Chapter 3 Concepts

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

ping

Packet Internet Groper (ping) - used to verify that TCP/IP is: 1. installed 2. bound to the NIC 3. configured correctly 4. communicating with the network The ping utility sends out a signal called an echo request to another device (request for a response) -- other computer responds in the form of an echo reply ICMP (Internet Control Message Protocol) - protocol used by the echo request/reply to carry error messages and info about the network

Resource records in a DNS database

Several types of records, called resource records are kept in a DNS database: 1. A (Address) record - stores the name-to-address mapping for a host 2. AAAA (Address) record - holds the name-to-address mapping, the IP address is an IPv6 type IP address 3. CNAME (Canonical Name) record - holds alternative names for a host 4. PTR (Pointer) record - used for reverse lookups 5. NS (Name Server) record - indicates the authoritative name server for a domain 6. MX (Mail Exchanger) record - identifies a mail server and is used for email traffic 7. SRV (Service) record - identifies the hostname and port of a computer that hosts a specific network services besides email 8. TXT (Text) record - holds any type of free-form text

'ifconfig'

'ifconfig' - utility to view and manage TCP/IP settings. If your Linux or UNIX system provides a GUI: -- Open a shell prompt, then type 'ifconfig'

'ipconfig'

'ipconfig' - shows current TCP/IP addressing and domain name info on a Windows computer. -- Use 'ipconfig/all' to see a more complete summary of TCP/IP addressing info

*'dig'*

*'dig'* (Domain Info Groper) - available on Linux and macOS. -- provides more detailed info than *'nslookup'* and uses more reliable sources of info to output its results

*'nslookup'*

*'nslookup'* (Name Space lookup): Allows you to query the DNS database from any computer on a network. -- to find the host name of a device by specifying its IP address, or vice versa -- useful for verifying a host is configured correctly or for troubleshooting DNS resolution problems Reverse DNS lookup - to find the host name of a device whose IP address you know Two modes: 1. interactive - to test multiple DNS servers at one time -- you can change DNS servers from within interactive mode with the server subcommand and specifying the IP address of the new DNS server -- to exit nslookup's interactive mode, enter *'exit'* 2. noninteractive - test a single DNS server

*'ipconfig'* commands

*1. 'ipconfig /?'* or *'ipconfig -?'*: displays the help text for the *ipconfig* command, including its syntax and a full list of parameters *2. 'ipconfig /all'*: displays TCP/IP configuration info for each network adapter *3. 'ipconfig /release'*: releases the IP address when dynamic IP addressing is being used. Releasing the IP address effectively disables the computer's communications with the network until a new IP address is assigned *4. 'ipconfig /release6'*; releases an IPv6 address *5. ipconfig /renew'*: leases a new IP address (often the same one you just released) from a DHCP server. To solve problems with duplicate IP addresses, misconfigured DHCP, or misconfigured DNS, reset the TCP/IP connection by entering these two commands: *'ipconfig /release'* *'ipconfig /renew'* *6. 'ipconfig /renew6'*: leases a new IPv6 address from a DCPv6 server *7. 'ipconfig /displaydns'*: displays info about name resolutions that Windows currentyly holds in the DNS resolber cache. *8. 'ipconfig /flushdns'*: flushes - or clears - the name resolver cache, which might solve a problem when the browser cannot find a host on the internet or when a misconfigured DNS server has sent wrong info to the resolver cache

Domain names and DNS (Domain Name System)

- Character-based names are easier to remember than numeric IP addresses - Last part of an FQDN is called the top-level domain (TLD) - Domain names must be registered with an Internet naming authority that works on behalf of ICANN -- ICANN restricts what type of hosts can be associated with .arpa, .mil, .int, .edu, and .gov - Name resolution is the process of discovering the IP address of a host when you know the FQDN

