Internet Core Protocols
`The Definitive Guide
`
`Eric A. Hall
`
`O’REILLY*
`Beijing - Cambridge - Farnham- K6ln- Paris - Sebastopol - Taipei - Tokyo
`
`ROKU EXH. 1002
`
`ROKU EXH. 1002
`
`

`

`1
`
`An Introduction
`to TCP/IP
`
`If you’ve been using TCP/IP-based networking products for any length of time at
`all, you’re probably already aware of how IP addressing, routing, and other funda-
`mental aspects of the Internet family of protocols work, at least from a user’s per-
`spective.
`
`What you probably don’t know—unless you’ve been formally trained in these sub-
`jects—is what makes TCP/IP work from the wire’s perspective, or from the per-
`spective of the applications in use on your network. This chapter provides you
`with an introduction to these viewpoints, providing you with a better understand-
`ing of the nature of the traffic on your network.
`
`A Brief History of the Internet
`Before you can understand how TCP/IP works—or why it works the way it
`does—you first have to understand the origins of the networking protocols and
`the history of the Internet. These subjects provide a foundation for understanding
`the basic design principles behind TCP/IP, which in turn dictate how it is used
`today.
`
`TCP/IP presented a radical departure from the traditional computer networking
`services in use during its development. In the early days of commercial comput-
`ing (the late 1960s), most companies bought a single large system for all of their
`data processing needs. These systems used proprietary networking architectures
`and protocols, which primarily consisted of plugging dumb terminals or line print-
`ers into an intelligent communications controller, each of which used proprietary
`networking protocols to communicate with the central hosts.
`
`Most of the early computer networks used this hierarchical design for their propri-
`etary network protocols and services. As users’ computing requirements expanded,
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`1
`
`ROKU EXH. 1002
`
`

`

`2
`
`Chapter 1: An Introduction to TCP/IP
`
`they rarely bought a different system from a different vendor, but instead added
`new components to their existing platforms or replaced the existing system with a
`newer, larger model. Cross-platform connectivity was essentially unheard of, and
`was not expected. To this day, you still can’t plug an IBM terminal into a DEC sys-
`tem and expect it to work. The protocols in use by those devices are completely
`different from each other.
`
`As the use of computers became more critical to national defense, it became clear
`to the U.S. military in particular that major research centers and institutions needed
`to be able to share their computing resources cooperatively, allowing research
`projects and supercomputers to be shared across organizational boundaries. Yet,
`since each site had different systems (and therefore different networking technolo-
`gies) that were incompatible with the others, it was not possible for users at one
`site to use another organization’s computing services easily. Nor could programs
`easily be ported to run on these different systems, as each of them had different
`languages, hardware, and network devices.
`
`In an effort to increase the sharing of resources, the Advanced Research Projects
`Agency (ARPA) of the Department of Defense (DOD) began coordinating the
`development of a vendor-independent network to tie the major research sites
`together. The need for a vendor-independent network was the first priority, since
`each facility used different computers with proprietary networking technology. In
`1968, work began on a private packet-switched network, which eventually became
`known as ARPAnet.
`
`ARPAnet was the world’s first wide-area packet-switching network, designed to
`allow individual units of data to be routed across the country as independent enti-
`ties. Previous networks had been circuit-switched, involving dedicated end-to-end
`connections between two specific sites. In contrast, the ARPAnet allowed organiza-
`tions to interconnect into a mesh-like topology, allowing data to be sent from one
`site to another using a variety of different routes. This design was chosen for its
`resilience and built-in fault-tolerance: if any one organization were bombed or oth-
`erwise removed from the network, it wouldn’t affect the rest of the organizations
`on the network.
`
`During this same time period, other network providers also began interconnecting
`with the ARPAnet sites, and when these various networks began connecting to
`each other, the term “Internet” came into use. Over the next few years, more orga-
`nizations were added to the ARPAnet, while other networks were also being
`developed, and new network technologies such as Ethernet were beginning to
`gain popularity as well.
`
`All of this led to the conclusion that networking should be handled at a higher
`layer than was allowed by the ARPAnet’s packet-switching topology. It became
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`A Brief Historyof the Internet
`
`3
`
`increasingly important to allow for the exchange of data across different physical
`networks, and this meant moving to a set of networking protocols that could be
`implemented in software on top of any physical
`topology, whether that be a
`packet-switched WAN such as ARPAnet or a local area network (LAN) topology
`such as Ethernet.
`
`TCP/IP to the Rescue
`
`In 1973, work began on the TCP/IP protocol suite, a software-based set of network-
`ing protocols that allowed any system to connect to any other system, using any
`network topology. By 1978, IP version 4 (the same version that we use today) had
`been completed, although it would be another four years before the transition
`away from ARPAnetto IP would begin. Shortly thereafter, the University of Califor-
`nia at Berkeley also began bundling TCP/IP with their freely distributed version of
`Unix, which was a widely used operating system in the research community.
`
`The introduction and wide-scale deployment of TCP/IP represented a major
`ground-shift
`in computer networking. Until
`the introduction of TCP/IP, almost
`every other network topology required that hardware-based network nodes send
`traffic to a central host for processing, with the central host delivering the data to
`the destination node on behalf of the sender. For example, Figure 1-1 shows a
`host-centric networking architecture. In this model, devices are attached to a cen-
`tralized system that coordinates all network traffic. A user at a terminal could not
`even send a screen of text to a printer without first sending the data to the central
`host, which would parse the data and eventually sendit to the printer for printing.
`
`
`
`
`
`Mainframe
`
`a
`
`Network node
`
`
`
`Communications Controller
`
`et
`
`Network node
`
`Figure 1-1. Host-centric networking
`
`
`
`ROKU EXH. 1002
`
`ROKU EXH. 1002
`
`

