TCPIP Basics P-1

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-2

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-3

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-4

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-5

 Since the 1960s, computer networks have undergone a dramatic development. To take
the leading position and have a larger share in the communication market, manufacturers
competed in advertising their own network structures and standards which included IBM’s
SNA, Novell’s IPX/SPX., Apple’s Apple Talk, DEC’s DECnet and TCP/IP, which remains the
most widely used today. These companies pushed software and hardware that use their
protocols to the market enthusiastically. All these efforts promoted the fast development
of network technology and the prosperity of the market of network devices. However, the
network became more and more complicated due to lack of compatibility between the
various protocols.
 To improve network compatibility, the International Organization for Standardization (ISO)
developed the Open System Interconnection Reference Model (OSI RM) which soon
became the model of network communications

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-6

 The ISO followed the following principles when they designed the OSI
reference model:
 1. Each layer of the model has its own responsibilities which should help it
stand out as an independent layer.
 2. To avoid function overlapping, there should be enough layers.
 The OSI reference model has the following advantages:
 1. It simplifies network related operations.
 2. It provides compatibility and standard interfaces for systems designed
by different institutions.
 3. It enables all manufactures to be able to produce compatible network
devices, which facilitates the standardization of networks.
 4. It lays the complex concept of communications down into simpler and
smaller problems, which facilitates our understanding and operations.
 5. It separates the whole network into areas, which guarantees changes in
one area will not affect other areas and networks in each area can be
updated quickly and independently.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-7

 The OSI reference model has seven layers. From bottom to top, they are physical layer,
data link layer, network layer, transport layer, session layer, presentation layer and
application layer.
 The bottom three layers are usually called lower layer or the media layer, which is
responsible for transmitting data in the network. Networking devices often work at lower
layers and network interconnection is achieved by the cooperation of software and
hardware. Layer 5 to layer 7 form the upper layer or the host layer. The upper layer
guarantees data is transmitted correctly, which is achieved by software.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-8

 The functions of each layer of the OSI Reference Model are listed as follows:
 Physical layer: providing a standardized interface to physical transmission media including
voltage, wire speed and pin-out of cables.
 Data link layer: combines bits into bytes and bytes into frames. Provides access to media
using MAC address and error detection.
 Network layer: providing logical addresses for routers to decide path.(path selection)
 Transport layer: providing reliable or unreliable data transfer services and error correction
before retransmission.
 Session layer: establishing, managing and terminating the connections between the local
and remote application. Service requests and responds of application programs in different
devices form the communication of this layer

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-9

RPC,NFS and SQL belong to this layer.

Presentation layer: providing data encoding and translation. Make sure that
the data sent by the application layer of one system can be understood by
the application layer of another
system.
Application layer: providing network services as the closest layer to users
among the seven layers.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-10

 Since the OSI reference model and protocols are comparatively complicated, they do not
spread widely. However, TCP/IP has been widely accepted for its openness and simplicity.
The TCP/IP stack has already been the main stream protocols for the Internet.
 The TCP/IP model also takes a layered structure. Each layer of the model is independent
from each other but they work together very closely.
 The difference between the TCP/IP model and the OSI reference model is that the former
groups the presentation layer and the session layer have been merged into the application
layer. So the TCP/IP model has only five layers. From bottom to top, they are: physical
layer, data link layer, network layer, transport layer and application layer.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-11

 Each layer of the TCP/IP model corresponds to different protocols. The TCP/IP protocol
stack is a set of communication protocols. Its name, the TCP/IP protocol suite, is named
after two of its most important protocols: the Transmission Control Protocol (TCP) and the
Internet Protocol (IP). The TCP/IP protocol stack ensures the communication between
network devices. It is a set of rules that define how information is delivered in the
network.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-12

 Each layer of the TCP/IP model uses Protocol Data Unit (PDU) to exchange information and
enable communication between network services. During encapsulation, each succeeding
layer encapsulates the PDU that it receives from the layer above. At each stage of the
process, a PDU has a different name to reflect its new appearance.
 For example, the transport layer adds TCP header to the PDU from the upper layer to
generate the layer 4 PDU, which is called a segment. Segments are then delivered to the
network layer. They become packets after the network layer adds the IP header into those
PDUs. The packets are transmitted to the data link layer, where they are added data link
layer headers to become frames. Finally, those frames are encoded into bit stream to be
transmitted through network medium. This process in which data are delivered following
the protocol suite from the top to the bottom and are added with headers and tails is
called encapsulation.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-13

 After encapsulation, data is sent to the receiving device after transmission.

