2.0 Networking! Flashcards
What is IP? And what does IP stand for?
IP stands for Internet Protocol. IP is the protocol by which data is sent from one computer to another on the internet.
IBID: IP is a set of rules that allows computers and other devices to communicate over the Internet.
There are several types of Internet Protocols including TCP, UDP, FTP, HTTP, HTTPS, SMTP etc. etc.
Each one has a specific purpose.
What is TCP? What does TCP stand for?
TCP stands for Transmission Control Protocol.
What is UDP? What does UDP stand for?
UDP stand for User Datagram Protocol.
TCP IP vs. UDP IP
TCP - Transmission Control Protocol
Primarily used for reliable data transmission, ensuring all packets are received in order
-formal process for setting up connection and tearing down connection after conversation is over.
-can handle errors, out-of-order messages and retransmission
-Flow control - the RECEIVER can manage how fast data is sent
UDP - User Datagram Protocol
Preferred for applications requiring low latency, like streaming video, as it prioritizes speed over guaranteed delivery (Low latency means small to no delay in sending and receiving the packet of data.)
- no formalized process to open the connection or tear it down after convo is over.
-no error handling, reordering of packets or retransmission
- Sender determines how fast data is sent, even if they are sending it too fast for receiver to receive it.
What is Latency?
Latency is the time it takes for a packet of data to go from source to destination. Latency is measured in milliseconds. Just 50 milliseconds of latency —less than one-tenth of one second — can result in poor network and application performance
HTTP or HTTPS
HyperText Transfer Protocol OR HyperText Transfer Protocol Secure -
The protocol used for transferring web pages between servers and clients
FTP
File Transfer Protocol
The protocol that enables file transfer between devices, allowing users to upload and download files.
One of the oldest protocols.
SMTP
Simple Mail Transfer Protocol -
Internet protocol that handles the sending of emails between servers
DNS
Domain Name System - -
Internet protocol that translates human-readable domain names into machine-readable IP addresses
bit vs. byte
bit – the smallest unit of
data. A bit is either a 0 or a 1.
0 means off, no, false
1 means on, yes, true
Byte – consists of 8 bits! It’s often used to represent a single character or a small amount of data.
how many addresses are on a “packet” that is sent over the internet?
Each IP packet will contain both the IP address of the device sending the packet and the IP address of the intended recipient
IPv4 & IPv6
- The fourth version of IP (IPv4 for short) was introduced in 1983.
- There are only so many possible permutations for IP addresses and the supply of available IPv4 addresses has become depleted.
- IPv6 addresses have many more characters and thus more permutations;
- IPv6 is not yet completely adopted, and most domains and devices still have IPv4 addresses.
What’s in an IP header?
A header is attached to every IP packet.
In total there are 14 fields for IPv4 headers - although one of them is optional
An IP header is just a series of bits (ones and zeros), and it records several pieces of information about the packet, including the sending and receiving IP address. IP headers also report: Header length,
Packet length, if a packet is fragmented, which transport protocol is being used (I.E. TCP, UDP) etc. etc. etc.
What is packet fragmentation?
Packet fragmentation refers to the process of dividing an IP packet into smaller fragments when the packet size exceeds the maximum transmission unit (MTU) of the network path.
These packets are then reassembled when the packets reach their destination.
What are the 14 fields in an IPv4 header?
- Version: which IP version we are using (always 4 for IPv4)
- Header Length: tells us the length of the IP header . . . This field is also called the Internet Header Length (IHL).
- Type of Service aka Differentiated Services Code Point (DSCP): used for VoIP?
- ECN-This field allows end-to-end notification of network congestion without dropping packets.
- Total Length: Total size of the IP packet (header and data) in bytes.
- Identification: each fragmented packet will use the same 16 bit identification number to identify to which IP packet they belong.
- IP Flags: These 3 bits are used for fragmentation:
1st is always set to 0.
2nd is called the DF (Don’t Fragment) bit and indicates that this packet should not be fragmented.
3rd is called the MF (More Fragments) bit and is set on all fragmented packets except the last one. - Fragment Offset: the position of the fragment in the original packet.
