| A | B |
|---|
| Why is TCP/IP is the de facto standard for internetwork communications | · 1) TCP/IP is a universally available protocol that you likely will use at work. 2) TCP/IP is a useful reference for understanding other protocols because it includes elements that are representative of other protocols. 3) TCP/IP is important because the router uses it as a configuration tool. |
| layers most closely affected by TCP/IP | Layer 7 (application), Layer 4 (transport), and Layer 3 (network). |
| DNS | (Domain Name System) is a system used in the Internet for translating names of domains and their publicly advertised network nodes into addresses |
| WINS | (Windows Internet Naming Service) is a Microsoft-developed standard for Microsoft Windows NT that automatically associates NT workstations with Internet domain names |
| HOSTS | a file created by network administrators and maintained on servers. They are used to provide static mapping between IP addresses and computer names. |
| POP3 | (Post Office Protocol) is an Internet standard for storing e-mail on a mail server until you can access it and download it to your computer. It allows users to receive mail from their inboxes using various levels of security |
| SMTP | (Simple Mail Transport Protocol) governs the transmission of e-mail over computer networks. It does not provide support for transmission of data other than plain text |
| SNMP | (Simple Network Management Protocol) is a protocol that provides a means to monitor and control network devices, and to manage configurations, statistics collection, performance and security. |
| FTP | (File Transfer Protocol) is a reliable connection-oriented service that uses TCP to transfer files between systems that support FTP. It supports bi-directional binary file and ASCII file transfers |
| TFTP | (Trivial File Transfer Protocol) is a connectionless unreliable service that uses UDP to transfer files between systems that support the TFTP. It is useful in some LANs because it operates faster than FTP in a stable environment. |
| The troubleshooting protocols | Telenet, PING, traceroute |
| PING | (Packet Internet Groper) is a diagnostic utility used to determine whether a computer is properly connected to devices/Internet |
| Telnet | a standard terminal emulation protocol used by clients for the purpose of making remote terminal connections to Telnet server services; enables users to remotely connect to routers to enter configuration commands. |
| NBTSTAT | a utility used to troubleshoot NetBIOS name resolution; used to view and remove entries from the name cache |
| NETSTAT | a utility that provides information about TCP/IP statistics; can be used to provide information about the status of TCP/IP connections and summaries of ICMP, TCP, and UDP |
| ipconfig/winipcfg | utilities used to view current network settings for all ip (nic) adapters on a device; can be used to view the MAC address, IP address, and gateway. |
| Layer 4 data stream | a logical connection between the endpoints of a network, and provides transport services from a host to a destination |
| transport layer also provides two protocols | TCP & UDP |
| TCP | a connection-oriented, reliable protocol; provides flow control by providing sliding windows, and reliability by providing sequence numbers and acknowledgments. TCP re-sends anything that is not received and supplies a virtual circuit between end-user applications. The advantage of TCP is that it provides guaranteed delivery of the segments. |
| UDP | connectionless and unreliable; although responsible for transmitting messages, no software checking for segment delivery is provided at this layer. The advantage that UDP provides is speed. Since UDP provides no acknowledgments, less traffic is sent across the network, making the transfer faster. |
| TCP segment fields | · 1) source port -- the number of the calling port 2) destination port -- the number of the called port 3) sequence number -- the number used to ensure correct sequencing of the arriving data 4) acknowledgment number -- the next expected TCP octet 5) HLEN -- the number of 32-bit words in the header 6) reserved -- set to 0 7) code bits -- the control functions (e.g. setup and termination of a session) 8) window -- the number of octets that the sender is willing to accept 9) checksum -- the calculated checksum of the header and data fields 10) urgent pointer -- indicates the end of the urgent data 11) option -- one currently defined: maximum TCP segment size 12) data -- upper-layer protocol data |
| Protocols that use UDP | 1) TFTP 2) SNMP 3) Network File System (NFS) 4) Domain Name System (DNS) |
| FTP Port # | 21 |
| Telenet Port # | 23 |
| SMTP Port # | 25 |
| DNS Port # | 53 |
| TFTP Port # | 69 |
| SNMP Port # | 161 |
| Port Numbers below 255 | for public applications |
| Port Numbers 255-1023 | assigned to companies for marketable applications |
| Port Numbers above 1023 | are unregulated |
| Synchronization | is accomplished by exchanging segments carrying the ISNs and a control bit called SYN, which stands for synchronize. (Segments carrying the SYN bit are also called SYNs.) |
| three-way handshake/open connection. | both ends of a connection are synchronized with a three-way handshake/open connection sequence |
| Window size | the number of bytes that are transmitted before receiving an acknowledgment |
| TCP sliding window | The sliding part of sliding window refers to the fact that the window size is negotiated dynamically during the TCP session. A sliding window results in more efficient host use of bandwidth because a larger window size allows more data to be transmitted pending acknowledgment |
| TCP sequence and acknowledgment numbers | Each datagram is numbered before transmission. At the receiving station, TCP reassembles the segments into a complete message. If a sequence number is missing in the series, that segment is retransmitted. If segments are not acknowledged within a given time period, retransmission occurs. |
| Internet layer of the TCP/IP stack corresponds to | the network layer of the OSI model |
| TCP/IP Internet layer protocols | · 1) IP -- provides connectionless, best-effort delivery routing of datagrams; is not concerned with the content of the datagrams; looks for a way to move the datagrams to their destination 2) ICMP -- provides control and messaging capabilities 3) ARP -- determines the data link layer address for known IP addresses 4) RARP -- determines network addresses when data link layer addresses are known |
| IP datagram fields | · 1) VERS -- version number 2) HLEN -- header length, in 32-bit words 3) type of service -- how the datagram should be handled 4) total length -- total length (header + data) 5) identification, flags, flag offset -- provides fragmentation of datagrams to allow differing MTUs in the internetwork 6) TTL -- Time-To-Live 7) protocol -- the upper-layer (Layer 4) protocol sending the datagram 8) header checksum -- an integrity check on the header 9) source IP address and destination IP address -- 32-bit IP addresses 10) IP options -- network testing, debugging, security, and other options |
| ICMP message types | 1) Destination Unreachable 2) Time to Live Exceeded 3) Parameter Problem 4) Source Quench 5) Redirect 6) Echo 7) Echo Reply 8) Timestamp 9) Timestamp Reply 10) Information Request 11) Information Reply 12) Address Request 13) Address Reply |
| ARP | used to resolve or map a known IP address to a MAC sublayer address |