The receiving device will decode the data to extract the original service
data unit and decides how to pass the data to an appropriate application
program along the protocol stack.
 This reverse process is called de-encapsulation. The corresponding layers,
or peers, of different devices communicates through encapsulation and
de-encapsulation.
 As the figure above shows, Host A is communicating with Host B. Host A
delivers data transformed from an upper layer protocol to the transport
layer. The transport layer encapsulates the data within the segment and
send it to the network layer, which adds a header. Then the segment is
encapsulated within an IP packet, which adds another header, called the
IP header. Next, the IP packet is sent to data link layer where it is
encapsulated within a frame header and trailer. The physical layer then
transforms the frame into bit stream and sends it to Host B through the
physical cable.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-14

 When Host B receives the bit stream, it sends it to its data link layer. The data link layer
removes the frame header and trailer, then passes the packet to the upper layer - network
layer. Then the network layer removes the IP header from the packet and passes segment
to the transport layer. In the similar way, the transport layer extracts the original data and
delivers it to the top layer, the application layer.
 The process of encapsulation or de-capsulation is done layer by layer. Each layer of the
TCP/IP has to deal with data both from its upper and lower layers by adding or deleting
packet headers.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-15

 The main functions of the physical layer are:

 •It specifies the media, interface and signaling types.
 •It specify the electrical, mechanical, procedural, and functional requirements for
activating, maintaining, and deactivating a physical link between end systems.
 •It specify the features such as voltage, wire speed, maximum transmission distance and
pin-out.
 The physical layer provides standards of the transmission media and connectors.
 The common physical layer standards include IEEE 802.3 for Ethernet, IEEE 802.4 for token
bus networks, IEEE 802.5 for token ring networks and Fiber Distributed Data Interface
(FDDI) specified by the X3T9.5 committee of ANSI. The common physical layer standard
for WANs include EIA/TIA-232 (RS-232), V.24 and V.35 developed by ITU for serial ports
and G.703, which involves the physical and electrical and electronic standards for all digital
interfaces.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-16

 Physical layer mediums include coaxial cable, twisted pair, fiber and wireless radio. Coaxial
cable is an electrical cable consisting of a round conducting wire. The coaxial cable can be
grouped into thick coaxial cable and thin coaxial cable according to their diameters. The
thick coaxial cable is more suitable for large LANs since its transmission distance is longer
and it is more reliable. The thick coaxial cable does not need to be cut but you must install
transceiver for networks using thick coaxial cable. The thin coaxial cable is easy to install
and is much cheaper, but you need to cut the thin coaxial cable and put basic network
connectors (BNC) on its two sides and then inserts the two sides into T-shape connectors
when installing the cable. So when there are many connectors, the safety is influenced.
 Twisted pair is the most widely used cable, which is twisted by a pair of insulated copper
wires whose diameters are about 1mm. Twisted pair has two types: Shielded Twisted Pair
(STP)

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-17

 and Unshielded Twisted Pair (UTP) . STP cabling includes metal shielding
over each individual pair of copper wires, so it is very capable of keeping
electromagnetic interferences and wireless radio interference at bay. STP is
easy to install but its price is comparatively high.
 UTP is easy to install and its price is cheaper, however, its capability of
anti-interference is not as powerful as that of STP and its transmission
distance is not that long.
 Fiber consists of fiberglass and the shielding layer and it will not be
interfered by electromagnetic signals. The transmission speed of fiber is
fast and the transmission distance is long, but fiber is very expensive.
Optical fiber connectors are connectors for the light, which are very
smooth and should not have any cuts.
 Fiber connectors are not installed easily.
 Wireless radio makes communications without physical links. Wireless
radio refers to electromagnetic waves with frequencies within the radio
frequency that are transmitted in the space including the air and vacuum.
We should put all the aspects into consideration such as the distance,
price, bandwidth requirement, cables that the network devices support
etc. when we make a choice of physical medium.
 Repeaters and hubs are devices working at the physical layer, but with the
development of networks, they are not used so much as in the past. We’ll
not discuss them here.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-18

