Packet Switching & TCP/IP Explained
Packet Switching & TCP/IP Explained
The packet switching is a switching technique in which the message is sent in one go, but
it is divided into smaller pieces, and they are sent individually.
The message splits into smaller pieces known as packets and packets are given a unique
number to identify their order at the receiving end.
Every packet contains some information in its headers such as source address, destination
address and sequence number.
Packets will travel across the network, taking the shortest path as possible.
All the packets are reassembled at the receiving end in correct order.
If any packet is missing or corrupted, then the message will be sent to resend the
message.
If the correct order of the packets is reached, then the acknowledgment message will be
sent.
In the above diagram, A and B are the sender and receiver respectively. 1 and 2 are the
nodes.
Call request and call accept packets are used to establish a connection between the sender
and receiver.
When a route is established, data will be transferred.
After transmission of data, an acknowledgment signal is sent by the receiver that the
message has been received.
If the user wants to terminate the connection, a clear signal is sent for the termination.
Advertisement
Advertisement
Packet Switching technique cannot be implemented in those applications that require low
delay and high-quality services.
The protocols used in a packet switching technique are very complex and requires high
implementation cost.
If the network is overloaded or corrupted, then it requires retransmission of lost packets.
It can also lead to the loss of critical information if errors are nor recovered.
Internet Protocols are a set of rules that governs the communication and exchange of data over the
internet. Both the sender and receiver should follow the same protocols in order to communicate the
data. In order to understand it better, let’s take an example of a language. Any language has its own set
of vocabulary and grammar which we need to know if we want to communicate in that language.
Similarly, over the internet whenever we access a website or exchange some data with another device
then these processes are governed by a set of rules called the internet protocols.
As the name suggests, TCP/IP comprises two basic protocols: TCP (transmission control
protocol) and IP (Internet protocol).
TCP: The TCP allows applications to create channels of communications across a network. It
also allows a message to be divided into smaller packets before they are transmitted over the
internet and then assembled in the right manner at the destination address. So, it ensures the
reliable transmission of data across the network. Furthermore, it also checks errors in the packets
and requests for re-transmission if errors are found.
IP: The IP address tells the packets the address and route so that they reach the right destination.
It has a method that enables gateway computers on the internet-connected network forward the
message after checking the IPS address. It is like a line of workers passing coal from a mine to a
mining cart.
TCP/IP, which is a standard layered protocol suite comprises a set of rules and procedures, is
divided into four layers, on the basis of their functionality. Each layer has a specific protocol.
The application layer: This layer includes all the protocols required to communicate
directly with the end-users. Some important protocols in this layer include HTTP
(Hypertext Transfer Protocol), FTP (File Transfer Protocol), SMTP (Simple Mail
Transfer Protocol), and the DHCP (Dynamic Host Configuration Protocol).
The transport layer: This layer ensures the transmission of the correct message or data
in proper order. It utilizes UDP (User Datagram Protocol) and TCP.
The network access layer: It offers the functionalities to build and handle packets of
information.
The internet layer: It performs two basic functions, routing and addressing by using IP
(Internet Protocol). It tells how the packets are to be sent to the destination.
Out of these two, the UDP is the simplest transport layer protocol designed to send data over the
Internet. It picks the datagram from the network layer and attaches the header then forwards it to
the user.
Characteristics of UDP:
It is a fast, unreliable, and stateless protocol that makes it suitable for use with
applications that can tolerate lost data.
It can be used for transaction-based protocols, such as DNS or Network Time Protocol
NTP.
It can be used for settings where many clients are connected and where real-time error
correction is not must, such as gaming, voice calls, or video conferencing, and streaming
videos.
It is a connectionless protocol as it doesn?t need a virtual circuit before transferring the
data.
It offers minimal transport service, in-order delivery is not certain, and a congestion
control mechanism is also not provided.
