Lets learn "TCP/IP network stack"

-

 

Understanding Network Stack

This Portion we are going to discuss some basics about Network which is required, if we are going to tweak our Protocols to our benefit. The topics are brief to give just an idea what they are which we will be changing to maximise our efficiency (no resemblance with 'Bandwidth'). Lets start.

What is Network Stack?

Every Object (Abstract or real) uses some Protocol (set of rules) which helps the Communicating parties to maintain an equilibrium of thoughts. In Computer terms, we have protocol named TCP/IP. 
All parties which want to Communicate with other have to follow these rules. These rules ensures things like:
  • How to Interpret Electrical signal flowing in physical Connections
  • Handling naming conventions for Communication parties to maintain uniqueness
  • Ensuring packets are received at other end.
  • Maintaining Security
First how computers are connected on Internet(the topology of system and routers(referred as node)).
  • Star topology - One center, rest round that node
  • bus topology - a central bus, and all node are connected to that
  • Mesh topology - most node is connected to most them
  • Tree topology - connection in hierarchical fashion. 
  • Hybrid - Mixture of all these (actual case)
 Star and Bus topology

Mesh and Tree Topolo

The main idea is taken from a postage system which maintains encapsulations at various levels. 
Steps involved here are:
  • Writing a letter
  • Placing it in an envelope
  • Writing destination address (also source address)
  • Posting 
  • Postal Station posts from one intermediate station to another until destination station arrives.
  • Destination Station Post this to destination address.
  • Unpack the envelope
  • Take the message
Same way our existing protocol works. Suppose posting a message(HTML page) from server to some local pc. We have 3 type of addresses for this
  • IP address - 4 byte address which must be unique in a network (Given by network)
  • Mac address - No 2 nodes adjacent to a node have this address different (Present in Network Interface Card (NIC) ).
  • Port address - address of the Process ID (application) inside destination which need message.
Suppose our data is

Greetings

How are you! Dude!
In HTML it is present as
<html><head></head><body><h1>Greetings</h1><p>How are you! Dude!</p></body></html>  
Now as said before different applications on source may want to communicate with different application on destination, Hence the port information of target application is also placed into that.
You may have noticed addressed like
http://172.16.123.23:4421
The 172.16.123.23 targets a destination machine and 4421 targets a destination program on that machine.



This data may big in size and hence sending all data in a single packet may cause data hazard.
Hence data is divided into smaller packets depending on MTU (Maximum Tranfer Unit). Notice that
packets while sending is not necessarily in sequence.



Now this letter (on the basis of its address) is send from one router(acronym to intermediate station) to another where routers have information how to route the package. Thus these packets develop another kind of address called Mac address(shown by alphabets) which helps routing packages from one router to another. Between intermediate routers Mac address keep changing.


Concept of Mac (shown by alphabets, postal stations as routers) as shown


When this package reaches to destination its unpacked and transferred to the said port.
One main thing to notice here is the Method of transfer i.e. How our message is delivered to our destination i.e. Does our postal service provides guaranty weather our message reaches correct or it reaches as quickly as possible i.e is it TCP(Transmission Control Protocol) or UDP(User Datagram Protocol).

For details about this part consult this site:

Now lets get some guidelines about the part where actual user interacts with Computer to send messages, Application. We use applications like Facebook, Twitter, Gmail, Telnet, Putty which mainly focuses on how to create a message packet so that it can be smoothly sent over internet and may cause as little latency as possible. Although we a broad category to work with, but we are going to focus mainly on 2 protocols 
  • Protocols Actually in touch with user(Mailing protcols, File Transfering Protocols)
  • Protocol which help in maintaining our network (DNS servers).
Before Discussing about these protocols in detail first get a look on what is Server-Client model.
At start there were many protocols which basically dealt with low latency communication with maximum efficiency and security and less pressure on existing technology. For this, the best proposed model is Server-Client Model. Here a client (one who needs some type of service(service may mean file sharing or communication) or information) first searches in network for a particular Server(one who has registered itself as a service provider in that particular network) which can provide that facility. Then it gets address to that server and create messages using above said method to get its work done.


