Ch. 6 TCP/IP Basics

Question 1

The _______ _______ (IP) works at the Internet layer, taking data chunks from the Transport layer, adding addressing, and creating the final IP packet. IP then hands the IP packet to Layer 2 for encapsulation into a frame. Let’s look at the addressing in more depth.

Answer 1

Internet Protocol

Question 2

All _____ block private IP addresses. Those addresses can never be used on the Internet, making them a handy way to hide systems. Anyone can use these private IP addresses, but they’re useless for systems that need to access the Internet—unless you use the mysterious and powerful NAT

Answer 2

routers

Question 3

The full IP packet header has __ different fields. As you would expect, the destination and source IP addresses are part of the Internet layer.

Answer 3

14

Question 4

The ______ (Ver) field defines the IP address type: 4 for IPv4, 6 for IPv6

Answer 4

version

Remember:

The full IP packet header has 14 different fields.

Ver 32 bits DSCP TTL TCP

Question 5

The total size of the IP portion of the packet in words (32 bits) is displayed in the _______ length field.

Answer 5

header

Remember:

The full IP packet header has 14 different fields.

Ver 32 bits DSCP TTL TCP

Question 6

The ____ field contains data used by bandwidth-sensitive applications like Voice over IP. (Network techs with long memories will note that this field used to be called the type of service field.)

Answer 6

DSCP - Differentiated services code point

Remember:

The full IP packet header has 14 different fields.

Ver 32 bits DSCP TTL TCP

Question 7

Implementations of routers on the Internet are not perfect and engineers sometimes create loops. The ____________ (TTL) field prevents an IP packet from indefinitely spinning through the Internet by using a counter that decrements by one every time a packet goes through a router. This number cannot start higher than 255; many applications start at 128.

Answer 7

Time to live (TTL)

Remember:

The full IP packet header has 14 different fields.

Ver 32 bits DSCP TTL TCP

Question 8

In the vast majority of cases, the _______ field is either TCP or UDP and identifies what’s encapsulated inside the packet. See the next section for more information.

Answer 8

protocol

Time to live (TTL)

Remember:

The full IP packet header has 14 different fields.

Ver 32 bits DSCP TTL TCP

Question 9

Let me be clear: you don’t choose ___ or ___. The people who developed the applications decide which protocol to use. When you fire up your Web browser, for example, you’re using TCP because Web browsers use a protocol called Hypertext Transfer Protocol (HTTP) and the developers of HTTP decided to build HTTP using TCP.

Answer 9

TCP; UDP

Question 10

Most TCP/IP applications use TCP—that’s why we call the protocol suite “TCP/IP” and not “UDP/IP.” TCP gets an application’s data from one machine to another reliably and completely. As a result, TCP comes with communication rules that require both the sending and receiving machines to acknowledge the other’s presence and readiness to send and receive data. We call this process the TCP _____-___ _______ of SYN, SYN-ACK, and ACK. TCP also chops up data into segments, gives the segments a sequence number, and then verifies that all sent segments were received. If a segment goes missing, the receiving system must request the missing segments.

Answer 10

three-way handshake

Question 11

Picture (in answer) shows a simplified TCP header. Notice the source port and the destination port. ____ numbers are values ranging from 1 to 65,535 and are used by systems to determine what application needs the received data. Each application is assigned a specific port number on which to listen/send. Web servers use port 80 (HTTP) or 443 (HTTPS), for example, whereas port 143 is used to receive e-mail messages from e-mail servers (IMAP4).

Answer 11

Port

Picture of TCP Header:

Source port Destination Port Sequence Number ACK

NOTE:

The client uses the source port number to remember which client application requested the data. The rest of this book dives much deeper into ports. For now, know that the TCP or UDP headers of an IP packet store these values. Also, Data gets chopped up into chunks at the Transport layer when using TCP. The chunks are called segments with TCP. UDP datagrams don’t get chopped up at the Transport layer; they just get a header.

Ports aren’t the only items of interest in the TCP header. The header also contains these fields:

• Sequence and ACK numbers These numbers enable the sending and receiving computers to keep track of the various pieces of data flowing back and forth.
• Flags These individual bits give both sides detailed information about the state of the connection.
• Checksum The checksum checks the TCP header for errors.

Question 12

___ is the “fire and forget” missile of the TCP/IP protocol suite. As you can see in (Picture) a UDP datagram doesn’t possess any of the extras you see in TCP to make sure the data is received intact. UDP works best when you have a lot of data that doesn’t need to be perfect or when the systems are so close to each other that the chances of a problem occurring are too small to bother worrying about. A few dropped frames on a Voice over IP call, for example, won’t make much difference in the communication between two people. So, there’s a good reason to use UDP: it’s smoking fast compared to TCP. Two of the most important networking protocols, Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP), use UDP.

