Section 4. Understanding TCP/IP

Question 1

Q01-What is the Internet Protocol (IP)?

Answer 1

IP is a connectionless protocol that provides best-effort delivery and routing of packets. IP has the following characteristics: Operates at Layer 3 (network) of the Open Systems Interconnection (OSI) reference model and the Internet layer of the TCP/IP (Internet) model. Is connectionless, providing best-effort delivery of packets. Uses hierarchical addressing. Has no built-in data recovery. Each packet is treated independently; thus each packet can travel a different way to its destination. Operates independently of the medium that is carrying the data.

Question 2

Q02-What is an IP address used for?

Answer 2

An IP address uniquely identifies a device on an IP network.

Question 3

Q03-How many bits are in an IPv4 address? In an IPv6 address?

Answer 3

IPv4: 32 bits IPv6: 128 bits

Question 4

Q04-An IP address is a hierarchical address that consists of what two parts?

Answer 4

An IP address is a hierarchical address that consists of the following two parts: Network ID: Describes the network to which the IP address or device belongs Host ID: The ID that identifies a specific host IP addresses include the use of a subnet mask that is responsible for deciphering which part of the IP address is the network and which part is the host.

Question 5

Q05-What are the different classes of IP addressing and the address ranges of each class?

Answer 5

The different classes of IP addressing and their ranges are as follows: Class A: 1.0.0.0 to 126.255.255.255 Class B: 128.0.0.0 to 191.255.255.255 Class C: 192.0.0.0 to 223.255.255.255 Class D: 224.0.0.0 to 239.255.255.255 (Multicasting) Class E: 240.0.0.0 to 255.255.255.254 (Reserved) 127.0.0.0 is also a Class A network, but it is reserved for the loopback, or “localhost,” IP—the IP address of the TCP/IP software itself.

Question 6

Q06-What are the five types of reserved IPv4 addresses?

Answer 6

The five reserved IPv4 addresses are Network address: The address of the network is an IP address that has binary 0s in all the host bit positions. Direct broadcast address: An address for each network that allows communication to all hosts on a network. The direct broadcast address has all 1s in the host bit positions. Local broadcast address: Used to allow hosts to communicate with all hosts on a local network. The address used is 255.255.255.255. Local loopback address: Used to let the system send a message to itself for testing. This address is 127.0.0.1. All zeros address: Used to indicate hosts in “this” network and used only as a source address.

Question 7

Q07-What does RFC 1918 define?

Answer 7

RFC 1918 defines reserved (private) networks and addresses that are not routed on the Internet. These addresses are as follows: 10.0.0.0 to 10.255.255.255 172.16.0.0 to 172.31.255.255 192.168.0.0 to 192.168.255.255 They are used as internal private addresses within a corporation or home network. Private addresses are widely used today, and they employ mechanisms such as Network Address Translation (NAT) and Port Address Translation (PAT) to assist with “stretching” the current IPv4 address space. This stretching is done by translating private IP addresses to public routable IP addresses on the Internet, thus ensuring that private hosts can communicate externally without having a public IP address directly configured.

Question 8

Q08-If an IP addressed device wants to communicate with all devices on the local network, what is the destination IP address of its broadcast?

Answer 8

The destination IP address is 255.255.255.255. This address is also called the local broadcast address.

Question 9

Q09-What is special about IP address 127.0.0.1?

Answer 9

127.0.0.1 is the loopback address. The loopback address is used to test the proper installation of the IP stack.

Question 10

Q10-In a default Class A network, how many octets are used for host addresses?

Answer 10

Three octets are used for host addresses. One octet consists of 8 bits; thus a default Class A network uses 24 bits for host addresses. The maximum number of hosts a Class A network can have is 16,777,214 (224 – 2).

Question 11

Q11-How many hosts are available for use in a default Class B network?

Answer 11

65,534 addresses are available. A default Class B network uses 16 bits for host addresses; thus 216 – 2 = 65,534.

Question 12

Q12-How many hosts are available for use in a default Class C network?

Answer 12

254 hosts are available. A default Class C network uses 8 bits for host addresses. Thus 28 – 2 = 254.

Question 13

Q13-What is DNS?

Answer 13

The Domain Name System (DNS) converts domain names or host names into IP addresses. Instead of having to remember a host’s IP address, DNS allows you to use a friendly name to access the host. For example, it is easier to remember http://www.cisco.com than 198.133.219.25.

