Building Internet Firewalls

Building Internet FirewallsSearch this book
Previous: C.7 Application LayerAppendix C
TCP/IP Fundamentals
Next: C.9 The IP Address

C.8 Addressing, Routing, and Multiplexing

To deliver data between two Internet hosts, it is necessary to move the data across the network to the correct host, and within that host to the correct user or process. TCP/IP uses three schemes to accomplish these tasks:


IP addresses, which uniquely identify every host on the Internet, deliver data to the correct host.


Gateways deliver data to the correct network.


Protocol and port numbers deliver data to the correct software module within the host.

Each of these functions - addressing between hosts, routing between networks, and multiplexing between layers - is necessary to send data between two cooperating applications across the Internet. Let's examine each of these functions in detail.

To illustrate these concepts and provide consistent examples, we use an imaginary corporate network. This network's structure, or topology, is shown in Figure 13.16.

Figure 13.16: Sample network

Figure 13.16

The icons in the figure represent computer systems. There are, of course, several other imaginary systems on our imaginary network. You'll just have to use your imagination! But we'll use the hosts peanut (a workstation) and almond (a system that serves as a gateway) for most of our examples. The thick line is our computer center Ethernet, and the circle is the local network that connects our various corporate networks. The cloud is Milnet, one of the major segments of the Internet. What the numbers are, how they're used, and how datagrams are delivered are the topics of this appendix.

Previous: C.7 Application LayerBuilding Internet FirewallsNext: C.9 The IP Address
C.7 Application LayerBook IndexC.9 The IP Address