Oracle Solaris TCP/IP Protocol Suite (Overview)

This chapter introduces the Oracle Solaris implementation of the TCP/IP network protocol
suite. The information is intended for system and network administrators who are unfamiliar
with basic TCP/IP concepts. The remaining parts of this book assume that you are familiar with
these concepts.

This chapter contains the following information:

■ “Introducing the TCP/IP Protocol Suite” on page 37
■ “How the TCP/IP Protocols Handle Data Communications” on page 44
■ “Finding Out More About TCP/IP and the Internet” on page 48

What's New in This Release

Starting with Solaris 10 5/08, the Mobile IP feature is removed. Mobile IP is available in the
Solaris 10 OS 8/07 and previous releases.

Introducing the TCP/IP Protocol Suite

This section presents an in-depth introduction to the protocols that are included in TCP/IP.
Although the information is conceptual, you should learn the names of the protocols. You
should also learn what each protocol does.

“TCP/IP” is the acronym that is commonly used for the set of network protocols that compose
the Internet Protocol suite. Many texts use the term “Internet” to describe both the protocol suite
and the global wide area network. In this book, “TCP/IP” refers specifically to the Internet
protocol suite. “Internet” refers to the wide area network and the bodies that govern the
Internet.

To interconnect your TCP/IP network with other networks, you must obtain a unique IP
address for your network. At the time of this writing, you obtain this address from an Internet
service provider (ISP).

37
Introducing the TCP/IP Protocol Suite

If hosts on your network are to participate in the Internet Domain Name System (DNS), you
must obtain and register a unique domain name. The InterNIC coordinates the registration of
domain names through a group of worldwide registries. For more information on DNS, refer to
System Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP).

Protocol Layers and the Open Systems

Interconnection Model
Most network protocol suites are structured as a series of layers, sometimes collectively referred
to as a protocol stack. Each layer is designed for a specific purpose. Each layer exists on both the
sending and receiving systems. A specific layer on one system sends or receives exactly the same
object that another system's peer process sends or receives. These activities occur independently
from activities in layers above or below the layer under consideration. In essence, each layer on
a system acts independently of other layers on the same system. Each layer acts in parallel with
the same layer on other systems.

OSI Reference Model

Most network protocol suites are structured in layers. The International Organization for
Standardization (ISO) designed the Open Systems Interconnection (OSI) Reference Model that
uses structured layers. The OSI model describes a structure with seven layers for network
activities. One or more protocols is associated with each layer. The layers represent data transfer
operations that are common to all types of data transfers among cooperating networks.
The OSI model lists the protocol layers from the top (layer 7) to the bottom (layer 1). The
following table shows the model.

TABLE 1–1 Open Systems Interconnection Reference Model

Layer No. Layer Name Description

7 Application Consists of standard communication services and applications that

everyone can use.

6 Presentation Ensures that information is delivered to the receiving system in a

form that the system can understand.

5 Session Manages the connections and terminations between cooperating

systems.

4 Transport Manages the transfer of data. Also assures that the received data are
identical to the transmitted data.

3 Network Manages data addressing and delivery between networks.

2 Data link Handles the transfer of data across the network media.

1 Physical Defines the characteristics of the network hardware.

 Introducing the TCP/IP Protocol Suite

The OSI model defines conceptual operations that are not unique to any particular network
protocol suite. For example, the OSI network protocol suite implements all seven layers of the
OSI model. TCP/IP uses some of OSI model layers. TCP/IP also combines other layers. Other
network protocols, such as SNA, add an eighth layer.

TCP/IP Protocol Architecture Model

The OSI model describes idealized network communications with a family of protocols.
TCP/IP does not directly correspond to this model. TCP/IP either combines several OSI layers
into a single layer, or does not use certain layers at all. The following table shows the layers of
the Oracle Solaris implementation of TCP/IP. The table lists the layers from the topmost layer
(application) to the bottommost layer (physical network).