Question 14

Q14-On a Windows computer, what command can you use at the command prompt to view the IP information assigned to the PC?

Answer 14

You can use the ipconfig command.

Question 15

Q15-On a Windows computer, what commands do you use to release an IP address obtained from DHCP and request a new address?

Answer 15

To release the IP address: ipconfig /release To request a new address: ipconfig /renew

Question 16

Q16-Convert the binary number 01100100 to decimal.

Answer 16

Converting a binary number to decimal is just the reverse of converting a decimal number to binary. When converting from binary, look at the numbers that are considered ON and then find their place value. In the binary number 01100100, the place values 64, 32, and 4 are ON. If you add these place values together, you get the decimal number of 100.

Question 17

Q17-Convert the binary number 0101011011000010 to hexadecimal.

Answer 17

Converting binary to hex is easier than it looks. No matter how large the binary number, always apply the following conversion: Break the binary number into groups of four, starting from the right and moving left. If the binary number is not divisible by four, add 0s to the left end or until you have four digits in every group. Using this equation, 0101011011000010 is broken into the following groups: 0101 0110 1100 0010. After you have created the groups, you can convert the digits to hex. 0101 is 5 in hex, 0110 is 6, 1100 is C, and 0010 is 2, so this binary number looks like the following in hex: 0x56C2.

Question 18

Q18-What is the range of binary values for the first octet in Class B addresses?

Answer 18

The first octet for a Class B IP address is 128–191 in decimal, which is 10000000–10111111 in binary. If you see similar questions on the ICND 1 exam, remember the following: Class A addresses always have the high-order bit as 0. For example, 0xxxxxxx. Class B addresses always have the high-order bit as 1 and the second bit as 0. For example, 10xxxxxx. Class C addresses always have the high-order bit and second bit as 1. The third bit is 0. For example,110xxxxx.

Question 19

Q19-What is the role of the subnet mask in an IP network?

Answer 19

The subnet mask identifies the network and host portion of an IP address. It is used by hosts to identify the destination IP address as either local or remote and is also used by routers to determine the path to route packets.

Question 20

Q20-How many usable IP addresses are provided in a default Class C network address?

Answer 20

254 usable IP addresses are provided. The default subnet mask for a Class C address is 255.255.255.0, or /24. This means that 24 bits are used for the network number and 8 bits are reserved for hosts. 28 = 256. However, because two addresses are reserved for the network address and broadcast address, the amount of usable IP addresses is 254. The formula to calculate usable IP addresses is 2n–2, where n is the number of host bits.

Question 21

Q21-Convert the decimal number 167 to binary.

Answer 21

Binary uses only two symbols (1 or 0) instead of ten symbols like decimal. In binary, 1 signifies ON and 0 signifies OFF. To convert a decimal number to binary, each digit represents the number 2 raised to a power exponent based on its position. The following table converts decimal to binary:

To convert a decimal number to binary, first find the largest power of 2 that can fit into the decimal number. If you have the decimal number 167, 128 is the largest power of 2 that fits into this binary number, so 128 is considered ON. Subtracting 128 from 167 leaves you with 39. The next largest power that can fit into 39 is 32, so 32 is considered ON. Subtracting 32 from 39 leaves you with 7, so 4, 2, and 1 are considered ON. This leaves you with the following binary number: 10100111.

Question 22

Q22-What is the correct network address for host 192.168.10.72/26?

Answer 22

The correct network address is 192.168.10.64.

A 26-bit subnet mask is 255.255.255.192. A quick way to find the network of a given subnet mask is to subtract the last portion of the subnet mask from 256. In this case, 256 – 192 = 64. Assuming that the ip subnet zero command is enabled on the router, the usable networks for a 26-bit subnet mask are as follows:

192. 168.10.0
193. 168.10.64
194. 168.10.128
195. 168.10.192

Host 192.168.10.72 falls in the 192.168.10.64 network.

Question 23

Q23-What is the purpose of the default gateway?

Answer 23

The default gateway allows hosts to communicate with hosts that are on a different network segment.

All data that is not destined for the same network of the sending device is sent to the default gateway for delivery.

Question 24

Q24-A host computer has been correctly configured with a static IP address, but the default gateway is incorrect. Which layer of the OSI model is first affected by this misconfiguration?

Answer 24

Layer 3 is affected first.

The default gateway sends IP packets to a remote network and functions at Layer 3 of the OSI model.

