Explanining the TCP/IP Transport Layer and Application Layer Flashcards
Is the process by which an IP host is able to support multiple sessions simultaneously and manage the individual traffic streams over a single link. A session is created when a source machine needs to send data to a destination machine.
Session Multiplexing
- Detection and retransmission of dropped packets
- Detection and remediation of duplicate or out-of-order data
- Avoidance of congestion in the network
TCP reliability
- Web browsers
- FTP
- Network printing
- Database transactions
Common applications that use TCP
- Domain Name System (DNS)
- Voice over IP (VoIP)
- TFTP
Common applications that use UDP
Calling port number (16 bits)
Source Port
Called port number (16 bits)
Destination Port
Used for reliability and congestion avoidance (32 bits each)
Sequence Number and Acknowledgment Number
Size of the TCP header (4 bits)
Header Length
For future use (3 bits)
Reserved
Control bits (9 bits
Flags
Enables the receiver to demonstrate to the sender that segments are being acknowledged.
Nonce Sum (NS)
Acknowledge that the congestion-indication echoing was received
Congestion Window Reduced (CWR)
Indication of congestion
Explicit Congestion Notification Echo (ECE)
This data should be prioritized over other data.
Urgent (URG)
Used for acknowledgment
Acknowledgment (ACK)
Indicates that application data should be transmitted immediately and not wait for the entire TCP segment
Push (PSH)
Indicates that the connection should be reset
Reset (RST)
Synchronize sequence numbers
Synchronize (SYN)
Indicates there is no more data from sender
Finish (FIN)
Window size value, used for flow control (16 bits)
Window size
Calculated checksum from a constructed pseudo header (containing the source address, destination address, and protocol from the IP header, TCP segment length, and reserved bits) and the TCP segment (TCP header and payload) for error-checking (16 bits)
Checksum
If the URG flag is set, this field is an offset from the sequence number indicating the last urgent data byte (16 bits)
Urgent Pointer
The length of this field is determined by the data offset field (from 0 to 320 bits)
Options
Upper-layer protocol (ULP) data (varies in size)
Data
FTP is a reliable, connection-oriented service that uses TCP to transfer files between systems that support FTP. FTP supports bidirectional binary and ASCII file transfers. Besides using port 21 for exchange of control, FTP also uses one additional port, 20 for data transmission.
FTP (port 21, TCP)
Secure Shell (SSH) provides the capability to remotely access other computers, servers, and networking devices. SSH enables a user to log in to a remote host and execute commands. SSH messages are encrypted.
SSH (port 22, TCP)
Telnet is a predecessor to SSH. It sends messages in unencrypted cleartext. As a security best practice, most organizations now use SSH for remote communications.
Telnet (port 23, TCP)
Hypertext Transfer Protocol (HTTP) defines how messages are formatted and transmitted and which actions browsers and web servers can take in response to various commands. It uses TCP.
HTTP (port 80, TCP)
Hypertext Transfer Protocol Secure (HTTPS) combines HTTP with a security protocol (Secure Sockets Layer [SSL]/Transport Layer Security[TLS]).
HTTPS (port 443, TCP)
DNS is used to resolve Internet names to IP addresses. DNS uses a distributed set of servers to resolve names that are associated with numbered addresses. DNS uses TCP for zone transfer between DNS servers and UDP for name queries.
DNS (port 53, TCP, and UDP)
TFTP is a connectionless service. Routers and switches use TFTP to transfer configuration files and Cisco IOS images and other files between systems that support TFTP.
TFTP (port 69, UDP)
SNMP facilitates the exchange of management information between network devices. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
SNMP (port 161, UDP)
When a user is browsing the web, a browser sends a HTTP request to get the (HTML) document that represents the page.
Hyper Text Markup Language (HTML)
Dynamic allocation of IPv4 addresses is the most common type of address assignment. As devices boot and activate their Ethernet interfaces, the DHCP client service triggers a DHCP Discover broadcast that includes the Media Access Control (MAC) address of the DHCP client.
Dynamic allocation
Automatic allocation of IPv4 addresses is very similar to dynamic allocation, except that the lease time is set to never expire. This setting results in the DHCP client always being associated with the same IPv4 address.
Automatic allocation
Static allocation is an alternative that is generally used for devices such as servers and printers, where the device needs to keep the same IPv4 address configuration permanently. A static entry is made in the DHCP database that maps the MAC address to an IPv4 address.
Static allocation
The DHCP client boots up and sends this message on its local physical subnet to the subnet’s broadcast (destination IPv4 address of 255.255.255.255 and MAC address of ff:ff:ff:ff:ff:ff), with a source IPv4 address of 0.0.0.0 and its MAC address.
DHCP Discover
The DHCP server responds and fills the yiaddr (your IPv4 address) field of the message with the requested IPv4 address. The DHCP server sends the DHCP Offer to the broadcast address, but includes the client’s hardware address in the chaddr (client hardware address) field of the offer, so the client knows that it is the intended destination.
DHCP Offer
The DHCP client may receive multiple DHCP Offer messages, but chooses one and accepts only that DHCP server’s offer, implicitly declining all other DHCP Offer messages. The client identifies the selected server by populating the Server Identifier option field with the DHCP server’s IPv4 address. The DHCP Request is also a broadcast, so all DHCP servers that sent a DHCP Offer will receive it, and each will know whether it was accepted or declined. Even though the client has been offered an IPv4 address, it will send the DHCP Request message with a source IPv4 address of 0.0.0.0.
DHCP Request
The DHCP server acknowledges the request and completes the initialization process. DHCP ACK message has a source IPv4 address of the DHCP server, and the destination address is once again a broadcast and contains all the parameters that the client requested in the DHCP Request message. When the client receives the DHCP ACK, it enters into the Bound state, and is now free to use the IPv4 address to communicate on the network.
DHCP ACK
Command should be issued on the interface where the DHCP broadcasts are received.
ip helper-address address
Defines addresses in the DHCP pool. Optionally, defines a subnet mask or prefix length to define the network part.
network network-number [mask | prefix-length]
Specifies the IP address of the default router for a DHCP client.
default-router address
Specifies the IP address of a DNS server.
dns-server address
Specifies the domain name for the DHCP client.
domain-name domain
Specifies the duration of the lease. The default is a one-day lease.
lease {days [hours] [minutes] | infinite}
You can also exclude the range of IPv4 addresses from the DHCP assignment, by using the
ip dhcp excluded-address ip-address [last-ip-address]
To configure the DHCP server on a router, you should enter the DHCP pool configuration mode using the
ip dhcp pool name
Specify that the interface will forward UDP broadcasts, including BOOTP and DHCP, to the specified server address.
ip helper-address address
This option displays the complete TCP/IP configuration for all adapters, including DHCP and DNS configuration.
/all
Command displays only the IP address, subnet mask, and default gateway values for each adapter. Adapters can represent physical interfaces, such as installed network adapters, or logical interfaces, such as dial-up connections.
ipconfig
This option renews DHCP configuration for all adapters (if an adapter is not specified) or for a specific adapter if the adapter parameter is included.
/renew [adapter]
This option sends a DHCPRELEASE message to the DHCP server to release the current DHCP configuration and discard the IP address configuration for either all adapters (if an adapter is not specified) or for a specific adapter if the adapter parameter is included.
/release [adapter
This option displays the contents of the host DNS cache. When an IP host makes a DNS query for a hostname, it caches the result to avoid unnecessary queries.
/displaydns
This option deletes the host DNS cache. This option is useful if the IP address that is associated with a hostname has changed, but the host is still caching the old IP address.
/flushdns
This option displays help at the command prompt
/?