If you have been taking this tutorial to get basics about Ubuntu Networking Stack; well Good Stuff is about to Start!

When you connect to internet and type http://google.com from PC A. let see what happens
  • A Searches for a DNS server (This server has a list of all website names and there corresponding IPs)
  • DNS responses with a IP (address of GOOGLE server).
  • Now the Application(say your browser) wants to communicate with server (here google server), it sends an request( HTTP(Hyper Text Transfer Protocol) request to Google Server) to retrieve information (Here the HTTP response which contains HTML data).
Different Protocol used for Applications are-

FTP(File Transfer Protocol) - Methodology followed to retrieve file data from a file server. Usually FTP server are found at PORT 20. In Ubuntu my choice is use of cool program 'FileZilla', Requires username, password. For connecting my android phone to Ubuntu to share files I use app called 'FTPServer'. Connect your PC and Android to same network(connect them with a Wireless Ethernet Connection) and start App. Now go to FileZilla and place the IP, PORT, USERNAME, PASSWORD (all given in the app) and voila!! you must have your PC connected to Android Now share you files.

Android Application

FileZilla

POP(Post Office Protocol) or IMAP(Internet Message Access Protocol) - These are the applications which we use for mail and stuff. we use Gmail mostly, but there are others which are preferably used like HotMail.com, Mail.com etc.

DNS(Domain Name System) - although it has been discussed before one great thing to know is not all DNS server are quick at responding to query. Google provides Google Namebench which works a great deal to locate the best DNS around. Thus the DNS parameter can improve your surffing speed a great deal. To change your DNS in Ubuntu.
$ sudo vim /etc/resolvconf/resolv.conf.d/base
Then put your nameserver list in like so:
  • nameserver 8.8.8.8 #IP of DNS server
  • nameserver 8.8.4.4
Finally update resolvconf:
$ sudo resolvconf -u
With this Part over and thoroughly understood, lets move on to Packet Headers.

Packet and Headers

What are headers. well, IT STARTS WITH...(no more linkin park)
As the data at previous stage is passed to be processed and other stage i.e message to envelope, envelope to packets(depending on MTU), packets to packages, the data formed is developed at receiving end with the help of some information which is present in an extra information packet called header. This header also contains information about sequence number, addresses, and some other information.

IP Header

LEN





The number of 32 bit-segments in the IP header. Without any OPTIONS, this value is 5

TYPE OF SERVICE
Each IP datagram can be given a precedence value ranging from 0-7 showing the importance of the datagram. This is to allow out-of-band data to be routed faster than normal data. This is very important as Internet Control Message Protocol (ICMP) messages travels as the data part of an IP datagram. Even though an ICMP message is encapsulated in a IP datagram, the ICMP protocol is normally thought of as a integral part of the IP layer and not the UDP or TCP layer. Furthermore, the TYPE OF SERVICE field allows a classification of the datagram in order to specify is the service desired requires short delay time, high reliability or high throughput. However, in order for this to have any effect, the gateways must know more than one route to the remote host and as described in the Introduction, this is not the case.

IDENT, FLAGS, and FRAGMENT OFFSET
These fields are used to describe fragmentation of a datagram. The actual length of an IP datagram is in principle independent of the length of the physical frames being transferred on the network, referred to as the network's Maximum Transfer Unit (MTU). If a datagram is longer than the MTU then it is divided in to a set of fragments having almost the same header as the original datagram but only the amount of data that fits into a physical frame. The IDENT flag is used to identify segments belonging to the same datagram, and the FRAGMENT OFFSET is the relative position of the fragment within the original datagram. Once a datagram is fragmented it stays like that until it receives the final destination. If one or more segments are lost or erroneous the whole datagram is discarded.However, the underlying network technology is not completely hidden below the IP layer in spite of the fragmentation functionality. The reason is that the MTU can vary from 128 or less to several thousands of bytes dependent of the physical network (Ethernet has a MTU of 1500 bytes). It is hence question of efficiency when choosing the right datagram size so that fragmentation is minimized. It is recommended that gateways are capable of handling datagrams of at least 576 bytes without having to use fragmentation.