Question 25

Q25-As a network administrator, you have a Class B address. Assuming that the ip subnet zero command is enabled on the router, what subnet mask allows you to have 100 subnetworks with at least 500 usable hosts?

Answer 25

The subnet mask is 255.255.254.0.

255. 255.254.0 in binary is as follows:
256. 11111111.11111110.00000000

All you care about are the last two octets. So you have 7 bits for the network and 9 bits for host addresses. Seven bits of subnetting provide 128 subnets, and 9 bits of host subnetting provide 510 hosts per subnet.

Question 26

Q26-How many usable subnets and usable hosts do you have if you subnet the network address 192.168.1.0 with the subnet mask 255.255.255.240?

Answer 26

You have 16 subnets with 14 hosts in each network.

If you subnet 192.168.1.0 with a 28-bit mask (255.255.255.240), you have 16 networks with 14 hosts in each network. If you look at the network address and subnet mask in binary, you can see that in the last octet, you have 4 bits for networks and 4 bits for hosts, as follows:

11000000. 10101000.00000000.00000000
11000001. 11111111.11111111.11110000

You can apply these bits to the following formula, where x is the amount of borrowed bits:

Amount of subnets = 2x

Amount of hosts = 2x – 2

Therefore, 24 – 2 = 14 subnets.

You can then apply the same equation to determine that the number of hosts is also 14.

Question 27

Q27-Your Internet provider has given you the IP network address of 172.16.0.0/16. You have 18 networks, each with 1200 hosts. You want to assign one IP range per subnet, leaving room for future growth. Assuming that the ip subnet zero command is enabled on all routers, what subnet mask would best achieve your goals?

Answer 27

The subnet mask of 255.255.248.0 would best achieve your goals.

If you look at this subnet mask in binary, you can see that you have 5 subnet bits for the network address:

11111111.11111111.11111000.00000000

If you use the subnet equation 25 = 32, 32 available networks will be provided with the subnet mask, which fulfills the requirement for 18 networks and allows adequate growth. This leaves you with 11 bits to be assigned to hosts. This gives you 2046 (211 – 2) addresses, giving you more than enough IP addresses to be assigned to hosts. If you use a subnet mask of 255.255.240.0, you will meet the requirement of 1200 hosts (212 – 2 = 4094 available hosts) but not have enough networks (24 = 16 available networks).

Question 28

Q28-What are the benefits of variable-length subnet masking (VLSM)?

Answer 28

VLSM gives a network administrator the option of including more than one subnet mask within a network and of subnetting an already subnetted network address. VLSM benefits include

More efficient use of IP addresses: Without VLSM, companies must implement a single subnet mask within an entire Class A, B, or C network number.

Better-defined network hierarchical levels: VLSM allows more hierarchical levels within an addressing plan and allows aggregation of network addresses.

Question 29

Q29-What is CIDR?

Answer 29

Classless interdomain routing (CIDR) is an addressing scheme for the Internet that allows more efficient use of IP addresses than the old Class A, B, and C scheme. It is more flexible and offers route aggregation (supernetting). A CIDR address is a network address that does not use original Class A, B, and C rules. For example, a CIDR address can look like this: 192.168.2.0/29.

Question 30

Q30-What does route aggregation mean when referring to VLSM?

Answer 30

Route aggregation means combining routes to multiple networks into one larger IP network or aggregated IP subnets within the class rules.

Question 31

Q31-What functions does the transport layer perform?

Answer 31

The transport layer performs the following functions:

Session multiplexing

Identification of different applications

Segmentation

Flow control

Connection-oriented

Reliability

Question 32

Q32-What two common protocols function at the transport layer of the TCP/IP model?

Answer 32

Two protocols that function at the transport layer of the TCP/IP model are as follows:

TCP (Transmission Control Protocol): A connection-oriented, reliable protocol

UDP (User Datagram Protocol): A connectionless and unacknowledged protocol

Question 33

Q33-What is session multiplexing?

Answer 33

Session multiplexing is a process that allows a host with a single IP address to support multiple sessions simultaneously. A session is created when a source host needs to send data to a destination host.

Question 34

Q34-What is the purpose of flow control?

Answer 34

Flow control provides a mechanism for the receiver to control the transmission speed.

TCP implements flow control by using the SYN and ACK fields in the TCP header, along with the Window field. The Window field is a number that implies the maximum number of unacknowledged bytes allowed to be outstanding at any time.

Question 35

Q35-How do TCP/IP protocols identify applications?

Answer 35

TCP/IP protocols identify applications through port numbers.