Furthermore, UDP uses headers to transfer data over connections. Its headers contain a set of
parameters called fields. A UDP header has four fields which are as follows:
1. Source Port: It is a 2 Byte field that tells the port number of a source.
2. Destination Port: It is also a 2 Byte long filed that tells the port number of the
destination.
3. Length: It is the total length of the UDP, including the header and the data. It is a 16-bits
field.
4. Checksum: It is a 2 Byte long field that is used to check errors, e.g., it is used in IPv6
and sometimes in IPv4.
Advertisement
Applications of UDP:
It is used for simple request-response communication where data is less and which
require one response for one request, and not much concerned with flow and error
control. e.g., DNS
UDP can be used for multicasting as it supports packet switching.
It can be used by routing protocols such as RIP and OSPF as they transmit less data.
It is used by Trivial File Transfer Protocol (TFTP) to send small files.
It is used by multicasting and broadcasting applications.
It can be used by streaming media like video conferencing as they prefer speed over
reliability.
Chatting, online games, and similar real-time applications use UDP.
Management protocols like SNMP (Simple Network Management Protocol), and Bootp
or DHCP also use UDP
Furthermore, there are various protocols that use UDP, such as Kerberos, Network Time
Protocol (NTP), Network News Protocol (NNP), etc.
FTP
Why FTP?
Although transferring files from one system to another is very simple and straightforward, but
sometimes it can cause problems. For example, two systems may have different file conventions.
Two systems may have different ways to represent text and data. Two systems may have
different directory structures. FTP protocol overcomes these problems by establishing two
connections between hosts. One connection is used for data transfer, and another connection is
used for the control connection.
Mechanism of FTP
The above figure shows the basic model of the FTP. The FTP client has three components: the
user interface, control process, and data transfer process. The server has two components: the
server control process and the server data transfer process.
FTP Clients
FTP client is a program that implements a file transfer protocol which allows you to transfer files
between two hosts on the internet.
It allows a user to connect to a remote host and upload or download the files.
It has a set of commands that we can use to connect to a host, transfer the files between you
and your host and close the connection.
The FTP program is also available as a built-in component in a Web browser. This GUI based FTP
client makes the file transfer very easy and also does not require to remember the FTP
commands.
Advantages of FTP:
Speed: One of the biggest advantages of FTP is speed. The FTP is one of the fastest way to
transfer the files from one computer to another computer.
Efficient: It is more efficient as we do not need to complete all the operations to get the entire
file.
Security: To access the FTP server, we need to login with the username and password.
Therefore, we can say that FTP is more secure.
Back & forth movement: FTP allows us to transfer the files back and forth. Suppose you are a
manager of the company, you send some information to all the employees, and they all send
information back on the same server.
Disadvantages of FTP:
The standard requirement of the industry is that all the FTP transmissions should be encrypted.
However, not all the FTP providers are equal and not all the providers offer encryption. So, we
will have to look out for the FTP providers that provides encryption.
FTP serves two operations, i.e., to send and receive large files on a network. However, the size
limit of the file is 2GB that can be sent. It also doesn't allow you to run simultaneous transfers to
multiple receivers.
Passwords and file contents are sent in clear text that allows unwanted eavesdropping. So, it is
quite possible that attackers can carry out the brute force attack by trying to guess the FTP
password.
It is not compatible with every system.
SFTP
SFTP stands for SSH File Transfer Protocol. It has replaced the legacy FTP protocol. It runs
over the SSH protocol. It supports the full security and authentication functionality of SSH. In
couple of years, it will also take over the FTPS protocol. There is no dedicated SFTP port; SFTP
uses the normal SSH port i.e. 22.
Features of SFTP
1. <dependency>
2. <groupId>com.jcraft</groupId>
3. <artifactId>jsch</artifactId>
4. <version>0.1.55</version>
5. </dependency>
We use put() method to transfer files from a local host to the server.
1. channelSftp.put(localFile, remoteFile);
1. channelSftp.get(remoteFile, localFile);
Authenticate Password
Public and private keys authentication use Public Key Authentication with SSH
let's see the following JSch example to transfer a file from the local system to a remote server
1.2.3.4, authenticate using an SSH password.
