The Role of the TCP/IP Protocol Stack in the Development of Networks TCP/IP is currently the most popular protocol stack. This stack includes the most commonly used protocols discussed in this book. Most applications do not support

Multilevel numbering Element also supports multi-level numbering - such as 3.1.2.5, etc. To work with it, you need to set the level attribute to "multiple". With the count attribute, you can specify which type of nodes you want to number by setting this attribute to

Layered Model Increasing scalability and greater interoperability requirements lead to a model with more layers, as shown in Figure 2. 5.2. The client interface is moved to the center of the model; it combines with one or

11.3.2. Stack unwinding The search for a catch handler for a thrown exception is as follows. When a throw expression is in a try block, all catch clauses associated with it are examined to see if they can handle the exception. If suitable

19.2.5. Stack Unwinding and Calling Destructors When an exception is thrown, the search for its catch handler—stack unwinding—begins with the function that threw the exception and continues up the chain of nested calls (see Section 11.3). During unwinding, one by one

Table."Stack of the main protocols of network architectures ISO and TCP / IP"

Differences in the ideology of building network architectures generate significant differences in the data transfer mechanism at all levels of the ISO standard, with the exception of the physical and channel, where the LAP-B and X.21 protocols can be used, but others can. The main differences in the data transmission algorithm are, firstly, in the ideology of error protection, and secondly, in the implementation packet switching mode(KP).
Consider first error handling methods.

A lot of attention has been paid to the issues of protecting data from errors and failures. For this, the second (channel) level is allocated. Error detection is performed using a powerful error-correcting BCH code (Rec. V.42) with a minimum code distance of d=5, which makes it possible to detect any 4-fold error. Error correction is performed using feedback algorithms - ROS-OZh or (more often) ROS-NP. To combat insertions and dropouts of frames, timeout and cyclic numbering of frames are used. At the network layer, packet numbering and requery are provided. All this makes it possible to use a transmission medium of almost any quality, however, the price for this is a high degree of introduced redundancy, i.e. drop in real data transfer rate.

In the TCP / IP architecture, the first and second layers are not specified at all, i.e. transmission can proceed even without error protection. Increasing fidelity is assigned to the TCP transport protocol. If good channels are used, for example, fiber-optic communication lines (FOCL), then the UDP protocol is used at the transport layer, where error protection is not provided. In this case, error detection and correction are carried out at the application level by special user programs. This approach becomes understandable, because TCP / IP architecture was originally implemented in the ARPANET, which used dedicated high-speed channels.

Consider the differences in packet switching methods, i.e. in ISO Level 3 implementation.

In the ISO architecture, the third (network) layer (Rec. X.25) is responsible for routing (delivering packets to an address). It provides for the creation of virtual connections or channels from the source to the recipient, and then packets are transmitted over this connection. This mode is referred to as virtual CS mode and is similar in principle to traditional circuit switching (CS). The TCP/IP architecture implements a different approach called CP datagram mode. This mode drastically simplifies the task of routing, but creates the problem of assembling messages from packets, because packets of the same message can be delivered along different routes and arrive at the recipient at different times. The CM datagram mode is similar in principle to message switching (MS).

Comparisons of virtual and datagram CP methods according to the following characteristics:

establishing a connection;

addressing;

the procedure for transmitting a packet over a network;

management of the input message flow;

efficient use of network resources.

Establishing a connection. With virtual CP, a logical connection is established between interacting objects of the transport layer (and possibly higher ISO levels) before the message is transmitted. This logical channel is stored in the routing tables of all packet switching centers (PSCs) that participate in the connection. Packets are transmitted only over the established logical channel, so their order is not violated.

With a CP datagram, a logical connection is not established, therefore, packets of one message are transmitted along those routes that are optimal at the moment, i.e. possibly different routes. The problem of assembling a message from packets is solved at the transport level.

