Chapter 3
Connection oriented protocol
before TCP transmit data, it ensures that a connection or session is established. TCP uses 3 steps process called a three-way handshake to establish a TCP connection
Border routers(or gateway router)
connect an autonomuos system with an outside network.
Exterior routers
direct data between autonomous systems. routers that operate on the Internet backbone considered exterior routers.
netstat
displays a list of all active TCP/IP connection on the local machine, including the Transport layer protocol used(usually TCP), messages sent a received, IP addresses, and state of those connections.
PSH
if set to 1, it indicates that data should be sent to an application without buffering
SYN
if set to 1, sender is requesting a synchronization of the sequence numbers between two nodes
RST
if set to 1, sender is requesting that connection be reset
FIN
if set to 1, the segment is the last in a sequence and the connection should be closed
Routing Tables
is a database that maintains information about where hosts are located and the most efficient way to reach them.
Autonomous system(AS)
is a group of networks, often on then same domain, that are operated by the same organization.
Routing loop
is a problem that happens when a message gets stuck in a loop between limited numbers of routers without ever reaching its destination.
Static routing
is a technique in which a network administrator configures a routing table to direct messages along specific paths between networks. Static routing is appropriated in certain situations, such as the static route between a small business and its ISP.
OSPF(Open Shortest Path first)
is an IGP and a link-state routing protocol used on interior or border routers. It was introduced as an improvement to RIP and can coexist with RIP and RIPv2 on a network.
IS-IS( Intermediate System to Intermediate System)
is an IGP and a link-state routing protocol used on interior or border routers. Uses a best algorithm similar to OSPF.l
Flow Control
is the process of gauging the appropriate rate of transmission based on how quickly the recipient can accept data
Routing metrics
is use to determine the best path to a destination when various paths are available. Examples: Hop Count, Theoretical bandwidth, Delay, Load or traffic, processing, MTU, Routing cost, Reliability of potential path, Topology.
netstat -a
list all current TCP connections and all listening TCP and UDP ports
netstat -n
list current connections, including IP and port numbers
netstat -f
list current connections, including IP, FQDNs and port numbers
netstat -p tcp
list current connections, including IP, FQDNs and port numbers for the specified protocol(TCP and UDP)
Initial Sequence Number (ISN)
the first SYN message in the three-way handshake appears to be random, but in reality, it is calculated by a specific clock- based algorithm, which varies by OS
MAc address lookup tables
to access databases correlating manufacturing with their respective OUIs
Routers categories
Interior routers, Border routers, Exterior routers
netstat -b
List the name of each process using a connection and information about the connection. Requires an elevated command prompt.
netstat -o
List the processor identifier(PID) for each proccess using a connection and information about the connection.
TCP
Operates in the Transport layer of the OSI model and provides reliable data delivery services
TCP
Which protocol's header would a Layer 4 device read and process?
route command
allows you to view a host's routing table
Headers
are constructed in groups of 32 bits, called words. Each word consists of 4 bytes, also called blocks, of 8 bits each.
Connectivity devices
are specialized devices that allow two or more networks or multiple parts of one networkt to conect and exchange data
Static ARP table entries
are those that someone has entered manually using the ARP utility.
Dynamic routing
automatically calculates the best path between two networks and accumulates this information in the routing table.
TCP Three-Way Handshake
1-Request for a connection 2-response to the request 3-connection established
Checksum
16 bits Allows the receiving node to determine whether the TCP segment became corrupted during transmission
Destination Port
16 bits Indicates the port number at the destination node
Source Port
16 bits Indicates the port number at the source node. Recall that a port number is the part of an address that identifies an application on a host. The port number allows an application to be available for incoming or outgoing data
Acknowledgment number (ACK)
32 bits Confirms receipt of the data via return message to the sender
Sequence Number
32 bits Identifies the data segment's position in the stream of data segment already sent.
TCP header length
4 bits Indicates the length of the TCP header in bytes. The header can be a minimum of 20 bytes to a maximum of 60 bytes in 20-byte increments.
Reserved
6 bits Indicates a field reserved for later use
Flags
6 bits six 1-bit fields that signal special conditions about other fields in the header. Ex: URG, ACK, PSH, RST, SYN, FIN
Network Layer
At what OSI layer does IP operate?
Interior routers
Direct data between networks within the same autonomous system.
netstat -s
Display statistics about each message transmited by a host, separated according to protocol type(IP, TCP, UDP, OR ICMP)
netstat -e
Display statistics about messages sent over a network interface , including errors and discards
Sequencing and checksums
TCP sends a character string called checksum; TCP on the destination host generates a similar string. If the 2 checksums fail to match, the destination host asks the source to retransmit the data, because messages don't always arrives in order, TCP creates a chronological sequence number to each segment, so the destination host can reorder the segments as they arrive.
BGP
The only current EGP which has been dubbed the protocol of the internet. Whereas OSPF and IS-IS scouting parties only scout out their home territory, a BGP scouting party can go cross-country.
Checksum
What field in a TCP segment is used to determine if an arriving data unit exactly matches the data unit sent by the source?
Port Number
What number does a host use to identify the application involved in a transmission?
