Week 2 - The Network Layer Flashcards
How do nodes on a LAN communicate with each other?
MAC addresses
How long are IP addresses? How is each number represented?
32 bits long (4 octets long)
Represented by decimal numbers 0-255
How are IP addresses assigned and distributed?
distributed in large sections to organizations and companies
Do IP addresses belong to the networks or the devices attached?
The networks
Would your IP address change if you were at your house and if you were at a cafe?
Yes, IP address changes depending on network connected to
What is a dotted decimal notation?
When the IP address has numbers larger than what could be represented by 8 bits
example, would need 9-10 bits for the numbers 456 or 789
What does DHCP stand for? What does it do?
Dynamic Host Configuration Protocol
It assigns an IP address to a new connected device automatically
What is a static IP address? What is it usually assigned to?
An IP address that must be assigned manually
Usually assigned to servers and network devices
What is a dynamic IP address? What is it usually assigned to?
assigned automatically by the DHCP
usually to a client
What is a data packet at the Network layer called?
an IP datagram
What is a fragmented datagram called?
a packet
Define what an IP datagram is?
a highly structured series of fields that are strictly defined
What are the 2 primary sections of an IP datagram?
- header
- payload
How many total bytes is an IP datagram header?
32 bytes (includes the 0)
What are the first 3 fields in an IP datagram? Explain them.
- Version - 4 bits. What version of internet protocol is being used (IPv4 is common)
- Header Length - Almost always 20 bits long in IPv4. Declares how long the entire header is.
- Service type - 8 bits. Specifies QoS
What’s the minimum size for a header?
20 bytes
Define what is QoS?
Quality of Service
service that allows routers to make decisions about which IP datagram is more important
What are fields 4 and 5 in an IP datagram?
- Total Length - 16 bits. Indicates total length of IP datagram.
- Identification - 16 bits. Used to group messages together.
What is the max size for an IP datagram?
65,535 bits
What field is used when data is split up? How does that field help?
The identification field is used so receiving end understands that every packet with the same value in that field is part of the same transmission
What are fields 6, 7, and 8?
- Flags - indicates whether datagram is allowed to be fragmented or already fragmented
- Fragmentation - process of taking a single datagram and splitting it up into smaller datagrams
- TTL (time to live) - 8 bits. How many router hops the datagram can make before it’s thrown away.
How does the receiving end put back fragmented packets in the correct order?
It takes values from the fragmentation offset field and uses the identification field
Why would you need to fragment a datagram?
When a network that allows a larger datagram size crosses into a network that allows a smaller datagram size
What is the main purpose of the TTL field?
when an endless loop happens due to misconfiguration, the datagram isn’t continuously bounced between routers forever
What are fields 9 and 10 in an IP datagram?
- Protocol - 8 bits. Contains data about what transport layer protocol is being used (TCP, UDP)
- Header Checksum - like Ethernet checksum, its the checksum of contents of the entire IP datagram header
When does the header checksum field change?
at every router along with the TTL as it has to be recomputed at every router it touches
What are fields 11, 12, 13, and 14 of an IP datagram?
- Source IP address (32 bits)
- Destination IP address (32 bits)
- IP Options - optional field used to set special characteristics for datagrams for testing purposes
- Padding - uses series of 0s to make sure header is correct total size in case there is no IP options field (optional)
What is encapsulation?
The entire contents of an IP datagram are encapsulated as the payload of an Ethernet frame (encapsulates payload/message from layers above it to send below)
(kind of like mashing all the information together and the layers that need any specific information will unwrap it otherwise they add their layer data and move data to layer below)
What 2 sections are IP address split into? Which is which?
- Network ID
- Host ID
The first octet (at least) is the Network ID out of 4 octets (32 bits)
What is the address class system?
way of defining how the global IP address space is split up
What are the 3 types of address classes? Explain the difference
- Class A - first octet is the Network ID, rest are Host
- Class B - first 2 octets are Network ID, rest are Host
- Class B - first 3 octets are the Network ID, rest are Host
If the very first bits of an IP address is 0, what address class does it belong to?
Class A
If the first 2 bits of an IP address start with 10, what address class does it belong to?
Class B
If the first bits of an IP address are 110, what address class does it belong to?
Class C
How do you know how many possible addresses there are for Class A?
Since there are 24 bits left as the Host ID space (first octet is Network ID), you calculate 2^24 = 16,777,216 individual addresses
Less for Class B and C as there’s less Host ID space
A Class A address is any address with the first octet between ?–?
0-127
First bit has to be 0 for class A, so the possible values are 0-127
A Class B address is any address with the first octet between ?–?
128-191
A Class C address is any address with the first octet between ?–?