`

`4
`
`Chapter 1: An Introduction to TCP/IP
`
`But with TCP/IP, each network device was treated as a fully functional, self-aware
`network end-point, capable of communicating with any other device directly,
`without having to talk to a central host first. IP networks are almost anarchic, with
`every device acting as a self-aware, autonomous unit, responsible for its own net-
`work services, as illustrated in Figure 1-2.
`
`
`
`
`
`Mainframe
`
`
`
`Network node
`Network node
`
`
`Figure 1-2. Node-centric networking
`
`This design allowed for application- and resource-sharing on a national scale,
`since a top-down model simply would not work with millions of widely distrib-
`uted devices. In addition, this design also provided reliability in case any part of
`the network was damaged, since a host-based model would simply stop function-
`ing if the central host was destroyed or disabled.
`
`The Internet Today
`
`Overtime, the ARPAnet evolved into an open “network-of-networks” using TCP/IP,
`with educational, commercial, and other organizations connected to each other
`through an interwoven mesh of networks. Today this type of mesh architecture is
`far less common, replaced by a much morestructured hierarchy.
`
`Rather than organizations connecting to each other directly, most organizations
`now connect
`to a local network access provider who routes network traffic
`upwards and outwards to other end-point networks.
`
`Generally speaking, there are only a handful of top-level Internet Service Provid-
`ers (ISPs), each of which provide major interconnection services around the coun-
`try or globe. Most of these firms are telecommunications companies that specialize
`
`ROKU EXH. 1002
`
`ROKU EXH. 1002
`
`