Addressing. In the virtual CP mode, the full address of the recipient object is transmitted only when a logical connection is established, i.e. with the first package. Upon receiving this packet, the recipient object notifies the sender of its consent to the communication session (or disagreement). A logical connection is created, and the rest of the packets containing only the logical channel number are transmitted.

In the datagram mode of the CP, each transmitted packet must necessarily contain the full address of the recipient (and sender) and the packet number in the message.

The procedure for transmitting a packet over a network. The virtual CP mode provides for the allocation of a special basic data transmission network (TD) and the transmission of packets in this TD network over a ready-made logical channel created at the initiative of the transport layer.

In datagram mode, each packet is transmitted along different routes, which makes it possible to use network resources more efficiently, since in large networks, the load of channels changes very quickly, so it is desirable to adjust the delivery route more often. In this case, it is possible to build a global network without isolating a separate PD core network.

Managing the incoming message flow. In the virtual CP mode, the flow of incoming messages (but not packets) can only be controlled at the input of the virtual channel, i.e. at a specific packet switching center for a given message.

The CP's datagram mode is more flexible and allows control of the incoming message flow from virtually any MCU, which improves control flexibility.

Efficiency of use of network resources. In the virtual CP mode, the optimal route is selected only at the moment of establishing a logical connection, therefore, when the situation on the network changes rapidly, the path that is optimal for the first message packet may not be optimal for subsequent packets of the same message.

In the datagram mode, the route correction is performed more frequently, which allows more even loading of the channels of the entire network and, ultimately, reducing the message delivery time.

5.2.1.3 Scope of the TCP/IP architecture

The scope of the TCP / IP architecture is determined by their properties, which give rise to the main advantages and disadvantages of the network architectures used.

Advantages of the TCP / IP architecture:

low costs for the implementation of interaction protocols due to a smaller set of required protocols;

significant simplification of the routing procedure, which reduces the cost of the underlying data transmission network through the use of simpler ICTs;

the possibility of building a large-scale temporary detention center using different types of equipment;

the possibility of implementing the interaction of various networks using simple matching algorithms.

The disadvantages of the TCP / IP architecture include:

the possibility of implementation only when using "good" communication channels (preferably dedicated);

the need to solve the problem of assembling packages that can arrive at the transport layer in an arbitrary order;

the possibility of losing a message due to untimely delivery of one of the packets of this message;

complication of user application programs due to the introduction of procedures for monitoring and correcting errors in received messages.

When building global networks, when the decisive factor is the ease of coordinating the operation of various national networks, implemented, as a rule, on different types of equipment, the most effective is the use of the TCP / IP architecture, this conclusion is confirmed by practice, because the Internet uses exactly the TCP / IP architecture. And the ISO network architecture is effective when using "bad" communication channels, the need to work in real time and a homogeneous structure of equipment, and the quality of the communication channels is the main one.

In the Internet architecture, separate networks (LAN, regional and global) are connected to each other by special devices - routers of IP packets.

Definition. Network interconnection devices within the Internet are called IP gateways, or IP routers, or Routers.

5.2.1.3.1

5.2.1.3.2 Internet fragment

LAN - local area network;
MAN - regional TDF;
WAN - global WAN;
WS (Work Station) - LAN workstation;
FS (File Server) - file server;
Host - host machine (a computer that is connected to the network as a host);
Router - IP router.

5.2.1.3.3

The gateway is connected to two or more networks, each of which perceives this gateway as a host computer. Therefore, the gateway has a physical interface and a special IP address in each of the connected networks. Packet forwarding requires the gateway to determine the IP address of the next gateway or, in the last hop, the IP address of the host machine to which the IP packet is directed. The gateway function, commonly referred to as routing, is based on the analysis of special routing tables (route matrices) that are stored in a special database. The database in each of the gateways must be constantly updated to reflect the current topology of the Internet.

Route is the sequence of routers that a packet traverses from the sender to the destination.

The Internet is based on the TCP/IP protocols.