Answer 12

UDP

Picture of UDP Header:

Source port Destination Port Length Checksum

NOTE:

Data gets chopped up into chunks at the Transport layer when using TCP. The chunks are called segments with TCP. UDP datagrams don’t get chopped up at the Transport layer; they just get a header.

Question 13

At the LAN level, every host runs TCP/IP software over Ethernet hardware, creating a situation where every host has two addresses: an __ address and an Ethernet ___ address. While at first this seems redundant, it’s the power behind TCP/IP’s ability to support both LANs and WANs.

Answer 13

IP; MAC

Question 14

Note that the __ packet is completely encapsulated inside the Ethernet frame. Also note that the Ethernet frame has both a destination MAC address and a source MAC address, while the IP packet encapsulated in the Ethernet frame has both a source IP address and a destination IP address. This encapsulation idea works great, but there’s a problem: Computer A knows Computer B’s IP address, but how does Computer A know the MAC address of Computer B?

Answer 14

IP

Answer:

To get Computer B’s MAC address, Computer A sends a very special command called an Address Resolution Protocol (ARP) request to MAC address FF-FF-FF-FF-FF-FF, the universal MAC address for broadcast.

Computer A says, “who has IP address 192.168.5.45? Please tell 192.168.5.23 (A)”

Computer B responds to the ARP request by sending Computer A an ARP reply, “192.168.5.23, I’m 192.168.5.45! My MAC address is 00:40:05:60:7D:49.”

Computer A has Computer B’s MAC address, it starts sending unicast Ethernet frames directly to Computer B.

Encapsulation:

Destination MAC Source MAC Type Dest. IP Source IP

Data FCS

NOTE: From Destination MAC to FCS is the Ethernet Frame. And from Destination IP to Data is the IP Packet

Question 15

IPv4’s dotted decimal notation (also referred to as the dotted _____ _________ system).

Answer 15

octet numbering

NOTE:
That dotted decimal is simply a shorthand way for people to discuss and configure the binary IP addresses computers use.

Question 16

In a small TCP/IP network, every computer has both an IP address and a ____ address

Answer 16

MAC

Question 17

A WAN is nothing more than a group of two or more interconnected LANs. For a WAN to work, each LAN needs some form of unique identifier called a ______ __.

Answer 17

network ID

Question 18

To differentiate LANs from one another, each computer on a single LAN must share a very _____, but not identical, IP address. Some parts of the IP address will match all the others on the LAN. (Picture) shows a LAN where all the computers share the first three numbers of the IP address, with only the last number being unique on each system.

Answer 18

similar

Picture:

Computer A: 202.120.10.42
Computer B: 202.120.10.83
Computer C: 202.120.10.64
Computer D: 202.120.10.78

NOTE:
In this example, every computer has an IP address of 202.120.10.x, where the x value is unique for every host, but every host’s IP address starts with 202.120.10. That means the network ID is 202.120.10.0. The x part of the IP address is the host ID. Combine the network ID (after dropping the ending 0) with the host ID to get an individual system’s IP address. No individual computer can have an IP address that ends with 0 because that is reserved for network IDs.

NOTE:
Two things to note here. First, the network ID and the host ID are combined to make a system’s IP address. Second, a host ID can end in 0—although this is uncommon.

Question 19

To organize all those individual LANs into a larger network, every TCP/IP LAN that wants to connect to another TCP/IP LAN must have a _____ connection. There is no exception to this critical rule. A router, therefore, needs an IP address on every LAN that it interconnects, so it can correctly send (route) the packets to the correct LAN.

Answer 19

router

Question 20

The router interface that connects a single LAN to the router is known as the _______ gateway. In a typical scenario configuring a client to access the network beyond the router, you use the IP address of the ______ gateway. The ________ gateway is in the same network ID as the host. The person who sets up the router must make sure that they configure the router’s LAN interface to have an address in the LAN’s network ID. By convention, most network administrators give the LAN-side NIC on the default gateway the lowest host address in the network, usually the host ID of 1. Therefore, if a network ID is 22.33.4.x, the router is configured to use the address 22.33.4.1.

Answer 20

default; default; default

Question 21

Routers use network IDs to determine network traffic. (Picture 6-24) shows a diagram for a small, two-NIC router similar to the ones you see in many homes. Note that one port (202.120.10.1) connects to the LAN and the other port connects to the Internet service provider’s network (14.23.54.223). Built into this router is a ______ table, the actual instructions that tell the router what to do with incoming packets and where to send them.

Answer 21

routing

Picture:

To LAN:
202.120.10.1 –> Router –> Everything Else –> To ISP
Everything for goes out
202.120.10.0 14.23.54.223
goes out of
202.120.10.1

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-24.jpg

Question 22

With a network ID of 202.120.10.0, for example, a network is limited to IP addresses from 202.120.10.1 to 202.120.10.254. (202.120.10.255 is a broadcast address used to talk to every computer on the LAN.) This provides only ___ IP addresses: enough for a small network, but many organizations need many more IP addresses. No worries! You can simply use a network ID with more zeroes, such as 170.45.0.0 (for a total of 65,534 hosts) or even 12.0.0.0 (for around 16.7 million hosts).