*'dig'* commands

1. *'dig google.com'*: performs a DNS lookup on a domain name 2. *'dig @8.8.8.8 google.com'*: specifies a name server in the google.com domain 3. *'dig @8.8.8.8 google.com MX'*: requests a list of all records in the google.com domain on a specific name server 4. *'dig google.com ANY'*: requests a list of all record types in the google.com domain 5. *'dig -x 74.125.21.102'*: performs a reverse lookup on a google IP address 6. *'man dig'*: displays the man page for the dig command

'ifconfig' commands

1. *'ifconfig'*: displays basic TCP/IP info and network info, including MAC address of the NIC 2. *'ifconfig -a'*: displays TCP/IP info associated with every interface on a Linux device; can be used with other parameters 3. *'ifconfig down'*: marks the interface, or network connection, as unavailable to the network 4. *'ifconfig up'*: Reinitializes the interface after it has been taken down (via the ifconfig down command), so that it is once again available to the network 5. *'man ifconfig'*: displays the manual pages for 'ifconfig', which tells you how to use the command and about command parameters (similar to the *'ipconfig /?'* command in Windows)

Well-known top-level domains

1. ARPA - Reverse lookup domain (special internet function) 2. COM - Commercial 3. EDU - Educational 4. GOV - Government 5. ORG - Noncommercial organization (such as a nonprofit agency) 6. NET - Network (such as an ISP) 7. MIL - United States military organization 8. BIZ - Businesses 9. INFO - Unrestricted use

DNS Server software

1. BIND (Berkeley Internet Name Domain) - most popular DNS server software -- Open source - the term for software whose code is publicly available for use and modification 2. Microsoft DNS Server - built-in DNS service in the Windows Server OS 3. For a more secure network: -- Internal and external DNS queries should be handled by different DNS servers -- Can use a firewall to filter or block traffic between networks 4. DMZ or demilitarized zone -- Area between two firewalls

Ways the resolution process can get more complex:

1. Caching server typically is not the same machine as the authoritative server. -- caching server exists only to resolve names for its own local clients 2. Name servers within a company might not have access to root servers 3. A TLD name server might be aware of an intermediate name server rather than the authoritative name server

Network connection configuration issues

1. Common configuration errors: -- incorrect netmask -- incorrect gateway -- duplicate IP address 2. When a computer is struggling to establish a network connection -- check its TCP/IP configuration settings 3. If the computer is not obtaining an IP address and related info from a DHCP server -- static settings might be using the wrong info -- try switching to DHCP

Four addressing methods:

1. Data Link layer MAC address -- 48 bits, written as six hex numbers separated by colons -- AKA physical address 2. Network layer IP address -- IPv4 addresses have 32 bits and are written as four decimal numbers called octets -- IPv6 addresses have 128 bits and are written as eight blocks of hexadecimal number 3. Transport layer port numbers 4. Application layer FQDNs, computer names, and host names -- Fully Qualified Domain Name (FQDN) - a unique character-based name

Address prefixes for types of IPv6 addresses

1. Global unicast - 2000::/3 - First 3 bits are always 001 2. Link local unicast - FE80::/64 - First 64 bits are always 1111 1110 1000 0000 0000 0000 .... 0000 3. Unique local unicast FC00::/7 - First 7 bits are always 1111 110 -- FD00::/8 - First 8 bits are always 1111 1101 4. Multicast - FF00::/8 - First 8 bits are always 1111 1111