5.2.1.3.4

5.2.1.3.5 TCP/IP protocol chain example

Data is transmitted in packets. Packets have a header that contains service information. Data from higher levels is inserted into the packets of lower levels.

5.2.1.3.6

5.2.1.3.7 Internet messaging based on the encapsulation mechanism (encapsulation)

5.2.1.4 Physical and data link layer

The TCP/IP stack does not imply the use of any specific media access layer protocols and physical media. The media access layer is required to have an interface with the IP module to enable the transmission of IP packets. It is also required to ensure the conversion of the IP address of the network node to which the IP packet is transmitted to the MAC address. Often, entire protocol stacks can act as an access layer to the transmission medium, then they talk about IP over ATM, IP over IPX, IP over X.25, etc.

5.2.1.5 Internet layer and IP (Internet Protocol)

The basis of this layer is the IP protocol:

The first IPv4 standard was defined in RFC-760 (1980).

The latest version of IPv4 is RFC-791 (1981).

Purpose of the IP protocol

The Internet Protocol - IP - is an unreliable, connection-free mechanism for delivering messages in separate packets.
"Unreliable delivery":

Delivery of packages to the recipient is not guaranteed;

Along the way, the package may be lost, duplicated, delayed;

Packets may be delivered out of order.

Packet delivery does not require a pre-established connection (i.e., the path of the packets), since each packet is considered independent of the others. Therefore, packets from the sender to the recipient can take different routes.

Internet datagram

A packet sent over the Internet is called an IP datagram or an IP packet.

Packet structure: header and data block.

Included in the IP packet header set of rules , which ensure the delivery of the data packet to the recipient. These rules specify how packets are handled by network hosts and routers, as well as the conditions under which error messages should be generated and packets should be removed from the network.

5.2.1.5.1

5.2.1.6 TCP/IP stack address types

The TCP/IP stack uses three types of addresses: local (also called hardware), IP addresses, and symbolic domain names.

In TCP/IP terminology, a local address is a type of address that is used by the underlying technology to deliver data within a subnet that is part of a composite network. If the subnet of the composite network is the LAN, then the local address is the MAC address. The MAC address is assigned to network adapters and network interfaces of routers. MAC addresses are assigned by hardware manufacturers and are unique. For all existing LAN technologies, the MAC address consists of 6 bytes, for example 11-A0-17-3D-BC-01. The MAC address is the address used at the link layer.

An IP address is a network layer address. IP addresses are the primary type of addresses that the network layer uses to transfer packets between networks. These addresses consist of 4 bytes, for example, 109.26.17.100. The IP address is assigned by the administrator during the configuration of computers and routers. An IP address consists of two parts: a network number and a host number. The node number is assigned regardless of the node's local address.

Symbolic domain names are special names for computers on the Internet.

5.2.1.7 Internetworking Protocol (IPv4)

5.2.1.7.1 Representation and structure of an IP address

5.2.1.7.2class addressing system

5.2.1.7.3

5.2.1.7.4Special addresses

Class D has the following group IP address grid:
from 224.0.0.0 before 239.255.255.255.

5.2.1.7.5 Assignment of network identifiers

To connect a network to the Internet, you need to obtain a network ID from the Internet Information Center (InterNIC - Internet Network Information Center). The network ID must cover all hosts connected to the same physical network.

5.2.1.7.6

5.2.1.7.7 IP address allocation example

5.2.1.7.8

5.2.1.7.9 Interface addresses

5.2.1.7.10

5.2.1.7.11 Network addresses

5.2.1.7.12

5.2.1.7.13 Three routers connecting six hosts

Address space allocated for Intranet (autonomous IP networks):
in class A - one network with the address 10.x.y.z.
in class B - 16 networks with addresses 172.16.y.z. - 172.31.y.z.
in class C - 256 networks with addresses 192.168.y.z. - 192.168.255.z

5.2.1.7.14 Subnets

The traditional scheme of dividing an IP address into a network number and a host number is based on the notion of a class, which is defined by the values ​​of the first few bits of the address. Precisely because the first byte of the address 185.23.44.206 falls into the range 128-191, we can say that this address belongs to class B, which means that the network number is the first two bytes, supplemented by two zero bytes - 185.23.0.0, and the host number – 0.0.44.206. In this representation, the IP address consists of two hierarchical levels. The need to introduce a third level of hierarchy - the level of subnets - was dictated by the emergence of a shortage of network numbers and a sharp increase in the routing tables of routers on the Internet. After the introduction of the subnet level, the node number is divided into two parts - the subnet number and the number of the node in this subnet.