 Data link layer is the first logical layer of the physical layer. It encodes physical address for
terminals and help network devices decide whether to pass data to upper layers along the
protocol stack. It also points out which protocol the data should be delivered to with some
of its fields and at the same time, it provides functions like sequencing and traffic control.
 The data link layer has two sub-layers: Logical Link Control sub-layer (LLC) and Media
Access Control sub-layer (MAC) .
 LLC lies between the network layer and the MAC sub-layer. This sub-layer is responsible
for identifying protocols and encapsulating data for transmission. The LLC sub-layer
performs most functions of the data link layer and some functions of the network layer
such as sending and receiving frames. When it sends a frame,
 it adds the address and CRC to the original data. When it receives a frame, it takes apart
the frame and performs address identification and CRC. It also provides flow control,

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-19

 frame sequence check, and error recovery. Besides these, it can perform
some of the network functions including datagram, virtual links and
multiplexing.
 The MAC sub-layer defines how data is transmitted through physical links.
It communicates with the physical layer, specifies physical addresses,
network topology, and line standards and performs error notification,
sequence transmission and traffic control etc.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-20

 Data link layer protocols specify the frame encapsulation at the data link layer. A common
data link layer protocol for LANs is IEEE 802.2LLC.
 Common data link layer protocols for WANs include High-level Data Link Control (HDLC) ,
Point-to-Point Protocol (PPP) and Frame Relay (FR).
 HDLC is a bit-oriented synchronous data link layer protocol developed by the ISO. HDLC
specifies data encapsulation for synchronous serial links with frame characters and CRC.
 PPP is defined by Request For Comment (RFC) 1661. PPP consists of the Link Control
Protocol (LCP) , the Network Control Protocol (NCP) and other PPP extended protocol
stacks. PPP is commonly used to act as a data link layer protocol for connection over
synchronous and asynchronous circuits and it supports multiple network layer protocols.
PPP is the default data link layer protocol for data encapsulation of the serial ports of VRP
routers. FR is a protocol conforming

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-21

 with the industrial standards and it is an example of packet-switched

technology. PPP uses error verification mechanism, which speeds up
data transmission.Ethernet switches are common network devices work
at the data link layer.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-22

 As every person is given a name for identification, each network device is labeled with a
physical address, namely, the MAC address. The MAC address of a network device is
unique globally. A MAC address consists of 48 binary digits and is often printed in
hexadecimal digits for human use. The first six hexadecimal bits are assigned to producers
by IEEE and the last six bits are decided by producers themselves. For example, the first six
hexadecimal bits of the MAC address of Huawei’s products is 0x00e0fc.
 Network Interface Card (NIC) has a fixed MAC address. Most NIC producers burn the MAC
address of their products into the ROM. When an NIC is initialized, the MAC address in the
ROM is read into the RAM. When you insert a new NIC into a computer, the physical
address of the computer is replaced by the physical address of the NIC.
 However if you insert two NICs into your computer, then your computer may have two
MAC addresses, so a network device may have multiple MAC addresses.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-23

 The data link layer ensures that datagram are forwarded between devices on the same
network, while the network layer is responsible for forwarding packets from source to
destination across networks. The functions of the network layer can be generalized as
follows:
 •Provide logical addresses for transmission across networks.
 •Routing: to forward packets from one network to another.
 The router is a common network device that works at the network layer. Routers functions
mainly for forwarding packets among networks. In the above figure,Host A and Host B
reside on different networks or links. When the router that resides on the same network as
Host A receives frames from Host A, the router passes those frames to the network layer
after it ensures that the frames should be sent to itself by analyzing the frame header.
Then the network layer checks where those frames should go according to the destination
address in the network layer header and later it forwards those frames to the

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-24

 next hop. The process repeats until the frames are sent to Host B.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-25