Answer 22

254

NOTE:
Network IDs are very flexible, as long as no two interconnected networks share the same network ID. If you wished, you could change the network ID of the 202.120.10.0 network to 202.155.5.0, or 202.21.8.0, just as long as you can guarantee no other LAN on the WAN shares the same network ID.

Question 23

A subnet mask is nothing more than a string of ones followed by some number of zeroes, always totaling exactly __ bits, typed into every TCP/IP host. Here’s an example of a typical subnet mask:

11111111111111111111111100000000

Then convert each octet into decimal (use a calculator):

255.255.255.0

Answer 23

32

NOTE:
Computer A wants to send a packet to Computer B. Computer B is on the same LAN as Computer A, but that begs a question: How does Computer A know this? Every TCP/IP computer needs a tool to tell the sending computer whether the destination IP address is local or long distance. This tool is the subnet mask.

Question 24

EXAM TIP: At this point, you should memorize that 0 = ________ and 255 = ________. You’ll find knowing this very helpful throughout the rest of the book.

Answer 24

00000000; 11111111

Question 25

Computer A wants to send a packet to Computer B. Computer B is on the same LAN as Computer A, but that begs a question: How does Computer A know this?

Before a computer sends out any data, it first compares the destination IP address to its own IP address using the _____ mask.

Answer 25

subnet

NOTE:

Before a computer sends out any data, it first compares the destination IP address to its own IP address using the subnet mask. If the destination IP address matches the computer’s IP address wherever there’s a 1 in the subnet mask, then the sending computer knows the destination is local. The network IDs match. If even one bit of the destination IP address where the 1s are on the subnet mask is different, then the sending computer knows it’s a long-distance call. The network IDs do not match.

When you line up an IP address with a corresponding subnet mask in binary, the portion of the IP address that aligns with the ones of the subnet mask is the network ID portion of the IP address. The portion that aligns with the zeroes is the host ID. With simple IP addresses, you can see this with dotted decimal, but you’ll want to see this in binary for a true understanding of how the computers work

NOTE The explanation about comparing an IP address to a subnet mask simplifies the process, leaving out how the computer uses its routing table to accomplish the goal.

Question 26

Computer A wants to send a packet to Computer B. Computer B is on the same LAN as Computer A, but that begs a question: How does Computer A know this?

Let’s head over to Computer A and see how the subnet mask works. Computer A’s IP address is 192.168.5.23. Convert that into binary:

11000000.10101000.00000101.00010111

Now drop the periods because they mean nothing to the computer:

11000000101010000000010100010111

Let’s say Computer A wants to send a packet to Computer B. Computer A’s subnet mask is 255.255.255.0. Computer B’s IP address is 192.168.5.45. Convert this address to binary:

11000000101010000000010100101101

Computer A compares its IP address to Computer B’s IP address using the subnet mask, as shown in Figure 6-28. For clarity, I’ve added a line to show you where the ones end and the zeroes begin in the subnet mask. Computers certainly don’t need the pretty (red) line!

Answer 26

See Pic:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-28.jpg

A-ha! Computer A’s and Computer B’s network IDs match! It’s a local call. Knowing this, Computer A can now send out an ARP request, which is a broadcast, as shown in Figure 6-29, to determine Computer B’s MAC address. Address Resolution Protocol (ARP) is how a TCP/IP network figures out the MAC address based on the destination IP address, as you’ll recall from earlier in the chapter.

But what happens when Computer A wants to send a packet to Computer C? First, Computer A compares Computer C’s IP address to its own using the subnet mask (Figure 6-29). It sees that the IP addresses do not match in the 1s part of the subnet mask—meaning the network IDs don’t match; therefore, this is a long-distance call.

See Pic:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-29.jpg

NOTE By definition, all computers on the same network have the same subnet mask and network ID.

Question 27

Whenever a computer wants to send to an IP address on another LAN, it knows to send the packet to the ______ gateway. It still sends out an ARP request, but this time it’s to learn the MAC address for the default gateway. Once Computer A gets the default gateway’s MAC address, it then begins to send packets.

Answer 27

default

See pic:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-30.jpg

Question 28

Most network folks represent subnet masks using special shorthand: a / character followed by a number equal to the number of ____ in the subnet mask.

Answer 28

ones

EXMAPLE PIC:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/c185-02.jpg

OR

1111111111111111111111110000000 = /24 (24 ones)
11111111111111110000000000000000 = /16 (16 ones)

NOTE:

An IP address followed by the / and number tells you the IP address and the subnet mask in one statement. For example, 201.23.45.123/24 is an IP address of 201.23.45.123 with a subnet mask of 255.255.255.0. Similarly, 184.222.4.36/16 is an IP address of 184.222.4.36 with a subnet mask of 255.255.0.0.