5.2.1.7.15

5.2.1.7.16 Forming a three-level hierarchy

Increasing the number of layers eliminates the problem of growing routing tables by making private network topology information unnecessary for Internet backbone routers. Routes from the Internet to any particular subnet located on the network with a given IP address are the same and do not depend on which subnet the recipient is located on. This is made possible by the fact that all subnets of a network with a given number use the same network number, although their numbers (subnet numbers) are different. Routers on a private network need to distinguish between individual subnets, but for Internet routers, all subnets refer to a single entry in the routing table. This allows a private network administrator to make any changes to the logical structure of their network without affecting the size of the routing tables of Internet routers.

Reader ondiscipline “ Informatics“ Compiled: st. teacher Stolyarov A.S. springsemester2009 Content 1 The concept of information 3 ... How to pass the exam and centralized testing oninformatics for 100 points. - Rostov...

A set of multilayer protocols, or as the TCP / IP stack is called (Table 2.1), is designed to be used in various network environments. The TCP / IP stack in terms of system architecture corresponds to the OSI (Open Systems Interconnection) reference model and allows applications and services running on almost any platform, including Unix, Windows, Macintosh and others, to communicate over a network.

Table 2.1. TCP/IP protocol family

Microsoft's implementation of TCP/IP follows a four-layer model instead of a seven-layer model, as shown in Figure 2. 2.2. The TCP/IP model includes more features per layer, resulting in fewer layers. The following levels are used in the model:

The Application layer of the TCP/IP model corresponds to the Application, Presentation, and Session layers of the OSI model;

The Transport layer of the TCP/IP model corresponds to that of the Transport layer of the OSI model;

Rice. 2.2. Compliance with the seven-layer OSI model and the four-layer TCP/IP model

The Internet layer of the TCP/IP model performs the same functions as the Network layer of the OSI model;

The network interface layer of the TCP/IP model corresponds to the Link and Physical layers of the OSI model.

Application Level

Through the Application layer of the TCP/IP model, applications and services access the network. Access to TCP / IP protocols is carried out through two program interfaces (API - Application Programming Interface):

Windows sockets;

The Windows Sockets Interface, or WinSock as it's called, is a network programming interface designed to facilitate interoperability between different TCP/IP applications and protocol families.

The NetBIOS interface is used for communication between processes (IPC - Interposes Communications) of services and applications of Windows OS. NetBIOS performs three main functions: determining NetBIOS names; NetBIOS Datagram Service; NetBIOS session service.

Transport layer

The TCP/IP transport layer is responsible for establishing and maintaining a connection between two nodes. Main functions of the level:

Confirmation of receipt of information;

Data flow control;

Packet ordering and relaying.

Depending on the type of service, two protocols can be used:

TCP (Transmission Control Protocol - transmission control protocol);

UDP stands for User Datagram Protocol.

TCP is typically used when an application needs to transfer a large amount of information and make sure that the data is received by the destination in a timely manner. Applications and services that send small amounts of data and do not require acknowledgment use UDP, which is a connectionless protocol.

Transmission Control Protocol (TCP)

The data transmission control protocol - TCP (Transmission Control Protocol) - provides reliable message transmission between remote application processes through the formation of virtual connections. Appeared in the initial period of networking, when global networks were not very reliable.

The reliability of the TCP protocol is as follows:

- it diagnoses errors,

– if necessary, sends the data again,

- if he cannot correct the error on his own, he reports it to other levels.