`

`A Brief History of the Internet
`
`5
`
`in large-scale networking (such as long-distance providers like MCI WorldCom and
`Sprint).
`
`Below these top-level carriers are local or regional access providers who offer
`regional access and lower-speed connection services to end users directly (these
`mid-level carriers are sometimes referred to as Internet Access Providers, or
`“IAPs”). This design is represented in Figure 1-3.
`
`National ISPs
`
`Regional IAPs
`
`End-User Nets
`
`Figure 1-3. The hierarchical architecture of the Internet
`
`Visually, the Internet can be thought of as a few major networking companies who
`provide large-scale “backbone” services around the world, followed by a large
`number of secondary providers that resell bandwidth on those networks. At the
`end of the line are the end-leaf organizations that actually generate the traffic that
`crosses these networks.
`
`The Internet, Defined
`
`Simply having a lot of interconnected networks does not by itself mean that you
`have the “Internet.” To “internet” (with a lowercase “i”) means to interconnect net-
`works. You can create an internet of Macintosh networks using AppleTalk and
`some routers, for example. The term “Internet” (with a capital “I”) refers to the
`specific global network of TCP/IP-based systems, originally consisting of ARPAnet
`and the other research networks.
`
`There have been lots of private and public networks that have offered a multi-
`layer network design (private SNA* networks from the 1980s are a good example
`of this). Therefore, the Internet in particular is a collection of networks that sup-
`port host-to-host communications using TCP/IP protocols.
`
`* SNA stands for Systems Network Architecture, a proprietary IBM networking protocol.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`6
`
`Chapter 1: An Introduction to TCP/IP
`
`Under this definition, the network is made up of intelligent end-point systems that
`are self-deterministic, allowing each end-point system to communicate with any
`host it chooses. Rather than being a network where communications are con-
`trolled by a central authority (as found in many private networks), the Internet is
`specifically meant to be a collection of autonomous hosts that can communicate
`with each other freely.
`
`This is an important distinction, and one that is often overlooked. For example,
`many of the private networks have offered mail-delivery services for their custom-
`ers, allowing a user on one network to send email to another user on another net-
`work, but only by going through a predefined mail gateway service. Conversely,
`the Internet allows users to exchange mail directly, without going through a cen-
`tral politburo first. In this regard, the Internet is a collection of self-deterministic,
`autonomous hosts.
`
`Having hosts communicate with each other directly is not enough to make the
`Internet, however. Many networks have offered users the ability to communicate
`directly with other hosts on those networks, and those networks have not been
`considered as parts of the Internet per se. For example, there have been many pri-
`vate DECnet networks that have offered this capability, and Novell offers a similar
`service using IPX today.
`
`The last key criteria is that the Internet is a collection of networks that allows host-
`to-host communications through voluntary adherence to open protocols and pro-
`cedures defined by Internet standards. Therefore, in order for these networks to be
`parts of the Internet, they must also use Internet protocols and standards, allow-
`ing for vendor-neutral networking.
`
`This is perhaps the most important part of the entire definition, since the use of
`consistent protocols and services is what allows the Internet to function at all. For
`example, it is not enough for a private network to allow users to send email mes-
`sages to each other directly. Rather, those users must use the same protocols and
`services to exchange email messages, and those protocols must be defined as
`Internet standards.
`
`TCP/IP’s Architecture
`A key part of understanding the distributed nature of TCP/IP is the realization that
`TCP/IP is a modular family of protocols, providing a wide range of highly seg-
`mented functions. TCP/IP is not a single monolithic protocol, but instead is a col-
`lection of protocols that
`range from application-specific functions like web
`browsing down to the low-level networking protocols like IP and TCP.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`TCP/IP’s Architecture
`
`7
`
`One common tool used for comparing different kinds of protocols is the OSI* Ref-
`erence Model, which is a simplistic breakdown of networking functions from the
`physical wiring up to the applications that run on the network. By comparing
`TCP/IP to the OSI Reference Model, it is easier to understand how each of the
`major protocols interact with each other.
`
`An Introduction to the OSI Reference Model
`