 Common network layer protocols include the Internet Protocol (IP) , the Internet Control
Message Protocol (ICMP) , the Address Resolution Protocol (ARP) and the Reverse Address
Resolution Protocol (RARP) .
 IP is the most important one among the network layer protocols and its functions
represent the main functions of the network layer. The functions of IP include providing
logical address, routing and encapsulating or de-encapsulating packets. ICMP, ARP and
RARP facilitate IP to achieve the network layer functions.
 ICMP is a management protocol and it provides information for IP. ICMP information is
carried by IP packets.
 ARP maps an IP address to a hardware address, which is the standard method for finding
a host's hardware address when only its network layer address is known.
 RARP maps a hardware address to an IP address, which means to get a host’s IP address
through its hardware address.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-26

 The network layer address we mentioned here refers to the IP address. The IP address is a
logical address instead of a hardware address. The hardware address such as the MAC
address, is burned on the NIC and it is for the communication between devices that are on
the same link. However, the IP address is used for communication between devices on
different networks.
 An IP address is 4-byte long and is made up of the network address and the host address.
It is often presented in dotted decimal notation, for example, 10.8.2.48.
 More information about the IP address will be introduced in later chapters.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-27

 The transport layer provides transparent transfer of data between hosts. It shields the
complexity of communications for the upper applications and is usually responsible for
end-to-end connection. The main functions of the transport layer involve:
 • Encapsulate data received from the application layer and decapsulate data received from
the network layer.
 • Create end-to-end connections to transmit data streams.
 • Send data segments from one host to another, perform error recovery, flow control, and
ensure complete data transfer.
 • Some of the transport layer protocols ensure data are transmitted correctly which means
data are not lost or changed during transmission and the order of data packets remains
the same when they are received at the end.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-28

 Transport layer protocols mainly include the Transmission Control Protocol (TCP) and the
User Datagram Protocol (UDP) .

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-29

 Although TCP and UDP are both protocols of the transport layer, their contributions to the
application layer differ greatly.
 TCP provides connection-oriented and reliable transmission. Connection-oriented
transmission means that applications which use TCP as their transport layer protocol need
to create a TCP connection before they exchange data.
 TCP provides reliable transmission services for the upper layer through its mechanisms of
error detection, verification and reassembly. However, creating the TCP connection and
performing these mechanisms may bring a lot of extra efforts and increase the cost.
 UDP does not guarantee reliability or ordering in the way that TCP does. It provides a
simpler service that does not guarantee the reliability which means datagrams may arrive
out of order, appear duplicated, or go missing without notice. UDP focuses on applications
that require more on transmission efficiency such as SNMP and Radius.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-30

 Take SNMP as an example, it monitors networks and sends out

warnings from time to time. If SNMP is demanded to create a TCP
connection every time when it sends a small amount of information,
undoubtedly, the transmission efficiency will be affected.
 So time-sensitive applications like SNMP and Radius often use UDP as
their transport layer protocol. Besides this, UDP is also appropriate for
applications that are equipped with some mechanisms for reliability by
themselves.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-31

 The main functions of the application layer are:

 •Provide user interfaces and deal with specific applications.
 •Provide data encryption, de-encryption, compression and decompression.
 •Specify the standards of data presentation.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-32

 The application layer has many protocols and the following protocols may help you use
and manage a TCP/IP network.
 •File Transfer Protocol (FTP) is used to transfer data from one computer to another over
the Internet, or through a network. It is often used for interactive user sessions.
 •Hypertext Transfer Protocol (HTTP) is a communication protocol used to transfer or
convey information on the World Wide Web.
 •TELNET is used to transmit data that carries the Telnet control information. It provides
standards for interacting with terminal devices or terminal processing. Telnet supports
end-to-end connections and process-to-process distributed communications.
 •Simple Message Transfer Protocol (SMTP) and Post Office Protocol 3 (POP3) are for
sending and receiving emails.
 •DNS (Domain Name Server) translates a domain name to an IP

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-33

 •address and allows decentralized management on domain resources.