IPv4 Addresses

1. IPv4 addresses -- 32-bit address organized into four groups of 8 bits each (known as octets) -- Each of the four octets can be any number from 0 to 255 -- some IP addresses are reserved 2. Example of an IPv4 address 72.56.105.12 3. Classful addressing -- the dividing line between the network and host portions is determined by the numerical range the IP address falls in 4. Classful IPv4 addresses are divided into five classes: -- Class A, Class B, Class C, Class D, and Class E 5. Classes A, B, and C licensed IP addresses are available for use on the Internet -- called public IP addresses 6. A company can use private IP addresses on its private networks 7. IEEE recommends the following IP addresses be used for private networks: -- 10.0.0.0 through 10.255.255.255 -- 172.16.0.0 through 172.31.255.255 -- 192.168.0.0 through 192.168.255.255 8. Classes D and E addresses were not available for general use: -- Class D begin with octets 224-239 and are used for multicasting -- Class E begin with cotets 240-254 and are used for research 9. Reserved IP addresses -- 255.255.255.255 - used for broadcast messages by TCP/IP background processes. A broadcast message is read b every node on the network -- 0.0.0.0 - currently unassigned -- 127.0.0.1 through 127.255.255.255 - used for research or can indicate your own computer, in which case it is called the loopback address -- 169.254.0.1 through 169.254.255.255 - used to create an APIPA (Automatic Private IP Addressing) address when a computer configured for DHCP first connects to the network and is unable to lease an IPv4 address from the DHCP server. 10. Network Address Translation (NAT) - a technique designed to conserve public IP addresses needed by a network 11. Address translation - process where a gateway device substitutes the private IP addresses with its own public address -- when these computers need access to other networks or internet 12. Port Address Translation (PAT) - process of assigning a TCP port number to each ongoing session between a local host and internet host 13. Two variations of NAT to be aware of: -- SNAT (Static or Source NAT) - the gateway assigns the same public IP address to a host each time it makes a request to access the internet -- DNAT (Dynamic NAT) - the gateway has a pool of public addresses that it is free to assign to a local host when it makes a request to access the internet

IPv6 terminology:

1. Link (AKA local link) - any LAN bounded by routers 2. An interface is a node's attachment to a link 3. Dual stacked - when a network is configured to use both IPv4 and IPv6 4. Tunneling - a method used by IPv6 to transport IPv6 packets through or over an IPv4 network 5. Interface ID - the last 64 bits or four blocks of an IPv6 address that identify the interface 6. Neighbors - Two or more nodes on the same link

Four common types of DNS servers:

1. Primary DNS server - the authoritative name server for the org -- holds the authoritative DNS database for the org's zones 2. Secondary DNS server - backup authoritative name server for the org 3. Caching DNS server - accesses the public DNS data and caches the DNS info it collects 4. Forwarding DNS server - receives queries from local clients but doesn't work to resolve the queries Any of these server types can co-exist on the same machine

Two types of DNS requests:

1. Recursive - a query that demands a resolution or the answer "It can't be found" 2. Iterative - a query where the local server issues queries to other servers -- other servers only provide info if they have it -- Do not demand a resolution

IP addresses

1. Static IP addresses are assigned manually by the network admin 2. Dynamic IP addresses are automatically assigned by a DHCP (Dynamic Host Configuration Protocol) server 3. To view TCP/IP setting on a Windows 10 computer: -- In Control Panel, open the Network and Sharing Center. Click Change adapter settings. 4. Brief explanation of settings: -- Gateway - device that nodes use for access to the outside world -- Subnet mask - used to indicate what portion of an IP address is the network portion (network ID) and what part is the host portion (host ID) -- DNS server - responsible for tracking computer names and their IP addresses 5. You can use the 'ipconfig' utility in a Command Prompt to find out current TCP/IP settings 6. Two types of IP addresses: -- IPv4 - A 32-bit address -- IPv6 - A 128-bit address

Protocols not yet covered:

1. TFTP -- Trivial File Transfer Protocol 2. NTP -- Network Time Protocol 3. LDAP -- Lightweight Directory Access Protocol 4. SMB -- Server Message Block 5. SIP -- Session Initiation Protocol 6. H.323

Types of IPv6 addresses:

1. Unicast address - specifies a single node on a network -- Global unicast address - can be routed on the internet -- Link local unicast address - can be used for communicating with nodes in the same link 2. Multicast addresses - packets are delivered to all nodes on a network 3. Anycast address - can identify multiple destinations, with packets delivered to the closest destination

IPv6 Addresses

An IPv6 address has 128 bits written as eight blocks of hexadecimal number separated by colons: 1. for example, 2001:0000:0B80:0000:0000:00D3:9C5A:00CC 2. each block is 16 bits 3. leading zeros in a four-character hex block can be eliminated 4. if blocks contain all zeros, they can be written as double colons (::), only one set of double colons is used in an IP address 5. Therefore, the above example could be written two ways: 2001::B80:0000:0000:D3:9C5A:CC or 2001:0000:B80::D3:9C5A:CC (preferred method because it contains fewest zeroes)

