|
|
2.3. EncapsulationAs we shall see later in the text, the notion of encapsulation is fundamental to tunneling and VPNs. We needn't wait until we discuss tunnels to see encapsulation in action, however. As data travels down the stack on its way to the network cable or other media, each layer adds a header and, possibly, a trailer to the data. We say that each layer encapsulates the data from the previous layer. This notion is illustrated in Figure 2.3, which shows data for a TCP session moving through the stack. The data that, say, the user types in at the console is encapsulated by the application layer, which adds an application header. When the encapsulated application data enters the transport layer, it is encapsulated into a TCP segment by the addition of a TCP header. Similarly, when the TCP segment arrives at the network layer, IP adds its own header, encapsulating the TCP segment into an IP datagram. Finally, when the IP datagram gets to the interface layer, the Ethernet driver encapsulates it in an Ethernet frame by adding a header and trailer. Figure 2.3. Data Encapsulation in the TCP/IP Stack
As it moves up the stack at the destination, data is decapsulated at each layer so that that layer sees exactly the same data as its peer. For example, when a TCP segment arrives at the destination host and moves up the stack to the transport layer, TCP will see exactly the same data as that sent by TCP on the source host. Similarly, the application layer will see the same data that the application on the source host sent. It is in this sense that the peer transport and application layers are logically directly connected. Whatever the lower layers on the source host do to the data, the lower layers on the destination host undo. It is important to be aware that, at the network and interface layers, the peer is the next hop, not the ultimate destination, as shown in Figure 2.2. The network layer at the source host is carrying on a conversation with the router at the next hop, not the destination host. As the IP datagrams move through each router, the router changes some of the fields in the IP header, so that the IP layer at the destination host will not, in general, see the same data that the source host sent. Each hop's network layer will see the exact data that the previous hop sent. Figure 2.4 shows a tcpdump of data, such as that depicted in Figure 2.3, as it enters the interface layer. That is, the dump of the data is just before the Ethernet framing is added. We'll look at each stage of the encapsulation as we cover the relevant protocols. For now, note the data in boldface on lines 1.4 and 1.5. This is the encapsulated application data. As shown in Figure 2.5, the first 4 bytes are the length of the user data (0x11 = 17), followed by 17 bytes of user data. Figure 2.5. Encapsulated Application Data
|
|
|
.5000: P
1146985371:1146985392(21) ack 1409259751 win 57920
<nop,nop,timestamp 51296 889418481> (DF)