 •Trivial File Transfer Protocol (TFTP ) is a very simple file transfer protocol.
TFTP is designed for high throughput file transfer for ordinary purposes.
 Routing Information Protocol (RIP) is the protocol for routers to change
routing information through an IP network.
 •Simple Network Management Protocol (SNMP) collects network
management information and makes that information exchanged
between the network management control console and network devices
including routers, bridges and servers.
 •Remote Authentication Dial In User Service (Radius) performs user
authorization, authentication and accounting.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-34

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-35

 To illustrate the encapsulation process, imagine there is network whose transport layer
uses TCP, the network layer applies IP and the data link layer takes Ethernet standards. The
above figure shows the encapsulation of a TCP/IP packet on that network.
 The original data is encapsulated and delivered to the transport layer. And then the
transport layer adds a TCP header to the data and passes it down to the network layer.
The network layer encapsulates the IP header in front of the segment and delivers it to the
data link layer. The data link layer encapsulates Ethernet header and trailer to the IP packet
and then passes it to the physical layer. At last, the physical layer sends the data to the
physical link as bit streams. The length of each field in the header is pointed out in the
above figure. Now, we’ll take a close look into the whole process from the top to the
bottom.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-36

 The above is a TCP data segment encapsulated in an IP packet. The TCP segment consists
of the TCP header and the TCP data. The maximum length of a TCP header is 60 bytes. If
there is not the Option field, normally, the header is 20-bytes long.
 The structure of a TCP header is shown as in the above figure. We are going to explain just
some of it. For more details, please refer to the transport layer protocols.
 •Source Port: Indicates the source port number. TCP allocates source port numbers for
every application.
 •Destination Port: Indicates the destination port number.
 •Sequence Number: Indicates the sequence number which labels TCP data streams.
 •Port number is used to distinguish applications,80 means HTTP application,23 for
telnet,20 and 21 for ftp,53 for DNS.
 •Ack Num: Indicates the acknowledgement sequence number.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-37

 Ack Num includes the next sequence number that the sender expects.
The value of this field is the sequence number that the sender of the
acknowledgement expects next.
 •Option: Indicates the optional fields.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-38

 The network layer adds the IP header to TCP datagram which it receives from the
transport layer. Usually, the IP header has a fixed length of 20 bytes which does not
include the IP options. The IP3838 header consists of the following fields:
 •Version: indicates the version of the IP protocol. At present, the version is 4. The version
is 6 for the next generation IP protocol.
 •IP header length is the number of 32-bit words forming the header including options.
Since it is a 4-bit field, its maximum length is 60 bytes.
 •TOS: 8 bits. It consists of a 3-bit COS (Class of Service) field, a 4-bit TOS field and a 1-bit
final bit. The 4 bits of the TOS field indicates the minimum delay, the
 maximum throughput, the highest reliability and the minimum cost respectively.
 •Total length: indicates the length of the whole IP packet

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-39

 including the original data. This field is 16 bit long which means an IP
packet can be 65535 bytes at most. Although an IP packet can be up to
65535 byte long, most data link layers segment them before transmission.
Furthermore, hosts cannot receive a packet more than 576 bytes and UDP
limits packets within 512 bytes. However, nowadays many applications
allow IP datagram that are more than 8192 bytes to go through the links
especially for applications that support NFS.
 •Identification: identifies every datagram the host sends. The value
increases with the number of datagram the host sends.
 •Time to Live (TTL) : indicates the number of routers a packet can travel
through. The value decreases one every time the packet passes a router.
When the value turns to 0, the packet will be discarded.
 •Protocol: indicates the next level protocol used in the data portion of the
internet datagram. It is similar to the port number. IP protocols use
protocol number to mark upper layer protocols. The protocol number of
TCP is 6 and the protocol number of UDP is 17.
 •Header checksum: calculates the checksum of the IP header to see if the
header is complete.
 •The source IP address field and the destination IP address filed point out
the IP addresses of the source and the destination.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-40

 The physical layer has limitations on the length of frame it sends every time. Whenever the
network layer receives an IP datagram, it needs to decide which interface the datagram
should choose and check the MTU of that interface. IP uses a technique called
fragmentation to solve the problem of heterogeneous MTUs. When a datagram is longer
than the MTU of the network over which it must be sent, it is divided into smaller
fragments which are sent separately.
 Fragmentation can be done on the source host or the intermediary router.
 Fragments of an IP datagram are not reassembled until they arrive at the final destination.
The reassembly is performed by the IP layer at the destination.
 Datagram can be fragmented for more than one time. The IP header provides enough
information for fragmentation and reassembly.
 •Flags: 3 bits


Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-41

 Multiple control bits:

