Options
Question ? TCP/IP and ACL
Manglian
Member Posts: 58 ■■□□□□□□□□
in CCNA & CCENT
Please answer my question and correct me if I am wrong
What I understand is Transmission Control Protocol ( TCP ) does the following
Error recovery
Flow control
segmentation
Multiplexing
etc
TCP accomplish these functions through mechnasim at the endpoint computers. TCP relies on IP for end-to-end delivery of data.
When data Packets are sent to other networks, IP header AND Transmision layer protocol header ( TCP or UDP ) are sent with in this IP packet because of encapsulation. TCP/ UDP not only sends its header with every IP Packet but also stays at the end point for other funcitons like Segmentation or multiplexing or Error recovery
So it means every IP Packet which routes around has TCP or UDP header as well as their source and destination port regardless type of application.
For example when we say that FTP is using TCP it means every IP Packet would have TCP header as well and if we use TFTP every IP Packet Would have UDP header.
When we use TCP or UDP We specifically say in ACL commands that TCP or UDP for application to permit or deny packets for FTP or TFTP. Why we do that because every IP Packet have TCP or UDP header and source/ destination ports any way?.
Secondly, since Protocol field in IP Packets have other protocols as well apart from TCP , UDP
will ip packet still have tcp or udp header and their source and destination ports ?
I dont know if I have made a point here or not but every reply would help
What I understand is Transmission Control Protocol ( TCP ) does the following
Error recovery
Flow control
segmentation
Multiplexing
etc
TCP accomplish these functions through mechnasim at the endpoint computers. TCP relies on IP for end-to-end delivery of data.
When data Packets are sent to other networks, IP header AND Transmision layer protocol header ( TCP or UDP ) are sent with in this IP packet because of encapsulation. TCP/ UDP not only sends its header with every IP Packet but also stays at the end point for other funcitons like Segmentation or multiplexing or Error recovery
So it means every IP Packet which routes around has TCP or UDP header as well as their source and destination port regardless type of application.
For example when we say that FTP is using TCP it means every IP Packet would have TCP header as well and if we use TFTP every IP Packet Would have UDP header.
When we use TCP or UDP We specifically say in ACL commands that TCP or UDP for application to permit or deny packets for FTP or TFTP. Why we do that because every IP Packet have TCP or UDP header and source/ destination ports any way?.
Secondly, since Protocol field in IP Packets have other protocols as well apart from TCP , UDP
will ip packet still have tcp or udp header and their source and destination ports ?
I dont know if I have made a point here or not but every reply would help
Comments
-
Options
gojericho0
Member Posts: 1,059 ■■■□□□□□□□
Manglian wrote:
When we use TCP or UDP We specifically say in ACL commands that TCP or UDP for application to permit or deny packets for FTP or TFTP. Why we do that because every IP Packet have TCP or UDP header and source/ destination ports any way?.
Its done to specify which transport protocol and application to permit or denyManglian wrote:Secondly, since Protocol field in IP Packets have other protocols as well apart from TCP , UDP
will ip packet still have tcp or udp header and their source and destination ports ?
Nope, for example IP will encapsulate ICMP or GRE. These applications replace TCP or UDP information -
OptionsManglian
Member Posts: 58 ■■□□□□□□□□
Thanks for your reply , but in Case of ICMP where is TCP/IP encapsulation which says every frame at that data link layer will have Transport layer header and IP header. Because When we say TCP OR UDP are required to do segmentation as well. HOW DIFFERENT ICMP PACKET WILL BE SEQUECED AND NUMBERED WHEN THEY REACH AT DESTINAMTJION ? WITHOUT TCP OR IF WE DONT SEQ OR NUM HOW WILL THE MESSAGE WILL BE CONSTRUCTED ON OTHER ENDPOINT
Thanks -
Options
remyforbes777
Member Posts: 499
Its done to specify which type of traffic you want to allow or deny based on port number. If you didn't specify that it would deny all the traffic from that host. Not every packet has a udp or tcp header. You can block layer three level traffic as well.Remington Forbes
www.blacksintechnology.net -
Optionsgojericho0
Member Posts: 1,059 ■■■□□□□□□□
Manglian wrote:Thanks for your reply , but in Case of ICMP where is TCP/IP encapsulation which says every frame at that data link layer will have Transport layer header and IP header. Because When we say TCP OR UDP are required to do segmentation as well. HOW DIFFERENT ICMP PACKET WILL BE SEQUECED AND NUMBERED WHEN THEY REACH AT DESTINAMTJION ? WITHOUT TCP OR IF WE DONT SEQ OR NUM HOW WILL THE MESSAGE WILL BE CONSTRUCTED ON OTHER ENDPOINT
Thanks
ICMP is not part of the TCP/IP suite. Not everything will use TCP or UDP -
Optionsremyforbes777
Member Posts: 499
gojericho0 wrote:Manglian wrote:Thanks for your reply , but in Case of ICMP where is TCP/IP encapsulation which says every frame at that data link layer will have Transport layer header and IP header. Because When we say TCP OR UDP are required to do segmentation as well. HOW DIFFERENT ICMP PACKET WILL BE SEQUECED AND NUMBERED WHEN THEY REACH AT DESTINAMTJION ? WITHOUT TCP OR IF WE DONT SEQ OR NUM HOW WILL THE MESSAGE WILL BE CONSTRUCTED ON OTHER ENDPOINT
Thanks
ICMP is not part of the TCP/IP suite. Not everything will use TCP or UDP
Its part of the Internet Protocol (IP) suite.Remington Forbes
www.blacksintechnology.net