The Internet uses TCP/IP to link computers. TCP/IP stands for Transmission Control Protocol/Internet Protocol, which are two significant parts of what is now also know as the Internet Protocol Suite. The feature that makes TCP/IP different from many other networking protocols is that it was designed to link networks instead of just linking computers in a network. The design of TCP/IP allows each individual network to be managed separately, so different organizations that do not wish to give complete network access to each other (for instance a military research department and an academic computer science department) can still exchange information.

The first TCP/IP specifications were circulated as Requests for Comments (RFCs). The original developers and the Internet Engineering Task Force (the current open-membership standards body for TCP/IP and the Internet) maintain the tradition of producing RFCs that describe any new Internet standards or revisions to older standards. All the RFCs for TCP/IP protocols are available for download on the Internet.

The internet protocols in the TCP/IP suite are arranged in layers. Protocols at each layer are used by the next. The layers are as follows:

1. The network interface layer
2. The Internet layer
3. The transport layer
4. The application layer

Don't confuse these layers with the layers of the OSI Stack. These layers match almost exactly to OSI layers, but as with all real-world protocols there are variations in the actual implementation.

The network interface layer handles hardware-dependent functions and presents a standardized interface to the Internet layer of TCP/IP. You can have several network interfaces in your computer, each of which can carry the TCP/IP data traffic over a different type of physical network.

For instance, you may have an Ethernet adapter connecting your computer to an Ethernet network and a token-ring adapter connecting your computer to a token-ring network. In addition, you might have a serial connection through a modem to your Internet Service Provider (ISP). Each network interface uses different physical and data link protocols, but they all appear the same to the Internet layer of TCP/IP.

Under Windows NT the network device driver implements the network interface layer. If the connection is made via the Remote Access Service (RAS), then RAS WAN wrapper and either the Serial Line Internet Protocol (SLIP) or the Point to Point Protocol (PPP) performs this function, making your modem connection into a TCP/IP network connection.

The Internet layer moves information from the source to the destination through a network. The source and destination computers may not be on the same local area network; in fact, the source and destination computers may be in different computers on different continents, and the data being transferred may have to go through many intermediate computers and networks to reach its destination.

Internet Protocol(IP) is the core for the TCP/IP protocol suite. This protocol provides a directionless best-effort data delivery service for data sent within and between networks. Therefore, data that is sent is not guaranteed to arrive at the destination, and data packets are not guaranteed to arrive in the same order in which they were sent.

Internet Control Message Protocol (ICMP) uses IP to control the flow of data over networks and to report error and congestion conditions on the network links.

Address Resolution Protocol (ARP) is used in a local area network to determine a destination computer's physical hardware address when the source computer has the destination computer's Internet address.

Reverse Address resolution Protocol(RARP) is a mechanism whereby a computer that does not yet have an Internet address can obtain one.

Dynamic Host Configuration Protocol (DHCP) is a newer protocol for obtaining an IP address as well as other TCP/IP information on an IP network. DHCP is more flexible than RARP and automates many tasks that must be done manually with RARP.

The transport layer provides end-to-end data delivery services for the TCP/IP application layer above it.

TCP/IP provides two types of transport layer services. Which service upper layers use depends on the nature of the data arrives, and that the upper layer service needs. The two transport layer protocols provided by TCP/IP are:

Transmission Control Protocol (TCP) is a connection-oriented transport layer protocol that ensures that the data arrives, and that it arrives in the correct order. TCP sets up a connection between the sender and the receiver; it uses the services of IP to send and receive data. TCP reorders information that is received out of order and will request that information that was not received be sent again.

User Datagram Protocol(UDP) adds very little to the underlying IP transmission service. Datagrams are small, fixed-sized packages of data sent over a network. Like IP, UDP neither guarantees that the data (transmitted as datagrams) will arrive in order or even that the data will arrive at its destination. UDP is useful in applications when:

• Many small units of data are sent.
• Speed is more important than guaranteed delivery.
• The application will make sure that data is received.

The application layer in a typical TCP/IP implementation contains the following network applications (which are included in Windows NT unless otherwise noted):

Ping is a utility that tests connectivity between computers on the Internet. It uses Internet Control Message Protocol echo request and echo reply packets to time how long it takes for information to get to the other computer and back.

Telnet is a utility that gives you a character mode interactive session with another computer. You'll take a closer look at Telnet in the section on Internet Services.

Rlogin is like Telnet in that it gives you a command-line interface to another computer, but it also does more for UNIX computers to make the connection transparent to UNIX programs. Rlogin is not part of the Windows NT TCP/IP package.

Rsh allows you to type commands on your local system that will be executed on the remote system with the results returned to you on the local system.

File Transfer Protocol (FTP) is a utility that transfers files to and from remote computers over TCP/IP. The remote computer must have an FTP server. Windows NT

Trivial File Transfer Protocol(TFTP) is a file transfer protocol usually used to download operating system code for UNIX networked client machines.

