6 Introduction to TCP/IP Flashcards

Question

Parts of the IP Address:

Answer 1

Each IP address is made up of two components: the network ID and the host ID. The network portion of the address always comes before the host portion. All host addresses on a network must be unique. On a routed network (such as the Internet), all network addresses must be unique as well. Neither the network ID nor the host ID can be set to all 0s. A host ID portion of all 0s means “this network.” Neither the network ID nor the host ID can be set to all 1s. A host ID portion of all 1s means “all hosts on this network,” commonly known as a broadcast address. Computers are able to differentiate where the network ID ends and the host address begins through the use of a subnet mask. This is a value written just like an IP address and may look something like 255.255.255.0. To communicate using IPv4, each computer is required to have an IP address and correct subnet mask. A third component, called a default gateway, identifies the IP address of the device that will allow the host to connect outside of the local network. This is typically your router, and it’s required if you want to communicate with computers outside of your local network.

Answer 2

Class A networks are defined as those with the first bit set as 0 (decimal values from 0 to 127) and are designed for very large networks. The default network portion for Class A networks is the first 8 bits, leaving 24 bits for host identification. Because the network portion is only 8 bits long (and 0 and 127 are reserved), there are only 126 Class A network addresses available. The remaining 24 bits of the address allow each Class A network to hold as many as 16,777,214 hosts. Default subnet mask: 255.0.0.0 Class B networks always have the first 2 bits set at 10 (decimal values from 128 to 191) and are designed for medium-sized networks. The default network portion for Class B networks is the first 16 bits, leaving 16 bits for host identification. This allows for 16,384 (214) networks, each with as many as 65,534 (216 – 2) hosts attached. Default subnet mask: 255.255.0.0 Class C networks have the first three bits set at 110 (decimal values from 192 to 223) and are designed for smaller networks. The default network portion for Class C networks is the first 24 bits, leaving 8 bits for host identification. This allows for 2,097,152 (221) networks, but each network can have a maximum of only 254 (28 – 2) hosts. Most companies have Class C network addresses. Default subnet mask: 255.255.255.0

Answer 3

The default subnet masks for each class of address are by no means the only subnet masks that can be used. To provide additional addressing flexibility, there is classless inter-domain routing (CIDR). This is just a fancy of way of saying, “You don’t have to use the default subnet masks.” From a practical standpoint, CIDR minimizes the concept of IP address classes and primarily focuses on the number of bits that are used as part of the network address. CIDR values: Subnet mask Notation 255.0.0.0 /8 255.128.0.0 /9 255.192.0.0 /10 255.224.0.0 /11 255.240.0.0 /12 255.248.0.0 /13 255.252.0.0 /14 255.254.0.0 /15 255.255.0.0 /16 255.255.128.0 /17 255.255.192.0 /18 255.255.224.0 /19 255.255.240.0 /20 255.255.248.0 /21 255.255.252.0 /22 255.255.254.0 /23 255.255.255.0 /24 255.255.255.128 /25 255.255.255.192 /26 255.255.255.224 /27 255.255.255.240 /28 255.255.255.248 /29 255.255.255.252 /30 The /8 through /15 notations can be used only with Class A network addresses; /16 through /23 can be used with Class A and B network addresses; /24 through /30 can be used with Class A, B, and C network addresses. You can’t use anything more than /30, because you always need at least 2 bits for hosts.

Answer 4

All addresses used on the Internet are called public addresses. Only one computer can use any given public address at one time. The problem is that the world ran out of public IP addresses while the use of TCP/IP was growing. To address this, a solution was devised to allow for the use of TCP/IP without requiring the assignment of a public address (to use private addresses). Private addresses are not routable on the Internet. They were intended for use on private networks only which freed us from the requirement that all addresses be globally unique. This essentially created an infinite number of IP addresses that companies could use within their own network walls. This created a new one problem. The private addresses that all of these computers have aren’t globally unique, but they need to be in order to access the Internet. A service called Network Address Translation (NAT) was created to solve this problem. NAT runs on your router and handles the translation of private, nonroutable IP addresses into public IP addresses. There are three ranges reserved for private, nonroutable IP addresses: Class / IP address range / Default subnet mask / Number of hosts A / 10.0.0.0–10.255.255.255 / 255.0.0.0 / 16.7 million B / 172.16.0.0–172.31.255.255 / 255.240.0.0 / 1 million C / 192.168.0.0–192.168.255.255 / 255.255.0.0 / 65,536

Answer 5

These private addresses cannot be used on the Internet and cannot be routed externally. The fact that they are not routable on the Internet is actually an advantage because a network administrator can use them essentially to hide an entire network from the Internet. This is how it works: The network administrator sets up a NAT-enabled router, which functions as the default gateway to the Internet. The external interface of the router has a public IP address assigned to it that has been provided by the ISP, such as 155.120.100.1. The internal interface of the router will have an administrator-assigned private IP address within one of these ranges, such as 192.168.1.1. All computers on the internal network will then also need to be on the 192.168.1.0 network. To the outside world, any request coming from the internal network will appear to come from 155.120.100.1. The NAT router translates all incoming packets and sends them to the appropriate client. This type of setup is very common today.

Answer 6

A DHCP server is configured to provide IP configuration information to clients automatically (dynamically), in what is called a lease. The client must periodically request a renewed lease or a new lease. The following configuration information is typically provided in a lease: IP address Subnet mask Default gateway (the “door” to the outside world) DNS server address Address Pool This is the range of addresses that the server can give out to clients. Lease Durations IP addresses given out by the DHCP server are leased to clients, and the lease has an expiration time. Before the lease expires, the client (if it’s online) will typically renegotiate to receive a new lease. If the lease expires, then the address becomes available to assign to another client. Address Reservations Some IP addresses can be reserved (it’s appropriately named a DHCP reservation) for specific clients, based on the client’s MAC address. This is particularly useful for devices that need to have a static IP address, such as printers, servers, and routers. Scope Options These provide extra configuration items outside of the IP address and subnet mask. The most common items are the address of the default gateway (the router) and DNS servers.