Before sending segments of information down the model, the sending TCP contacts the receiving TCP to establish a connection. As a result, a virtual channel is created. This type of communication is called connection-oriented.

The connection is established in three steps:

1. A client requesting a connection sends a packet to the server indicating the port number the client wishes to use, as well as an ISN (Initial Sequence number) code (a specific number).

2. The server responds with a packet containing the server's ISN plus the client's ISN plus 1.

3. The client must acknowledge the connection by returning the server's ISN plus 1.

How TCP works:

Takes large blocks of information from the application, breaks them into segments,

Numbers and sequences each segment so that the TCP on the receiving end can correctly join all the segments into the original big block;

Negotiates with the protocol of the receiving party the amount of information that must be sent before receiving an acknowledgment from the receiving TCP;

After sending the segments, the TCP waits for an acknowledgment from the target TCP to receive each one;

Resends segments that were not acknowledged.

The three-step connection opening establishes the port number as well as the client and server ISNs. Each TCP packet sent contains the sender and receiver TCP port numbers, a fragment number for messages broken into smaller pieces, and a checksum to ensure that no errors occurred during transmission. The TCP protocol is responsible for the reliable transmission of data from one network node to another. It creates a session with a connection, in other words, a virtual channel between machines.

User Datagram Protocol (UDP)

The UDP protocol is designed to send small amounts of data (datagrams) without establishing a connection and is used by applications that do not need confirmation of their receipt by the addressee. UDP is considered to be a simpler protocol, since it does not clutter up the network with service information and does not perform all the functions of TCP. However, it successfully copes with the transfer of information that does not require guaranteed delivery, and at the same time uses much less network resources. UDP does not create virtual circuits and does not contact the target device before sending information. Therefore, it is considered a connectionless, or connectionless, protocol.

How UDP works:

Receives blocks of information from the upper levels, breaks them into segments;

Numbers each of the segments so that all segments can be reassembled into the required block at the destination, but does not order the segments or care about the order in which they arrive at the destination,

Sends segments and "forgets" about them;

It does not wait for acknowledgments of receipt, and even does not allow such acknowledgments, and therefore is considered an unreliable protocol. But this does not mean that UDP is inefficient - it just does not belong to reliable protocols.

UDP also uses port numbers to identify the specific process at the specified IP address. However, UDP ports are different from TCP ports and therefore can use the same port numbers as TCP without conflict between services.

Internet layer

The internetwork layer is responsible for routing data within a network and between different networks. Routers operate at this level, which depend on the protocol used and are used to send packets from one network (or its segment) to another (or another network segment). The TCP/IP stack uses the IP protocol at this level.

Internet Protocol (IP)

The IP protocol provides for the exchange of datagrams between network nodes and is a connectionless protocol that uses datagrams to send data from one network to another. This protocol does not expect to receive an acknowledgment (ASK, Acknowledgment) of sent packets from the destination node. Acknowledgments as well as retransmissions of packets are carried out by protocols and processes operating at the upper levels of the model.

Its functions include datagram fragmentation and internetwork addressing. The IP protocol provides control information for reassembling fragmented datagrams. The main function of the protocol is internetwork and global addressing. Depending on the size of the network over which the datagram or packet will be routed, one of three addressing schemes is used.

Addressing in IP networks

Each computer in TCP / IP networks has three levels of addresses: physical (MAC address), network (IP address) and symbolic (DNS name).

The physical or local address of a node, as determined by the technology behind the network that the node belongs to. For hosts included in local networks, this is the MAC address of the network adapter or router port, for example, 11-A0-17-3D-BC-01. These addresses are assigned by hardware manufacturers and are unique addresses because they are managed centrally. For all existing LAN technologies, the MAC address has the format of 6 bytes: the upper 3 bytes are the manufacturer's identifier, and the lower 3 bytes are assigned uniquely by the manufacturer.