TABLE 1–2 TCP/IP Protocol Stack

OSI Layer
OSI Ref. Layer No. Equivalent TCP/IP Layer TCP/IP Protocol Examples

5,6,7 Application, Application NFS, NIS, DNS, LDAP, telnet, ftp, rlogin, rsh, rcp,
session, RIP, RDISC, SNMP, and others
presentation

4 Transport Transport TCP, UDP, SCTP

3 Network Internet IPv4, IPv6, ARP, ICMP

2 Data link Data link PPP, IEEE 802.2

1 Physical Physical Ethernet (IEEE 802.3), Token Ring, RS-232, FDDI, and
network others

The table shows the TCP/IP protocol layers and the OSI model equivalents. Also shown are
examples of the protocols that are available at each level of the TCP/IP protocol stack. Each
system that is involved in a communication transaction runs a unique implementation of the
protocol stack.

Physical Network Layer

The physical network layer specifies the characteristics of the hardware to be used for the
network. For example, physical network layer specifies the physical characteristics of the
communications media. The physical layer of TCP/IP describes hardware standards such as
IEEE 802.3, the specification for Ethernet network media, and RS-232, the specification for
standard pin connectors.
Introducing the TCP/IP Protocol Suite

Data-Link Layer
The data-link layer identifies the network protocol type of the packet, in this instance TCP/IP.
The data-link layer also provides error control and “framing.” Examples of data-link layer
protocols are Ethernet IEEE 802.2 framing and Point-to-Point Protocol (PPP) framing.

Internet Layer
The Internet layer, also known as the network layer or IP layer, accepts and delivers packets for
the network. This layer includes the powerful Internet Protocol (IP), the Address Resolution
Protocol (ARP), and the Internet Control Message Protocol (ICMP).

IP Protocol
The IP protocol and its associated routing protocols are possibly the most significant of the
entire TCP/IP suite. IP is responsible for the following:
■ IP addressing – The IP addressing conventions are part of the IP protocol. “Designing an
IPv4 Addressing Scheme” on page 58 introduces IPv4 addressing and “IPv6 Addressing
Overview” on page 74 introduces IPv6 addressing.
■ Host-to-host communications – IP determines the path a packet must take, based on the
receiving system's IP address.
■ Packet formatting – IP assembles packets into units that are known as datagrams.
Datagrams are fully described in “Internet Layer: Where Packets Are Prepared for Delivery”
on page 47.
■ Fragmentation – If a packet is too large for transmission over the network media, IP on the
sending system breaks the packet into smaller fragments. IP on the receiving system then
reconstructs the fragments into the original packet.

Oracle Solaris supports both IPv4 and IPv6 addressing formats, which are described in this
book. To avoid confusion when addressing the Internet Protocol, one of the following
conventions is used:
■ When the term “IP” is used in a description, the description applies to both IPv4 and IPv6.
■ When the term “IPv4” is used in a description, the description applies only to IPv4.
■ When the term “IPv6” is used in a description, the description applies only to IPv6.

ARP Protocol
The Address Resolution Protocol (ARP) conceptually exists between the data-link and Internet
layers. ARP assists IP in directing datagrams to the appropriate receiving system by mapping
Ethernet addresses (48 bits long) to known IP addresses (32 bits long).
 Introducing the TCP/IP Protocol Suite

ICMP Protocol
The Internet Control Message Protocol (ICMP) detects and reports network error conditions.
ICMP reports on the following:
■ Dropped packets – Packets that arrive too fast to be processed
■ Connectivity failure – A destination system cannot be reached
■ Redirection – Redirecting a sending system to use another router

Chapter 8, “Administering a TCP/IP Network (Tasks),” contains more information on Oracle

Solaris commands that use ICMP for error detection.

Transport Layer
The TCP/IP transport layer ensures that packets arrive in sequence and without error, by
swapping acknowledgments of data reception, and retransmitting lost packets. This type of
communication is known as end-to-end. Transport layer protocols at this level are
Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Stream Control
Transmission Protocol (SCTP). TCP and SCTP provide reliable, end-to-end service. UDP
provides unreliable datagram service.

