Networking Layer Flashcards
What is the size of the IPv4 header? Is it always the same size?
Fixed size 20 Bytes with optional, variable length for options.
What is an IPv4 header and for what is it used?
Describes a IPv4 packet and some important meta data.
Explain the concept of fragmentation of packets with the information of the IPv4 header.
- DF: Dont’ Fragment bit
- MF: More Fragments bit
- Reserved bit
- Fragment Identification
- Fragment Offset
What happens if the packet is too big but the header doesn’t allow fragmentation?
Drop the packet and send a error message with ICMP.
Why does the IPv4 packet rely on the ethernet frame in terms of MTU (Maximum Transmission Unit)?
Ethernet is on the lower level and sets the tone in terms of sending a packet over a line.
Describe the IPv4 Header and all its fields.
See book page 503
You have a network with subnetmask /24. You want to create 4 subnets. What is the subnetmask?
We want to have 4 subnets = 2^2. Subnetmask /26
ICMP - Destination Unreachable - Why are the first 64 Bits of the IP header enough to determine the connection?
Probably because of the identification of the IP packet through the fragment identification
What were the design targets of IPv6?
- Bigger address space
- Security in protocol (e.g. IPSec)
- Extension Headers are useful
- Reestablishing end-to-end connectivity
- ARP is replaced by neighboor hood discovery protocol
How handles the IPv6 packet fragmentation?
By using the extended headers with the value 44 for fragmentation information
Describe the IPv6 header and all its fields.
See screenshot in folder 100_exam_papers
Why is there no more broadcast in Ipv6?
Broadcast make a lot of traffic. IPv6 replaces broadcasts with specific multicasts by device types (e.g. a group of routers).
What are the components of the IPv6 address? Describe them properly
- 8x 16 bits fields, divided by :
- Prefix: Provided by ISP, consists of n bits (common 64)
- Subnet ID: Specific Location, specified by the provider, consists of 64 - n bits
- Interface ID: Derived from Mac, consists of 64 bits
How to convert a IPv4 address to be used dual stack in ipv6?
First 80 bits 0s, 16 Bits 0xFFFF, 32 Bits the IPv4 address
How to use an IPv6 address as Url with port nr?
https://[IPv6 address]:443
What is the problem with privacy and IPv6 and what are some possible fixes?
Interface ID 64 bit is derived from the mac address and therefore globally unique.
Fixes:
- DHCPv6: Random addresses generated (similar Ipv4)
- Privacy extension of IPv6
What can you tell me about ICMPv6 in reference to ICMPv4?
- ICMPv6 is mandatory for a correct functioning of IPv6
- ICMPv6 has more message types
What is the Neighbourhood discovery protocol and what does it do?
- Does use cases what multiple protocols did for IPv4 (ARP, ICMP, etc)
- Find a neighbouring router
- Find link-layer address of neighbouring device
- Detect duplicate addresses (DAD)
- Detect unreachability of address (NUD)
Describe the sequence of a device that is freshly connected to an ipv6 network and needs an ip address. The ip addresses are autoconfigured with SLAAC.
Have a look at the SLAAC diagram.
What is the goal of neighbour solicitation and advertisement?
- Get link local address of neighbor
- DAD (Duplicate Address Detection)
- NUD (Neighbor Unreachable Detection)
Client 1 wants to communicate with client 2. They never have communicated before. What is the sequence?
- ) Search in cache for link local address of PC 1
- ) Not there, send neighbor solicitation message to multicast of all nodes
- ) PC 1 sends neighbor advertisement with link local address in it back
- ) They can communicate with eachother
What is the problem with ND? What is a solution to this?
- If an attacker has control over the mapping of layer 2/3 he can start a spoofing attack. e.g. PC 1 searches for the router with IP xy and instead of the router PC 2 answers. That is then a man-in-the-middle.
- SEND (Secure Neighbor Discovery) is a solution to this. Crypto approach, the router identifies with a certificate and the client can test it.
Describe the sequence of creating a valid globally unique IPv6 address with SLAAC.
- ) New client creates a “tentative” address with link local + Interface ID
- ) Neighbor solicitation to multicast all nodes with target his tentative address
- ) If no response, it is unique in link local scope
- ) Router solicitation to multicast routers
- ) Router advertisement with prefix
- ) Create global address
- ) Again neighbor solicitation with global address. Response address is a multicast address
- ) If no response (DAD) then it is (almost) safe to use (No obligation to DAD)
What are the two flags on the router advertisement and what do they stand for?
- M: Managed Address Configuration Flag: if it is set, use DHCPv6 (stateful)
- O: Other Configuration: If it is set, use DHCPv6 for more information but still SLAAC for address assignment.
When to use DHCPv6 over SLAAC?
If more complex information needed use DHCPv6. SLAAC is only for address assignment