192-223
A Class D address always begins with how many bits? What are the first octet numbers?
1110 bits
224-239
What are Class E addresses? What do they make up? Why are they used?
all remaining IP addresses but unassigned and only used for testing purposes
What has this address class system mostly been replaced by?
CIDR (classless inter-domain routing)
What does ARP stand for and define it?
ARP - Address Resolution Protocol
a protocol used to discover the hardware address of a node with a certain IP address
(has the IP address, so sets out to find hardware address of a node)
Why would a fully formed IP datagram need a destination MAC address?
Once IP datagram is encapsulated inside Ethernet frame it needs the destination MAC address to complete the Ethernet Frame header
(knows where to send the frame)
What is an ARP table?
a list of IP addresses and the MAC addresses associated with them that almost all network-connected devices have
(Contact information - correlate the house number (MAC) with rest of address)
How does a system send information to a specific IP address that doesn’t have an entry in the ARP table to know its destination MAC address?
It sends out a broadcast ARP message to the MAC broadcast address (all F’s) and is delivered to all computers on the LAN
The network with that specific IP address answers the ARP broadcast and sends back an ARP response with the MAC address it needed.
Does a system store a MAC address in its local ARP table once it finds out the missing address associated with the IP address?
Yes it will likely store it for future use so it doesn’t have to send an ARP broadcast next time
When do ARP tables expire?
After a short amount of time to make sure network is refreshed and updated
Define what is subnetting?
Subnetting is the process of taking a large network and splitting it up into many smaller subnets or subnetworks
Explain the communication process in 4 steps from system to system: (for an address class system)
- System wants to communicate with specific IP address
- Core routers know this IP belongs to the Class A,B,C network
- Core routers route message to gateway router responsible for that network by looking at Network ID
- Packet gets to gateway router, router looks at Host ID to get data to proper system
What is a gateway router’s role?
Serves as the entry and exit path to a certain network
What do you do when there’s too many IPs for one router to handle?
split up large networks into many subnets with their own gateway routers with their own entry and exit point for each subnet
How does subnetting change how an IP address is read?
some bits of the IP address that would normally comprise the Host ID are used for the subnet ID
How are subnet IDs calculated?
via subnet masks
What are subnet masks?
32 bit numbers that are normally written out as 4 octets in decimal
so subnet masks are binary numbers that have 2 sections (1111 1111) and tells us what is the subnet ID and the 0s tell us what to keep as Host ID
What and why does the subnet mask tell you to ignore?
tells us to ignore the section with 1s and the part with 0s we can keep as Host ID
What is the purpose of a subnet mask?
to tell a router what part of an IP address is the subnet ID
How is the size of a subnet defined?
By its subnet mask
A single 8 bit number can represent how many different numbers in decimal?
256
0-255
Only which total numbers are available to be assigned as a Host?
1-254
but still refer to total number of hosts available as 256 not 254 because the other IPs are still IP addresses even if they aren’t assigned directly to a node on that subnet
What number is reserved as a broadcast address for a subnet?
255
What number is generally not used in a subnet for a Host ID?
0
What’s the shorthand way of writing subnet masks? Example, 27 1s
/27
What’s the trick to figure out how many decimal numbers can be represented by a certain number of bits? 8 bits, 4 bits, and 16 bits
8 bits: 2^8 = 256 (0-255)
4 bits: 2^4 = 16
16: 2^16 = 65, 536
2 digital total ^ # of bits
How do you calculate a base 10 number with 2 columns of digits?
10 ^2
(how many numbers you can represent with 2 columns of decimal digits which is 0-99)
How do you calculate a base 10 number with 3 columns of digits?
10 ^3
3 columns of decimal digits, 0-999
What are the only 4 possible outcomes in binary addition?
- 0+0 = 0
- 0+1 = 1
- 1+0 = 1
- 1+1 = 10
carry a digit to the next column once you reach 2 (1+1)
What are the 2 most important operators?
AND
OR
What’s the formula for OR operator?
X OR Y = Z
if x or y is true, then z is true otherwise it’s false
1 OR 0 = 1
0 OR 0 = 0
What’s the formula for the AND operator?
X AND Y = Z
If x and y are true, then z is true
1 and 1 = 1
1 and 0 = 0
0 and 0 = 0
How does a subnet mask use AND operators?
to determine if an IP address exists on the same network
Host ID is auto known as it’s the leftovers
What does it mean to use subnet masks to demarcate networks?
to set something off
What is a demarcation point?
to describe where one network or system ends and another one begins
What is the name for the slash notation?
CIDR notation
Difference between old network model and CIDR?
previous relied on network id, subnet id, and host id to deliver IP datagram
with CIDR the network ID and subnet ID are combined into one (network mask)
CIDR allows an address to be defined by how many IDs?