Question 29

If you want a computer to work in a routed internetwork (like the Internet), you absolutely must have an __ address that’s part of its network ID, a ____ mask, and a default gateway. No exceptions!

Answer 29

IP; subnet

Question 30

To support the dispersion of IP addresses, an organization called the ______ Assigned _______ Authority (IANA) was formed to track and disperse IP addresses to those who need them. Initially handled by a single person (the famous Jon Postel) until 1998, IANA has grown dramatically and now oversees five Regional Internet Registries (RIRs) that parcel out IP addresses to large ISPs and major corporations. The RIR for North America is called the American Registry for Internet Numbers (ARIN). All end users get their IP addresses from their respective ISPs. IANA passes out IP addresses in contiguous chunks called network blocks (or just blocks)

Answer 30

Internet; Numbers

See Pic:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/t186-01.jpg

A typical Class A network block, for example, has a network ID that starts between 1 and 126; hosts on that network have only the first octet in common, with any numbers for the other three octets. Having three octets to use for hosts means you have an enormous number of possible hosts, over 16 million different number combinations. The subnet mask for Class A network blocks is 255.0.0.0, which means you have 24 bits for host IDs.

EXAM TIP: CompTIA and many techs use the term classful to describe the traditional class blocks. Thus you’ll see classful A, B, C, D, and E addressing on the exam. Keep reading and this will make sense.

Question 31

Do you remember binary math? 2^24 = 16,277,216. Because the host can’t use all zeroes or all ones (those are reserved for the network ID and broadcast IP, respectively), you subtract two from the final number to get the available host IDs. (EX: Class A has 16,277,214, so two was subtracted).

A Class B network block, with a subnet mask of 255.255.0.0, uses the first two octets to define the network ID. This leaves two octets to define host IDs, which means each Class B network ID can have up to ________ different hosts.

Answer 31

65,534

How I did it:

I counted the ones in the subnet mask. Remember, 0 = 00000000 (8 Zero’s), so there are two octets with zero’s - add the zero’s together and you get 16. Then, 2*16 (or 2^16) is 65,536 and subtract 2 from 65,536 and you get 65,534.

NOTE:

A Class C network block uses the first three octets to define only the network ID. All hosts in network 192.168.35.0, for example, would have all three first numbers in common. Only the last octet defines the host IDs, which leaves only 254 possible unique addresses. The subnet mask for a Class C block is 255.255.255.0.

See Pic:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/t186-01.jpg

EXAM TIP:
Make sure you memorize the IP class blocks! You should be able to look at any IP address and know its class block. Here’s a trick to help: The first binary octet of a Class A address always begins with a 0 (0xxxxxxx); for Class B, it begins with a 10 (10xxxxxx); for Class C, with 110 (110xxxxx); for Class D, with 1110 (1110xxxx); and for Class E, it begins with 1111 (1111xxxx).

EXAM TIP:
Note the loopback and reserved addresses for the exam. Reserved are Experimental.

Question 32

______ class blocks are used for one-to-many communication, such as in streaming video conferencing. There are three types of ways to send a packet: a broadcast, which is where every computer on the LAN hears the message; a unicast, where one computer sends a message directly to another user; and a multicast, where a single computer sends a packet to a group of interested computers. Multicast is often used when routers talk to each other.

Experimental addresses are reserved and never used except for occasional experimental reasons. These were originally called Reserved addresses.

Answer 32

Multicast

See Pic:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/t186-01.jpg

Question 33

CIDR is based on a concept called subnetting: taking a single class of IP addresses and chopping it up into multiple smaller groups. CIDR and subnetting are virtually the same thing. Subnetting is done by an ________—it is given a block of addresses and then breaks the single block of addresses into multiple subnets. CIDR is done by an ___—it is given a block of addresses, subnets the block into multiple subnets, and then passes out the smaller individual subnets to customers. Subnetting and CIDR have been around for quite a long time now and are a critical part of all but the smallest TCP/IP networks.

Answer 33

organization; ISP

Question 34

Classful subnets are always /8, /16, or /24. When we stop using that convention and start using classless subnet masks, we are using a _____ subnet mask.

Answer 34

custom

Question 35

Calculating Hosts:

If you have a /16 subnet mask on your network, what is the maximum number of hosts you can have on that network?

Answer 35

1. Because a subnet mask always has 32 digits, a /16 subnet means you have 16 zeroes left after the 16 ones.
2. 2*16 – 2 = 65,534 total hosts.

NOTE You cannot subnet without using binary!

Question 36

Calculating Hosts:

If you have a /26 subnet mask on your network, what is the maximum number of hosts you can have on that network?