Port numbers

Ensure data is transmitted to the correct process among multiple processes running on the computer

Incorrect time

Check a domain computer's time source from a Command Prompt windo by entering w32tm /query /source

Troubleshooting address problems

Event viewer -- one of the first places to start looking for clues when something goes wrong

Troubleshooting tools

Command-link tools are a great resource to troubleshoot network problems. Some of the most helpful tools: 1. 'ping' 2. 'ipconfig' (Windows only) 3. 'ifconfig' (Linux only) 4. 'nslookup' 5. 'dig' (Linux only)

Socket

Consists of host's IP address and the port number of an application running on the host: - colon separates the two values - Example - 10.43.3.87:23

DNS

DNS is an Application layer client-server system of computers and databases made up of these elements: - namespace - the entire collection of computer names and their associated IP addresses stored in databases on DNS name servers around the globe - name servers - hold databases, which are organized in hierarchical structure - resolvers - a DNS client that requests info from DNS name servers

Name servers

DNS name servers are organized in hierarchical structure. At the root level, 13 clusters of root server hold info used to locate top-level domain (TLD) servers. TLD servers hold info about authoritative servers owned by various orgs.

Namespace databases

Each org that provides host services is responsible for providing and maintaining its own DNS authoritative servers for public access -- Authoritative server is the authority on computer names and their IP addresses for computers in their comains The domains that the organization is responsible for managing are called a DNS zone

IPv6 Autoconfiguration

IPv6 Addressing is designed so that a computer can autoconfigure its own link local IP address. Similar to how IPv4 uses an APIPA address. Step 1 - The computer creates its IPv6 address: - uses FE80::/64 as the first 64 bits (called prefix) - Last 64 bits can be generated in two ways: 1. randomly generated; 2. generated from the network adapter's MAC address Step 2 - The computer checks to make sure its IP address is unique on the network Step 3 - The computer asks if a router on the network can provide configuration info (message is called a RS or Router Solicitaion) - If a router responds with DHCP info, the computer uses whatever info this might be (called a RA or Router Advertisement), such as the IP addresses of DNS server or the network prefix - Process is called prefix discovery. The computer uses the prefix to generate its own link local or global IPv6 address by appending its interface ID to the prefix

'ping6' / 'ping -6'

IPv6 networks use a version of ICMP called ICMPv6. - 'ping6': on Linux computers running IPv6, use 'ping6' to verify whether an IPv6 host is available - 'ping -6': on Windows computers, use 'ping' with the '-6' switch to verify connectivity on IPv6 networks For the 'ping6' and 'ping -6' commands to work over the internet, you must have access to the IPv6 internet

DHCP issues

If you are getting DHCP errors or if multiple clients are having trouble connecting to the network: 1. Check the settings on your DHCP server 2. Make sure the DHCP scope is large enough to account for the number of clients the network must support. Consider implementing a shorter lease time on larger networks

Port types

Port numbers are divided into three types: 1. Well-known ports -- 0 to 1023 2. Registered ports -- 1024 to 49151 3. Dynamic and private ports -- 49152 to 65535

MAC addresses

Traditional MAC addresses contain two parts: 1. First 24 bits are know as the OUI (Organizationally Unique Identifier) or manufacturer-ID -- assigned by the IEEE 2. Last 24 bits make up the extension identifier or device ID -- manufacturers assign each NIC a unique device ID


Set pelajaran terkait

Blood vessels and blood pressure

View Set

Robbin's Review - Ch.7 (Neoplasia)

View Set

Chapter 11: Cash Flow Forecasting

View Set

Chapter 11 - Organizational Design: Structure, Culture, and Control

View Set

1) Distinguish between altruism and pro-social behaviour

View Set

Exam 3: SIADH, Diabetes Insipidus

View Set