2 individual IDs
What are the 3 benefits of using CIDR?
- can combine address space into 1 contiguous chunk with a net mask using CIDR notation
- routers only need to know 1 entry in routing table to deliver traffic instead of 2
- you get additional available hosts IDs
You always lose ___ host IDs per network
2
What’s the formula to check how many Host ID addresses are available?
2^(# of 0s)-2
Define what a router is and does?
it’s a network device that forwards traffic depending on the destination address of that traffic
What does a router need in order to do its job?
At least 2 network interfaces since it needs to be connected to 2 networks to do its job
Describe the 5 basic Routing steps: (Router received the data)
- router receives a data packet on one of its interfaces
- router examines the destination IP of the packet
- router looks up the destination IP network in the routing table
- router uses info from the routing table to forward traffic to the destination through the closest interface to the remote network
- repeat until traffic reaches destination
When a computer knows a destination IP address isn’t on its local subnets, where does it send the data packet?
to the MAC address of its (own) gateway (router)
What does a router do when it first receives a data packet to find the destination IP address?
the router strips away the data link layer encapsulation to leave the network layer content leftover which is the IP datagram and inspects it for the IP address
How does a router find the destination IP address in an IP datagram?
it directly inspects the de-encapsulated IP datagram’s header for the destination IP field
What does a router look for and in what after it finds the destination IP address in an IP datagram? 2 things (traffic flow)
router looks at routing table to find:
1. the correct network for the destination IP address
2. MAC address associated
What is the 1st thing the router does after it has the correct IP destination network and MAC address?
router needs to form a new packet to forward to the correct network
What are the 8 steps to a router forming a new packet to forward to a Network? (after de-encapsulation)
- router takes all the data from 1st IP datagram
- duplicates data
- detriments TTL field by 1
- calculates a new checksum
- encapsulates the new IP datagram inside of a new Ethernet frame
- router sets its own MAC address as source
- router sets the destination MAC address it looked up in the ARP table
- packet is sent out of its interface and gets delivered to the right node
How would you still be able to build your own router today? 3 things
- have a computer with 2 network interfaces (point of interconnection between computer and public/private network like with a NIC)
- bridge the 2 networks
- manually update routing table
Routers vary depending on what 2 things?
make and class of the router but share similar routing tables
What are the 4 columns a basic routing table has in order?
- Destination Network
- Next Hop
- Total Hops
- Interface
What is the destination network in a routing table for?
Destination-based static routes use the destination network to determine what path to take to get the traffic to the final destination
a row for each IP address the router knows about
What is the Next Hop in a routing table used for?
Shows the IP address of the next router that’s in line to receive data on the way to the destination network
What is the Total Hops in a basic routing table?
Keeps track of how far away the destination network is so that the route is always updated to the best and shortest route with any new data from nearby routers
What is the Interface on a basic routing table?
Lists the network interface that matches the destination network that traffic will be forwarded to
What are routing protocols?
special protocols routers use to share information with each other
What are the 2 main routing protocol categories?
- Interior Gateway Protocols
- Exterior Gateway Protocols
What are interior gateway protocols purpose?
used by routers to share information within a single autonomous system
What is an autonomous system?
a single network operator (like a router) that controls a collection of networks
(known and defined collections of networks)
What are 2 examples of an autonomous system?
- ISP employs many routers to reach many networks on a national scale
- Large corporation needs to route data between many offices with its own LAN
What are exterior gateway protocols purpose?
used for the exchange of information between independent autonomous systems (the edge)
In computer science, what’s the definition of a vector?
a list
What is the distance-vector protocol? What does it do?
it sends a list of distances to networks
router takes routing table and distributes it to neighboring routers
What’s a downside of a distance-vector protocol? What problem does this cause?
They don’t know much about the state of the world outside their neighboring system
so a router might be slow to react to a change in the network far away from it
What do Link State protocols do?
they advertise the state of the link of each of its interfaces to every router or direct connection (to networks) to every router in the autonomous system
What does a router do with the information gained from link state protocols?
each router runs algorithms against the larger set of information provided to find the best path to any destination network
How does a link state protocol differ from a distance-vector protocol?
distance-vector protocols only distributes its distance vector to neighbors to find the best path (outdated)
link state protocol:
1. updates every router in the system about the link states (direct connections, other router connections)
2. runs algorithms against the information provided to find the best path.
3. Also needs more memory and processing power.
Why do core internet routers need to know about autonomous systems?
in order to properly forward traffic
What’s the number 1 goal of a core internet router in terms of autonomous systems?
Getting data to the edge router of an autonomous system
What does IANA stand for? What does it do?