SFTPFileTransfer.java
1. import com.jcraft.jsch.*;
2. public class SFTPFileTransfer
3. {
4. private static final String REMOTE_HOST = "1.2.3.4";
5. //variable for user name
6. private static final String USERNAME = "";
7. //variable for password
8. private static final String PASSWORD = "";
9. //port number for SFTP
10. private static final int REMOTE_PORT = 22;
11. private static final int SESSION_TIMEOUT = 10000;
12. private static final int CHANNEL_TIMEOUT = 5000;
13. public static void main(String args[])
14. {
15. String localFile = "/home/javatpoint/local/random.txt";
16. String remoteFile = "/home/javatpoint/remote/afile.txt";
17. Session jschSession = null;
18. try
19. {
20. JSch jsch = new JSch();
21. jsch.setKnownHosts("/home/javatpoint/.ssh/known_hosts");
22. jschSession = jsch.getSession(USERNAME, REMOTE_HOST, REMOTE_PORT);
23. // authenticate using private key
24. // jsch.addIdentity("/home/javatpoint/.ssh/id_rsa");
25. // authenticate using password
26. jschSession.setPassword(PASSWORD);
27. // 10 seconds session timeout
28. jschSession.connect(SESSION_TIMEOUT);
29. Channel sftp = jschSession.openChannel("sftp");
30. // 5 seconds timeout
31. sftp.connect(CHANNEL_TIMEOUT);
32. ChannelSftp channelSftp = (ChannelSftp) sftp;
33. // transfer file from local to remote server
34. channelSftp.put(localFile, remoteFile);
35. // download file from remote server to local
36. // channelSftp.get(remoteFile, localFile);
37. channelSftp.exit();
38. }
39. catch (JSchException | SftpException e)
40. {
41. e.printStackTrace();
42. }
43. finally
44. {
45. if (jschSession != null)
46. {
47. jschSession.disconnect();
HTTP (Hyper Text Transfer Protocol)
HTTP is TCP/IP based communication protocol, which is used to deliver the data like image
files, query results, HTML files etc on the World Wide Web (WWW) with the default port is
TCP 80. It provides the standardized way for computers to communicate with each other.
It is the protocol that allows web servers and browsers to exchange data over the web.
It is a request response protocol.
It uses the reliable TCP connections by default on TCP port 80.
It is stateless means each request is considered as the new request. In other words, server
doesn't recognize the user by default.
ADVERTISEMENT
There are three fundamental features that make the HTTP a simple and powerful protocol used
for communication:
HTTP is media independent: It specifies that any type of media content can be sent by HTTP as
long as both the server and the client can handle the data content.
HTTP is connectionless: It is a connectionless approach in which HTTP client i.e., a browser
initiates the HTTP request and after the request is sent the client disconnects from server and
waits for the response.
HTTP is stateless: The client and server are aware of each other during a current request only.
Afterwards, both of them forget each other. Due to the stateless nature of protocol, neither the
client nor the server can retain the information about different request across the web pages.
The Basic Architecture of HTTP (Hyper Text Transfer Protocol):
The below diagram represents the basic architecture of web application and depicts where HTTP
stands:
48.
49. }
50. }
51. System.out.println("Done");
52. }
53. }
Output:
Done
Note that the Jar file should be properly attached, else you will get error.
HTTPS
This protocol is also called HTTP over SSL because the HTTPS communication protocols are
encrypted using the SSL (Secure Socket Layer).
Those websites which need login credentials should use the HTTPS protocol for sending the
data.
It allows users to create a secured encrypted connection and helps them to protect their
information from being stolen.
2. This protocol operates at the application layer. 2. This protocol operates at the transport layer.
3. The data which is transferred in HTTP is plain 3. The data which is transferred in HTTPS is
text. encrypted, i.e., ciphertext.