Answer 36

1. Because a subnet mask always has 32 digits, a /26 subnet means you have 6 zeroes left after the 26 ones.
2. 2*6 – 2 = 62 total hosts.

NOTE You cannot subnet without using binary!

Question 37

The primary tool for subnetting is the existing subnet mask. Write it out in _______. Place a line at the end of the ones

Answer 37

binary

Subnet Mask:
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 | 0 0 0 0 0 0 0 0

NOTE:
Now draw a second line one digit to the right, as shown in (Picture Below). You’ve now separated the subnet mask into three areas that I call (from left to right) the default subnet mask (DSM), the network ID extension (NE), and the hosts (H). These are not industry terms, so you won’t see them on the CompTIA Network+ exam, but they’re a handy Mike Trick that makes the process of subnetting a lot easier.

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-33.jpg

You now have a /25 subnet mask. At this point, most people first learning how to subnet start to freak out. They’re challenged by the idea that a subnet mask of /25 isn’t going to fit into one of the three pretty subnets of 255.0.0.0, 255.255.0.0, or 255.255.255.0. They think, “That can’t be right! Subnet masks are made of only 255s and 0s.” That’s not correct. A subnet mask is a string of ones followed by a string of zeroes. People only convert it into dotted decimal to enter things into computers. So, convert /25 into dotted decimal. First write out 25 ones, followed by 7 zeroes. (Remember, subnet masks are always 32 binary digits long.)

1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0

Insert the periods in between every eight digits:

1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 0 0 0 0 0 0 0

Then convert them to dotted decimal:

255 . 255 . 255 . 128

Get used to the idea of subnet masks that use more than 255s and 0s. Here are some examples of perfectly legitimate subnet masks.

Question 38

Calculating Subnets:

When you subnet a network ID, you need to follow the rules and conventions dictated by the good folks who developed TCP/IP to ensure that your new subnets can interact properly with each other and with larger networks. All you need to remember for subnetting is this: start with a _______ subnet mask and extend the subnet extension until you have the number of subnets you need. The formula for determining how many subnets you create is 2*y, where y is the number of bits you add to the subnet mask.

Answer 38

beginning

Example:

Let’s practice this a few times. Figure 6-34 shows a starting subnet of 255.255.255.0. If you move the network ID extension over one, it’s only a single digit, 2*1.

Subnet Mask:
->
1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 | 0 | 0 0 0 0 0 0 0
->
Moving over one digit

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-34.jpg

That single digit is only a zero or a one, which gives you two subnets. You have only one problem—the café needs three subnets, not just two! So, let’s take /24 and subnet it down to /26. Extending the network ID by two digits creates four new network IDs, 2*2 = 4. To see each of these network IDs, first convert the original network ID—192.168.4.0—into binary.

Original Network: 192.168.4.0
Translates to binary:
1 1 0 0 0 0 0 0 . 1 0 1 0 1 1 1 1 . 0 0 0 0 0 1 0 0. 0 0 0 0 0 0 0 0

Now Creating the new network IDs:
->
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 1 | 0 0 0 0 0 0
->
1.

1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 0 | 0 0 0 0 0 0

2.

1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 0 1 | 0 0 0 0 0 0

3.

1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 0 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 0 | 0 0 0 0 0 0

4.

1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 1 | 0 0 0 0 0 0
1 1 0 0 0 0 0 0 1 0 1 0 1 1 1 1 0 0 0 0 0 1 0 0 | 1 1 | 0 0 0 0 0 0

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-36.jpg

Now convert these four network IDs back to dotted decimal:

See:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/t193-01.jpg

Congratulations! You’ve just taken a single network ID, 192.168.4.0/24, and subnetted it into four new network IDs! Figure 6-37 shows how you can use these new network IDs in a network.

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-37.jpg

Question 39

EXAM TIP:
CompTIA and many techs refer to a CIDR address as a _______ address, meaning the subnet used does not conform to the big three on the classful side: A, B, or C. When you see that term on the exam, you’ll know you should look for subnetting.

Answer 39

classless

Question 40

EXAM TIP:

Expect to see a question or two on the CompTIA Network+ exam that asks you to compare ____ notation (IPv4 vs. IPv6). The former should be familiar, with four octets and a /# for the subnet mask.

Answer 40

CIDR

Question 41

Take a piece of paper and write the number ___ in the top-left corner. Now, what is half of ___? That’s right, 64. Write 64 next to 128. Now keep dividing the previous number in half until you get to the number 1.

Answer 41

128; 128

The result will look like this:

128 64 32 16 8 4 2 1

Notice that you have eight numbers. Each of these numbers corresponds to a position of one of the eight binary digits. To convert an 8-bit value to dotted decimal, just take the binary value and put the numbers under the corresponding eight digits. Wherever there’s a 1, add that decimal value.

