TCP IP
Home Up News Feedback Search

 

JPC FINANCIAL LIMITED

Financial Ltd

Directory Enquiries

Currency Converter

Train Tickets

 

TCP/IP: Tools and tricks of the trade

TCP/IP. Everybody's using it. Without it, the Internet wouldn't exist, and corporations couldn't be so wired. Your grandma uses it to play Scrabble on the Internet.

The development of TCP/IP (Transmission Control Protocol/Internet Protocol) was due largely to funding by the U.S. government's Advanced Research Projects Agency (ARPA). In the 1970s, ARPA continued to research and fund packet switching technologies, ultimately interconnecting their research facilities via the Network Control Protocol (NCP). The Transmission Control Protocol (TCP) wasn't a published Request for Comment (RFC) until 1981 (RFC 793). RFCs are documents of the Internet Engineering Task Force (IETF) that detail the standards for the Internet. That's right—this was the birth of ARPANET! This is when the collective started forming—basically, the first incarnation of the Internet.

In 1981, RFC 791 was published. This standardized IP. By 1982, ARPA was establishing the TCP/IP suite and, the following year, standardized ARPANET on it. Eventually, other government agencies—most notably, the Department of Defense—standardized on TCP/IP as well. From there, the Internet Architecture Board (IAB) was formed to oversee Internet standards, and every dot com you can think of started jumping on the bandwagon.

TCP/IP suite


The TCP/IP suite is composed of several protocols, as noted in the TCP/IP stack model:

TCP/IP STACK MODEL

Application layer

FTP (File Transfer Protocol)

HTTP (Hypertext Transfer Protocol)

SMTP (Simple Mail Transfer Protocol)

Telnet

Transport layer

TCP (Transmission Control Protocol)

UDP (User Datagram Protocol)

Internet layer

ARP (Address Resolution Protocol)

RARP (Reverse Address Resolution Protocol)

IP (Internet Protocol)

ICMP (Internet Control Message Protocol)

IGMP (Internet Group Membership Protocol)

RIP (Routing Information Protocol)

Network Access layer

Physical Transmission Layer (Cat 5, etc.)

Framing Protocols (Ethernet, etc.)

 

The Application layer

Let's start at the top. The Application layer runs its services via the layer immediately below it—the Transport layer. In essence, it exploits TCP and UDP to deliver its goods. The Application layer is no slouch, however, as it functions to infiltrate and interact. DNS (Domain Name System) and FTP perform at this level, as does HTTP, Telnet, SMTP, SNMP (Simple Network Management Protocol), and a myriad of other applications. Windows Sockets operate here in the Microsoft scheme.

The Transport layer

The Transport layer provides communication between host computers for data delivery that's dependent on either of the two Transport protocols: TCP or UDP.

TCP is the antithesis of IP. It's like the yin to the yang of IP, providing guaranteed delivery of its packets—but at a cost of speed. Comparatively speaking, there's a bit of overhead because it goes through the steps of establishing a connection—reducing a file into manageable packets, reconstructing these packets at the recipient's end, and generating the "return receipt required" or acknowledgement (ACK) that the packet was received in a useable form. FTP and Telnet come into play here, but we'll discuss those later.

UDP is like IP in that it doesn't guarantee delivery of packets, but it does have very low overhead. No acknowledgement of receipt is required, no retransmission, and so on. If you've used streaming media technology—RealNetworks' RealPlayer, for example—you've experienced the best UDP has to offer. UDP is fast, but performance suffers because of skips and gaps in the data transmissions.

The Internet layer

The Internet layer isn't responsible only for routing packets and datagrams, it's also responsible for letting the Network Access layer know where to route them. In order to do this, it utilizes ARP to grab MAC (Media Access Control) addresses to deliver to and from and RARP to provide delivery to diskless computers.

ICMP relays all information relating to bad delivery, problems, and errors to the host computers. IGMP provides data to just about everyone willing to listen—multicasting is the "shout-out" of the suite.

RIP takes care of routing across networks. It finds out how to deliver packets to its recipient. IP addresses and routes packets to and from host computers. It doesn't guarantee delivery; however, it will do whatever it can to deliver its packets.