Internet Assigned (that’s mine!) Numbers Authority
non-profit org that helps manage things like IP address allocation and ASN
How does the IANA prevent chaos?
Prevents anyone from using any IP space they want
What does ASN stand for? who manages it?
autonomous system number allocation
managed by the IANA
Define what ASN is? How long is the number?
Autonomous system number allocation
32 bit numbers assigned to individual autonomous systems
How are ASN and IP addresses the same?
Both are 32 bits
How are ASN and IP addresses different? 3
- IP addresses need to be split into 4 octets to represent Network/Host IDs
- ASN never change, only core routing tables need to be updated to know what the ASN represents
- Looked at by humans far less than IP addresses
What are the 2 common distance-vector protocols? What do they stand for?
- RIP (routing information protocol)
- EIGRP (enhanced interior gateway routing protocol)
How does the RIP protocol prevent routing loops? How often does it broadcast routing table updates? What protocol does it use to send information?
- has a limit on number of hops allowed, max amount is 15 (limited network size)
- broadcasts routing table updates every 30 seconds
- User datagram protocol (UDP)
Does the EIGRP share information manually or automatically?
automatically, dynamic routing table protocol
How is the EIGRP different from RIP in terms of updates?
EIGRP sends incremental updates when something changes, and only what has changed not the entire routing table
What did EIGRP replace in 1993? Why?
IGRP (interior gateway routing protocol) because it could not support classless IPv4 addresses
What are the 2 tables a EIGRP uses? What’s the difference?
- Neighbor Table
- Topology Table
Neighbor doesn’t store routers connected to this router indirectly, not considered neighbors
Topology table stores routes it learned from the neighbor table but not all routes.
What does it mean when EIGrP is active?
still calculating best path
What does it mean when EIGRP is passive?
path for the route has finished processing
When are routes from the topology table able to be used?
only after they’re inserted into the routing table
When two connected routers are both running EIGRP, what is their relationship called? What initially happens?
adjacency
the entire routing table is exchanged between both routers, then only differential changes are sent
Which routing protocol is known as the hybrid?
EIGRP because of its incremental changed-based updates
What is an OSPF? how does it work?
open shortest path first is a common link state protocol
gathers link state information and constructs topology map of the network presented as a routing table
What does OSPF support?
IPv4, IPv6, CIDR
Where is OSPF widely used?
in large enterprise networks
(IS-IS is used in large service provider networks)
How long does it take for OSPF to detect changes?
seconds
How does OSPF simplify administration?
it divides the network into routing areas and admins usually select the IP address of a main router in an area as the area identifier
Which gateway protocol does not use a transport protocol? what does it use instead?
OSPF open shortest path first
it uses its own transport error detection/correction and instead encapsulates its data directly in IP packets with protocol number 89
how does OSPF distribute route information within a broadcast domain?
uses multicast addressing, and for routing multicast traffic it supports the MOSPF (multicast open shortest path first) protocol
Why do network operators need ASN? 2 things
Network operators need Autonomous System Numbers (ASNs) to:
1. control routing within their networks
2. to exchange routing information with other Internet Service Providers (ISPs).
What is dotted decimal notation?
The format of IPv4 address octets separated by a dot
What Class address is used for multicasting?
Class D addresses
Define a subnet mask (not about broken down networks):
A subnet mask is a set of identifiers that returns the network address’s value from the IP address by turning the host address into zeroes.
What does CIDR do?
Classless or Classless Inter-Domain Routing (CIDR) addresses use variable length subnet masking (VLSM) to alter the ratio between the network and host address bits in an IP address.
Uses subnet masks to mark where one network ends and another begins
What does CIDR stand for?
Classless inter-domain routing
What devices keep an ARP table?
Almost all network connected devices
What is an ARP table? What does it contain?
Address Resolution Protocol
Contains a list of IP addresses and the MAC address associated with them
When would your computer receive an ARP response?
After your computer sent out an ARP MAC broadcast message to all nodes on a network and the device with the IP you were searching for responds with its MAC address (so you can prepare your Ethernet frame to be sent to that IP using its MAC address)
What stops computers from sending out ARP broadcast messages all the time?
They store previously received data in an ARP table to use for the future until those tables expire
What do core routers only care about when forwarding data traffic to a gateway router?
Network ID
What does a gateway router look at in order to forward traffic to the right destination when the Network ID matches its own network?
The host ID
looked at by the last router closest to the destination host ID
What does a computer use to determine if an IP address exists on the same network?
AND operators with the subnet mask
With CIDR, what IP address ID’s are combined into one?
Network ID and subnet ID
What’s a routing table benefit of CIDR?
Routers only need to know 1 entry in the routing table to deliver traffic instead of 2
