TCP\IP Basics Flashcards
Where does Internet Protocol work?
TCIP Model
- at the internet layer
- takes data chunks from the transport layer
- adds addressing
- creates final IP Packet
Protocols of the internet layer?
- IPv4
- IPv6
- ICMP
parts of an IP Packet?
- version - 4 or 6
- header length - total size of ip portion of packet
- DSCP - differentiated services code point - contains data used by bandwidth-sensative applications like voice over ip
- TTL - prevents loops by using a counter
- protocol - TCP or UDP
TCP connection rules
- uses 3 way handshake
- SYN, SYN-ACK, ACK
- gives all segments a sequence number to verify all segments received
- if segment missing, the receiving system must request
parts of a tcp header
- source port
- destination port
- sequence number
- ack
- flags - state of connection
- checksum - checks header for errors
protocol for DNS and DHCP
UDP
how does the packet find the reciving computers MAC address?
sends out an ARP (address resolution protocol) request to MAC address FF-FF-FF-FF-FF-FF
view arp cache in windows CLI
arp -a
Three things the IP numbering system must do:
1) create network IDs
2) Interconnect LANs using routers / give routers a way to use the network ID to send packets
3) use subnet mask to recognize if the packet is for the LAN or WAN
WAN
Wide Area Network
- a group of two or more interconnected LANs
Network ID
unique identifier for a LAN
Host ID
part of the IP that isn’t the Network ID
cannot end in 0
Routing table
instructions built into a router that instructs it what to do with incoming packets and where to send them
subnet mask
- a bunch of 1’s followed by some number of zero’s
- always totals 32 bits
- 1’s always line up with network id in ip address
- 0’s always line up with host id in ip address
what happens when a computer wants to send to an IP address
- it will send to default gateway
- still does arp request to get MAC address for gateway
what is a whack
a slash followed by the number of ones in the subnet mask
- /24 = 24 ones - 255.255.255.0
- /16 = 16 ones - 255.255.0.0
- /8 = 8 ones - 255.0.0.0
a computer needs what to work in a network environment
- ip address that’s part of it’s network ID
- subnet mask
- default gateway
what organization tracks and disperses ip addresses globally
IANA
- Internet Assigned Numbers Authority
- hands out IPs in contiguous chunks called network blocks
what organization tracks and disperses ip addresses regionally
RIR
- Regional Internet Registries
- there are 5
What is the RIR for north america?
ARIN
American Registry for Internet Numbers
class A network block
first decimal 1-126
1.0.0.0 - 126.255.255.255
16M hosts per network ID
class B network block
first decimal 128-191
128.0.0.0 - 191.255.255.255
65K hosts per network ID
class C network block
first decimal 192-223
192.0.0.0 - 223.255.255.255
254 hosts per network id
class d network block
first decimal 224-239
224.0.0.0 - 239.255.255.255
multicast
class e network block
first decimal 240-254
240.0.0.0 - 254.255.255.255
experimental
multicast class blocks
- used for one-to-many communication
- can send packet with a broadcast, unicast, or multicast
- multicast often used when routers talk to each other
CIDR
- Classless Inter-Domain Routing
- ISP is given a block of addresses, subnets block into multiple subnets, then passes out smaller subnets to customers
VLSM
Variable Length Subnet Masking
BOOTP
bootstrap protocol
- predates DHCP, does same thing
how dhcp works
Four way handshake or DORA (Discover, offer, request, acknowledgement)
- client sends DHCP Discover message using broadcast when it boots up
- server sends DHCP offer message (includes IP address, subnet mask and gateway)
- client sends DHCP request (accepting offer)
- server sends DHCP Acknowledgement (unicast)
- client receives DHCP lease (good for fixed amount of time, usually 1 to 8 days)
- near end of lease, client sends out another DHCP request
DHCP ports
UDP 67 (server) and 68 (client)
What does a DHCP server need?
- pool of ip addresses to pass out
- know subnet mask of network
- ip address of default gateway
DHCP scope
range of ip address for server to hand out
DHCP scope options
choices like default gateway, dns server, network time server, etc
DHCP relay
- built into most routers
- accepts DHCP broadcasts from clients then sends them via unicast directly to the DHCP server by IP address (IP helper address)
DHCP TTL
Time to Live
- determines how many routers (hops) a DHCP relay can be from the helper IP
IP Exclusion in DHCP
an address that the dhcp server will not hand out (for clients with static ip)
MAC Reservation in DHCP
assigns ip by MAC address
ip address when DHCP cant be reached
- 254..
- generated by zeroconf (zero-configuration networking)
- Microsofts APIPA (Automatic Private IP Addressing)
- can not issue default gateway
Renew lease windows CLI
ipconfig /release
ipconfig /renew
Renew lease Mac CLI
sudo ifconfig eth0 down
sudo ifconfig eth0 up
Renew lease linux CLI
sudo dhclient -r
sudo dhclient
DHCP Failover
2 (only 2) dhcp servers work together to provide DHCP for the network (primary and secondary)
- share a single scope
- if either fails, the other picks up
rogue DHCP
another DHCP server added to the network handing out wrong addresses
private ip addresses
- 0.0.0 - 10.255.255.255 (1 class a network block)
- 16.0.0 - 172.31.255.255 (16 class b network blocks)
- 168.0.0 - 192.168.255.255 (256 class c network blocks)