`The OSI Reference Model is a conceptual model that uses seven “layers” to iden-
`tify the various functions provided by a network, and these seven layers can be
`used to compare different protocols using a common framework. Each layer
`within the OSI Reference Model has a very specific function, and each layer
`depends on the other layers in order for the entire model to function properly.
`Each layer only communicates with the layers immediately above or below it. If
`there is a problem at one layer, it is the responsibility of that specific layer to pro-
`vide feedback to the layers surrounding it.
`
`The OSI Reference Model is extremely useful as a tool for discussing various net-
`work services. For example, if we were to look at a simple network service such
`as printing a document to a locally attached printer, we could use the OSI Refer-
`ence Model to determine how this simple task was being achieved. We could also
`use the model to determine how printing over a Novell network was done, or
`how printing over a TCP/IP network was accomplished. Because all three of these
`examples use the same model, they can all be compared to each other even
`though they all use extremely different technologies to achieve the same objective.
`
`Not all networking technologies have seven layers, nor do they all match up to the
`seven layers in the OSI Reference Model exactly. Most of them do not match it
`except in small, specific ways, although all of them can be compared to the model
`with a little bit of thought. This flexibility is what makes it such a popular tool.
`
`The following list briefly describes each of the seven layers and the purpose each
`serve. Remember that this is a conceptual model, with very little direct meaning to
`the real world.
`
`The physical layer
`The physical layer is concerned with the physical wiring used to connect dif-
`ferent systems together on the network. Examples include serial and parallel
`cables, Ethernet and Token Ring cabling, telephone wiring, and even the spe-
`cific connectors and jacks used by these cabling systems. Without strictly stan-
`dardized definitions for
`the cabling and connectors, vendors might not
`implement them in such a way that they would function with other implemen-
`tations, which in turn would make it
`impossible for any communication
`
`* OSI stands for Open Systems Interconnect, an alternate suite of network protocols.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`8
`
`Chapter 1: An Introduction to TCP/IP
`
`whatsoever to occur. Each of these wiring systems therefore follows very strict
`standards, ensuring that network devices will at least be able to communicate
`without having to worry about issues such as voltage and impedance.
`
`The data-link layer
`The data-link layer defines how information is transmitted across the physical
`layer, and is responsible for making sure that the physical layer is functioning
`properly. Some networks—such as the public telephone network, radio, and
`television—use analog sine-waves to transmit information, while most com-
`puter networks use square-wave pulses to achieve this objective. If there are
`any problems with transmitting the information on the physical cabling (per-
`haps due to a damaged wire or circuit), then this layer must deal with those
`errors, either attempting to retransmit the information or reporting the failure
`to the network layer.
`
`The network layer
`The network layer is used to identify the addresses of systems on the net-
`work, and for the actual transmission of data between the systems. The net-
`work layer must be aware of the physical nature of the network, and package
`the information in such a way that the data-link layer can deliver it to the
`physical layer. For example, if a telephone line is the physical layer, then the
`network layer must package the information in such a way that the data-link
`layer can transmit it over an analog circuit. Likewise, if the physical layer is a
`digital Ethernet LAN, then the network layer must encapsulate the information
`into digital signals appropriate for Ethernet, and then pass it to the data-link
`layer for transmission.
`
`On many networks, the network layer does not provide any integrity check-
`ing. It simply provides the packaging and delivery services, assuming that if
`the data-link layer is not reporting any errors then the network is operational.
`Broadcast television and radio work in this manner, assuming that if they can
`transmit a signal, then it can also be received. Many digital networking tech-
`nologies also take this approach, leaving it up the higher-level protocols to
`provide delivery tracking and reliability guarantees.
`
`The transport layer
`The transport layer provides the reliability services lacking from the network
`layer, although only for basic transmission services, and not for any applica-
`tion- or service-specific functions. The transport layer is responsible for verify-