 0bit: reserved, must be 0.
 1bit: (DF) 0 = can be fragmented, 1 = cannot be fragmented.
 2bit: (MF) 0 = final fragmentation, 1 = more fragmentation.
 The values of DF and MF cannot be 1 at the same time.
 012
 +---+---+---+
 ||D|M|
 |0|F|F|
 +---+---+---+
 •Fragment offset: indicates the position of the fragment within the
original datagram. When an IP datagram is fragmented, each fragment
becomes a packet with its own IP header and will be routed
independently of any other datagrams.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-42

 The Ethernet header is made up of three fields:

 •DMAC: indicates the MAC address of the destination.
 •SMAC: indicates the MAC address of the source.
 •LENGTH/TYPE: its meanings vary with its values.
 􀂾When the value is bigger than 1500, it indicates the frame type, for example the upper
layer protocol type. The common protocol types are:
 􀂾0X0800 IP packets
 􀂾0X0806 ARP request/response message
 􀂾0X8035 RARP request/response message
 􀂾When the value is smaller than 1500, it indicates the length of data frame.
 •DATA/PAD: the original data. Ethernet standards specify that the minimum data length
should be 46 bytes. If the data is less than 46 bytes, add the Pad field to fill it.
 •FCS: the frame check field.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-43

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-44

 The above is an example of an HTTP packet that is captured, which may facilitate your
understanding towards packet encapsulation. The bottom displays the actual data and the
top is information analyzed by the software.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-45

 This page illustrates data encapsulation at the data link layer. The encapsulation format
used here is Ethernet, which is mentioned earlier.
 The figure above shows DMAC at the top and then comes SMAC and the type field is
listed at the bottom.
 DMAC is 00d0: f838: 43cf
 SMAC is 0011: 5b66: 6666
 Type field value is 0x0800, which indicates that it is an IP packet.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-46

 This page illustrates data encapsulation at the network layer. An IP packet is made up of
two parts, the IP header and the IP data. As described previously, the IP header consists of
many fields. In the above example, the value of the version field is 4, which indicates the
packet is an IPv4 packet. The packet header is 20-byte long. The protocol field is 0x06,
which tells us that the packet to be encapsulated is a TCP packet. The IP address of the
source is 192.168.0.123 and the IP address of the destination is 202.109.72.70.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-47

 This page illustrates data encapsulation at the transport layer. The transport layer here uses
TCP protocols. The source port number is a random number 3514 and the destination port
number is 80, which is the number assigned for the HTTP protocol. So the datagram is
from the source to visit the HTTP service of the destination host.

Confidential Information of Huawei. No Spreading Without Permission

 TCPIP Basics P-48

 1. What are the layers of the OSI reference model?

 The OSI reference model consists of seven layers, namely, the physical layer, the data link
layer, the network layer, the transport layer, the session layer and the application layer.
 2. What are the functions of each layer in the TCP/IP protocol stack?
 The TCP/IP protocol stack has five layers: the physical layer, the data link layer, the
network layer, the transport layer and the application layer. The physical layer specifies the
mechanical, electrical and electronic standards for transmission. The data link layer
provides controls on the physical layer, detects errors and performs traffic control
(optional). The network layer checks the network topology to decide the best route for
data transmission. The basic function of the transport layer is to segment the data it
received from the application layer and combines data segments before it sends the data
to the application layer. It builds end-to-end connections to send

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-49

data segments from one host to the other host. The application layer
provides network services for application programs.
3. What is the process of packet encapsulation and de-encapsulation?
De-encapsulation is the reverse process of encapsulation. Encapsulation
means to add headers to the original data layer by layer from the top of the
protocol stack to the bottom; while de-encapsulation is to strip off those
headers from the lower layers to the upper layers.
4. What are the differences between the MAC address and the IP address?
MAC address is a 48-byte physical address printed on the hardware of a
device. The MAC address can’t be changed. The IP address is a 32-byte
address works at the network layer and IP addresses can be changed. IP
addresses are grouped into public addresses and private addresses. Public
addresses are unique globally, while private addresses can be used
repetitively in different LAN segments.

Confidential Information of Huawei. No Spreading Without Permission

TCPIP Basics P-50

Confidential Information of Huawei. No Spreading Without Permission