The Network Access layer

The Network Access layer is the equivalent of a loading dock, where the data frames are put on the 10Base-T (or media of your choice) by token ring (or Ethernet, etc.) and taken off.

 

TCP/IP tools and utilities


TCP/IP is rather practical, but it isn't fail-safe. On the upswing, there are many tools and utilities available beyond simply surfing and grabbing pages off the Internet via HTTP.

Essentially, TCP/IP tools and utilities can be broken into four groups: Diagnostic, Data Transfer, Remote Execution, and Printing. Within each of these are subsets of utilities specific to each. I'll explore some of the more common ones.

Diagnostic utilities


Every good mechanic has a toolbox; if you're going to fix a problem, you need to know what root it lies at in order to troubleshoot it. TCP/IP is no exception.

PING

PING (Packet Internet Groper) is perhaps the simplest and most commonly used diagnostic tool of all. Run at the command line (as all of these tools are), PING basically sends out four ICMP packets that are directed at a particular host; it requests an echo reply from this host. The syntax is as follows (where xxx.xxx.xxx.xxx is the IP address and Name.com is the recipient):

PING xxx.xxx.xxx.xxx
or
PING Name.com

If successful, you'll get a reply. If not, you'll get the message "Request timed out" for each packet that failed along the way. Several common PING switches are shown in Table A.

 

-a Resolves addresses to host names.
-t PINGs a specific host until you tell it to quit. Referred to as the "Ping of Death."
-n Specifies the number of echo packets to send out (default 4).
-l Indicates the size of the echo packets (default 64 bytes).

Table A

Common PING Switches


The most underused aspect of PING is its ability to diagnose the local machine. To do this, type either ping 127.0.0.1 or ping localhost at the command prompt. This will send a packet down the loopback address and back up without sending it out on the network. A successful response will verify that TCP/IP is successfully installed on your local machine.

IPCONFIG

As you may have guessed, IPCONFIG is short for IP Configuration. It's used almost exclusively in DHCP (Dynamic Host Configuration Protocol) networks. DHCP is the way to manage and administer IP addressing among your clients on your network.

IPCONFIG (and to an extent, its Windows 9x cousin, WINIPCFG) will provide the vitals of a TCP/IP configuration:

IP Address

Subnet Mask

Default Gateway


You can also use the switches shown in Table B, (where (x) is your adapter):

/all Displays everything about your IP configuration.
/release (x) On a DHCP network, lets go of its IP address lease, disabling TCP/IP communications.
/renew (x) Again, on a DHCP network, regains a dynamically assigned IP address lease.

Table B

Here are some common IPCONFIG switches.

On Windows 9x boxes, WINIPCFG will perform these functions in a neat little GUI package.

ROUTE

ROUTE tells you everything you want to know about routes and routing at the local level. Not only does it provide you with data to view, it also allows route modification. Some of the most common switches are shown in Table C.

command Add, change, delete, and print.
destination Specifies the host's end.
-f Deletes gateway entries.
gateway Specifies gateway.
MASK Displays the network mask (255.255.255.255 by default).
-p Forces a persistent route.

Table C

Here are some common ROUTE switches.

TRACERT

TRACERT is my personal favorite. As the name implies, it discovers, or TRACE ROUTEs the path from your local host to your destination host. It helps designate failed or slow links and provides information about where all your packets travel on their way to a particular destination. Common TRACERT commands are shown in Table D.

-d If you need fast tracing, use this switch to exclude the resolution of IP addresses to host names.
-h Followed by your specified number, this switch provides routing information via the number of hops that it takes to reach a particular destination.
-w Waiting time for replies.

Table D

Here are some common TRACERT switches.

ARP

The Address Resolution Protocol will resolve IP addresses to MAC addresses. It's useful in discovering network configurations on the fly. Common ARP switches are shown in Table E.

-a, -g Displays the cached entries of IP to MAC addresses; add the inet_addr for a certain host.
-d Deletes the inet_addr specified in the ARP list.
inet_addr Provides the IP address.
ether_addr Provides the MAC address in hex.