Let’s take the binary value 10010110 into decimal. Write down the numbers as shown, and then write the binary values underneath each corresponding decimal number:

128 64 32 16 8 4 2 1
1 0 0 1 0 1 1 0

Add the decimal values that have a 1 underneath:

128 + 16 + 4 + 2 = 150

Question 42

Converting from decimal to binary is a bit more of a challenge. You still start with a line of decimal numbers starting with 128, but this time, you place the decimal value above. If the number you’re trying to convert is _______ than or equal to the number underneath, subtract it and place a 1 underneath that value. If not, then place a 0 under it and move the number to the next position to the right.

Answer 42

greater

Let’s give this a try by converting 221 to binary. Begin by placing 221 over the 128:

         221  93   29   29 13   5   1   1
         128  64   32   16   8   4   2   1 Total:     93   29          13   5    1        1 Binary:     1      1      0    1    1     1  0   1

Finally, the 1; 1 is equal to 1, so put a 1 underneath and you’re done. The number 221 in decimal is equal to 11011101 in binary.

EXAM TIP Make sure you can manually convert decimal to binary and binary to decimal.

Question 43

There are two ways to give a host an IP address, subnet mask, and default gateway: either by typing in all the information (called ____ addressing) or by having a server program running on a system that automatically passes out all the IP information to systems as they boot up on or connect to a network (called ______ addressing).

Answer 43

static; dynamic

Static addressing means typing all the IP information into each of your hosts

EXAM TIP:
The CompTIA Network+ exam objectives use the term address assignments to describe methods for setting device IP addresses. Note that that term applies to both the static and dynamic methods discussed here.

Question 44

The universal tool for entering IP information on UNIX/Linux systems is the command-line ip command:

ip addr add 192.168.4.10 ____ eth1

Answer 44

dev

EXAM TIP:
You might get a question about setting a static IP address in Linux where ip isn’t one of the choices. Go with the deprecated ifconfig command in that case.

Question 45

Dynamic IP addressing, better known as _______ ____ __________ Protocol (DHCP), automatically assigns an IP address whenever a computer connects to the network.

Answer 45

Dynamic Host Configuration

NOTE:

Any network using DHCP consists of a DHCP server and lots of DHCP clients. Clients request IP information from DHCP servers. DHCP servers in turn pass out IP information to the clients (Figure 6-45). In most networks, most hosts—desktops, laptops, and mobile devices—are DHCP clients. Most networks have a single DHCP server that often is built into a router for small office/home office (SOHO) networks or runs on a server in enterprise networks.

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-45.jpg

EXAM TIP:
A very early protocol called Bootstrap Protocol (BOOTP) preceded DHCP in providing dynamic IP addressing. It’s been dead for many decades, but has been known to appear, zombie like, on CompTIA exams. If you see BOOTP or BootP, substitute DHCP and you’ll see the right answer.

Question 46

When a DHCP client boots up, it automatically sends out a special DHCP _______ message using the broadcast address. This DHCP Discover message asks, “Are there any DHCP servers out there?” (See Figure 6-46.)

Answer 46

Discover

Picture:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-46.jpg

The DHCP server hears the request and then sends the DHCP client a DHCP Offer message (Figure 6-47). This message includes an IP address, subnet mask and gateway (as well as other information not yet covered in this book).

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-47.jpg

The DHCP client sends out a DHCP Request—a poor name choice as it is really accepting the offer—verifying that the offer is still valid. The DHCP Request is very important as it tells the network that this client is accepting IP information from this and only this DHCP server.

The DHCP server then sends a DHCP Acknowledgment and lists the MAC address as well as the IP information given to the DHCP client in a database (Figure 6-48).

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-48.jpg

At the end of this four-step DHCP dance (called the DHCP four-way handshake, or DORA, for Discover, Offer, Request, and Acknowledgment), the DHCP client gets a DHCP lease. A DHCP lease is set for a fixed amount of time, often one to eight days. Near the end of the lease time, the DHCP client sends another DHCP Request message.

The DHCP server looks at the MAC address information and always gives the DHCP client the same IP information, including the same IP address

NOTE:
Using the acronym DORA—for Discover, Offer, Request, and Acknowledgment—will help you remember the DHCP four-way handshake.

Question 47

EXAM TIP:

DHCP uses UDP ports __ and __. And yes, memorize the numbers.

Answer 47

67; 68

Question 48

DHCP servers, on the other hand, require some hands-on configuration. Consider what a DHCP server requires:

• It needs a pool of legitimate IP addresses that it can pass out to clients.
• It needs to know the subnet mask for the network.
• It needs to know the IP address for the default gateway for the network.

When a technician installs a range (or _____) of IP addresses, this is called a DHCP _____. Figure 6-50 shows a typical home router’s DHCP settings. Note that it is passing out a DHCP scope of 192.168.1.100 to 192.168.1.150. You can also see the place to enter the subnet mask. It also passes out other information, known as scope options, that cover many choices, such as the default gateway, DNS server, Network Time server, and so on.