- Time to Live: Decremented by 1, each router the packet passes through. Once it hits 0 the router will drop the packet and sends an ICMP time exceeded message to the sender. It’s used to prevent packets from looping around forever
- Protocol: tells us which protocol is enapsulated in the IP packet, for example TCP has value 6 and UDP has value 17.
- Header Checksum: Error detection for the header.
- Source Address: source IP address.
- Destination Address: destination IP address.
- IP Option: this field is not used often, is optional and has a variable length. An example of a possible option is “source route” where the sender requests for a certain routing path.
200, 503 and 400 are examples of what?
HTTP response status codes
100 – 199 Informational
200 - 299 Successful
300 - 399 Redirection messages
400 - 499 Client error responses
500 - 599 Server error responses
What is ICMP?
ICMP = Internet Control Message Protocol
used to communicate data transmission errors.
- ICMP sends messages from the receiver to the sender when data doesn’t arrive as expected. For example, if a message is too long or data packets arrive out of order, the receiver uses ICMP to inform the sender and request a resend.
- ICMP works on the network layer of the OSI model (layer 3) - same as IP
- - ICMP is also commonly used for pinging a device to check connectivity
Explain how different network protocols and data are embedded
First layer - IP header and payload
2nd - in side that ^ payload you could have TCP header and TCP payload
3rd - inside that ^ payload you could have HTTP header and HTTP data
TCP and UDP are also called “transport layer protocols”
Sounds like 1st layer is IP and 2nd layer is TCP or UDP and 3rd layer is something like HTTPS, FTP, SMTP etc. I could be wrong on this, but that’s how it’s sounding.
What are OSI Layers and how do they work?
There are 7 OSI layers.
1. Application Layer,
2. Presentation Layer,
3. Session Layer,
4. Transport Layer - (this is where TCP and UDP opperate)
5. Network Layer,
6. Data Link Layer,
7. Physical Layer
- Each layer communicates with the layer above and below it.
- Different network protocols operate at different layers of the OSI model.
- Data is encapsulated with additional information at each layer as it moves thru the stack until it gets to the physical layer where it is sent over wires or wirelessly.
On the receiving side - as you move thru the stack data is decapsulated (removed), until the data gets to the application where the application can use the data that is received.
What are the 7 OSI layers? What does each layer do? What are examples of protocols that operate at that layer?
- <b>Physical Layer:</b>
Responsible for converting digital data into electrical signals that can be transmitted over a physical medium. \n
<b>Protocols:</b>RS-232, Ethernet, FiberOptic - <b>Data Link Layer:</b>
Manages error detection and correction within a local network(LAN), ensure data delivery on devices within the same network. Deals with MAC addresses <b>Protocols:</b>Ethernet(IEEE802.3), Wi-Fi (802.11), PPP, et al. - <b>Network Layer:</b>
Routes packets by determining the best path to reach the destination. Routing data packets between different networks. Deals with IP addresses <b>Protocol:</b>Internet Protocol (IP) mainly, but also ICMP - <b>Transport Layer:</b>
Ensures data delivery by managing the flow of data segments, including error checking and retransmission if needed.
<b>Protocols:</b> TCP, UDP, - <b>Session Layer:</b>
setting up, coordinating, and terminating sessions between applications on different devices.
<b>Protocols:</b> NetBIOS, AppleTalk(ASP), PPTP, etc. - <b>Presentation Layer:</b>
converts data from a complex format into one that the application layer can understand, including data formatting, compression, encryption, decryption and translation
<b>Protocols:</b>JPEG, SSL (Secure Socket Layer), TLS (Transport Layer Security), GIF, ASCII etc. - <b>Application Layer:</b>
Directly interacts with user applications, providing network services like email, file transfer, and web browsing.
<b>Protocols:</b>HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol), SMTP (Simple Mail Transfer Protocol), DNS (Domain Name System), SSH (Secure Shell), POP3 (Post Office Protocol 3) etc.
What is multiplexing (when it comes to networking)?