TCP Protocol
TCP enables applications to communicate with each other as though they were connected by a
physical circuit. TCP sends data in a form that appears to be transmitted in a
character-by-character fashion, rather than as discrete packets. This transmission consists of
the following:
■ Starting point, which opens the connection
■ Entire transmission in byte order
■ Ending point, which closes the connection.

TCP attaches a header onto the transmitted data. This header contains many parameters that
help processes on the sending system connect to peer processes on the receiving system.

TCP confirms that a packet has reached its destination by establishing an end-to-end
connection between sending and receiving hosts. TCP is therefore considered a “reliable,
connection-oriented” protocol.

SCTP Protocol
SCTP is a reliable, connection-oriented transport layer protocol that provides the same services
to applications that are available from TCP. Moreover, SCTP can support connections between
systems that have more than one address, or multihomed. The SCTP connection between
sending and receiving system is called an association. Data in the association is organized in
chunks. Because SCTP supports multihoming, certain applications, particularly applications
used by the telecommunications industry, need to run over SCTP, rather than TCP.
Introducing the TCP/IP Protocol Suite

UDP Protocol
UDP provides datagram delivery service. UDP does not verify connections between receiving
and sending hosts. Because UDP eliminates the processes of establishing and verifying
connections, applications that send small amounts of data use UDP.

Application Layer
The application layer defines standard Internet services and network applications that anyone
can use. These services work with the transport layer to send and receive data. Many application
layer protocols exist. The following list shows examples of application layer protocols:
■ Standard TCP/IP services such as the ftp, tftp, and telnet commands
■ UNIX “r” commands, such as rlogin and rsh
■ Name services, such as NIS and the domain name system (DNS)
■ Directory services (LDAP)
■ File services, such as the NFS service
■ Simple Network Management Protocol (SNMP), which enables network management
■ Router Discovery Server protocol (RDISC) and Routing Information Protocol (RIP)
routing protocols

Standard TCP/IP Services

■ FTP and Anonymous FTP – The File Transfer Protocol (FTP) transfers files to and from a
remote network. The protocol includes the ftp command and the in.ftpd daemon. FTP
enables a user to specify the name of the remote host and file transfer command options on
the local host's command line. The in.ftpd daemon on the remote host then handles the
requests from the local host. Unlike rcp, ftp works even when the remote computer does
not run a UNIX based operating system. A user must log in to the remote system to make an
ftp connection, unless the remote system has been configured to allow anonymous FTP.
You can obtain an enormous amount of material from anonymous FTP servers that are
connected to the Internet. Universities and other institutions set up these servers to offer
software, research papers, and other information to the public domain. When you log in to
this type of server, you use the login name anonymous, hence the term “anonymous FTP
server.”
Using anonymous FTP and setting up anonymous FTP servers is outside the scope of this
manual. However, many books, such as The Whole Internet User's Guide & Catalog, discuss
anonymous FTP in detail. Instructions for using FTP are in System Administration Guide:
Network Services. The ftp(1) man page describes all ftp command options that are invoked
through the command interpreter. The ftpd(1M) man page describes the services that are
provided by the in.ftpd daemon.
 Introducing the TCP/IP Protocol Suite

■ Telnet – The Telnet protocol enables terminals and terminal-oriented processes to

communicate on a network that runs TCP/IP. This protocol is implemented as the telnet
program on local systems and the in.telnetd daemon on remote machines. Telnet
provides a user interface through which two hosts can communicate on a
character-by-character or line-by-line basis. Telnet includes a set of commands that are fully
documented in the telnet(1) man page.
■ TFTP – The Trivial File Transfer Protocol (tftp) provides functions that are similar to ftp,
but the protocol does not establish ftp's interactive connection. As a result, users cannot list
the contents of a directory or change directories. A user must know the full name of the file
to be copied. The tftp(1)man page describes the tftp command set.