Answer 48

pool; scope

PICTURE:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-50.jpg

Question 49

DHCP Relay:

DHCP relies on broadcasting to work. DORA initially consists of three broadcasts as the DHCP client tries to find the DHCP server and the DHCP server provides IP information. Only the fourth step—Acknowledge—is _____. (On a DHCP renew, everything’s unicast because the client already has a valid IP address and knows the DHCP server’s IP address.) Using broadcasting works well within a broadcast domain. But all routers block broadcast traffic (if they didn’t, the entire Internet would consist of nothing but broadcasts). See Figure 6-51.

Answer 49

unicast

PICTURE:
https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-51.jpg

Note:
The settings of Enable, Disable, and DHCP Relay in Figure 6-50. Since in all but the rarest cases there should only be one DHCP server on a small LAN, it’s handy to give an option to disable the DHCP server on this router. DHCP relay is a bit more complex, so let’s take some time to understand this powerful feature.

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-50.jpg

NOTE:

There are situations, however, where it’s difficult or impractical to place a DHCP server in the same LAN as the DHCP clients. A single organization with many individual LANs would also need many individual DHCP servers, an administrative nightmare. These cases require the use of a DHCP relay (or DHCP relay agent). A DHCP relay, built into most routers, accepts DHCP broadcasts from clients and then sends them via unicast addresses directly to the DHCP server (Figure 6-52).

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-52.jpg

NOTE:
To make a DHCP relay-capable device work, you must give the relay the IP address of the real DHCP server, also known as the IP helper address. Refer to Figure 6-50 to see where the IP helper address is added just below the DHCP Server radio buttons.

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-50.jpg

Question 50

DHCP Reservation:

The DHCP servers that come with SOHO routers are more than sufficient for small networks, but use only a small part of the power of DHCP, in particular DHCP IP reservations. An enterprise network often contains hosts that use only static IP addresses. File servers, printers, cameras, multipurpose devices, and many other hosts should never use DHCP; users need a _______, fixed, statically assigned IP address to locate these devices easier (Figure 6-53).

Answer 50

permanent

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-53.jpg

Question 51

In most cases it’s a good idea to set aside IP addresses for certain types of devices. Here is one example, using the network ID 192.168.4.0:

• Routers and switches get .1 to .10 in the last octet.
• Servers get .11 to .30 in the last octet.
• Wired DHCP clients get .31 to .99 in the last octet.
• Printers, cameras, and wireless access points get .100 to .149 in the last octet.
• Wireless DHCP clients get .150 to .254 in the last octet.

Answer 51

Just note

Question 52

In some cases, however, there might be an address or two inside a DHCP pool that is already configured for static that you do not want the DHCP server to issue to a DHCP client. In such a scenario an IP _________ is used. Figure 6-54 shows the configuration screen for setting an IP exclusion in the built-in DHCP tool that comes with Windows Server.

Answer 52

exclusion

PICTURE:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-54.jpg

Question 53

MAC Reservations Another interesting though rarely used option for DHCP is the MAC reservation. For some networks, it’s more convenient to assign a server a DHCP-assigned address than to set it up statically. To do this, set up the DHCP server to use a MAC reservation. A MAC reservation assigns a specific IP address to a specific MAC address. Always. From now on, anytime the system with that MAC address makes a DHCP Request, the DHCP reservation _________ that that system will get the same IP address. Figure 6-55 shows Windows DHCP Server configuring a MAC reservation.

Answer 53

guarantees

PICTURE:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-55.jpg

Question 54

This special IP address is generated by a version of zero-configuration networking (zeroconf). Microsoft’s implementation is called Automatic Private IP Addressing (APIPA). (That’s the one you’ll see on the exam.)

All DHCP clients are designed to generate an APIPA address automatically if they do not receive a response to a DHCP Discover message. The client only generates the last two octets of an APIPA address. This at least allows the dynamic clients on a single network to continue to communicate with each other because they are on the same network ID.

Unfortunately, APIPA cannot issue a default gateway, so you’ll never get on the _____ using APIPA. That provides a huge clue to a DHCP problem scenario: you can communicate with other computers on your network that came up after the DHCP server went down, but you can’t get to the Internet or access computers that retain a DHCP-given address.

Answer 54

Internet

EXAM TIP:

Systems that use static IP addressing can never have DHCP problems.

If you can’t get to the Internet, use whatever tool your OS provides to check your IP address. If it’s an APIPA address, you know instantly that you have a DHCP problem. First, try to reestablish the lease manually. Every OS has some way to do this. In Windows, you can type the following command:

ipconfig /renew

With macOS, go to System Preferences and use the Network utility (Figure 6-59).

