What do you think?
Rate this book
TCP/IP Illustrated, Volume 1: The Protocols
"For an engineer determined to refine and secure Internet operation or to explore alternative solutions to persistent problems, the insights provided by this book will be invaluable." --Vint Cerf, Internet pioneer TCP/IP Illustrated, Volume 1, Second Edition, is a detailed and visual guide to today's TCP/IP protocol suite. Fully updated for the newest innovations, it demonstrates each protocol in action through realistic examples from modern Linux, Windows, and Mac OS environments. There's no better way to discover why TCP/IP works as it does, how it reacts to common conditions, and how to apply it in your own applications and networks. Building on the late W. Richard Stevens' classic first edition, author Kevin R. Fall adds his cutting-edge experience as a leader in TCP/IP protocol research, updating the book to fully reflect the latest protocols and best practices. He first introduces TCP/IP's core goals and architectural concepts, showing how they can robustly connect diverse networks and support multiple services running concurrently. Next, he carefully explains Internet addressing in both IPv4 and IPv6 networks. Then, he walks through TCP/IP's structure and function from the bottom from link layer protocols-such as Ethernet and Wi-Fi-through network, transport, and application layers. Fall thoroughly introduces ARP, DHCP, NAT, firewalls, ICMPv4/ICMPv6, broadcasting, multicasting, UDP, DNS, and much more. He offers extensive coverage of reliable transport and TCP, including connection management, timeout, retransmission, interactive data flow, and congestion control. Finally, he introduces the basics of security and cryptography, and illuminates the crucial modern protocols for protecting security and privacy, including EAP, IPsec, TLS, DNSSEC, and DKIM. Whatever your TCP/IP experience, this book will help you gain a deeper, more intuitive understanding of the entire protocol suite so you can build better applications and run more reliable, efficient networks.
1057 pages, Kindle Edition
First published February 28, 2009
46 people are currently reading
536 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 7 of 7 reviews
May 11, 2020
I read it straight-through like a novel, so it's highly inappropriate to "review" it, but below are a few things I want to remember. If you're looking for a comment on the book's quality, note that the the end-of-chapter summaries are gems. Truly, it is hard to overstate what succinct punches these summaries throw.
Section 1.2.1 ("Layering") discusses the seven-layer OSI model, while acknowledging that the TCP/IP model won some heated debates in the 70s. Section 1.3.1 ("The ARPANET Reference Model") gives a TCP/UDP compare-and-contrast. IP-in-IP tunneling is referenced in Section 1.3.2 ("Multiplexing, Demultiplexing, and Encapsulation in Layered Implementations"), while link-in-link tunneling is introduced in Section 3.1 ("Introduction") and described in Section 3.9 ("Tunneling Basics"). Section 3.1 also spells out frame/packet/segment terminology.
The last paragraph of Section 2.6.2 ("Multicast"), which acknowledges the complexity of multicast addresses, was a relief after being confused for the previous fifteen pages.
The internet checksum described in Section 5.2.2.1 ("Mathematics of the Internet Checksum") is described as an abelian group by dropping the value 0x0000 from consideration. Note that leaving it in, one still has an inverse semigroup; since 0x0000 and 0xffff are sometimes viewed as the same value and sometimes not, it is probably foolish to try to put a rigorous algebraic structure on the construction. The Well-Known Prefix described in Section 7.6.2.1 ("IPv4-Converted and IPv4 Translatable Addresses") is checksum-neutral.
The forwarding table described in Section 5.4.1 ("Forwarding Table") is populated by a routing protocol and generally makes assumptions (like the nonexistence of loops) about the topology of the network.
Section 6.7 ("Summary") spells out the distinction between a host and router. Also, after getting nothing out of the Chapter, this was the first place (although sadly not the last) I was struck by how much the end-of-chapter summaries shine.
Section 16.1 ("Introduction") has an analysis of congestion that comes down to the fact that routers' finite storage means that anytime data is coming in faster that it can be passed on, some of the data must be dropped. While reading Section 16.3 ("Evolution of the Standard Algorithms"), it is natural to wonder how congestion is not an example of tragedy of the commons; it's still not clear to me even after reading about a lot of the different windowing algorithms.
The final paragraph of Section 18.13 ("Summary") describes the way security protocols must not depend on specific cryptographic suites, as experience and computational power inexorably reveal flaws.
my favorite quote: "When this happens, it is considered unsafe to avoid undoing the reduction of ssthresh, so the algorithm terminates."
Section 1.2.1 ("Layering") discusses the seven-layer OSI model, while acknowledging that the TCP/IP model won some heated debates in the 70s. Section 1.3.1 ("The ARPANET Reference Model") gives a TCP/UDP compare-and-contrast. IP-in-IP tunneling is referenced in Section 1.3.2 ("Multiplexing, Demultiplexing, and Encapsulation in Layered Implementations"), while link-in-link tunneling is introduced in Section 3.1 ("Introduction") and described in Section 3.9 ("Tunneling Basics"). Section 3.1 also spells out frame/packet/segment terminology.