Hypertext Transport Protocol (HTTP) transfers World Wide Web documents from a Web host to a Web browser such as Netscape or Internet Explorer.

Domain Name Service (DNS) translates human-friendly Internet addresses such as electriciti.com to numerical Internet addresses such as 198.5.212.8, which a computer uses to find a receiving computer. Windows NT workstations use the DNS protocol to look up names stored on DNS servers elsewhere on the network, such as on Windows NT server.

Simple Network Management Protocol (SNMP) has become the most widely used protocol for monitoring network devices such as hubs, routers, workstations, and computers. Windows NT supports SNMP.

Network News Transport Protocol (NNTP) is the mechanism whereby Usenet News is exchanged over the Internet. Windows NT Server Option Pack 4 provides support for NNTP.

All computers attached to an IP network (such as the Internet) are uniquely identified by a 32-bit number, usually expressed in decimal notation and with each byte (or octet) separated by a period. Because each portion of the address specifies two bits, the decimal range is between 0 and 255 for each of the four bytes. For example:

10.191.31.10

This address must be unique to the specific computer to which it is assigned - no other computer can have this address if it is attached to the same internetwork (i.e., the Internet). If two computers ever do have the same address, unpredictable routing errors will result. IP addresses are analogous to house addresses in that no two are ever the same and each element ( in the case of house addresses, elements would be states, cities, streets, and numbers) is increasingly specific.

IP addresses are not simply assigned at random. All computers on the same data link network are within the same subnet, or range of IP addresses. For instance, if you have an office Ethernet of 25 computers, all 25 computers would have IP addresses within the same short range.

The following example explains how IP addresses are assigned and how networks are subnetted, or divided into IP networks. Let's say that BT&T, a telephone company and Internet service provider (ISP), has been assigned the 10 address range, Within that range, BT&T is able to split up all sell ranges of IP addresses.

Now let's say that American Internet, a regional ISP that serves the east coast, purchases from BT&T high-capacity network connections and the right to act as a second-tier Internet service provider. BT&T assigns the 191 range of its 10 address range to American Internet, which is now free to assign any addresses more specific that 10.191.

Digital Widgets, a small company that makes a digital version of the ubiquitous widget and has 200 computers, leases a T1 service and the ability to assign its own IP address within the company from American Internet. American Internet gives Digital Widgets the 64 address range so that Digital Widgets is free to assign any IP address more specific than 10.191.64 to their own computers.

Sara, the forward-thinking network administrator of Digital Widgets, assigns the IP address 10.191.64.1 to the router attached to the T1 line. She assigns the address 10.191.64.2 to the corporate server and sets up DHCP on the server to automatically assign the remaining addresses to client computers as they attach to the network.

When Sara boots her networked client computer, it automatically receives the IP address 10.191.64.3 because it was the first computer to request a DHCP lease.

Sara could have assigned an individual IP address to each computer, it automatically receives the IP address 10.191.64.3 because it was the first computer to request a DHCP lease.

Internet addresses were originally segmented on byte boundaries. Large networks on which the first byte specifies the network number and the last three bytes are the local addresses are called Class A domains. Medium-size networks on which the first two bytes specify the network number and the last two bytes specify the local addresses are called Class B domains. Smaller networks on which the first three bytes specify the network number and the last byte specifies the local addresses are called Class C domains. In the preceding example, BT&T has a Class A domain, American Internet has Class B domain, and Digital Widgets has a Class C domain.

It is also possible to subnet at any point within the 32 bits of the IP address, not use on byte boundaries. This method of dividing network numbers from local addresses is known as classless addressing.

Originally, most Internet addresses were segmented on byte boundaries simply because it was easy, but as IP addresses became scarce, the more conservative practice of segmenting based on the actual estimated size of a network became more common.

To explain this system, let's say Digital Widgets has 1,000 computers rather than just 200. Because you can't fit 1,000 IP addresses into the 254 allowed addresses of the last two bits of an IP address, American Internet has to provide a larger subnet to its customers.

If you thought eight bits could provide 256 addresses (because 2 to 8^th power is 256), you'd be right. But in this case two addresses in every subnet are reserved. The "all zeros" address specifies the entire subnet. 10.191.61.0 specifies Digital Widget's entire network; 10.191.0.0 specifies American Internet's network; and 10.0.0.0 specifies BT&T's network. The "all ones" address specifies an IP broadcast, so sending an P packet to 10.191.61.255 means that all computers should receive it. Therefore, to calculate the number of available addresses in a subnet, you raise 2 to the number of bits in the subnet portion of the address and then subtract 2.

