Chapter 6: TCP/IP Basics

Question 1

Where does the TCP/IP protocol suite operate?

Answer 1

At Layers 3-7 of the OSI seven-layer model.

Question 2

What layer does Internet Protocol (IP) work at and what does it do?

Answer 2

IP works at the Network layer. It takes data chunks from the Transport layer, adds addressing, and creates the final IP packet. It then hands the IP packet to the Data Link layer for encapsulation into a frame.

Question 3

What layer does Internet Control Message Protocol (ICMP) work and what is its role?

Answer 3

ICMP works at the Network layer. It plays a role in IP error reporting and diagnostics (ping, etc.).

Question 4

What is the Version field in an IPv4 packet header?

Answer 4

The version (Ver) field defines the IP address type: 4, for IPv4.

Question 5

What is the Total Length field in an IPv4 packet header and what is its size?

Answer 5

The total size of the IP packet in octets (bytes). This includes the IP header and its payload. This field is 16 bits long, which limits the packet size to 65 KB.

Question 6

What is the Time to Live (TTL) field in an IPv4 packet header and what is its purpose?

Answer 6

It is a counter that decrements by one every time a packet goes through a router. This counter cannot start higher than 255. The purpose of the TTL field is to prevent endless loops on the Internet.

Question 7

What is the Protocol field in an IPv4 packet header?

Answer 7

In most cases, the protocol field is either TCP or UDP and identifies what’s encapsulated inside the packet.

Question 8

What is the Transmission Control Protocol (TCP) and at what layer does it work?

Answer 8

TCP is a connection-oriented protocol that gets an application’s data from one machine to another reliably and completely. It works at the Transport layer (Layer 4).

Question 9

What is the TCP three-way handshake

Answer 9

SYN
SYN-ACK
ACK

Question 10

What are port numbers and at what layer are they used?

Answer 10

Port numbers are used by systems to determine what application needs the received data. Each application is assigned a specific port number on which to listen/send (1 to 65,535). They are used at the Transport layer.

Question 11

What are the Sequence number and Acknowledgment number fields in the TCP segment header?

Answer 11

These numbers enable the sending and receiving computers to keep track of the various pieces of data flowing back and forth.

Question 12

What is the Flags field in the TCP segment header?

Answer 12

TCP flags give both sides detailed information about the state of the connection.

Question 13

What is the Checksum field in the TCP segment header?

Answer 13

The recipient can use the checksum to check the TCP header for errors as bits flipped or lost during transmission.

Question 14

Transmission Control Protocol (TCP) vs. User Datagram Protocol (UDP)

Answer 14

Both function at the Transport layer. Data gets broken up into segments when using TCP. UDP datagrams don’t get chopped up, they just get a header.

Question 15

What is a Wide Area Network (WAN)?

Answer 15

In a basic sense it is a collection of interconnected Local Area Networks (LANs).

Question 16

What does Address Resolution Protocol (ARP) do?

Answer 16

It resolves an IP address to an Ethernet MAC address.

Question 17

What command do you type in Window’s Command Prompt to view the system’s current ARP cache?

Answer 17

arp -a

Question 18

What command do you type in Window’s Command Prompt to delete one of the entries in the ARP table?

Answer 18

arp -d [ip address from the cache table]

Question 19

What is the decimal value of the binary number: 1111 1111

Answer 19

255

Question 20

What command do you type in the Window’s Command Prompt to display the IP and MAC addresses?

Answer 20

ipconfig /all

Question 21

What command do you type in the macOS terminal to display the IP and MAC addresses?

Answer 21

ifconfig

Question 22

What command to you type in the Linux terminal to display the IP and MAC addresses?

Answer 22

ip address

(ifconfig is the older command)

Question 23

What do reserved network IDs (IP addresses) end in?

Answer 23

0

Question 24

What two things are combined to make a system’s IP address?

Answer 24

The network ID and the host ID.

Question 25

What does a subnet mask do?

Answer 25

A subnet mask is used by each computer on a network to determine if a packet is for the LAN or for a computer on the WAN, so it knows how to handle the packet.

Question 26

What does a router need for every LAN that it interconnects?

Answer 26

An IP address that is in the LAN’s network ID for that LAN’s router interface (LAN-side NIC).

Question 27

What is the default gateway?

Answer 27

The router’s interface on a LAN and the router itself that routes traffic out to other networks.