The last paragraph of Section 2.6.2 ("Multicast"), which acknowledges the complexity of multicast addresses, was a relief after being confused for the previous fifteen pages.
The internet checksum described in Section 5.2.2.1 ("Mathematics of the Internet Checksum") is described as an abelian group by dropping the value 0x0000 from consideration. Note that leaving it in, one still has an inverse semigroup; since 0x0000 and 0xffff are sometimes viewed as the same value and sometimes not, it is probably foolish to try to put a rigorous algebraic structure on the construction. The Well-Known Prefix described in Section 7.6.2.1 ("IPv4-Converted and IPv4 Translatable Addresses") is checksum-neutral.
The forwarding table described in Section 5.4.1 ("Forwarding Table") is populated by a routing protocol and generally makes assumptions (like the nonexistence of loops) about the topology of the network.
Section 6.7 ("Summary") spells out the distinction between a host and router. Also, after getting nothing out of the Chapter, this was the first place (although sadly not the last) I was struck by how much the end-of-chapter summaries shine.
Section 16.1 ("Introduction") has an analysis of congestion that comes down to the fact that routers' finite storage means that anytime data is coming in faster that it can be passed on, some of the data must be dropped. While reading Section 16.3 ("Evolution of the Standard Algorithms"), it is natural to wonder how congestion is not an example of tragedy of the commons; it's still not clear to me even after reading about a lot of the different windowing algorithms.
The final paragraph of Section 18.13 ("Summary") describes the way security protocols must not depend on specific cryptographic suites, as experience and computational power inexorably reveal flaws.
my favorite quote: "When this happens, it is considered unsafe to avoid undoing the reduction of ssthresh, so the algorithm terminates."
February 14, 2014
This is the updated edition of the original TCP/IP Illustrated vol. 1, which was the definitive book on tcp/ip networks for about 10-15 years.
The new edition has a lot of the new stuff that has shown up in the meantime - ipv6, dnssec and other cryptographic protocols, dhcp, etc.. There are also small sub-chapters on security for each chapter.
The security chapters are very small, not very informative and even look misleading some times. Some mechanisms (like syncookies) have actually become the standard way of handling inbound TCP connections and deserve a more central place in the book.
There are a lot of such nitpicks, but my biggest issue with the book is the ordering of the material - a lot of stuff does forward-references, and there was no good reason to discuss DHCP before the router discovery of ipv6 and the idea of tcp services (e.g. it could easily have been one of the last chapters).
Not discussing the crpyto with the protocols it's used in (for example, dnssec with the dns) it makes it look like something optional, which is also a pretty bad idea from my POV.
Describing the server design for some protocols was a weird idea, and probably misplaced.
Removing the routing protocols in full might have been a mistake. There could've been a few less screenshots and space for at least the basic ideas of dynamic routing.
All in all, not a bad book, but definitely not on the level of the first edition.
The new edition has a lot of the new stuff that has shown up in the meantime - ipv6, dnssec and other cryptographic protocols, dhcp, etc.. There are also small sub-chapters on security for each chapter.
The security chapters are very small, not very informative and even look misleading some times. Some mechanisms (like syncookies) have actually become the standard way of handling inbound TCP connections and deserve a more central place in the book.
There are a lot of such nitpicks, but my biggest issue with the book is the ordering of the material - a lot of stuff does forward-references, and there was no good reason to discuss DHCP before the router discovery of ipv6 and the idea of tcp services (e.g. it could easily have been one of the last chapters).
Not discussing the crpyto with the protocols it's used in (for example, dnssec with the dns) it makes it look like something optional, which is also a pretty bad idea from my POV.
Describing the server design for some protocols was a weird idea, and probably misplaced.
Removing the routing protocols in full might have been a mistake. There could've been a few less screenshots and space for at least the basic ideas of dynamic routing.
All in all, not a bad book, but definitely not on the level of the first edition.
October 7, 2019
OK, this one ISN'T a page turner. I don't think most of us will be surprised. It's a little dated. I read sections of the prior edition a very long time ago. The fundamentals are still there and important. I learned a few things, and got clarity on others. I don't think this will make great party conversation, but that wasn't the point. Wasn't too much help with the CCIE Routing & Switching, Version 5.1 written exam, but still glad I read it.
July 18, 2015
Fantastic book about TCP/IP protocol. Though a little bit outdated, it remains the best book for people to understand the fundamental of Internet protocol
December 13, 2018
Really interesting and full of depth. This book needs to be re-read every few years.
December 25, 2022
A huge, extensive piece on protocols. Scanned through it during the preparation to the Coursera course on Cybersecurity
September 14, 2012
The best reference book for the TCP protocol. You can never go wrong with this book. The history of development of the internet and the protocol is an interesting read.
It unearths the long lost concepts which you forgot. It is right there with the Wireshark Series by Laura Chapell.
It unearths the long lost concepts which you forgot. It is right there with the Wireshark Series by Laura Chapell.
Displaying 1 - 7 of 7 reviews