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/fig06-59.jpg

Question 55

Sometimes you might find yourself in a situation where your computer gets confused and won’t grab an IP address no matter what you try. In these cases, you should first force the computer to release its lease. In Windows, get to a command prompt and type these two commands; follow each by pressing ENTER:

Answer 55

ipconfig /release
ipconfig /renew

In macOS, use the ifconfig command to release and renew a DHCP address. Here’s the syntax to release:

sudo ifconfig eth0 down

And here’s the syntax to renew:

sudo ifconfig eth0 up

Linux can use the deprecated ifconfig command with the same syntax as above, but a better tool is dhclient. Here’s the syntax to release, followed by the syntax to renew:

sudo dhclient -r
sudo dhclient

EXAM TIP:
Make sure you know how to configure your computers to use static IP addressing and know that you use ping to ensure they can communicate. For dynamic IP addressing, make sure you know DHCP. Understand that each client must have some way to “turn on” DHCP. Also understand the concept of a DHCP client and a DHCP server. Be comfortable with APIPA and releasing and renewing a lease on a client.

Question 56

Multiple DHCP Servers:

A single DHCP server provides a single point of failure for a network. If this server dies, at best no one can get on the Internet; at worst, no one can do anything at all. To avoid this problem, bigger networks—think enterprise, here—run more than one DHCP server. You can do this in a couple ways. That way it doesn’t matter which DHCP server answers. Assume you have a network ID of 172.13.14.0. You could configure the two DHCP servers as such:

DHCP Server 1: Scope 172.13.14.200–172.13.14.225

DHCP Server 2: Scope 172.13.14.226–172.13.14.250

Each DHCP server would still use the same subnet mask, default _______, etc.

Two independent DHCP servers add double the administrative load, so a far more elegant solution is called DHCP failover. In DHCP failover, two—and only two—DHCP servers work together to provide DHCP for the network. First widely implemented in Windows Server 2012, a DHCP failover pair consists of a primary DHCP server and a secondary DHCP server. As opposed to two independent DHCP servers, the DHCP failover pair shares a single scope. If either fails, the other picks up the load and the end users never notice a thing. DHCP failover is quite common in large networks.

Answer 56

gateway

Question 57

Rogue DHCP Server:

A DHCP client will accept IP information from the first DHCP it hears, creating a bit of a problem. It’s too easy to add another DHCP server to a network, passing out incorrect IP information to clients. This is called a _____ DHCP server. Rogues happen in one of two ways: someone in the organization brings in a home router and accidently plugs it into the network or someone evil is trying to attack your network. In either case a rogue server is bad.

An unintentional rogue server is usually easy to detect. Consider this scenario. A legitimate user in your network plugs a home router into a wall outlet in your location with the desire to provide a wireless network for their little corner of the world. Sadly, the router also has a DHCP server running by default. This DHCP server is invariably running a default IP address range such as 192.168.1/24, and hopefully your network ID is anything BUT this default. As new DHCP clients request leases, the rogue DHCP server might respond before the legitimate DHCP server. Then the client can’t get on the Internet or access local network resources. Anytime a network administrator notices that some users can access resources and some cannot, it’s time to check for a rogue DHCP server. Usually a quick ipconfig will show DHCP clients with incorrect network IDs.

Answer 57

rogue

Let’s assume that your network ID is 10.11.12/24. A user complains that they can’t get on the Internet. You go to the user’s machine, run the ipconfig command, and see the following:

https://learning.oreilly.com/library/view/comptia-network-certification/9781260122398/c211-05.jpg

A good network administrator would quickly see that this system is gathering incorrect DHCP information from … somewhere. That somewhere is a rogue DHCP server.

A properly configured rogue DHCP server with malicious intent can cause serious problems. Plus rogue DHCP servers are tough to detect because they give IP addresses in the same scope as the legitimate DHCP server, but change the default gateway. This enables the rogue server to intercept or capture incoming and outgoing traffic. What it does with this information depends on the nature of the attack.

Question 58

The first special address is 127.0.0.1—the ________ address. When you tell a device to send data to 127.0.0.1, you’re telling that device to send the packets to itself. The loopback address has several uses. One of the most common is to use it with the ping command. I use the command ping 127.0.0.1 to test a computer’s network stack.

Answer 58

loopback

EXAM TIP:
Even though, by convention, you use 127.0.0.1 as the loopback address, the entire 127.0.0.0/8 subnet is reserved for loopback addresses! You can use any address in the 127.0.0.0/8 subnet as a loopback address.

Question 59

For the moment, however, let’s just look at the ranges of addresses that are designated as private IP addresses:

• 10.0.0.0 through 10.255.255.255 (1 Class A network block)
• 172.16.0.0 through 172.31.255.255 (16 Class B network blocks)
• 192.168.0.0 through 192.168.255.255 (256 Class C network blocks)

All other IP addresses are public IP addresses.

Answer 59

EXAM TIP:

Make sure you can quickly tell the difference between a private IP address and a public IP address for the CompTIA Network+ exam. The objectives mention the distinction as private vs. public.