Table E

Here are some common ARP switches.

HOSTNAME

HOSTNAME provides your local host's name, which is useful to know if you're going to PING from it.

NETSTAT

NETSTAT provides Network (protocol) statistics and their current state. This can encapsulate details for the following protocols: TCP, IP, ICMP, and UDP. Several commands you can use for NETSTAT are shown in Table F.

-a Displays all connections and open ports.
-n Same as –a, but shows connections and open ports numerically.
-p Displays designated protocol information for either of the Transport layer protocols (TCP, UDP). Add the –s command for ICMP or IP (Internet layer protocols).
-s Displays statistics for TCP, IP, UDP, and ICMP.
-r Displays active connections and routes.

Table F

Here are some common NETSTAT switches.

NBTSTAT

As with NETSTAT, NBTSTAT provides network protocol statistics; however, it will also provide NetBIOS over TCP/IP statistics. It's also useful for updating the LMHOSTS cache. Common NBTSTAT switches are shown in Table G.

-a Provides a remote computer's name table via its computer name.
-A Provides a remote computer's name table via its IP address.
-n Provides host's name table.
-c Provides IP address and name table of a remote cache.
-r Provides name resolution statistics of names broadcast or by WINS (only if WINS is enabled).
-R Purges and reloads a remote cache name table; these are taken from the LMHOSTS file (only if LMHOSTS lookup is enabled).

Table G

Here are some common NBTSTAT switches.

NSLOOKUP

Basically, NSLOOKUP (Name Server Lookup) looks up entries from DNS databases. Table H shows a limited list of common NSLOOKUP switches.

option - Used to specify commands, such as the ones below.
Finger Displays remote host information. Very informative.
Root Takes you to the domain name space's root server.
Server Switches a specified DNS from the default server.
Ls Displays DNS domain records.
Set Changes settings for various NSLOOKUP commands.

Table H

Here are some common NSLOOKUP switches.

Data transfer tools

This is what networking is all about—the sharing of data. Of course, you have to move data from point A to point B and back again. Throwing a floppy disk across the office is not acceptable. Across a TCP/IP connection, FTP is the way to go. FTP allows for the transfer of information when you either download it from or upload it to a remote host. The data transfer commands are shown in Table I.

?, help Lists FTP commands.
Ascii By default, file transfer is set to this.
Binary Changes file transfer to binary.
Dir Lists files and subdirectories in a directory.
Cd Changes directories.
Delete Deletes files.
Get Retrieves and copies files from a host to your local computer.
Put Copies/uploads your file to the remote host.
Type Shows the file transfer type.
bye, quit Logs you off from an FTP session.

Table I

Here are some common data transfer commands.

TFTP (Trivial File Transfer Protocol) is similar to FTP; however, while FTP demands authentication from the user, TFTP does not. TFTP simply transfers data.

Remote execution tools

In order to control or merely to interact with a remote host, you'll need to work from an interface. Telnet is perhaps the best known and most widely used protocol. Its flexibility can provide access across server ports. RSH (Remote Shell) provides access to run commands on UNIX hosts. REXEC allows remote execution on remote hosts. By default, Windows NT doesn't provide services for UNIX, but Microsoft offers the Windows NT Services for UNIX package separately. (It was introduced in the fourth quarter of 1998.)

Printing utilities

The commands shown in Table J are used primarily to interact with line printers.

LPR Line Printer Remote: Prints at a remote host.
LPD Line Printer Daemon: The host handling LPR print jobs. Sends them out to the device.
LPQ Line Printer Queue: Provides print queue information.

Table J

Here are some commands used to interact with line printers.

New frontiers

As you can see, the TCP/IP protocol is full of possibilities. Broken down, it helps detail its starring role in the development of the Internet. It will be interesting to see the results of IPv6—basically TCP/IP, The Next Generation—when the IAB agrees on its standards and the dust finally settles. So stay tuned, stay wired, and drink more caffeine—there's more to come.

 

 

 

  People have seen this web site.  

   

Send mail to webmaster@kjp-ltd.co.uk with questions or comments about this web site.