Answer 7

DHCP clients need to be configured to obtain an IP address automatically. This is done by going into the network card’s properties and then the TCP/IP properties. When the client boots up, it will not have an IP address. To ask for one, it will send a DHCP DISCOVER broadcast out on the network. If a DHCP server is available to hear the broadcast, it will respond directly to the requesting client using the client’s MAC address as the destination address.

Answer 8

Automatic Private IP Addressing (APIPA) is a TCP/IP standard used to automatically configure IP-based hosts that are unable to reach a DHCP server. APIPA addresses are in the 169.254.0.0–169.254.255.255 range, with a subnet mask of 255.255.0.0. Typically, the only time that you will see this is when a computer is supposed to receive configuration information from a DHCP server but for some reason that server is unavailable. Even while configured with this address, the client will continue to broadcast for a DHCP server so that it can be given a real address once the server becomes available.

Answer 9

If a company wants to host its own website, it also needs to maintain two public DNS servers with information on how to get to the website. (Two servers are required for redundancy.) An advantage of using ISPs or web hosting companies to host the website is that they are then also responsible for managing the DNS servers. Each DNS server has a database, called a zone file, which maintains records of hostname to IP address mappings. Five columns of information are presented. From left to right, they are as follows: The name of the server or computer, for example, www. IN, which means Internet. The record type. The address of the computer. Comments, preceded by a semicolon. It’s used to make notes for the administrator without affecting functionality.

Answer 10

SOA - Start of Authority. It signifies the authoritative DNS server for that zone. NS - Name Server. It’s the name or address of the DNS server for that zone. Helps point to where internet applications like a web browser can find the IP address for a domain name. MX - Mail Exchange. It’s the name or address of the email server. Shows where emails for a domain should be routed to; makes it possible to direct emails to a mail server. A - The "A" in A record stands for "address." An A record shows the IP address for a specific hostname or domain. CNAME - Canonical Name. It’s an alias; it allows multiple names to be assigned to the same host or address. TXT - Text record. Used to enter human-readable or machine-readable data. Today, text records are used primarily for email spam prevention and domain ownership verification.

Answer 11

DNS, through the use of TXT records, can help email servers determine if incoming messages are from a trusted source. Three standards used to battle email spam are Sender Policy Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC). SPF authenticates an email server based on its IP address. In an SPF TXT record, the administrator specifies all servers that are legitimate email senders for that domain, based on their IP addresses. DKIM authenticates using encryption through a public-private key pair. Each email sent by the server includes a digital signature in the headers, which has been encrypted by the server’s private key. When the receiving email server gets the message, it finds the server’s registered public key, which is used to decrypt the message. If the key pair is incorrect, the message is flagged as a fake. DMARC builds on both SPF and DKIM and essentially combines them together into one framework. It’s not an authentication method , it allows a domain owner to decide how they want email from their domain to be handled if it fails either an SPF or a DKIM authentication. Options include doing nothing, quarantining the email (sending to a spam folder), or rejecting the email.

Answer 12

A new version of TCP/IP has been developed, called IPv6. It uses 128-bit addresses. It’s backward compatible with and can run on the computer at the same time as IPv4. IPv6 doesn’t use a subnet mask. The new address is composed of eight 16-bit fields, each represented by four hexadecimal digits and separated by colons. The letters in an IPv6 address are not case sensitive. IPv6 uses three types of addresses: unicast, anycast, and multicast. A unicast address identifies a single node on the network. An anycast address refers to one that has been assigned to multiple nodes. A multicast address is one used by multiple hosts, and is used to communicate to groups of computers. Address Ranges: 0:0:0:0:0:0:0:0 Equals ::, and is equivalent to 0.0.0.0 in IPv4. It usually means that the host is not configured. 0:0:0:0:0:0:0:1 Also written as ::1. Equivalent to the loopback address of 127.0.0.1 in IPv4. 2000::/3 Global unicast address range for use on the Internet. FC00::/7 Unique local unicast address range. FE80::/10 Link local unicast range. FF00::/8 Multicast range.

Answer 13

Virtual local area networks (VLAN) Virtual private networks (VPN)

Answer 14

The virtual local area network (VLAN) is designed to help segment physical networks into multiple logical (virtual) networks. VLANs are created by using a managed switch. The switch uses Spanning Tree Protocol (STP) to manage configurations and to ensure that there are no infinite network loops. A VLAN can provide the following benefits: Broadcast traffic is reduced. Physical network segments can be logically subdivided, reducing broadcast traffic and speeding network performance. Security is increased. Computers on the same physical network can be isolated from each other to provide an additional layer of security. Computers in multiple locations can belong to the same VLAN. This is one major thing that routers can’t do with subnetting. With multiple switches configured appropriately, computers at different physical locations can be configured to be on the same VLAN. Reconfiguring networks is easier. With VLANs, if someone moves physical desk locations, their VLAN membership can carry with them, so there is less network reconfiguration needed.

Answer 15

A VPN is a secure (private) network connection that occurs through a public network. The private network provides security over an otherwise unsecure environment. VPNs can be used to connect LANs together across the Internet or other public networks, or they can be used to connect individual users to a corporate network. From the server side, a VPN requires dedicated hardware or a software package running on a server or router. Clients use specialized VPN client software to connect, most often over a broadband Internet link.

Answer 16

User datagram protocol (UDP) sends data without establishing a verified connection to the target destination, making it a connectionless protocol. Due to this lack of verified connection, the UDP protocol is also considered unsecure.