naming and name resolution. Chapters 12 through 17 deal with the TCP structure, management, and operation. The Stanford class spent most of the semester on this and ways of optimizing errors and issues. Most cloud vendors do this for you and don't really let you manipulate or modify anything presented in these chapters. The book finishes with Chapter 18 by talking about security in all of its flavors and incantations. We will spend a bit of time talking about this layer since it is of major concern for most users.

In review, we are going to go back and look at networking terms, concepts, and buzzwords so that when someone asks us does this cloud service provide xyz you have a strong context of what they are asking. We are not trying to make everyone a networking expert, just trying to level set the language so that we can compare and contrast services between different cloud vendors.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.