UNIX“r”Commands
The UNIX “r” commands enable users to issue commands on their local machines that run on
the remote host. These commands include the following:
■ rcp
■ rlogin
■ rsh

Instructions for using these commands are in the rcp(1), rlogin(1), and rsh(1) man pages.

Name Services
Oracle Solaris provides the following name services:
■ DNS – The domain name system (DNS) is the name service provided by the Internet for
TCP/IP networks. DNS provides host names to the IP address service. DNS also serves as a
database for mail administration. For a complete description of this service, see System
Administration Guide: Naming and Directory Services (DNS, NIS, and LDAP). See also the
resolver(3RESOLV) man page.
■ /etc files – The original host-based UNIX name system was developed for standalone
UNIX machines and then adapted for network use. Many old UNIX operating systems and
computers still use this system, but it is not well suited for large complex networks.
■ NIS – Network Information Service (NIS) was developed independently of DNS and has a
slightly different focus. Whereas DNS focuses on making communication simpler by using
machine names instead of numerical IP addresses, NIS focuses on making network
administration more manageable by providing centralized control over a variety of network
information. NIS stores information about machine names and addresses, users, the
network itself, and network services. NIS name space information is stored in NIS maps. For
more information on NIS Architecture and NIS Administration, see System Administration
Guide: Naming and Directory Services (DNS, NIS, and LDAP).
How the TCP/IP Protocols Handle Data Communications

Directory Service
Oracle Solaris supports LDAP (Lightweight Directory Access Protocol) in conjunction with the
Sun Open Net Environment (Sun ONE) Directory Server, as well as other LDAP directory
servers. The distinction between a name service and a directory service is in the differing extent
of functionality. A directory service provides the same functionality of a naming service, but
provides additional functionalities as well. See System Administration Guide: Naming and
Directory Services (DNS, NIS, and LDAP).

File Services
The NFS application layer protocol provides file services for Oracle Solaris. You can find
complete information about the NFS service in System Administration Guide: Network Services.

Network Administration
The Simple Network Management Protocol (SNMP) enables you to view the layout of your
network and the status of key machines. SNMP also enables you to obtain complex network
statistics from software that is based on a graphical user interface (GUI). Many companies offer
network management packages that implement SNMP.

Routing Protocols
The Routing Information Protocol (RIP) and the Router Discovery Server Protocol (RDISC)
are two available routing protocols for TCP/IP networks. For complete lists of available routing
protocols for Oracle Solaris 10, refer to Table 5–1 and Table 5–2.

How the TCP/IP Protocols Handle Data Communications

When a user issues a command that uses a TCP/IP application layer protocol, a series of events
is initiated. The user's command or message passes through the TCP/IP protocol stack on the
local system. Then, the command or message passes across the network media to the protocols
on the remote system. The protocols at each layer on the sending host add information to the
original data.

Protocols on each layer of the sending host also interact with their peers on the receiving host.
Figure 1–1 shows this interaction.

Data Encapsulation and the TCP/IP Protocol Stack

The packet is the basic unit of information that is transferred across a network. The basic packet
consists of a header with the sending and receiving systems' addresses, and a body, or payload,
with the data to be transferred. As the packet travels through the TCP/IP protocol stack, the
 How the TCP/IP Protocols Handle Data Communications

protocols at each layer either add or remove fields from the basic header. When a protocol on
the sending system adds data to the packet header, the process is called data encapsulation.
Moreover, each layer has a different term for the altered packet, as shown in the following
figure.

FIGURE 1–1 How a Packet Travels Through the TCP/IP Stack

Sending Host Receiving Host

Application Layer Application Layer Receives

Packet & rlogin host request for login

Transport Layer Transport Layer

TCP segment TCP segment

Internet Layer Internet Layer

IP datagram IP datagram

Data Link Layer Data Link Layer

Frame Frame

Physical Network Physical Network

Layer Frame Layer Frame

Network media

This section summarizes the life cycle of a packet. The life cycle starts when you issue a
command or send a message. The life cycle finishes when the appropriate application on the
receiving system receives the packet.