4. By default, this protocol operates on port 4. By default, this protocol operates on port number
number 80. 443.
5. The URL (Uniform Resource Locator) of HTTP 5. The URL (Uniform Resource Locator) of HTTPS start
start with http:// with https://
8. The speed of HTTP is fast as compared to HTTPS. 8. The speed of HTTPS is slow as compared to HTTP.
10. Examples of HTTP websites are Educational 10. Examples of HTTPS websites are shopping
Sites, Internet Forums, etc. websites, banking websites, etc.
Advantages of HTTPS
Following are the advantages or benefits of a Hypertext Transfer Protocol Secure (HTTPS):
Disadvantages of HTTPS
Following are the disadvantages or limitations of a Hypertext Transfer Protocol Secure
(HTTPS):
The big disadvantage of HTTPS is that users need to purchase the SSL certificate.
The speed of accessing the website is slow because there are various complexities in
communication.
Users need to update all their internal links.
Router Definition
Advertisement
Due to its extensive spread, a WAN typically requires a variety of routers and switches.
A router builds networks and manages data flow within and across such networks, even if a
modem connects those networks to the Internet.
By decoding the signals from an ISP and translating them into digital signals that any connected
device can comprehend, modems provide a connection to the Internet. To connect to the Internet,
one device just has to plug into a modem; alternatively, a router may assist in spreading this
signal across several devices connected to an existing network, enabling them to all connect to
the Internet simultaneously.
Sanvi, however, is equipped with a modem. She can access the Internet using one device (such
as her laptop for business). Still, she cannot share that Internet connection between several
devices (such as her laptop and smartphone). Ananya currently has a modem and a router. By
setting up a LAN with both her devices, she may simultaneously connect her desktop computer,
tablet, and smartphone to the Internet.
2. Edge Router
A network's edge router, sometimes called a gateway router or simply "gateway," is its final
point of contact with other networks, including the Internet.
Edge routers are built to connect to other routers and are bandwidth-optimized for distributing
data to consumers. Edge routers typically don't provide Wi-Fi or complete network management
features. They normally only feature Ethernet ports, which have many outputs for connecting
more routers and one input for connecting to the Internet.
Although the phrases "modem" and "edge router" can be used interchangeably, manufacturers
and IT experts no longer regularly use the latter term to describe edge routers.
4. Wireless Router
Residential gateways, often known as wireless routers, combine the roles of edge routers and
distribution routers. These routers are typical for use with home networks and the Internet.
Full-featured wireless routers are normally included as standard equipment from service
providers. But, even if your small business has access to an ISP's wireless router, you should
utilize a business-level router to benefit from the superior wireless performance, additional
connectivity options, and security.
5. Virtual Router
Virtual routers are software that enables the cloud-based virtualization and service delivery of
various router functionalities. These routers are perfect for large companies with complex
network requirements. They provide flexibility, simple scaling, and a lower barrier to entry. Less
administration of local network hardware is an additional advantage of virtual routers.
2. Bandwidth
Enough bandwidth is necessary for a good user experience.
It guarantees optimum performance for numerous users, although the more users, the more
bandwidth is required.
If more routers or hubs are needed, you can expand your company's network, but insufficient
bandwidth can create bottlenecks throughout the whole network.
3. Wireless capability
Although Wi-Fi is given, there are several standards.
Wi-Fi 6 (802.11ax), the most recent standard, may give substantially faster transmission speeds,
especially when several access points (such as devices or extra routers) are simultaneously
linked.
However, many producers now give smartphone applications uniquely created for their products,
offering more user-friendly interfaces and a simpler setup.
5. Security
At the very least, your router must support WPA or WPA 2. Also, some routers have firewall
software that checks incoming data for viruses and malware. Another fundamental technique is
MAC (Media Access Control) address filtering, which uses device-specific identifiers to screen
people and create a safelist or denylist for network access.