Network, or IP address, consisting of 4 bytes, for example, 109.26.17.100. This address is used at the network layer. It is assigned by the administrator during the configuration of computers and routers. An IP address consists of two parts: a network number and a host number. The network number can be chosen arbitrarily by the administrator, or assigned on the recommendation of a special division of the Internet (Network Information Center, NIC), if the network should work as an integral part of the Internet. Typically, ISPs obtain address ranges from NIC departments and then distribute them to their subscribers. The host number in IP is assigned regardless of the host's local address. The division of an IP address into a network number field and a host number field is flexible, and the boundary between these fields can be set arbitrarily. A node can belong to several IP networks. In this case, the node must have several IP addresses, according to the number of network links. An IP address does not characterize a single computer or router, but a single network connection.

When developing the IP protocol, based on the size of networks, their classes were distinguished (Table 2.2):

Class a - few networks with a very large number of nodes; the network number occupies one byte, the remaining 3 bytes are interpreted as the node number in the network.

Class B - medium-sized networks; 16 bits (2 bytes) are allocated for the network address and for the host address.

Class C - networks with a small number of nodes; 24 bits (3 bytes) are allocated for the network address, and 8 bits (1 byte) for the host address.

Table 2.2. Network classes

· Class D addresses – special, group addresses – multicast; can be used to send messages to a specific group of nodes. If the packet contains a destination address that belongs to class D, then all nodes that are assigned this address should receive such a packet.

· Class E addresses reserved for future use.

In addition to the above addresses, there are reserved addresses that are used in a special way.

If the network number field is 0

0 0 0 0..............................0 Node number,

then by default it is considered that this node belongs to the same network as the node that sent the packet: if the computer address is 128.187.0.0, then the address 0.0.25.31 specified in the message is implicitly converted to the address 128.187.25.31;

The address 127.0.0.X is reserved for organizing feedback when testing the operation of the host software without actually sending a packet over the network. This address is called loopback or localhost. If the program sends a packet with such an address, then this packet, without leaving the computer, will go through all levels of the network subsystem and return to this program. Allows you to develop and test network software on a local computer, including one that does not have a network adapter at all.

If all bits of the IP address are 1

1 1 1 1...................................1 1,

then the packet with that destination address must be sent to all nodes on the same network as the sender. Such a distribution is called a limited broadcast message (limited broadcast);

If the destination host address field contains solid 1

Network address 1111...................11,

then a packet with such an address is sent to all network nodes with a given address. This distribution is called a broadcast message (broadcast);

Class D addresses are a form of multicast IP address. The packet must be delivered to several nodes at once, which form a group with the number specified in the address field. The nodes themselves identify themselves, that is, they determine which of the groups they belong to. The same node can belong to several groups. Such messages, in contrast to broadcast messages, are called multicast messages. The multicast address is not divided into network and host number fields and is handled in a special way by the router.

Symbolic address, or DNS name, such as SERV1.IBM.COM. This address is assigned by the administrator and consists of several parts, such as machine name, organization name, domain name. Such an address is used at the application level, for example, in the FTP or telnet protocols.

Numeric addressing is useful for machine processing of routing tables. For human use, it presents certain difficulties. To facilitate interaction, tables of correspondence of numerical addresses to machine names were first used. For example, on UNIX, the /etc directory contains a file called hosts, which might look like this:

IP address Machine name

127.0.0.1 localhost

144.206.160.32 Polyn

144.206.160.40 Apollo

As the network grew, the Domain Name System (DNS) was developed, which allows computers to be given easy-to-remember names, such as yahoo.com, and is responsible for translating those names back into IP addresses. The DNS is built on a hierarchical basis, but this hierarchy is not strict. In fact, there is no single root for all Internet domains.

A computer name has at least two levels of domains, separated from each other by a dot (.). Domains following top-level domains usually define either regions (msk) or organizations (ulstu). The next levels of the hierarchy can be assigned to small organizations, or to subdivisions of large organizations or individuals (for example, alvinsoft.h11.ru).