TIME
This is the remaining Time To Live (TTL) for a datagram when it travels on the Internet. 

SOURCE IP-ADDRESS and DESTINATION IP-ADDRESS
Both the source and destination address is indicated in the datagram header so that the recipient can send an answer back to the transmitting host.

TCP header

SOURCE PORT, DESTINATION PORT





The TCP protocol uses the same trick of using a pseudo header instead of transmitting the source IP-address and the destination IP-address as is already included in the IP-datagram. Therefore only the port numbers are required to uniquely define the communicating hosts.

CODE
This field is used to indicate the content of the segment and if a specific action has to be taken 
 such as if the sender has reached EOF in the stream.

OPTIONS
The TCP protocol uses the OPTIONS field to exchange information like maximum segment size accepted between the TCP layers on the two hosts. The flags currently defined are
  • URG Urgent pointer field is valid
  • ACK Acknowledgement field is valid
  • PSH This segment requests a push
  • RST Reset the connection
  • SYN Synchronize sequence numbers
  • FIN Sender has reached end of its byte stream
OFFSET

This integer indicates the offset of the user data within the segment. This field is only required as the number of bits used in the OPTIONS field can vary.

URGENT POINTER

This field can be initialised to point to a place in the user data where urgent information such as escape codes etc. are placed. Then the receiving host can process this part immediately when it receives the segment.


This Concludes the Discussion on basics of network Protocol TCP/IP.

Comments

Post a Comment

Popular posts from this blog

Lets learn "About kube proxy in iptables mode"

-
Image
In this tutorial, we'll learn about the Kube-proxy in iptables mode. Basically, we'll see how Kube-proxy create iptables that help in load balancing and service discovery. If you are not familiar with Linux IPTables I would recommend to check out my tutorial on IPTables here  first and then come back to read this tutorial. Kube-proxy Kube-proxy when running in iptables mode basically watch kube-apiserver for new endpoints and create corresponding iptables rules and iptables are fully responsible for service discover and proper routing of traffic to corresponding pods. Kube-proxy needs to run on all k8s worker nodes. Below is a small video describing the working of kube-proxy in iptables mode.  src:  https://www.slideshare.net/CJCullen/kubernetes-networking-55835829 Now that we know what Kube-proxy is and how it Kube-proxy works, let deep dive into the types of iptables Kube-proxy adds to the firewall. Kube-proxy added IPTables To learn this let's consider an example. Cons...
Read more

Lets learn "System design for paste bin (or any text sharing website)"

-
Image
  In this tutorial, we'll learn about the system design for PasteBin. If you don't know what Pastebin is here goes its definition. Pastebin is a type of online content hosting service where users can store texts to share with others over the internet.  Pastebin system design requirements  Functional Basic - User should be able to paste the text, generate the link and share the link with other users. There should be the max size of the text that our system will support (say 10Mb) Users should be able to provide the custom URL path for the link created. Like if a user wants to create the links  www.pb.com/letlearn, he can give this URL and pastebin should create a link using this URL to share with others. The link or paste expiry feature should be there for each stored text. There can be default expiry time say 1 year but this should be configurable. Personalization means the user should be able to login to track all the pastes created by him and manage them. Non-Funct...
Read more

Lets learn "What is CDN?"

-
Image
  In this tutorial, we'll learn about What is CDN ( Content delivery network ) and how it works. Introduction Whenever you access any website on your mobile phone or laptop or any other device using the internet connection, you must have seen for some of the websites the pages load quickly, and for others, it takes considerably more time. Why is that?  Basically loading any website requires the data needs to be downloaded from the server where that particular website is hosted. For e.g, if you are accessing a website in Canada which is hosted on a server in India, it will take some time due to the latency but if that website is hosted on servers in Canada itself it will take less time to load due to low latency. So internet experience can be bad for some of the websites when clients and servers are separated by a long distance. One could argue that why not host the website on servers in all regions but that would increase the cost a lot. The better solution is to use CDN. Let'...
Read more