6. Flexibility
Think about routers with a power over Ethernet (PoE) port or more. Wireless access points, VoIP
phones, IP cameras, and other external devices may all get data and power using PoE. PoE
minimizes cabling and gives your networks more flexibility.
7. Automatically updating
To ensure performance and security, routers' software has to be updated. Software updates from
many manufacturers occur automatically, which is ideal because it happens in the background
without requiring your involvement.
9. Guest networks
Guest networks are a crucial additional layer of protection for customers needing Wi-Fi
connectivity while in the establishment. A guest network will provide connection to guests while
restricting access to the company's equipment and files.
A mesh network is a superior option since it lets you install several Wi-Fi transmitters across
your business while keeping them all on the same network. Mesh networks need a router with
this feature built-in, unlike extenders, which you may use with any wireless router.
SSH stands for Secure Shell or Secure Socket Shell. It is a cryptographic network protocol that
allows two computers to communicate and share the data over an insecure network such as the
internet. It is used to login to a remote server to execute commands and data transfer from one
machine to another machine.
The SSH protocol was developed by SSH communication security Ltd to safely communicate
with the remote machine.
Its security features are widely used by network administrators for managing systems and
applications remotely.
ADVERTISEMENT
The SSH protocol protects the network from various attacks such as DNS spoofing, IP source
routing, and IP spoofing.
A simple example can be understood, such as suppose you want to transfer a package to one of
your friends. Without SSH protocol, it can be opened and read by anyone. But if you will send it
using SSH protocol, it will be encrypted and secured with the public keys, and only the receiver
can open it.
Before SSH:
After SSH:
Usages of SSH protocol
The popular usages of SSH protocol are given below:
As discussed above, it was initially developed to replace insecure login protocols such as Telnet,
rlogin, and hence it performs the same function.
The basic use of SSH is to connect a remote system for a terminal session and to do this,
following command is used:
1. ssh UserName@SSHserver.test.com
The above command enables the client to connect to the server, named server.test.com, using the
ID UserName.
If we are connecting for the first time, it will prompt the remote host's public key fingerprint and
ask to connect. The below message will be prompt:
To continue the session, we need to click yes, else no. If we click yes, then the host key will be
stored in the known_hosts file of the local system. The key is contained within the hidden file by
default, which is /.ssh/known_hosts in the home directory. Once the host key is stored in this
hidden file, there is no need for further approval as the host key will automatically authenticate
the connection.
Version 1.x: The first version of SSH was launched in the year 1995 and designed by Tatu Ylönen,
who was the researcher at the Helsinki University of Technology, Finland. It was known as SSH-
1. In this version, there were several issues, and hence it got depreciated.
Version 2.x: The second version is known as SSH-2, the current version of the SSH protocol. In
2006, it was opted as a Standards Track specification by the Internet Engineering Task Force
(IETF). This version is not compatible with the SSH-1 protocol. It has better security features
compared to SSH-1.
Version 1.99: Version 1.99 is specified as the proto version of 2.1. It is not the actual version but
a way to identify the backward compatibility.
1. Transport Layer
2. User-authentication layer
3. Connection Layer
The SSH protocol architecture is an open architecture; hence it provides great flexibility and
enables SSH use for many other purposes instead of only a secure shell. In the architecture, the
transport layer is similar to the transport layer security (TLS). The User-authentication layer can
be used with the custom authentication methods, and the connection layer allows multiplexing
different secondary sessions into a single SSH connection.
Transport Layer
The transport layer is the top layer of the TCP/IP protocol suite. For SSH-2, this layer is
responsible for handling initial key exchange, server authentication, set up encryption,
compression, and integrity verification. It works as an interface for sending and receiving
plaintext packets with sizes up to 32, 768bytes.
As its name suggests, the user authentication layer is responsible for handling client
authentication and provides various authentication methods. The authentication is done at the
client-side; hence when a prompt occurs for a password, it usually for an SSH client rather than a
server, and the server responds to these authentications.