Having many applications on your system talking to a separate server simultaneously. This is accomplished thru network protocols (specifically UDP&TCP?) that keep the data separate from each other, but also allow data to go EXACTLY where it’s supposed to.
What are DHCP and TFTP and what do they have in common?
DHCP = Dynamic Host Configuration Protocol
TFTP = Trivial File Transfer Protocol
These are both “connectionless” protocols that use UDP (rather than TCP) at the transport layer.
With UDP communication, the application keeps track of what data was received and if they are missing data, or a lower level protocol (like DHCP) keeps track of missing data and asks for a resend.
IP address
Just like every house has an address, every computer on the internet has an address. This is the IP address.
IP address vs. MAC address
An IP address identifies a device globally on the internet, while a MAC address identifies a device only on its local network (LAN).
** Scope & Usage: IP address is global, while MAC address is local.
** Assignment: IP addresses can be dynamically assigned by a network, while MAC addresses are permanently assigned by the device manufacturer.
Each device on a LAN has a unique IP, but the first part of the IP address (network portion) will be the same for all devices on the same LAN.
IP addresses vs. ports
An IP address identifies a specific device on a network, while a port number identifies a specific application or service running on that device. IE, a port number tells you which application on that device to send data to
A port is essentially a virtual “door” on a device that directs incoming data to a particular application.
-It’s like a street address, and a port number is like an apartment number within that building.
**Sockets - an IP address & port number together form a “socket”.
When you need to connect to a specific service on a device, you use both the IP address and the port number, which is often written together as “IP address:port number”. For example: 192.168.1.10:80 - the first 9 numbers are the IP address and “80” is the port number.
** Port numbers are usually assigned to specific duties/services/applications:
Usually port 80 is used for web traffic and port 22 for SSH.
Example: you want to access a website on a server with the IP address “192.168.1.10”. To reach the website, you would use “192.168.1.10:80” because port 80 is typically used for web traffic.
What is multiplexing? How does it use ports?
Multiplexing is the process of combining multiple data streams into a single connection. In TCP/IP, it is achieved through the use of ports. By assigning unique port numbers to different applications or services, multiple data streams can be transmitted over a single connection. And then broken down into different ports once the data arrives at the receiving device.
Ports determine what service/application on a server will receive the data
Ports are used in TCP and UDP data transmission
Specific ports are usually associated with specific types of data/services/applications. 80 is usually for HTTP and 443 is for HTTPS.
ephemeral defenition
ephemeral - lasting a very short time
ephemeral vs. non-ephemeral ports
Non-ephemeral ports are permanent port numbers that are assigned to a specific application or service and do not change. For example, a web server will always use port 80 to provide its services
** Most servers (services) will use non-ephemeral port numbers, aka “well known” port numbers. This is standard, but there are exceptions.
** most clients will use ephemeral ports when communicating with a server.
Ephemeral ports are temporary, short-lived ports assigned by the operating system for the duration of a communication session. The OS randomly selects these ports from a predefined range. Once the communication session is completed, the ephemeral ports are returned to the pool for future use.
What is the range of port numbers ?
What ranges are typically used for what activities?
3 distinctions
Port numbers range from 0 to 65,535:
Ports 0–1023:
System or well-known ports (non-ephemeral)
Ports 1024–49,151:
User or registered ports
Ports 49,152–65,535:
Dynamic, private, or ephemeral ports
what is a port scanner
scans a server and finds all the open ports
TCP vs. UDP port numbers
TCP port numbers aren’t the same as UDP port numbers.
This means that there could be a TCP service running on port 80 and a completely different service running on UDP port 80. But ppl don’t tend to do this in normal operation (use the EXACT same number) because it’s confusing.
What is happening in this scenario:
Server:
10.0.0.2
Client (laptop):
10.0.0.1
Source IP: 10.0.0.1
Destination IP: 10.0.0.2
TCP Source port: 3000
TCP Dest. Port: 80
HTTP data
The client (the laptop) is sending http data to the server. Http data is sent using the TCP protocol so that’s why we’re using TCP ports. If we were sending VoIP data, we would be using UDP ports.
notice how the server port is ‘well known’ and the client port is pretty random