`ing that the network layer is operating efficiently, and if not, then the transport
`layer either requests a retransmission or returns an error to the layer above it.
`Since higher-level services have to go through the transport layer, all transport
`services are guaranteed when this layer is designed into the network software
`and used. Not all systems mandate that the transport layer provide reliability,
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`TCP/IP’s Architecture
`
`9
`
`and many networks provide unreliable transport layers for nonessential ser-
`vices such as broadcast messages.
`
`The session layer
`The session layer is responsible for establishing connections between sys-
`tems, applications, or users. The session layer may receive this request from
`any higher layer, and then will negotiate a connection using the lower layers.
`Once a connection is established, the session layer simply provides an inter-
`face to the network for the higher layers to communicate with. Once the
`higher layers are finished, the session layer is responsible for destroying the
`connection.
`
`The presentation layer
`The presentation layer provides a consistent set of interfaces for applications
`and services to utilize when establishing connections through the session
`layer. Although these interfaces could also exist at
`the session layer,
`that
`would burden it unnecessarily. It is better to have the session layer only man-
`age sessions and not worry about verifying data or providing other extended
`services. An example of a service provided by the presentation layer is data-
`compression, allowing applications to take advantage of
`the performance
`gains that compression provides without forcing the applications to develop
`these services themselves, and without forcing the transport layer to provide
`this service when it may not always be needed.
`
`The application layer
`Finally,
`the application layer provides the network’s interface to end-user
`application protocols such as HTTP and POP3. This layer should not be con-
`fused with the part of the end-user application that displays data to the end
`user. That function is an entirely separate service, and is outside the scope of
`the OSI Reference Model.
`
`Although every network must use all seven layers of the OSI Reference Model in
`some form or another, not every network design provides distinct protocols or ser-
`vices that match all seven layers precisely. TCP/IP is one such networking design,
`with many layers that do not match up to each of the layers used by the OSI Ref-
`erence Model.
`
`Comparing TCP/IP to the OSI Reference Model
`
`TCP/IP does not strictly conform to the OSI Reference Model. Some portions of
`the OSI Reference Model map directly to some of the protocols and services pro-
`vided by TCP/IP, while many of the layers do not map to each other directly at all.
`For example, the actual delivery of data over the network is handled at the physi-
`cal layer, and in this case, the wire is the physical layer. There are no services in
`TCP/IP that correspond with the physical or data-link layers. Rather, IP passes data
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`10
`
`Chapter 1: An Introduction to TCP/IP
`
`to a network adapter’s device driver, which provides an interface to the data-link
`layer in use with the physical layer.
`
`Figure 1-4 shows how TCP/IP matches up with the OSI Reference Model. Notice
`that TCP/IP does not provide any physical or data-link layer services directly, but
`instead relies on the local operating system for those services.
`
`OSI MODEL
`
`TCP/IP
`
`ApplicationASCIAD@S | Binary
`
`Session
`pee
`
`Transport
`
`Network
`
`TC?and UDP
`
`IP
`
`
`
`
`
`Network
`aDeelek|
`Topology
`Physical
`
`
`Figure 1-4. TCP/IP in comparisonto the OSI Reference Model
`
`The specific layers offered by TCP/IP include:
`
`The Internet Protocol
`
`IP itself works at the network layer of the OSI reference model. It is responsi-
`ble for tracking the addresses of devices on the network, determining how IP
`datagrams are to be delivered, and sending IP packets from one host
`to
`another across a specific segment. In essence, IP provides a virtual representa-
`tion of the network that is independent of any of the individual network seg-
`ments, acting more like a national delivery service than a local courier service.
`
`The Transport Protocols (TCP and UDP)
`TCP/IP provides two protocols that work at the transport layer: TCP and UDP.
`TCP provides a highly monitored and reliable transport service, while UDP
`provides a simple transport with no error-correcting or flow-control services. It
`is also interesting to note that TCP and UDP also provide session layer ser-
`vices, managing all of the connections between the different hosts. When an
`application protocol such as HTTP is used to exchange data between a web
`client and a web server, the actual session-managementfor this exchange is
`handled by TCP.
`
`ROKU EXH. 1002
`
`ROKU EXH. 1002
`
`