Everything on the left is a subdomain to the general domain. Thus, in the name somesite.uln.ru, somesite is a subdomain of uln, which in turn is a subdomain of ru.

The most popular DNS support program is BIND, or Berkeley Internet Name Domain, a domain name server that is widely used on the Internet. It provides searches for domain names and IP addresses for any host on the network. BIND also distributes e-mail messages through Internet hosts.

BIND is implemented according to the "client-server" scheme. There are four types of servers:

· the primary master server maintains its database of names and services the local domain;

· the secondary master-server serves its own domain, but receives information about the addresses of some of its machines over the network from another server;

· The caching server does not have its own domain. It receives data either from one of the master servers or from a buffer;

· remote server is a conventional master server installed on a remote machine, accessed by programs over the network.

Primary or secondary master servers are usually installed on machines that are gateways to local networks.

Gateway - a system that converts from one format to another.

The name server can be installed on any computer on the local network. However, performance must be taken into account, as many server implementations keep name databases in random access memory. At the same time, information is often loaded from other servers. Therefore, this can cause delays in resolving a request for an address by host name.

ARP Address Mapping ProtocolsAndRARP

The Address Resolution Protocol (ARP) is used to determine the local address from an IP address. ARP works differently depending on which link layer protocol is running on a given network - a local area network protocol (Ethernet, Token Ring, FDDI) with the ability to broadcast access simultaneously to all network nodes, or a wide area network protocol (X.25, frame relay) that generally does not support broadcast access. There is also a protocol that solves the inverse problem - finding an IP address from a known local address. It is called reverse ARP - RARP (Reverse Address Resolution Protocol) and is used when starting diskless stations that do not initially know their IP address, but know the address of their network adapter.

In local networks, ARP uses broadcast frames of the link layer protocol to search the network for a host with a given
IP address.

A host that needs to map an IP address to a local address generates an ARP request, attaches it to a link-layer protocol frame with a known IP address, and broadcasts the request. All nodes on the local network receive an ARP request and compare the IP address specified there with their own address. If they match, the node generates an ARP response, in which it indicates its IP address and its local address, and sends it already directed, since the sender specifies his local address in the ARP request. ARP requests and responses use the same packet format.

ICMP protocol

The Internet Control Message Protocol (ICMP) is used by IP and other high-level protocols to send and receive status reports on transmitted information. This protocol is used to control the rate at which information is transferred between two systems. If the router connecting the two systems is overloaded with traffic, it can send a special ICMP error message to slow down the message rate. It is part of the network layer of the TCP/IP protocol suite.

The ICMP protocol uses messages for its purposes, two of which are called the ICMP Echo Request and the ICMP Echo Reply:

· The echo request implies that the computer to which it was sent should respond to this packet.

· Echo Reply is a type of ICMP message that is used to respond to such a request.

These messages are sent and received using the command ping(Packet Internet Groper).

Using special ICMP packets, you can get information:

about the impossibility of delivering the package,

about exceeding the packet lifetime,

about exceeding the duration of the assembly of the package from fragments,

about anomalous values ​​of parameters,

about changing the forwarding route and type of service,

about the state of the system, etc.

IGMP protocol

Local network hosts use the Internet Group Management Protocol (IGMP) to register themselves in a group. Group information is kept on LAN routers. Routers use this information to send multicast messages.

A group message, like a broadcast message, is used to send data to several nodes at once.

Network Device Interface Specification (NDIS) is a network device interface specification, a software interface that provides interaction between transport protocol drivers and the corresponding network interface drivers. Allows multiple protocols to be used even if only one network card is installed.

Network interface layer

This layer of the TCP/IP model is responsible for distributing IP datagrams. It works with ARP to determine the information that should be placed in the header of each frame. A frame is then created at this level appropriate for the type of network being used, such as Ethernet, Token Ring, or ATM, then an IP datagram is placed in the frame's data region, and it is sent out onto the network.