Question 36

Q36-How do TCP and UDP perform segmentation?

Answer 36

TCP performs segmentation by taking data chunks from applications and breaking them into smaller segments that will fit in the maximum transmission unit (MTU) of the underlying network layers.

UDP does not perform segmentation; instead it expects the application process to send data in correct sizes.

Question 37

Q37-Which has more overhead: UDP or TCP?

Answer 37

TCP has more overhead. Because UDP segments are not acknowledged, they do not carry the overhead that TCP does, thus allowing faster transmissions.

Question 38

Q38-What is the IP protocol number for TCP and UDP?

Answer 38

TCP: 6

UDP: 17

Question 39

Q39-What is reliable versus best-effort delivery?

Answer 39

Reliable delivery is connection oriented, and best-effort is connectionless.

Question 40

Q40-What is the purpose of TCP and UDP port numbers?

Answer 40

To pass information (such as email) to upper layers, TCP and UDP use port numbers. These port numbers are predefined and keep track of different conversations among different hosts at the same time. Originating source port numbers are dynamically assigned by the source host using a number in the range of 49,152 to 65,535.

Question 41

Q41-What are well-known port numbers?

Answer 41

Well-known port numbers are used for fundamental applications such as email and DNS. They have a range from 0 to 1023.

Question 42

Q42-What is the port number for SMTP?

Answer 42

25

Question 43

Q43-What is the port number for DNS?

Answer 43

53

Question 44

Q44-What are the port numbers for FTP?

Answer 44

20 and 21

FTP uses port 20 for data transfer and port 21 is the command port.

Question 45

Q45-What is the port number for TFTP?

Answer 45

69

Question 46

Q46-What is the port number for Telnet?

Answer 46

23

Question 47

Q47-What is the port number for SSH?

Answer 47

22

Question 48

Q48-What protocol(s) and port numbers does DNS use?

Answer 48

DNS uses both TCP and UDP using port number 53.

DNS uses UDP to carry simple queries and responses and TCP to guarantee the correct and orderly delivery of large amounts of bulk data between DNS servers for synchronization of databases.

Question 49

Q49-What is a TCP/IP socket?

Answer 49

A TCP/IP socket is an IP address combined with a TCP or UDP port number.

When a host wants to talk to another host, it sends its IP address along with the application (port number) it wants to communicate with. For example, if host 192.168.0.3 wants to talk to host 192.168.0.2 by email, host 192.168.0.3 sends its IP address and destination port number (192.168.0.3:1023) to host 192.168.0.2 with the port number it wants to communicate with (192.168.0.2:25).

Question 50

Q50-What are the three mechanisms TCP uses to accomplish a connection-oriented connection?

Answer 50

The three mechanisms TCP uses to accomplish a connection-oriented connection are as follows:

Packet sequencing

Acknowledgments, checksums, and timers

Windowing

Question 51

Q51-What are the steps for the TCP three-way handshake?

Answer 51

The steps of the TCP three-way handshake are as follows:

1. The source host sends a SYN to the destination host.
2. The destination host replies to the source with an ACK. At the same time, it sends a SYN to the source host.
3. The source host replies with an ACK.

For the exam, remember: Step 1: SYN, Step 2: SYN/ACK, Step 3: ACK.

Question 52

Q52-What is the purpose of the TCP three-way handshake?

Answer 52

The three-way handshake creates a connection-oriented virtual circuit between two devices, and establishes an initial sequence number and window size.

Question 53

Q53-What is a TCP window?

Answer 53

A TCP window determines the number of segments that can be sent before an acknowledgment is required.

TCP uses a “sliding window” technique to specify the number of segments that the recipient can accept. Sliding means that the window size is negotiated dynamically during the TCP session.

Question 54

Q54-What is the purpose of TCP sequencing?

Answer 54

The purpose of sequencing is to provide reliability by requiring the recipient to acknowledge receipt of a group of segments before a timer expires. Sequencing is also used to provide proper ordering or segments.

Question 55

Q55-What are the most common fields that are included in the TCP header?

Answer 55

The most common used fields included in the TCP header are as follows:

Acknowledgment Number

Sequence Number

Source/Destination Port

Window Size

TCP Checksum

Question 56

Q56-What transport layer protocols are best suited for the transport of VoIP data?

Answer 56

UDP and RTP are best suited.

VoIP uses a combination of UDP and RTP for transport of data. VoIP is time sensitive and uses UDP because UDP uses less overhead than TCP.