`

`TCP/IP Protocols and Services In-Depth
`
`11
`
`Presentation Services
`TCP/IP does not provide a presentation layer service directly. However, some
`applications use a character-based presentation service called the Network Vir-
`tual Terminal (NVTs are a subset of the Telnet specification), while others
`might use IBM’s NetBIOS or Sun’s External Data Representation (XDR) pro-
`gramming libraries for this service. In this regard, TCP/IP has many presenta-
`tion layer services that it can use, but it does not have a formal service that
`every application protocol must use.
`
`Application Protocols (HTTP, SMTP, etc.)
`TCP/IP provides an assortment of application protocols, providing the end-user
`applications with access to the data being passed across the transport proto-
`cols. These protocols include the Simple Message Transfer Protocol (SMTP),
`which is used by electronic mail systems to move mail messages around the
`Internet, and the Hyper-Text Transfer Protocol (HTTP), which is used by web
`browsers to access data stored on web servers, among many others.
`
`All of these services get called upon whenever an application wants to exchange
`data with another application across the Internet. For example, a mail client will
`use the SMTP application protocol whenever a user wants to send a mail message
`to a remote mail server, and the SMTP protocol uses rules defined by the NVT
`specification whenever it exchanges data with TCP. In turn, TCP provides error-
`correction and flow-control services back to SMTP. IP is used to move the TCP
`segments between the source and destination networks, while hardware-specific
`protocols (like Ethernet-specific framing) will be used to move the IP packets
`between the various systems on the network itself.
`
`TCP/IP Protocols and Services In-Depth
`Whenever data is exchanged between two applications across a TCP/IP network,
`each of the major layers provided by TCP/IP come into play.
`
`This can be seen with email clients that use the Simple Message Transfer Protocol
`(SMTP) to send mail to a local server, as is shown in Figure 1-5. The email soft-
`ware on the client contains local application-specific code for parsing and display-
`ing email messages, but everything else is done with network protocols such as
`SMTP, TCP, and IP.
`
`As data is passed through each of the different layers, packets are generated that
`contain two distinct elements: headers and data. As information is passed down
`through the protocol stack, each layer encapsulates the previous layer’s informa-
`tion (including both the header and the data) into a new packet, containing a new
`layer-specific header and the newly minted data segment. This process is shown in
`Figure 1-6.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`12
`
`readand write data
`
`formatdata
`
`open connection
`
`send IPpacket
`
`send datalink frame
`
`
`
`
`Chapter 1: An Introduction to TCP/IP
`
`Server
`
`read and write data
`
`format data
`
`open connection
`
`read IP packet
`
`Physical Media
`
`Physical Media
`
`receive datalink frame
`
`
`
`
`Figure 1-5. Some ofthe layers used by TCP/IP applications
`
`Web browser
`
`
`
`
`
`
`
`
`Figure 1-6. The sub-parts of layers
`
`the physical network is used to transfer bits of data
`At the bottom-most layer,
`(called “frames”) between two devices on the network. IP packets are contained
`within these network-specific frames. The only reason IP is used for this process is
`because the data can go over a variety of different network topologies, and as
`such the TCP/IP applications must have a way of addressing and routing traffic
`consistently, regardless of the specific networks in use.
`
`Embedded within the IP datagrams are TCP segments, which provide a reliable
`virtual circuit for the SMTP application protocol to use. TCP does things like open
`a connection between two application protocol end-points,
`resend lost data,
`
`ROKU EXH. 1002
`
`ROKU EXH. 1002
`
`