Question 28

What is the conventional address given to the LAN-side NIC on the default gateway?

Answer 28

The lowest or highest host address in the network.

Question 29

What is a subnet mask?

Answer 29

A string of ones followed by a string zeroes, always totaling 32 bits, set on every TCP/IP host.

Question 30

How does the subnet mask determine the network ID and host ID portions of an IP address?

Answer 30

When you line up an IP address with its corresponding subnet mask in binary, the portion of the IP address that aligns with the ones of the subnet mask is the network ID portion of the IP address. The portion that aligns with the zeroes is the host ID.

Question 31

What is Classless Inter-Domain Routing (CIDR) notation?

Answer 31

An IP address followed by the / and a number that tells you the IP address and the subnet mask in one statement.

Question 32

What do all computers on the same network posses?

Answer 32

The same subnet mask and network ID.

Question 33

Class A IP block:

First Decimal Value
First Binary Octet
Addresses
Subnet Mask

Answer 33

First Decimal Value: 1-126
First Binary Octet: 0xxxxxxx
Addresses: 1.0.0.0-126.255.255.255
Subnet Mask: 255.0.0.0

Question 34

Class B IP block:

First Decimal Value
First Binary Octet
Addresses
Subnet Mask

Answer 34

First Decimal Value: 128-191
First Binary Octet: 10xxxxxx
Addresses: 128.0.0.0-191.255.255.255
Subnet Mask: 255.255.0.0

Question 35

Class C IP block:

First Decimal Value
First Binary Octet
Addresses
Subnet Mask

Answer 35

First Decimal Value: 192-223
First Binary Octet: 110xxxxx
Addresses: 192.0.0.0-223.255.255.255
Subnet Mask: 255.255.255.0

Question 36

Class D IP block (Multicast):

First Decimal Value
First Binary Octet
Addresses

Answer 36

First Decimal Value: 224-239
First Binary Octet: 1110xxxx
Addresses: 224.0.0.0-239.255.255.255

Question 37

Class E IP block (Experimental):

First Decimal Value
First Binary Octet
Addresses

Answer 37

First Decimal Value: 240-255
First Binary Octet: 1111xxxx
Addresses: 240.0.0.0-255.255.255.255

Question 38

What is the formula to determine how many hosts a network can have?

Answer 38

2^x - 2, where x represents the number of zeroes in the subnet mask.

You subtract two for the network ID (host ID all zeroes) and broadcast address (host ID all 255s).

Question 39

Define: Broadcast packet

Answer 39

Where every computer on the LAN hears the message.

Question 40

Define: Unicast packet

Answer 40

Where one computer sends a message directly to another.

Question 41

Define: Anycast packet

Answer 41

Where multiple computers share a single address and routers direct messages to the closest computer.

Question 42

Define: Multicast packet

Answer 42

Where a single computer sends a message to a group of interested computers. Routers use multicast to talk to each other.

Question 43

What are the classful subnets?

Answer 43

/8, /16, /24 (Class A, Class B, Class C)

Question 44

What is subnetting?

Answer 44

Taking a single class of IP addresses and chopping it up into multiple smaller groups called subnets. You take an existing /8, /16, or /24 subnet and extend the subnet mask by replacing zeroes with ones.

Question 45

List the steps to create a Classless Inter-Domain Routing (CIDR) subnet.

Answer 45

1. Write the existing subnet mask out in binary and place a vertical line at the end of the ones.
2. Extend the network ID by replacing one or more zeroes with a one until you have the number of subnets that you need. Place a second vertical line at the end of your new one(s).
3. Convert your new /(# of 1s) subnet mask into dotted decimal.

Question 46

What is the formula for determining how many subnets you create in subnetting?

Answer 46

2^y, where y is the number of bits (ones) you add to the subnet mask.

2^1 = 2
2^2 = 4
2^3 = 8

Question 47

What are the steps to create the new networks IDs for the subnets created in subnetting?

Answer 47

1. Convert the original network ID into binary.
2. Add the network ID extensions to the end for each of the subnets you created.
3. Convert the new network IDs for your subnets into dotted decimal.

Question 48

What is static IP addressing?

Answer 48

Manually typing the IP address, subnet mask, and default gateway into each of your hosts.

Question 49

What does Dynamic Host Configuration Protocol (DHCP) do?

Answer 49

It automatically assigns an IP address whenever a computer connects to the network (booting up, etc.). This is called dynamic addressing.