Application Layer: Where a Communication Originates

The packet's history begins when a user on one system sends a message or issues a command
that must access a remote system. The application protocol formats the packet so that the
appropriate transport layer protocol, TCP or UDP, can handle the packet.

Suppose the user issues an rlogin command to log in to the remote system, as shown in
Figure 1–1. The rlogin command uses the TCP transport layer protocol. TCP expects to
receive data in the form of a stream of bytes that contain the information in the command.
Therefore, rlogin sends this data as a TCP stream.
How the TCP/IP Protocols Handle Data Communications

Transport Layer: Where Data Encapsulation Begins

When the data arrives at the transport layer, the protocols at the layer start the process of data
encapsulation. The transport layer encapsulates the application data into transport protocol
data units.

The transport layer protocol creates a virtual flow of data between the sending and receiving
application, differentiated by the transport port number. The port number identifies a port, a
dedicated location in memory for receiving or sending data. In addition, the transport protocol
layer might provide other services, such as reliable, in order data delivery. The end result
depends on whether TCP, SCTP, or UDP handles the information.

TCP Segmentation
TCP is often called a “connection-oriented” protocol because TCP ensures the successful
delivery of data to the receiving host. Figure 1–1 shows how the TCP protocol receives the
stream from the rlogin command. TCP then divides the data that is received from the
application layer into segments and attaches a header to each segment.

Segment headers contain sending and receiving ports, segment ordering information, and a
data field that is known as a checksum. The TCP protocols on both hosts use the checksum data
to determine if the data transfers without error.

Establishing a TCP Connection

TCP uses segments to determine whether the receiving system is ready to receive the data.
When the sending TCP wants to establish connections, TCP sends a segment that is called a
SYN to the TCP protocol on the receiving host. The receiving TCP returns a segment that is
called an ACK to acknowledge the successful receipt of the segment. The sending TCP sends
another ACK segment, then proceeds to send the data. This exchange of control information is
referred to as a three-way handshake.

UDP Packets
UDP is a “connectionless” protocol. Unlike TCP, UDP does not check that data arrived at the
receiving host. Instead, UDP formats the message that is received from the application layer
into UDP packets. UDP attaches a header to each packet. The header contains the sending and
receiving ports, a field with the length of the packet, and a checksum.

The sending UDP process attempts to send the packet to its peer UDP process on the receiving
host. The application layer determines whether the receiving UDP process acknowledges the
reception of the packet. UDP requires no notification of receipt. UDP does not use the
three-way handshake.
 How the TCP/IP Protocols Handle Data Communications

Internet Layer: Where Packets Are Prepared for Delivery

The transport protocols TCP, UDP, and SCTP pass their segments and packets down to the
Internet layer, where the IP protocol handles the segments and packets. IP prepares them for
delivery by formatting them into units called IP datagrams. IP then determines the IP addresses
for the datagrams, so that they can be delivered effectively to the receiving host.

IP Datagrams
IP attaches an IP header to the segment or packet's header, in addition to the information that is
added by TCP or UDP. Information in the IP header includes the IP addresses of the sending
and receiving hosts, the datagram length, and the datagram sequence order. This information is
provided if the datagram exceeds the allowable byte size for network packets and must be
fragmented.

Data-Link Layer: Where Framing Takes Place

Data-link layer protocols, such as PPP, format the IP datagram into a frame. These protocols
attach a third header and a footer to “frame” the datagram. The frame header includes a cyclic
redundancy check (CRC) field that checks for errors as the frame travels over the network
media. Then, the data-link layer passes the frame to the physical layer.

Physical Network Layer: Where Frames Are Sent and Received

The physical network layer on the sending host receives the frames and converts the IP
addresses into the hardware addresses appropriate to the network media. The physical network
layer then sends the frame out over the network media.