`

`TCP/IP Protocols and Services In-Depth
`
`13
`
`remove duplicates, and exert flow control, each of which is beyond the simple
`delivery function of IP itself, yet is common enough to be useful as a separate, dis-
`tinct service.
`
`The SMTP application protocol contains application-specific semantics. In this
`case, this might consist of an SMTP command such as “RCPT TO ehall” and an
`application-specific response code such as 250 (“okay”). Note that the commands
`and data used by SMTP conform to the NVT specification, which prescribes how
`the data should be formatted, the types of data allowed, and so forth, although
`SMTP is doing all of the real work.
`
`As can be seen, each of the layers in the TCP/IP suite provide specific functional-
`ity to the layers above and below it, making the overall design extremely modu-
`lar. It is this modularity that makes TCP/IP so powerful, and also what makes it so
`complex.
`
`Data-Link Services
`
`When two devices on a network communicate with each other, they don’t use IP
`to do so. Rather, they use protocols that are specific to the wire itself. For exam-
`ple, devices on an Ethernet segment use a predefined series of electrical impulses
`to communicate with each other. Whenever an Ethernet device wants to send data
`to another device on the same network, it raises and lowers the voltage of the
`shared medium so that a series of “on” and “off” voltage patterns are generated.
`These changes in voltage are interpreted as bits by the other devices on the
`network.
`
`The changes in voltage are dictated by protocols that are specific to the different
`types of physical networks. Ethernet networks have data-link protocols that will
`not work with technologies like Token Ring. Similarly, modems use protocols spe-
`cific to different types of modem technology.
`
`Much of IP’s functionality is determined by the physical media that the IP device is
`connected to. When an IP device has information that it needs to send to another
`device on the same wire, it has to understand the characteristics of the wire in
`order to prepare the information so that is usable for that particular medium.
`
`One of the issues that IP has to deal with is the mechanisms used for the network-
`specific addressing. Just as physical networks have to provide mechanisms for
`encapsulating and disseminating data on the wire, they also have to provide a way
`for devices to locate each other, using addressing methods defined by the low-
`level protocols.
`
`On shared networks, each device must have a unique hardware address in order
`for devices to indicate which node the traffic is for. Ethernet networks use a 48-bit
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ROKU EXH. 1002
`
`

`

`14
`
`Chapter 1: An Introduction to TCP/IP
`
`Media Access Control (MAC) address for this purpose, while Frame Relay net-
`works use Data-Link Connection Identifier (DLCD addresses, and so on. This con-
`cept is illustrated in Figure 1-7, where IP traffic for 192.168.10.40 is sent to the
`Ethernet address of 00:00:c0:c8:b3:27, using Ethernet-specific signalling.
`
`ethernet traffic for 00:00:c0:c8:b3:27
`
`Ferret
`192.168.10.10
`
`Figure 1-7. Topology-specific protocols and addressing
`
`In contrast, modems are point-to-point; only two devices can communicate over
`any given circuit. As such, modem circuits don’t use addresses per se, but instead
`just send and receive data over dedicated “transmit” and “receive” wires as
`needed. The sameis true of T-1 lines and most other point-to-point circuit-based
`networks.
`
`In all of these cases, the IP stack running on the local device must understand the
`addressing mechanisms used by the hardware, and implement it accordingly, just
`as it must understand the framing characteristics and signalling mechanisms in use
`on the physical network.
`
`The Internet Protocol
`
`When an IP-enabled device wants to send data to another IP node, the data-link
`services on that device convert the IP datagrams into a format usable by the local
`network medium, and then send the data to the destination system using the
`addressing and framing mechanismsdictated by the network.
`
`These steps occur on each of the networks that an IP datagram traverses onits
`way to the final destination system. If an IP datagram were sent from a dial-up
`user working at her home in Los Angeles to a server in Rome,Italy, the number of
`networks that would be crossed could be quite high. But at each step of the way,
`the data would be transmitted using the low-level protocols appropriate for each
`of the particular networks being crossed.
`
`In this regard, IP provides a virtual representation of the global Internet to the
`hosts that are on it. IP provides a datagram formatting and addressing mechanism
`that is not dependent upon any of the specific characteristics of the individual
`
`ROKU EXH. 1002
`
`ROKU EXH. 1002
`
`

`

`TCPAP Protocols and Services In-Depth
`
`15
`
`networks that make up the global Internet. Data can be sent to an IP address, and
`the data will be encapsulated and transmitted according to the rules of each of the
`intermediary networks, with the IP datagram being used to provide delivery clues
`to the sending, receiving, and intermediary devices. Essentially, routing occurs at
`the network layer (IP), while delivery occurs at
`the data-link layer (Ethernet,
`modems, whatever).
`
`This conceptis illustrated in Figure 1-8. In that example, data sent over a modem
`would be encapsulated into a form usable by the dial-up connection. Once
`received, the data would be determined to be an IP datagram, and would then get
`converted into a form that was usable by the LAN connection and sent out again.
`The r