The Illustrated Network : How TCP/IP works in a modern network

Tue, 03/03/2009 - 12:43 by Olivier Bonaventure • Categories:

Fifteen years ago, Richard Stevens wrote the first volume of TCP/IP Illustrated. In his book, he took a different approach than the existing books. Instead of describing TCP/IP from a theoretical viewpoint, he took an "exploratory" approach. He set up a small network and looked at the packets exchanged to explain in details the core IPv4 and TCP protocols. Today, the TCP/IP protocol suite has changed significantly with the introduction of IPv6, new applications and changes to many of the Internet protocols.

In "The Illustrated Network", Walter Goralski used Stevens' approach. He first created a test network with 8 Juniper routers and 8 hosts running recent operating systems (Linux, BSD, Windows client and server) with Ethernet switches. Stevens used only a small network with a few Unix hosts. Goralski's network contains several recent routers that are used to also discuss routing protocols and MultiProtocol Label Switching.

Stevens choose to present a small number of protocols with many details. In contrast, Goralski presents many more protocols, ranging from the classical IP or TCP to routing protocols (RIP, OSPF, BGP) MPLS or application-level protocols (DNS, SSH, HTTP). The Illustrated Network is divided in seven parts. The first part describes the basics (layering, network technologies with a coverage of Ethernet, SONET, 802.11). The second part covers the core protocols (IPv4 and IPv6, ICMP, ARP, routing/forwarding, TCP and UDP). Each chapter contains a description of the corresponding protocol and is illustrated by traces or examples from the test network used throughout the book. Given the growing interest in IPv6, it is important to cover it with the same depth as IPv4, while most books still focus mainly on IPv4. The main topics for each protocol are covered and there are references to most of the relevant RFCs. Concerning TCP, the congestion control mechanisms (slow-start, congestion avoidance) are unfortunately not discussed in details. The third part describes in details the unicast and multicast routing protocols. This is an important addition compared to Stevens' book and reflects the operation of existing ISP networks. Each protocol is described based on the RFCs and configuration examples from the test network show how each routing protocol can be deployed. MultiProtocol Label Switching (MPLS) is also discussed. The fourth part discusses application layer protocols. DHCP (not really an application layer protocol from the reviewer's viewpoint), FTP, DNS, SMTP, HTTP and SSL are discussed. Each protocol is illustrated by using packet traces that are also available from the book's website. The last parts focus on different topics. There is first a brief description of SNMP. This description focusses on the protocol. It could have been interesting to add information about how SNMP is used in practice by network operators. The security part describes SSH, NAT, firewalls, IPSec and MPLS-based Virtual Private Networks. The last part briefly discusses Voice Over IP by considering mainly a small test case. This subject could warrant en entire book and it is difficult to summarise everything about VoIP in twenty pages.

Goralski's book is recommended as a starting point about the practical utilisation of the TCP/IP protocols for networking professionals or students who have already learned the theoretical background about computer networks.