How the Receiving Host Handles the Packet

When the packet arrives on the receiving host, the packet travels through the TCP/IP protocol
stack in the reverse order from which it was sent. Figure 1–1 illustrates this path. Moreover,
each protocol on the receiving host strips off header information that is attached to the packet
by its peer on the sending host. The following process occurs:
1. The physical network layer receives the packet in its frame form. The physical network layer
computes the CRC of the packet, then sends the frame to the data link layer.
2. The data-link layer verifies that the CRC for the frame is correct and strips off the frame
header and the CRC. Finally, the data-link protocol sends the frame to the Internet layer.
3. The Internet layer reads information in the header to identify the transmission. Then, the
Internet layer determines if the packet is a fragment. If the transmission is fragmented, IP
reassembles the fragments into the original datagram. IP then strips off the IP header and
passes the datagram on to transport layer protocols.
4. The transport layer (TCP, SCTP, and UDP) reads the header to determine which application
layer protocol must receive the data. Then, TCP, SCTP, or UDP strips off its related header.
TCP, SCTP, or UDP sends the message or stream to the receiving application.
Finding Out More About TCP/IP and the Internet

5. The application layer receives the message. The application layer then performs the
operation that the sending host requested.

TCP/IP Internal Trace Support

TCP/IP provides internal trace support by logging TCP communication when an RST packet
terminates a connection. When an RST packet is transmitted or received, information on as
many as 10 packets, which were just transmitted, is logged with the connection information.

Finding Out More About TCP/IP and the Internet

Information about TCP/IP and the Internet is widely available. If you require specific
information that is not covered in this text, you can probably find what you need in the sources
cited next.

Computer Books About TCP/IP

Many trade books about TCP/IP and the Internet are available from your local library or
computer bookstore. The following two books are considered the classic texts on TCP/IP:
■ Craig Hunt. TCP/IP Network Administration – This book contains some theory and much
practical information for managing a heterogeneous TCP/IP network.
■ W. Richard Stevens. TCP/IP Illustrated, Volume I – This book is an in-depth explanation of
the TCP/IP protocols. This book is ideal for network administrators who require a technical
background in TCP/IP and for network programmers.

TCP/IP and Networking Related Web Sites

The Internet has a wealth of web sites and user groups that are devoted to TCP/IP protocols and
their administration. Many manufacturers, including Oracle Corporation, offer web-based
resources for general TCP/IP information. The following are helpful web resources for TCP/IP
information and general system administration information. The table lists relevant web sites
and descriptions of networking information the sites provide.

Web Site Description

The Internet Engineering Task Force (IETF) web site (http://www.ietf.org/ The IETF is the body responsible for the
home.html) architecture and governance of the Internet.
The IETF web site contains information
about the various activities of this
organization. The site also includes links to
the major publications of the IETF.
 Finding Out More About TCP/IP and the Internet

Web Site Description

Oracle Corporation's BigAdmin Portal (http://www.oracle.com/technetwork/ BigAdmin provides information for

systems/index.html) administering Sun computers. The site offers
FAQs, resources, discussions, links to
documentation, and other materials that
pertain to Oracle Solaris 10 administration,
including networking.

Requests for Comments and Internet Drafts

The Internet Engineering Task Force (IETF) working groups publish standards documents that
are known as Requests for Comments (RFCs). Standards that are under development are
published in Internet Drafts. The Internet Architecture Board (IAB) must approve all RFCs
before they are placed in the public domain. Typically RFCs and Internet drafts are directed to
developers and other highly technical readers. However, a number of RFCs that deal with
TCP/IP topics contain valuable information for system administrators. These RFCs are cited in
various places throughout this book.

Generally, For Your Information (FYI) documents appear as a subset of the RFCs. FYIs contain
information that does not deal with Internet standards. FYIs contain Internet information of a
more general nature. For example, FYI documents include a bibliography that list introductory
TCP/IP books and papers. FYI documents provide an exhaustive compendium of
Internet-related software tools. Finally, FYI documents include a glossary of Internet and
general networking terms.

You will find references to relevant RFCs throughout this guide and other books in the Oracle
Solaris System Administrator Collection.