The network requires a DHCP server and DHCP clients for dynamic addressing.

Question 50

What does the DHCP server provide to the DHCP client?

Answer 50

An IP address, subnet mask, and default gateway.

Question 51

What is the DHCP four-way Handshake?

Answer 51

Discover
Offer
Request
Acknowledgment

(DORA)

Question 52

What port number do DHCP servers use?

Answer 52

port 67

Question 53

What port number do DHCP clients use?

Answer 53

port 68

Question 54

Define: DHCP Scope

Answer 54

The pool of IP addresses the DHCP server can pass out to clients.

Question 55

Define: DHCP Scope Options

Answer 55

The default gateway, DNS server, Network Time server, and other information that a DHCP server passes out to clients.

Question 56

What is a DHCP relay?

Answer 56

DHCP relays enable DHCP traffic to cross routers.

A DHCP relay enables a router to accept DHCP broadcasts from clients and then use UDP forwarding to send them on via unicast addresses directly to the DHCP server when it is not located on the same LAN as the DHCP client.

Question 57

What is MAC reservations?

Answer 57

Enabling DHCP to lease the same IP address to the same host each time.

Question 58

Which devices should never use dynamic IP addresses?

Answer 58

Routers
Switches
File Servers
Printers
Cameras
Other Servers

Question 59

Define: IP Exclusion Range

Answer 59

Knocking out some of the IP addresses for static addressing inside the pool (DHCP scope).

Question 60

What is Automatic Private IP Addressing (APIPA)?

Answer 60

All DHCP clients (Windows) are designed to generate an APIPA address automatically if they do not receive a response to a DHCP Discover message.

Question 61

What is the network ID for APIPA?

Answer 61

169.254.0.0/16

The DHCP client only generates the last two octets of an APIPA address.

Question 62

What are some signs the DHCP server is down?

Answer 62

The client can’t reach the internet because APIPA cannot issue a default gateway.

The operating system will post some form of error.

The client can’t communicate with computers that retain the DHCP-given address.

*Systems that use static IP addressing can never have DHCP problems.

Question 63

What command do you type in the Window’s command prompt to reestablish the DHCP lease manually?

Answer 63

ipconfig /renew

Question 64

What command do you type in the Window’s command prompt to force a client to release its DHCP lease?

Answer 64

ipconfig /release

Question 65

What command do you type into macOS to force a client to release a DHCP lease?

Answer 65

sudo ifconfig eth0 down

*Also old command for Linux

Question 66

What command do you type in macOS to renew a DHCP lease manually?

Answer 66

sudo ifconfig eth0 up

*Also old command for Linux

Question 67

What command do you type in Linux to force a client to release a DHCP lease?

Answer 67

sudo dhclient -r

Question 68

What command do you type in Linux to renew a DHCP lease manually?

Answer 68

sudo dhclient

Question 69

Define: DHCP Failover

Answer 69

Where two, and only two, DHCP servers work together to provide DHCP for the network.

The pair consists of a primary DHCP server and a secondary DHCP server. They both share a single scope.

Question 70

What is a security danger with using DHCP?

Answer 70

A rogue DHCP server can be unknowingly added to the network and may be malicious in nature.

This is possible due to DHCP clients accepting IP information from the first DHCP server that responds to it.

Question 71

How do you detect a rogue DHCP server on the network?

Answer 71

Anytime some users can access resources and some cannot, check clients’ IP addresses to see if they are outside the network ID.

Also check the default gateway to see if it is correct and has not been changed by a rogue DHCP server to capture network traffic.

Question 72

What subnet is reserved for loopback addresses?

Answer 72

127.0.0.0/8

127.0.0.1 is the traditional loopback address used.

Question 73

What is a loopback address used for?

Answer 73

To tell a device to send packets to itself.

You can use the ping command with a loopback address to test a computer’s network stack.

Question 74

What are the private IP address ranges?

Answer 74

10.0.0.0 - 10.255.255.255 (1 Class A network block)

172.16.0.0 - 172.31.255.255 (16 Class B network blocks)

192.168.0.0 - 192.168.255.255 (256 Class C network blocks)

Question 75

Do routers block private IP addresses?

Answer 75

Yes

This makes them useless for systems that need to access the Internet, unless you use NAT. Anyone can use private IP addresses to hide systems from the Internet.