Some notes on internetworking (with a Mac)

Some time ago, I ended up repeating the basics of TCP/IP internetworking with a book from my bookshelf that I had bought from university library removal sale years ago, Douglas Corner’s Internetworking With TCP/IP Volume 1: Principles Protocols, and Architecture. I was a bit surprised to see that even though my copy is 3rd edition printed in 1995, a good part of the content was still pretty valid (routing protocols, for example, have change pretty much and HTTP was so young at that time that I don’t remember it being even mentioned).

After that I also found Ilya Grigorik’s book High Performance Browser Networking that can be read online for free. This book has a good summary of TCP/IP networking from the performance point of view.

This posting is a collection of notes from reading these books, mostly for myself. In addition, I’ve collected info on some basic networking tools, mostly on Mac.

Internetworking in general and Internet Protocol (IP)

With everything related to networking, protocols etc, it is good to be aware of the layer model of communication, check for example OSI Model.

IP in general

In the end, data is transferred in various physical networks that such as Ethernet, WLAN etc. Internetworking and Internet can be seen as creating an abstract network over these physical networks.

Internet Protocol (IP) defines the basic building blocks for this:

Connectionless, unreliable, best-effort packet delivery system
Delivers packets, also referred to as datagrams
- A packet has header and data parts
Addressing scheme, addresses for each interface
- IPv4 32 bits (4 bytes), usually represented each byte as a number separated with dots, e.g. 123.124.56.3
- IPv6 128 bits (16 bytes), usually represented as 8 groups of 16 bits, each groups as 4 hexadecimal digits, e.g. 2001:0db8:0000:0000:0000:ff00:0042:8329 (some abbreviation rules exist)
IP address is divided to a network part & a host identifier within the network
- Originally, IP address had fixed network part & fixed host part (only 256 networks)
- After that, IP addresses were divided to classes of networks (different classes had different network-host division)
  - In early 1990’s, class system was replaced by Classless Inter-Domain Routing (CIDR).
- In IPv6, the scheme is roughly: 64 bits for net and 64 bits for host.
Routers/gateways connect physical networks to other networks. (These hosts are connected to multiple networks at a time)
3 ranges of IPv4 addresses reserved for private networks (can be connected to public Internet with Network Address Translation (NAT)
- 10.0.0.0–10.255.255.255 (24-bit block)
- 172.16.0.0–172.31.255.255 (20-bit block)
- 192.168.0.0–192.168.255.255 (16-bit block)
Each network interface of a host has a separate IP address
- If a host is in two IP networks, it has a separate IP address for both networks

Some related protocols & commands

Internet Control Message Protocol (ICMP)

ICMP is a part of IP suite that delivers control information, for example:

Destination unreachable
Time exceeded (IP packets have time-to-live, TTL, in practice number of hops)
Echo & reply (ping)

Ping (ICMP echo & reply):

ping

Trace route (with TTL)

traceroute 216.81.59.173

Address Resolution Protocol (ARP): Mapping IP address to a physical address:

Display current ARP entries

arp -a

Dynamic Host Configuration Protocol (DHCP)

DHCP is a protocol for dividing configuration (for example IP addresses) for hosts

Client broadcasts request (to servers)
IP address, router address, …

With Mac, one can check the DHCP packet content with

ipconfig getpacket en0
ipconfig getv6packet en0

Mac network interfaces

Network interfaces

ifconfig

Interface naming with Mac (BSD history) : http://superuser.com/questions/267660/mac-os-x-please-explain-ifconfig-output

en0 : Ethernet 0
en1 : normally AirPort (WiFi)
lo0 : Loopback

Other related things

Print routing table (numeric network addresses):

netstat -nr

User Datagram Protocol (UDP)

UDP is a simple protocol built on top of IP

Unreliable & connectionless delivery service over IP
Adds source & destination ports (to distinguish destinations within a single host)
Can be examined by the things handled by TCP that aren’t handled by UDP
- No guarantee of message delivery or message order
- Stateless
- No congestion control
For example WebRTC runs on top of UDP

Transmission Control Protocol (TCP)

General-purpose reliable stream delivery service build on top of IP
- Stream (ordering of TCP packages)
- Connection & state
- Buffering & congestion control
- Full-duplex
Adds source & destination ports
Connection & state
- Connection is determined by pair of endpoints (host, port)
- TCP uses three-way handshake to establish a connection:
  - A→B SYN seq=x
  - B→A SYN seq=y, ACK x+1
  - A→B ACK y+1
- See also simplified TCP state machine at Wikipedia
Controls
- Receive window (rwnd)
- Congestion window (cwnd)
- Details at Grigorik’s book, for example

Related tools

TCP connections can be examined with netstat (does not include processes with Mac)

$ netstat
$ netstat -p tcp

With Mac, connections can be listed with processes with lsof.

lsof -n -i4TCP
lsof -n -i4TCP:80 | grep LISTEN

Another command-line tool for displaying network information is nettop

Misc. tools

Mac firewall

http://support.apple.com/kb/ht1810

sudo ipfw list

Netcat

Netcat (nc) is kind of swiss-army knife for TCP/IP. Unfortunately Mac nc is a bit restricted compared to Unix/Linux versions.

Some links with examples (mostly Unix/Linux)

Others

To configure network settings from the command line, one can use networksetup

List of related topics / links

DNS
Routing
HTTP
- In the series of ‘old books with surprisingly relevant content’, see the first 3 chapters of Web Client Programming with Perl for a brief tutorial to HTTP.
WebSocket
Email (IMAP etc)

etial blog

Friday, March 7, 2014