Each additional bit of address space doubles the number of hosts allowed on a network, but divides the number of possible networks in half. So by adding 1 bit to an 8-bit subnet, we can address 510 computers (29 = 512 -2 = 510). Adding another bit doubles the host address range to 1,022(2¹⁰ = 1,024 - 2 = 1,022), which is large enough to cover the required number of computers. Sara realizes that 1,022 possible client addresses leaves very little room for growth. She adds another bit as a safety margin, resulting in an 11-bit subnet that can accommodate 2,046 computers and requests an 11-bit subnet from American Internet. This solution also leaves room for Sara to create her own subnets within Digital widget's network.

Every IP address has two portions

• The network number
• The local host address

Because both numbers are contained in the same 32 bits and because the size of the network varies greatly from organization to organization, some method is required to determine which part of the IP address is the network number and which is the host's unique identifier.

The subnet mask determines which portion of the IP address is the network number and which portion is the local host address. The subnet mask is a 32-bit number consisting of all ones to the left and all zeros to the right that specifies how large the network number is. The switch between ones and zeros occurs at the bit size of the network. In the preceding example Sara determined that she would need 11 bits of address space to address all the current and future hosts in Digital Widget's network. The following subnet mask supports this division:

11111111.11111111.11111000.00000000 = 255.255.248.0

The ones mean that the network number is 21 bits long, and the zeros mean that an 11-bit range is available for host addresses.

The subnet mask determines whether the destination computer and the source computer reside on the same local network or whether the transmission will require routing. When a computer creates an IP packet, it masks off the host address of the destination computer, leaving only the network number. It compares this network number to its own network number, and if the two are equal, the computer transmits the packet directly to the destination computer because the two computers are on the same local data link. If the two numbers are not equal, the computer transmits the packet to its default gateway. The default gateway performs a similar comparison. This process continues until the packet eventually reaches the data link to which it is local and is received by the destination computer.

Routers, gateways, and multihomed servers perform the routing function. They forward datagrams received on one network to another network that is closer to the destination. Consequently, these devices must be attached to both networks and have an Internet address that is local to each network. (Obviously, these devices need more than one IP address.)

IP addresses are assigned to each network interface, not to each computer. If a server has two network interfaces, each attached to a different network, it is a multihomed server. Since most clients have only one network interface, clients have only one IP address and can be referred to by that IP address. Multihomed servers, routers, and gateways all require more than one address. They are generally referred to by IP address of the adapter through which the default gateway for that multihomed host is reached.

• Multihomed computers have an IP address for each network to which they are attached.
• Multihomed hosts connect the networks by forwarding data between them.
• Bottom tier networks have larger network numbers, usually three bytes long. Hosts on these networks are only one byte long.
• Medium tier networks have two-byte network numbers and two-byte host identifiers.
• Top tier networks have one-byte network numbers and three-byte host identifiers.
• Multihomed hosts are usually attached to networks with somewhat similar network numbers, but this convention is not a requirement.
• More than one path can exist between any two end systems.

1. Select Start Ø Programs Ø Control Panel.
2. Double-click the Network Control Panel
3. Click the Protocols tab.
4. Click Add.
5. Double-click TCP/IP Protocol in the Network Protocols pick box.
6. Click No when asked if you have a DHCP server (for the purposes of this exercise). You can change this later if you have a DCHP server on your network.
7. Insert your Windows NT CD-ROM into your CD-ROM reader and click the Continue button. If you need to correct the path, do so .
8. Click OK.
9. Click Yes if a message appears asking if you want to configure TCP/IP to work with RAS. Then click Network, check TCP/IP, click OK, and click continue.
10. Click Close.
11. Select your network interface. If your computer has only one network interface, it will already be selected.
12. Enter the computer's IP address. If you don't have an IP address for your computer, enter 10.1.1.2.
13. Enter the subnet mask. If you don’t know what the subnet mask should be for your computer, enter 255.255.255.0.
14. Enter the IP address of your default gateway. If you don't have a default gateway, leave this address blank.
15. Click OK.
16. Click Yes to restart your computer.

1. Select Start Ø Settings Ø Control Panel.
2. Double-click Network.
3. Click the Services tab.
4. Click Add.
5. Double-click Microsoft DNS Server.
6. Insert your Windows NT Server CD-ROM, verify the path to your installation files, and click Continue.
7. Click Close.
8. Click Yes to restart your computer.

1. Select Start Ø Settings Ø Control Panel.
2. Double-click Network.
3. Click the Services tab.
4. Click Add.
5. Double-click Microsoft DHCP service.
6. Insert your Windows NT Server CD-ROM, verify the path to your installation files, and click Continue.
7. Click Close.
8. Click Yes to restart your computer.

• Every subnet you define will require a unique scope.
• Each domain should have one set of global options to assign DNS and WINS addresses (assuming they are same for every client).
• Every scope should contain a range of IP addresses that can be dynamically assigned.
• Every scope must provide a valid subnet mask.
• Every scope should provide a default router that points to the gateway to other networks.
• If you have a WINS server, provide its address with DHCP as a global option.

Provide the address of your (or your ISP's) DNS server as a global option.