This layer includes various methods of authentication; these methods are:
Connection Layer
The connection layer defines various channels through which SSH services are provided. It
defines the concept of channels, channel requests, and global requests. One SSH connection can
host different channels simultaneously and can also transfer data in both directions
simultaneously. Channel requests are used in the connection layer to relay out-of-band channel-
specific data, for example, the altered size of a terminal window or the exit code of a server-side
process. The standard channel types of connection layer are:
Data
Text
Commands
Files
The files are transferred using the SFTP(Secure file transfer protocol), the encrypted version of
FTP that provides security to prevent any threat.
1. Symmetrical Encryption
2. Asymmetrical Encryption
3. Hashing
Symmetrical Encryption
Only one key can be used in symmetric encryption techniques to encrypt & decrypt messages
sent and received from the destination. This technique is also known as shared key encryption
because both devices use the same key to encrypt the data they send and decrypt the received
data.
This technique encrypts the entire SSH connection to prevent man-in-middle attacks. In this
technique, one issue arises at the time of initial key exchange. As per this problem, if a third
party is present during the key exchange, they could know the key and read the entire message.
The Key exchange algorithm is used to prevent this problem. With this algorithm, the secret
keys can be securely exchanged without an interception.
Asymmetrical Encryption
In asymmetrical encryption, two different keys are used for encryption and decryption, private
and public keys. The private key is private to the user only and cannot be shared with any other
user, whereas the public key is shared publicly. The public key is saved on the SSH server,
whereas the private key is saved locally on the SSH client; these two keys form a key pair. The
message encrypted with the public key can only decrypt with the corresponding private key.
It is a much secure technique as if a third party gets the public key, and they cannot decrypt the
message because they don't know the private key.
The asymmetrical encryption does not encrypt the complete SSH session. Instead, it is mainly
used for the key exchange algorithm of symmetric encryption. In this, before establishing a
connection, both systems (client and server) generate public-private key pairs temporarily and
then share their private keys to generate the shared secret key.
After establishing a secure symmetric connection, the server uses the public key to transmit it to
the client for authentication. The client can only decrypt the data if it has the private key, and
hence the SSH session establishes.
Hashing
In SSH, one-way hashing is used as the encryption technique, which is another form of
cryptography. The hashing technique is different from the above two methods, as it is not meant
by decryption. It generates the signature or summary of information. SSH uses HMAC(Hash-
based Message authentication) to ensure that messages are reached in complete and unmodified
form.
In this technique, each transmitted message must have a MAC, which uses three components:
symmetric key, packet sequence number, and message content. These three components form
the hash function that generates a string that doesn't have any meaning, and this string is sent to
the host. The host also has the same information, so they also generate a hash function, and if the
generated hash matches with the received hash, it means the message is not tempered.
These keys are related, but not identical keys. Each key performs a unique function, i.e., the
public key is used to encrypt, and the private key is used to decrypt. The sender uses the
recipient's public key to encrypt a message, and the recipient uses the private key to decrypt this
message. The use of two keys enables PKC to solve challenges faced in other cryptographic
techniques.
PKC is different from the symmetric key algorithm, which uses only one key to both encrypt and
decrypt. The two types of PKC algorithms are RSA (Rivest, Shamir, and Adelman) and Digital
Signature Algorithm (DSA). PKC encryption evolved to meet the growing need for secure
communication in multiple sectors such as the military, government offices, etc. This type of
cryptography has become an important element of modern computer security and a critical
component of the cryptocurrency system.
The keys of a pair are mathematically related, and their length is much longer than those used in
symmetric cryptography. So, it is not easy to decipher the private key from its pubic counterpart.
RSA is one of the most common algorithms for asymmetric encryption in use today.
Benefits of PKC:
One key cannot be derived from another key, and there is no need to exchange the keys
It allows to establish authentication of the sender by using PKC (digital signature)
It can be used to create a digital signature in the Operating System software such as
Ubuntu, Red Hat Linux packages distribution, etc.